Fix tests and lint errors, plus a bit of refactor
This commit is contained in:
Deluan
@@ -1,43 +0,0 @@
|
||||
package public
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
|
||||
"github.com/lestrrat-go/jwx/v2/jwt"
|
||||
"github.com/navidrome/navidrome/core/auth"
|
||||
"github.com/navidrome/navidrome/model"
|
||||
)
|
||||
|
||||
func EncodeArtworkID(artID model.ArtworkID) string {
|
||||
token, _ := auth.CreatePublicToken(map[string]any{"id": artID.String()})
|
||||
return token
|
||||
}
|
||||
|
||||
func DecodeArtworkID(tokenString string) (model.ArtworkID, error) {
|
||||
token, err := auth.TokenAuth.Decode(tokenString)
|
||||
if err != nil {
|
||||
return model.ArtworkID{}, err
|
||||
}
|
||||
if token == nil {
|
||||
return model.ArtworkID{}, errors.New("unauthorized")
|
||||
}
|
||||
err = jwt.Validate(token, jwt.WithRequiredClaim("id"))
|
||||
if err != nil {
|
||||
return model.ArtworkID{}, err
|
||||
}
|
||||
claims, err := token.AsMap(context.Background())
|
||||
if err != nil {
|
||||
return model.ArtworkID{}, err
|
||||
}
|
||||
id, ok := claims["id"].(string)
|
||||
if !ok {
|
||||
return model.ArtworkID{}, errors.New("invalid id type")
|
||||
}
|
||||
artID, err := model.ParseArtworkID(id)
|
||||
if err == nil {
|
||||
return artID, nil
|
||||
}
|
||||
// Try to default to mediafile artworkId
|
||||
return model.ParseArtworkID("mf-" + id)
|
||||
}
|
||||
@@ -0,0 +1,71 @@
|
||||
package public
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"path/filepath"
|
||||
"strconv"
|
||||
|
||||
"github.com/lestrrat-go/jwx/v2/jwt"
|
||||
"github.com/navidrome/navidrome/consts"
|
||||
"github.com/navidrome/navidrome/core/auth"
|
||||
"github.com/navidrome/navidrome/model"
|
||||
"github.com/navidrome/navidrome/server"
|
||||
)
|
||||
|
||||
func ImageURL(r *http.Request, artID model.ArtworkID, size int) string {
|
||||
link := encodeArtworkID(artID)
|
||||
path := filepath.Join(consts.URLPathPublicImages, link)
|
||||
params := url.Values{}
|
||||
if size > 0 {
|
||||
params.Add("size", strconv.Itoa(size))
|
||||
}
|
||||
return server.AbsoluteURL(r, path, params)
|
||||
}
|
||||
|
||||
func encodeArtworkID(artID model.ArtworkID) string {
|
||||
token, _ := auth.CreatePublicToken(map[string]any{"id": artID.String()})
|
||||
return token
|
||||
}
|
||||
|
||||
func decodeArtworkID(tokenString string) (model.ArtworkID, error) {
|
||||
token, err := auth.TokenAuth.Decode(tokenString)
|
||||
if err != nil {
|
||||
return model.ArtworkID{}, err
|
||||
}
|
||||
if token == nil {
|
||||
return model.ArtworkID{}, errors.New("unauthorized")
|
||||
}
|
||||
err = jwt.Validate(token, jwt.WithRequiredClaim("id"))
|
||||
if err != nil {
|
||||
return model.ArtworkID{}, err
|
||||
}
|
||||
claims, err := token.AsMap(context.Background())
|
||||
if err != nil {
|
||||
return model.ArtworkID{}, err
|
||||
}
|
||||
id, ok := claims["id"].(string)
|
||||
if !ok {
|
||||
return model.ArtworkID{}, errors.New("invalid id type")
|
||||
}
|
||||
artID, err := model.ParseArtworkID(id)
|
||||
if err == nil {
|
||||
return artID, nil
|
||||
}
|
||||
// Try to default to mediafile artworkId (if used with a mediafileShare token)
|
||||
return model.ParseArtworkID("mf-" + id)
|
||||
}
|
||||
|
||||
func encodeMediafileShare(s model.Share, id string) string {
|
||||
claims := map[string]any{"id": id}
|
||||
if s.Format != "" {
|
||||
claims["f"] = s.Format
|
||||
}
|
||||
if s.MaxBitRate != 0 {
|
||||
claims["b"] = s.MaxBitRate
|
||||
}
|
||||
token, _ := auth.CreateExpiringPublicToken(s.ExpiresAt, claims)
|
||||
return token
|
||||
}
|
||||
@@ -1,38 +1,38 @@
|
||||
package public_test
|
||||
package public
|
||||
|
||||
import (
|
||||
"github.com/go-chi/jwtauth/v5"
|
||||
"github.com/navidrome/navidrome/core/auth"
|
||||
"github.com/navidrome/navidrome/model"
|
||||
"github.com/navidrome/navidrome/server/public"
|
||||
. "github.com/onsi/ginkgo/v2"
|
||||
. "github.com/onsi/gomega"
|
||||
)
|
||||
|
||||
var _ = Describe("EncodeArtworkID", func() {
|
||||
var _ = Describe("encodeArtworkID", func() {
|
||||
Context("Public ID Encoding", func() {
|
||||
BeforeEach(func() {
|
||||
auth.TokenAuth = jwtauth.New("HS256", []byte("super secret"), nil)
|
||||
})
|
||||
It("returns a reversible string representation", func() {
|
||||
id := model.NewArtworkID(model.KindArtistArtwork, "1234")
|
||||
encoded := public.EncodeArtworkID(id)
|
||||
decoded, err := public.DecodeArtworkID(encoded)
|
||||
encoded := encodeArtworkID(id)
|
||||
decoded, err := decodeArtworkID(encoded)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(decoded).To(Equal(id))
|
||||
})
|
||||
It("fails to decode an invalid token", func() {
|
||||
_, err := public.DecodeArtworkID("xx-123")
|
||||
_, err := decodeArtworkID("xx-123")
|
||||
Expect(err).To(MatchError("invalid JWT"))
|
||||
})
|
||||
It("fails to decode an invalid id", func() {
|
||||
encoded := public.EncodeArtworkID(model.ArtworkID{})
|
||||
_, err := public.DecodeArtworkID(encoded)
|
||||
Expect(err).To(MatchError("invalid artwork id"))
|
||||
It("defaults to kind mediafile", func() {
|
||||
encoded := encodeArtworkID(model.ArtworkID{})
|
||||
id, err := decodeArtworkID(encoded)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(id.Kind).To(Equal(model.KindMediaFileArtwork))
|
||||
})
|
||||
It("fails to decode a token without an id", func() {
|
||||
token, _ := auth.CreatePublicToken(map[string]any{})
|
||||
_, err := public.DecodeArtworkID(token)
|
||||
_, err := decodeArtworkID(token)
|
||||
Expect(err).To(HaveOccurred())
|
||||
})
|
||||
})
|
||||
@@ -21,7 +21,7 @@ func (p *Router) handleImages(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
artId, err := DecodeArtworkID(id)
|
||||
artId, err := decodeArtworkID(id)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusBadRequest)
|
||||
return
|
||||
|
||||
@@ -4,7 +4,6 @@ import (
|
||||
"errors"
|
||||
"net/http"
|
||||
|
||||
"github.com/navidrome/navidrome/core/auth"
|
||||
"github.com/navidrome/navidrome/log"
|
||||
"github.com/navidrome/navidrome/model"
|
||||
"github.com/navidrome/navidrome/server"
|
||||
@@ -39,26 +38,17 @@ func (p *Router) handleShares(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
s = p.mapShareInfo(s)
|
||||
s = p.mapShareInfo(*s)
|
||||
server.IndexWithShare(p.ds, ui.BuildAssets(), s)(w, r)
|
||||
}
|
||||
|
||||
func (p *Router) mapShareInfo(s *model.Share) *model.Share {
|
||||
func (p *Router) mapShareInfo(s model.Share) *model.Share {
|
||||
mapped := &model.Share{
|
||||
Description: s.Description,
|
||||
Tracks: s.Tracks,
|
||||
}
|
||||
for i := range s.Tracks {
|
||||
// TODO Use Encode(Artwork)ID?
|
||||
claims := map[string]any{"id": s.Tracks[i].ID}
|
||||
if s.Format != "" {
|
||||
claims["f"] = s.Format
|
||||
}
|
||||
if s.MaxBitRate != 0 {
|
||||
claims["b"] = s.MaxBitRate
|
||||
}
|
||||
id, _ := auth.CreateExpiringPublicToken(s.ExpiresAt, claims)
|
||||
mapped.Tracks[i].ID = id
|
||||
mapped.Tracks[i].ID = encodeMediafileShare(s, s.Tracks[i].ID)
|
||||
}
|
||||
return mapped
|
||||
}
|
||||
|
||||
@@ -98,7 +98,7 @@ func decodeStreamInfo(tokenString string) (shareTrackInfo, error) {
|
||||
}
|
||||
resp := shareTrackInfo{}
|
||||
resp.id = id
|
||||
resp.format, ok = claims["f"].(string)
|
||||
resp.bitrate, ok = claims["b"].(int)
|
||||
resp.format, _ = claims["f"].(string)
|
||||
resp.bitrate, _ = claims["b"].(int)
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user