fix openapi auth

2025-07-09 03:04:24 -04:00 · 2023-02-09 14:56:53 +01:00 · 2023-02-09 14:56:53 +01:00 · cba9657aec
commit cba9657aec
parent b5d5667965
1 changed files with 44 additions and 31 deletions
--- a/Jellyfin.Server/Filters/SecurityRequirementsOperationFilter.cs
+++ b/Jellyfin.Server/Filters/SecurityRequirementsOperationFilter.cs
@ -18,11 +18,17 @@ namespace Jellyfin.Server.Filters
        {
            var requiredScopes = new List<string>();

+            var requiresAuth = false;
            // Add all method scopes.
            foreach (var attribute in context.MethodInfo.GetCustomAttributes(true))
            {
-                if (attribute is AuthorizeAttribute authorizeAttribute
-                    && authorizeAttribute.Policy is not null
+                if (attribute is not AuthorizeAttribute authorizeAttribute)
+                {
+                    continue;
+                }
+
+                requiresAuth = true;
+                if (authorizeAttribute.Policy is not null
                    && !requiredScopes.Contains(authorizeAttribute.Policy, StringComparer.Ordinal))
                {
                    requiredScopes.Add(authorizeAttribute.Policy);
@ -35,8 +41,13 @@ namespace Jellyfin.Server.Filters
            {
                foreach (var attribute in controllerAttributes)
                {
-                    if (attribute is AuthorizeAttribute authorizeAttribute
-                        && authorizeAttribute.Policy is not null
+                    if (attribute is not AuthorizeAttribute authorizeAttribute)
+                    {
+                        continue;
+                    }
+
+                    requiresAuth = true;
+                    if (authorizeAttribute.Policy is not null
                        && !requiredScopes.Contains(authorizeAttribute.Policy, StringComparer.Ordinal))
                    {
                        requiredScopes.Add(authorizeAttribute.Policy);
@ -44,8 +55,11 @@ namespace Jellyfin.Server.Filters
                }
            }

-            if (requiredScopes.Count != 0)
+            if (!requiresAuth)
            {
+                return;
+            }
+
            if (!operation.Responses.ContainsKey("401"))
            {
                operation.Responses.Add("401", new OpenApiResponse { Description = "Unauthorized" });
@ -75,4 +89,3 @@ namespace Jellyfin.Server.Filters
        }
    }
 }
-}