< Summary - Jellyfin

Information
Class: Jellyfin.Api.Auth.CustomAuthenticationHandler
Assembly: Jellyfin.Api
File(s): /srv/git/jellyfin/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
Line coverage
96%
Covered lines: 31
Uncovered lines: 1
Coverable lines: 32
Total lines: 90
Line coverage: 96.8%
Branch coverage
65%
Covered branches: 13
Total branches: 20
Branch coverage: 65%
Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Coverage history

Coverage history 0 25 50 75 100 3/5/2026 - 12:13:57 AM Line coverage: 100% (4/4) Total lines: 904/19/2026 - 12:14:27 AM Line coverage: 96.8% (31/32) Branch coverage: 65% (13/20) Total lines: 90 4/19/2026 - 12:14:27 AM Line coverage: 96.8% (31/32) Branch coverage: 65% (13/20) Total lines: 90

Coverage delta

Coverage delta 4 -4

Metrics

MethodBranch coverage Crap Score Cyclomatic complexity Line coverage
.ctor(...)100%11100%
HandleAuthenticateAsync()65%202092.85%

File(s)

/srv/git/jellyfin/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs

#LineLine coverage
 1using System.Globalization;
 2using System.Security.Claims;
 3using System.Text.Encodings.Web;
 4using System.Threading.Tasks;
 5using Jellyfin.Api.Constants;
 6using Jellyfin.Data;
 7using Jellyfin.Database.Implementations.Enums;
 8using MediaBrowser.Controller.Authentication;
 9using MediaBrowser.Controller.Net;
 10using Microsoft.AspNetCore.Authentication;
 11using Microsoft.Extensions.Logging;
 12using Microsoft.Extensions.Options;
 13
 14namespace Jellyfin.Api.Auth
 15{
 16    /// <summary>
 17    /// Custom authentication handler wrapping the legacy authentication.
 18    /// </summary>
 19    public class CustomAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
 20    {
 21        private readonly IAuthService _authService;
 22        private readonly ILogger<CustomAuthenticationHandler> _logger;
 23
 24        /// <summary>
 25        /// Initializes a new instance of the <see cref="CustomAuthenticationHandler" /> class.
 26        /// </summary>
 27        /// <param name="authService">The jellyfin authentication service.</param>
 28        /// <param name="options">Options monitor.</param>
 29        /// <param name="logger">The logger.</param>
 30        /// <param name="encoder">The url encoder.</param>
 31        public CustomAuthenticationHandler(
 32            IAuthService authService,
 33            IOptionsMonitor<AuthenticationSchemeOptions> options,
 34            ILoggerFactory logger,
 35            UrlEncoder encoder)
 17636            : base(options, logger, encoder)
 37        {
 17638            _authService = authService;
 17639            _logger = logger.CreateLogger<CustomAuthenticationHandler>();
 17640        }
 41
 42        /// <inheritdoc />
 43        protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
 44        {
 45            try
 46            {
 17647                var authorizationInfo = await _authService.Authenticate(Request).ConfigureAwait(false);
 17548                if (!authorizationInfo.HasToken)
 49                {
 7350                    return AuthenticateResult.NoResult();
 51                }
 52
 10253                var role = UserRoles.User;
 10254                if (authorizationInfo.IsApiKey
 10255                    || (authorizationInfo.User?.HasPermission(PermissionKind.IsAdministrator) ?? false))
 56                {
 9857                    role = UserRoles.Administrator;
 58                }
 59
 10260                var claims = new[]
 10261                {
 10262                    new Claim(ClaimTypes.Name, authorizationInfo.User?.Username ?? string.Empty),
 10263                    new Claim(ClaimTypes.Role, role),
 10264                    new Claim(InternalClaimTypes.UserId, authorizationInfo.UserId.ToString("N", CultureInfo.InvariantCul
 10265                    new Claim(InternalClaimTypes.DeviceId, authorizationInfo.DeviceId ?? string.Empty),
 10266                    new Claim(InternalClaimTypes.Device, authorizationInfo.Device ?? string.Empty),
 10267                    new Claim(InternalClaimTypes.Client, authorizationInfo.Client ?? string.Empty),
 10268                    new Claim(InternalClaimTypes.Version, authorizationInfo.Version ?? string.Empty),
 10269                    new Claim(InternalClaimTypes.Token, authorizationInfo.Token),
 10270                    new Claim(InternalClaimTypes.IsApiKey, authorizationInfo.IsApiKey.ToString(CultureInfo.InvariantCult
 10271                };
 72
 10273                var identity = new ClaimsIdentity(claims, Scheme.Name);
 10274                var principal = new ClaimsPrincipal(identity);
 10275                var ticket = new AuthenticationTicket(principal, Scheme.Name);
 76
 10277                return AuthenticateResult.Success(ticket);
 78            }
 179            catch (AuthenticationException ex)
 80            {
 181                _logger.LogDebug(ex, "Error authenticating with {Handler}", nameof(CustomAuthenticationHandler));
 182                return AuthenticateResult.NoResult();
 83            }
 84            catch (SecurityException ex)
 85            {
 086                return AuthenticateResult.Fail(ex);
 87            }
 17688        }
 89    }
 90}
Generated by: ReportGenerator 5.5.10.0
6/15/2026 - 12:16:10 AM
GitHub | reportgenerator.io

Methods/Properties

.ctor(MediaBrowser.Controller.Net.IAuthService,Microsoft.Extensions.Options.IOptionsMonitor`1<Microsoft.AspNetCore.Authentication.AuthenticationSchemeOptions>,Microsoft.Extensions.Logging.ILoggerFactory,System.Text.Encodings.Web.UrlEncoder)
HandleAuthenticateAsync()