Merge pull request #246 from bdovaz/allow-port-override

9p4 · web-flow · commit 9365ca2a337f · 2025-03-26T11:34:08.000-04:00
Allow port override
diff --git a/SSO-Auth/Api/SSOController.cs b/SSO-Auth/Api/SSOController.cs
@@ -106,7 +106,7 @@ public async Task<ActionResult> OidPost(
                 Authority = config.OidEndpoint?.Trim(),
                 ClientId = config.OidClientId?.Trim(),
                 ClientSecret = config.OidSecret?.Trim(),
-                RedirectUri = GetRequestBase(config.SchemeOverride) + $"/sso/OID/{(Request.Path.Value.Contains("/start/", StringComparison.InvariantCultureIgnoreCase) ? "redirect" : "r")}/" + provider,
+                RedirectUri = GetRequestBase(config.SchemeOverride, config.PortOverride) + $"/sso/OID/{(Request.Path.Value.Contains("/start/", StringComparison.InvariantCultureIgnoreCase) ? "redirect" : "r")}/" + provider,
                 Scope = string.Join(" ", scopes.Prepend("openid profile")),
                 DisablePushedAuthorization = config.DisablePushedAuthorization,
             };
@@ -276,7 +276,7 @@ public async Task<ActionResult> OidPost(
             if (StateManager[state].Valid)
             {
                 _logger.LogInformation($"Is request linking: {isLinking}");
-                return Content(WebResponse.Generator(data: state, provider: provider, baseUrl: GetRequestBase(config.SchemeOverride), mode: "OID", isLinking: isLinking), MediaTypeNames.Text.Html);
+                return Content(WebResponse.Generator(data: state, provider: provider, baseUrl: GetRequestBase(config.SchemeOverride, config.PortOverride), mode: "OID", isLinking: isLinking), MediaTypeNames.Text.Html);
             }
             else
             {
@@ -324,7 +324,7 @@ public async Task<ActionResult> OidChallenge(string provider, [FromQuery] bool i
                 config.NewPath = newPath;
             }
 
-            string redirectUri = GetRequestBase(config.SchemeOverride) + $"/sso/OID/{(newPath ? "redirect" : "r")}/" + provider;
+            string redirectUri = GetRequestBase(config.SchemeOverride, config.PortOverride) + $"/sso/OID/{(newPath ? "redirect" : "r")}/" + provider;
 
             var options = new OidcClientOptions
             {
@@ -524,7 +524,7 @@ public ActionResult SamlPost(string provider, [FromQuery] string relayState = nu
                         WebResponse.Generator(
                             data: Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(samlResponse.Xml)),
                             provider: provider,
-                            baseUrl: GetRequestBase(config.SchemeOverride),
+                            baseUrl: GetRequestBase(config.SchemeOverride, config.PortOverride),
                             mode: "SAML",
                             isLinking: isLinking),
                         MediaTypeNames.Text.Html);
@@ -570,7 +570,7 @@ public RedirectResult SamlChallenge(string provider, [FromQuery] bool isLinking
                 config.NewPath = newPath;
             }
 
-            string redirectUri = GetRequestBase(config.SchemeOverride) + $"/sso/SAML/{(newPath ? "post" : "p")}/" + provider;
+            string redirectUri = GetRequestBase(config.SchemeOverride, config.PortOverride) + $"/sso/SAML/{(newPath ? "post" : "p")}/" + provider;
             string relayState = null;
             if (isLinking)
             {
@@ -1148,9 +1148,19 @@ private void Invalidate()
         }
     }
 
-    private string GetRequestBase(string schemeOverride = null)
+    private string GetRequestBase(string schemeOverride = null, int? portOverride = null)
+    {
+        int requestPort;
+
+        if (portOverride != null)
+        {
+            requestPort = portOverride.Value;
+        }
+        else
         {
-        int requestPort = Request.Host.Port ?? -1;
+            requestPort = Request.Host.Port ?? -1;
+        }
+
         if ((requestPort == 80 && string.Equals(Request.Scheme, "http", StringComparison.OrdinalIgnoreCase)) || (requestPort == 443 && string.Equals(Request.Scheme, "https", StringComparison.OrdinalIgnoreCase)))
         {
             requestPort = -1;
diff --git a/SSO-Auth/Config/PluginConfiguration.cs b/SSO-Auth/Config/PluginConfiguration.cs
@@ -131,6 +131,11 @@ public class SamlConfig
     /// </summary>
     public string SchemeOverride { get; set; }
 
+    /// <summary>
+    /// Gets or sets the redirect port override.
+    /// </summary>
+    public int? PortOverride { get; set; }
+
     /// <summary>
     /// Gets or sets a value indicating whether the new, more descriptive paths are to be used.
     /// </summary>
@@ -265,6 +270,11 @@ public class OidConfig
     /// </summary>
     public string SchemeOverride { get; set; }
 
+    /// <summary>
+    /// Gets or sets the redirect port override.
+    /// </summary>
+    public int? PortOverride { get; set; }
+
     /// <summary>
     /// Gets or sets a value indicating whether the new, more descriptive paths are to be used.
     /// </summary>
diff --git a/SSO-Auth/Config/configPage.html b/SSO-Auth/Config/configPage.html
@@ -651,6 +651,18 @@ <h2 class="sectionTitle">SSO Settings:</h2>
                   </div>
                 </div>
 
+                <div class="inputContainer">
+                    <label class="inputLabel inputLabelUnfocused" for="RoleClaim">Port Override</label>
+                    <input is="emby-input"
+                            id="PortOverride"
+                            type="text"
+                            class="sso-text" />
+                    <div class="fieldDescription">
+                        If the plugin is redirecting to an incorrect port, set this to
+                        the appropiate port
+                    </div>
+                </div>
+
                 <button
                   id="SaveProvider"
                   is="emby-button"

Original file line number	Diff line number	Diff line change
`@@ -106,7 +106,7 @@ public async Task<ActionResult> OidPost(`
`106`	`106`	`Authority = config.OidEndpoint?.Trim(),`
`107`	`107`	`ClientId = config.OidClientId?.Trim(),`
`108`	`108`	`ClientSecret = config.OidSecret?.Trim(),`
`109`		`- RedirectUri = GetRequestBase(config.SchemeOverride) + $"/sso/OID/{(Request.Path.Value.Contains("/start/", StringComparison.InvariantCultureIgnoreCase) ? "redirect" : "r")}/" + provider,`
	`109`	`+ RedirectUri = GetRequestBase(config.SchemeOverride, config.PortOverride) + $"/sso/OID/{(Request.Path.Value.Contains("/start/", StringComparison.InvariantCultureIgnoreCase) ? "redirect" : "r")}/" + provider,`
`110`	`110`	`Scope = string.Join(" ", scopes.Prepend("openid profile")),`
`111`	`111`	`DisablePushedAuthorization = config.DisablePushedAuthorization,`
`112`	`112`	`};`
`@@ -276,7 +276,7 @@ public async Task<ActionResult> OidPost(`
`276`	`276`	`if (StateManager[state].Valid)`
`277`	`277`	`{`
`278`	`278`	`_logger.LogInformation($"Is request linking: {isLinking}");`
`279`		`- return Content(WebResponse.Generator(data: state, provider: provider, baseUrl: GetRequestBase(config.SchemeOverride), mode: "OID", isLinking: isLinking), MediaTypeNames.Text.Html);`
	`279`	`+ return Content(WebResponse.Generator(data: state, provider: provider, baseUrl: GetRequestBase(config.SchemeOverride, config.PortOverride), mode: "OID", isLinking: isLinking), MediaTypeNames.Text.Html);`
`280`	`280`	`}`
`281`	`281`	`else`
`282`	`282`	`{`
`@@ -324,7 +324,7 @@ public async Task<ActionResult> OidChallenge(string provider, [FromQuery] bool i`
`324`	`324`	`config.NewPath = newPath;`
`325`	`325`	`}`
`326`	`326`
`327`		`- string redirectUri = GetRequestBase(config.SchemeOverride) + $"/sso/OID/{(newPath ? "redirect" : "r")}/" + provider;`
	`327`	`+ string redirectUri = GetRequestBase(config.SchemeOverride, config.PortOverride) + $"/sso/OID/{(newPath ? "redirect" : "r")}/" + provider;`
`328`	`328`
`329`	`329`	`var options = new OidcClientOptions`
`330`	`330`	`{`
`@@ -524,7 +524,7 @@ public ActionResult SamlPost(string provider, [FromQuery] string relayState = nu`
`524`	`524`	`WebResponse.Generator(`
`525`	`525`	`data: Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(samlResponse.Xml)),`
`526`	`526`	`provider: provider,`
`527`		`- baseUrl: GetRequestBase(config.SchemeOverride),`
	`527`	`+ baseUrl: GetRequestBase(config.SchemeOverride, config.PortOverride),`
`528`	`528`	`mode: "SAML",`
`529`	`529`	`isLinking: isLinking),`
`530`	`530`	`MediaTypeNames.Text.Html);`
`@@ -570,7 +570,7 @@ public RedirectResult SamlChallenge(string provider, [FromQuery] bool isLinking`
`570`	`570`	`config.NewPath = newPath;`
`571`	`571`	`}`
`572`	`572`
`573`		`- string redirectUri = GetRequestBase(config.SchemeOverride) + $"/sso/SAML/{(newPath ? "post" : "p")}/" + provider;`
	`573`	`+ string redirectUri = GetRequestBase(config.SchemeOverride, config.PortOverride) + $"/sso/SAML/{(newPath ? "post" : "p")}/" + provider;`
`574`	`574`	`string relayState = null;`
`575`	`575`	`if (isLinking)`
`576`	`576`	`{`
`@@ -1148,9 +1148,19 @@ private void Invalidate()`
`1148`	`1148`	`}`
`1149`	`1149`	`}`
`1150`	`1150`
`1151`		`- private string GetRequestBase(string schemeOverride = null)`
	`1151`	`+ private string GetRequestBase(string schemeOverride = null, int? portOverride = null)`
	`1152`	`+ {`
	`1153`	`+ int requestPort;`
	`1154`	`+`
	`1155`	`+ if (portOverride != null)`
	`1156`	`+ {`
	`1157`	`+ requestPort = portOverride.Value;`
	`1158`	`+ }`
	`1159`	`+ else`
`1152`	`1160`	`{`
`1153`		`- int requestPort = Request.Host.Port ?? -1;`
	`1161`	`+ requestPort = Request.Host.Port ?? -1;`
	`1162`	`+ }`
	`1163`	`+`
`1154`	`1164`	`if ((requestPort == 80 && string.Equals(Request.Scheme, "http", StringComparison.OrdinalIgnoreCase)) \|\| (requestPort == 443 && string.Equals(Request.Scheme, "https", StringComparison.OrdinalIgnoreCase)))`
`1155`	`1165`	`{`
`1156`	`1166`	`requestPort = -1;`