From d9375405a57ac0edd4a4eb9f849a0e76b9ebefd8 Mon Sep 17 00:00:00 2001 From: Josh Patra Date: Mon, 2 Feb 2026 20:45:00 -0500 Subject: [PATCH] add debug logging for websocket auth headers --- .../Jellyfin/JellyfinSessionManager.cs | 34 +++++++++++++++---- 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/allstarr/Services/Jellyfin/JellyfinSessionManager.cs b/allstarr/Services/Jellyfin/JellyfinSessionManager.cs index 102d903..53f4620 100644 --- a/allstarr/Services/Jellyfin/JellyfinSessionManager.cs +++ b/allstarr/Services/Jellyfin/JellyfinSessionManager.cs @@ -59,6 +59,10 @@ public class JellyfinSessionManager : IDisposable } _logger.LogWarning("🔧 SESSION: Creating new session for device: {DeviceId} ({Client} on {Device})", deviceId, client, device); + + // Log the headers we received for debugging + _logger.LogWarning("🔍 SESSION: Headers received for session creation: {Headers}", + string.Join(", ", headers.Select(h => $"{h.Key}={h.Value.ToString().Substring(0, Math.Min(30, h.Value.ToString().Length))}..."))); try { @@ -204,16 +208,21 @@ public class JellyfinSessionManager : IDisposable // The client's token is passed via X-Emby-Authorization header // Using api_key would create a session for the server/admin, not the actual user's client - _logger.LogWarning("🔗 WEBSOCKET: Connecting to Jellyfin for device {DeviceId}: {Url}", deviceId, jellyfinWsUrl); - webSocket = new ClientWebSocket(); session.WebSocket = webSocket; + // Log available headers for debugging + _logger.LogWarning("🔍 WEBSOCKET: Available headers for {DeviceId}: {Headers}", + deviceId, string.Join(", ", headers.Keys)); + // Forward authentication headers from the CLIENT - this is critical for session to appear under the right user + bool authFound = false; if (headers.TryGetValue("X-Emby-Authorization", out var embyAuth)) { webSocket.Options.SetRequestHeader("X-Emby-Authorization", embyAuth.ToString()); - _logger.LogWarning("🔑 WEBSOCKET: Forwarded X-Emby-Authorization for {DeviceId}", deviceId); + _logger.LogWarning("🔑 WEBSOCKET: Using X-Emby-Authorization for {DeviceId}: {Auth}", + deviceId, embyAuth.ToString().Length > 50 ? embyAuth.ToString()[..50] + "..." : embyAuth.ToString()); + authFound = true; } else if (headers.TryGetValue("Authorization", out var auth)) { @@ -221,24 +230,35 @@ public class JellyfinSessionManager : IDisposable if (authValue.Contains("MediaBrowser", StringComparison.OrdinalIgnoreCase)) { webSocket.Options.SetRequestHeader("X-Emby-Authorization", authValue); - _logger.LogWarning("🔑 WEBSOCKET: Converted Authorization to X-Emby-Authorization for {DeviceId}", deviceId); + _logger.LogWarning("🔑 WEBSOCKET: Converted Authorization to X-Emby-Authorization for {DeviceId}: {Auth}", + deviceId, authValue.Length > 50 ? authValue[..50] + "..." : authValue); + authFound = true; } else { webSocket.Options.SetRequestHeader("Authorization", authValue); - _logger.LogWarning("🔑 WEBSOCKET: Forwarded Authorization for {DeviceId}", deviceId); + _logger.LogWarning("🔑 WEBSOCKET: Using Authorization for {DeviceId}: {Auth}", + deviceId, authValue.Length > 50 ? authValue[..50] + "..." : authValue); + authFound = true; } } - else + + if (!authFound) { // No client auth found - fall back to server API key as last resort if (!string.IsNullOrEmpty(_settings.ApiKey)) { jellyfinWsUrl += $"?api_key={_settings.ApiKey}"; - _logger.LogWarning("⚠️ WEBSOCKET: No client auth found, falling back to server API key for {DeviceId}", deviceId); + _logger.LogWarning("⚠️ WEBSOCKET: No client auth found in headers, falling back to server API key for {DeviceId}", deviceId); + } + else + { + _logger.LogWarning("❌ WEBSOCKET: No authentication available for {DeviceId}!", deviceId); } } + _logger.LogWarning("🔗 WEBSOCKET: Connecting to Jellyfin for device {DeviceId}: {Url}", deviceId, jellyfinWsUrl); + // Set user agent webSocket.Options.SetRequestHeader("User-Agent", $"Allstarr-Proxy/{session.Client}");