fix escaped auth tokens

1 files changed, 6 insertions, 8 deletions

diff --git a/server/src/routes/ui/account/session/guard.rs b/server/src/routes/ui/account/session/guard.rs
index fd451ef..208e45a 100644
--- a/server/src/routes/ui/account/session/guard.rs
+++ b/server/src/routes/ui/account/session/guard.rs
@@ -23,19 +23,20 @@ impl Session {
         {
             let token = req
                 .query_value("session")
-                .or_else(|| req.query_value("api_key"))
-                .or_else(|| req.headers().get_one("X-MediaBrowser-Token").map(Ok))
+                .map(|e| e.unwrap())
+                .or_else(|| req.query_value("api_key").map(|e| e.unwrap()))
+                .or_else(|| req.headers().get_one("X-MediaBrowser-Token"))
                 .or_else(|| {
                     req.headers()
                         .get_one("Authorization")
                         .and_then(parse_jellyfin_auth)
-                        .map(Ok)
                 }) // for jellyfin compat
-                .map(|e| e.expect("str parse should not fail, right?"))
                 .or(req.cookies().get("session").map(|cookie| cookie.value()))
                 .ok_or(anyhow!("not logged in"))?;
 
-            username = super::token::validate(token)?;
+            // jellyfin urlescapes the token for *some* requests
+            let token = token.replace("%3D", "=");
+            username = super::token::validate(&token)?;
         };
 
         #[cfg(feature = "bypass-auth")]
@@ -55,9 +56,6 @@ fn parse_jellyfin_auth(h: &str) -> Option<&str> {
     for tok in h.split(" ") {
         if let Some(tok) = tok.strip_prefix("Token=\"") {
             if let Some(tok) = tok.strip_suffix("\"") {
-                let tok = tok.strip_suffix("%3D").unwrap_or(tok);
-                let tok = tok.strip_suffix("%3D").unwrap_or(tok);
-                let tok = tok.strip_suffix("%3D").unwrap_or(tok);
                 return Some(tok);
             }
         }