Merge Develop in master (#57)

PCJones · akuntsch · web-flow · commit d2a39630060c · 2025-01-13T21:28:01.000+01:00
* Merge master in develop (#55) * Fix reachable and IP leak test (#44) * Fix reachable check Fixes failing reachable checks when Basic Authentication is enabled in Sonarr, Radarr, etc. * Add option to disable IP leak test * Revert "Fix reachable and IP leak test (#44)" (#46) This reverts commit 3f5d7bb. * Release 0.6.1 (#48) * Fix typo * Fix typos * Fix typos * Fix typo * Clarify error message * Fix reachable and ipleak test (#47) * Fix reachable check Fixes failing reachable checks when Basic Authentication is enabled in Sonarr, Radarr, etc. * Add option to disable IP leak test --------- Co-authored-by: Jonas F <github@pcjones.de> * Add IpLeakTest environment variable to docker compose --------- Co-authored-by: akuntsch <github@akuntsch.de> * Create Dockerfile.arm64 --------- Co-authored-by: akuntsch <github@akuntsch.de> * Add configurable cache duration * Make proxy port configurable * Make proxy port configurable * Add API Key auth * Add default settings to appsettings * Fix too many Unauthorized access attempt warnings --------- Co-authored-by: akuntsch <github@akuntsch.de>
diff --git a/UmlautAdaptarr/Services/HttpProxyService.cs b/UmlautAdaptarr/Services/HttpProxyService.cs
@@ -45,10 +45,15 @@ private async Task ProcessRequest(Socket clientSocket)
             if (_options.ApiKey != null)
             {
                 var headers = ParseHeaders(buffer, bytesRead);
+
                 if (!headers.TryGetValue("Proxy-Authorization", out var proxyAuthorizationHeader) ||
                     !ValidateApiKey(proxyAuthorizationHeader))
                 {
-                    _logger.LogWarning("Unauthorized access attempt.");
+                    var isFirstRequest = !headers.ContainsKey("Proxy-Authorization");
+                    if (!isFirstRequest)
+                    {
+                        _logger.LogWarning("Unauthorized access attempt.");
+                    }
                     await clientStream.WriteAsync(Encoding.ASCII.GetBytes("HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"Proxy\"\r\n\r\n"));
                     clientSocket.Close();
                     return;
@@ -66,6 +71,7 @@ private async Task ProcessRequest(Socket clientSocket)
                 await HandleHttp(requestString, clientStream, clientSocket, buffer, bytesRead);
             }
         }
+        
         private bool ValidateApiKey(string proxyAuthorizationHeader)
         {
             // Expect the header to be in the format: "Basic <base64encodedApiKey>"

Original file line number	Diff line number	Diff line change
`@@ -45,10 +45,15 @@ private async Task ProcessRequest(Socket clientSocket)`
`45`	`45`	`if (_options.ApiKey != null)`
`46`	`46`	`{`
`47`	`47`	`var headers = ParseHeaders(buffer, bytesRead);`
	`48`	`+`
`48`	`49`	`if (!headers.TryGetValue("Proxy-Authorization", out var proxyAuthorizationHeader) \|\|`
`49`	`50`	`!ValidateApiKey(proxyAuthorizationHeader))`
`50`	`51`	`{`
`51`		`- _logger.LogWarning("Unauthorized access attempt.");`
	`52`	`+ var isFirstRequest = !headers.ContainsKey("Proxy-Authorization");`
	`53`	`+ if (!isFirstRequest)`
	`54`	`+ {`
	`55`	`+ _logger.LogWarning("Unauthorized access attempt.");`
	`56`	`+ }`
`52`	`57`	`await clientStream.WriteAsync(Encoding.ASCII.GetBytes("HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"Proxy\"\r\n\r\n"));`
`53`	`58`	`clientSocket.Close();`
`54`	`59`	`return;`
`@@ -66,6 +71,7 @@ private async Task ProcessRequest(Socket clientSocket)`
`66`	`71`	`await HandleHttp(requestString, clientStream, clientSocket, buffer, bytesRead);`
`67`	`72`	`}`
`68`	`73`	`}`
	`74`	`+`
`69`	`75`	`private bool ValidateApiKey(string proxyAuthorizationHeader)`
`70`	`76`	`{`
`71`	`77`	`// Expect the header to be in the format: "Basic <base64encodedApiKey>"`