Add API Key auth

UmlautAdaptarr/Controllers/CapsController.cs

@@ -1,18 +1,29 @@
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
 using System.Text;
 using System.Xml.Linq;
+using UmlautAdaptarr.Options;
 using UmlautAdaptarr.Services;
 using UmlautAdaptarr.Utilities;
 
 namespace UmlautAdaptarr.Controllers
 {
-    public class CapsController(ProxyRequestService proxyRequestService) : ControllerBase
+    public class CapsController(ProxyRequestService proxyRequestService, IOptions<GlobalOptions> options, ILogger<CapsController> logger) : ControllerBase
     {
         private readonly ProxyRequestService _proxyRequestService = proxyRequestService;
+        private readonly GlobalOptions _options = options.Value;
+        private readonly ILogger<CapsController> _logger = logger;
+
 
         [HttpGet]
-        public async Task<IActionResult> Caps([FromRoute] string options, [FromRoute] string domain, [FromQuery] string? apikey)
+        public async Task<IActionResult> Caps([FromRoute] string apiKey, [FromRoute] string domain, [FromQuery] string? apikey)
         {
+            if (_options.ApiKey != null && !apiKey.Equals(apiKey))
+            {
+                _logger.LogWarning("Invalid or missing API key for request.");
+                return Unauthorized("Unauthorized: Invalid or missing API key.");
+            }
+
             if (!domain.StartsWith("localhost") && !UrlUtilities.IsValidDomain(domain))
             {
                 return NotFound($"{domain} is not a valid URL.");

UmlautAdaptarr/Controllers/SearchController.cs

@@ -1,24 +1,31 @@
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
 using System.Text;
 using UmlautAdaptarr.Models;
+using UmlautAdaptarr.Options;
 using UmlautAdaptarr.Providers;
 using UmlautAdaptarr.Services;
 using UmlautAdaptarr.Utilities;
 
 namespace UmlautAdaptarr.Controllers
 {
-    public abstract class SearchControllerBase(ProxyRequestService proxyRequestService, TitleMatchingService titleMatchingService, ILogger<SearchControllerBase> logger) : ControllerBase
+    public abstract class SearchControllerBase(ProxyRequestService proxyRequestService, TitleMatchingService titleMatchingService, IOptions<GlobalOptions> options, ILogger<SearchControllerBase> logger) : ControllerBase
     {
         // TODO evaluate if this should be set to true by default
         private readonly bool TODO_FORCE_TEXT_SEARCH_ORIGINAL_TITLE = true;
         private readonly bool TODO_FORCE_TEXT_SEARCH_GERMAN_TITLE = false;
-        protected async Task<IActionResult> BaseSearch(string options,
+        protected async Task<IActionResult> BaseSearch(string apiKey,
                                                        string domain,
                                                        IDictionary<string, string> queryParameters,
                                                        SearchItem? searchItem = null)
         {
             try
             {
+                if (!AssureApiKey(apiKey))
+                {
+                    return Unauthorized("Unauthorized: Invalid or missing API key.");
+                }
+
                 if (!UrlUtilities.IsValidDomain(domain))
                 {
                     return NotFound($"{domain} is not a valid URL.");
@@ -159,30 +166,50 @@ namespace UmlautAdaptarr.Controllers
 
             return aggregatedResult;
         }
+
+        internal bool AssureApiKey(string apiKey)
+        {
+            if (options.Value.ApiKey != null && !apiKey.Equals(options.Value.ApiKey))
+            {
+                logger.LogWarning("Invalid or missing API key for request.");
+                return false;
+            }
+            return true;
+        }
     }
 
     public class SearchController(ProxyRequestService proxyRequestService,
                                   TitleMatchingService titleMatchingService,
                                   SearchItemLookupService searchItemLookupService,
-                                  ILogger<SearchControllerBase> logger) : SearchControllerBase(proxyRequestService, titleMatchingService, logger)
+                                  IOptions<GlobalOptions> options,
+                                  ILogger<SearchControllerBase> logger) : SearchControllerBase(proxyRequestService, titleMatchingService, options, logger)
     {
         public readonly string[] LIDARR_CATEGORY_IDS = ["3000", "3010", "3020", "3040", "3050"];
         public readonly string[] READARR_CATEGORY_IDS = ["3030", "3130", "7000", "7010", "7020", "7030", "7100", "7110", "7120", "7130"];
 
         [HttpGet]
-        public async Task<IActionResult> MovieSearch([FromRoute] string options, [FromRoute] string domain)
+        public async Task<IActionResult> MovieSearch([FromRoute] string apiKey, [FromRoute] string domain)
         {
+            if (!AssureApiKey(apiKey))
+            {
+                return Unauthorized("Unauthorized: Invalid or missing API key.");
+            }
+
             var queryParameters = HttpContext.Request.Query.ToDictionary(
                  q => q.Key,
                  q => string.Join(",", q.Value));
-            return await BaseSearch(options, domain, queryParameters);
+            return await BaseSearch(apiKey, domain, queryParameters);
         }
 
         [HttpGet]
-        public async Task<IActionResult> GenericSearch([FromRoute] string options, [FromRoute] string domain)
+        public async Task<IActionResult> GenericSearch([FromRoute] string apiKey, [FromRoute] string domain)
         {
+            if (!AssureApiKey(apiKey))
+            {
+                return Unauthorized("Unauthorized: Invalid or missing API key.");
+            }
 
-        var queryParameters = HttpContext.Request.Query.ToDictionary(
+            var queryParameters = HttpContext.Request.Query.ToDictionary(
                  q => q.Key,
                  q => string.Join(",", q.Value));
 
@@ -208,21 +235,31 @@ namespace UmlautAdaptarr.Controllers
                 }
             }
 
-            return await BaseSearch(options, domain, queryParameters, searchItem);
+            return await BaseSearch(apiKey, domain, queryParameters, searchItem);
         }
 
         [HttpGet]
-        public async Task<IActionResult> BookSearch([FromRoute] string options, [FromRoute] string domain)
+        public async Task<IActionResult> BookSearch([FromRoute] string apiKey, [FromRoute] string domain)
         {
+            if (!AssureApiKey(apiKey))
+            {
+                return Unauthorized("Unauthorized: Invalid or missing API key.");
+            }
+
             var queryParameters = HttpContext.Request.Query.ToDictionary(
                  q => q.Key,
                  q => string.Join(",", q.Value));
-            return await BaseSearch(options, domain, queryParameters);
+            return await BaseSearch(apiKey, domain, queryParameters);
         }
 
         [HttpGet]
-        public async Task<IActionResult> TVSearch([FromRoute] string options, [FromRoute] string domain)
+        public async Task<IActionResult> TVSearch([FromRoute] string apiKey, [FromRoute] string domain)
         {
+            if (!AssureApiKey(apiKey))
+            {
+               return Unauthorized("Unauthorized: Invalid or missing API key.");
+            }
+
             var queryParameters = HttpContext.Request.Query.ToDictionary(
                  q => q.Key,
                  q => string.Join(",", q.Value));
@@ -239,16 +276,21 @@ namespace UmlautAdaptarr.Controllers
                 searchItem = await searchItemLookupService.GetOrFetchSearchItemByTitle(mediaType, title);
             }
 
-            return await BaseSearch(options, domain, queryParameters, searchItem);
+            return await BaseSearch(apiKey, domain, queryParameters, searchItem);
         }
 
         [HttpGet]
-        public async Task<IActionResult> MusicSearch([FromRoute] string options, [FromRoute] string domain)
+        public async Task<IActionResult> MusicSearch([FromRoute] string apiKey, [FromRoute] string domain)
         {
+            if (!AssureApiKey(apiKey))
+            {
+                return Unauthorized("Unauthorized: Invalid or missing API key.");
+            }
+
             var queryParameters = HttpContext.Request.Query.ToDictionary(
                  q => q.Key,
                  q => string.Join(",", q.Value));
-            return await BaseSearch(options, domain, queryParameters);
+            return await BaseSearch(apiKey, domain, queryParameters);
         }
     }
 }

UmlautAdaptarr/Program.cs

@@ -69,32 +69,32 @@ internal class Program
         app.UseAuthorization();
 
         app.MapControllerRoute("caps",
-            "{options}/{*domain}",
+            "{apiKey}/{*domain}",
             new { controller = "Caps", action = "Caps" },
             new { t = new TRouteConstraint("caps") });
 
         app.MapControllerRoute("movie-search",
-            "{options}/{*domain}",
+            "{apiKey}/{*domain}",
             new { controller = "Search", action = "MovieSearch" },
             new { t = new TRouteConstraint("movie") });
 
         app.MapControllerRoute("tv-search",
-            "{options}/{*domain}",
+            "{apiKey}/{*domain}",
             new { controller = "Search", action = "TVSearch" },
             new { t = new TRouteConstraint("tvsearch") });
 
         app.MapControllerRoute("music-search",
-            "{options}/{*domain}",
+            "{apiKey}/{*domain}",
             new { controller = "Search", action = "MusicSearch" },
             new { t = new TRouteConstraint("music") });
 
         app.MapControllerRoute("book-search",
-            "{options}/{*domain}",
+            "{apiKey}/{*domain}",
             new { controller = "Search", action = "BookSearch" },
             new { t = new TRouteConstraint("book") });
 
         app.MapControllerRoute("generic-search",
-            "{options}/{*domain}",
+            "{apiKey}/{*domain}",
             new { controller = "Search", action = "GenericSearch" },
             new { t = new TRouteConstraint("search") });
         app.Run();

UmlautAdaptarr/Properties/launchSettings.json

@@ -4,7 +4,7 @@
       "commandName": "Project",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development",
-        "Kestrel__Endpoints__Http__Url": "http://[::]:8080"
+        "SETTINGS__ApiKey": "test123"
       },
       "_launchUrl": "optionsTODO/example.com/api?t=movie&apikey=132&imdbid=123&limit=100",
       "dotnetRunMessages": true,

UmlautAdaptarr/Providers/SonarrClient.cs

@@ -48,6 +48,21 @@ public class SonarrClient : ArrClientBase
             if (shows != null)
             {
                 _logger.LogInformation($"Successfully fetched {shows.Count} items from Sonarr ({InstanceName}).");
+                // Bulk request (germanTitle, aliases) for all shows
+                var tvdbIds = new List<string>();
+                foreach (var show in shows)
+                {
+                    if ((string)show.tvdbId is not string tvdbId)
+                    {
+                        continue;
+                    }
+                    tvdbIds.Add(tvdbId);
+                }
+
+                var bulkTitleData = await _titleService.FetchGermanTitlesAndAliasesByExternalIdBulkAsync(tvdbIds);
+                string? germanTitle;
+                string[]? aliases;
+
                 foreach (var show in shows)
                 {
                     var tvdbId = (string)show.tvdbId;
@@ -57,8 +72,16 @@ public class SonarrClient : ArrClientBase
                         continue;
                     }
 
-                    var (germanTitle, aliases) =
+                    if (bulkTitleData.TryGetValue(tvdbId, out var titleData))
-                        await _titleService.FetchGermanTitleAndAliasesByExternalIdAsync(_mediaType, tvdbId);
+                    {
+                        (germanTitle, aliases) = titleData;
+                    }
+                    else
+                    {
+                        (germanTitle, aliases) =
+                            await _titleService.FetchGermanTitleAndAliasesByExternalIdAsync(_mediaType, tvdbId);
+                    }
+                    
                     var searchItem = new SearchItem
                     (
                         (int)show.id,

UmlautAdaptarr/Services/HttpProxyService.cs

@@ -42,6 +42,19 @@ namespace UmlautAdaptarr.Services
             var bytesRead = await clientStream.ReadAsync(buffer);
             var requestString = Encoding.ASCII.GetString(buffer, 0, bytesRead);
 
+            if (_options.ApiKey != null)
+            {
+                var headers = ParseHeaders(buffer, bytesRead);
+                if (!headers.TryGetValue("Proxy-Authorization", out var proxyAuthorizationHeader) ||
+                    !ValidateApiKey(proxyAuthorizationHeader))
+                {
+                    _logger.LogWarning("Unauthorized access attempt.");
+                    await clientStream.WriteAsync(Encoding.ASCII.GetBytes("HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"Proxy\"\r\n\r\n"));
+                    clientSocket.Close();
+                    return;
+                }
+            }
+
             if (requestString.StartsWith("CONNECT"))
             {
                 // Handle HTTPS CONNECT request
@@ -53,6 +66,18 @@ namespace UmlautAdaptarr.Services
                 await HandleHttp(requestString, clientStream, clientSocket, buffer, bytesRead);
             }
         }
+        private bool ValidateApiKey(string proxyAuthorizationHeader)
+        {
+            // Expect the header to be in the format: "Basic <base64encodedApiKey>"
+            if (proxyAuthorizationHeader.StartsWith("Basic ", StringComparison.OrdinalIgnoreCase))
+            {
+                var encodedKey = proxyAuthorizationHeader["Basic ".Length..].Trim();
+                var decodedKey = Encoding.ASCII.GetString(Convert.FromBase64String(encodedKey));
+                var password = decodedKey.Split(':')[^1];
+                return password == _options.ApiKey;
+            }
+            return false;
+        }
 
         private async Task HandleHttpsConnect(string requestString, NetworkStream clientStream, Socket clientSocket)
         {
@@ -99,7 +124,9 @@ namespace UmlautAdaptarr.Services
                 var url = _configuration["Kestrel:Endpoints:Http:Url"];
                 var port = new Uri(url).Port;
 
-                var modifiedUri = $"http://localhost:{port}/_/{uri.Host}{uri.PathAndQuery}";
+                var apiKey = _options.ApiKey == null ? "_" : _options.ApiKey;
+
+                var modifiedUri = $"http://localhost:{port}/{apiKey}/{uri.Host}{uri.PathAndQuery}";
                 using var client = _clientFactory.CreateClient();
                 var httpRequestMessage = new HttpRequestMessage(HttpMethod.Get, modifiedUri);
                 httpRequestMessage.Headers.Add("User-Agent", userAgent);

UmlautAdaptarr/Services/TitleApiService.cs

@@ -1,6 +1,7 @@
 using Microsoft.Extensions.Options;
 using Newtonsoft.Json;
 using Newtonsoft.Json.Linq;
+using System.Text;
 using UmlautAdaptarr.Options;
 using UmlautAdaptarr.Utilities;
 
@@ -22,7 +23,7 @@ namespace UmlautAdaptarr.Services
             lastRequestTime = DateTime.Now;
         }
 
-        // TODO add cache, TODO add bulk request
+        // TODO add caching
         public async Task<(string? germanTitle, string[]? aliases)> FetchGermanTitleAndAliasesByExternalIdAsync(string mediaType, string externalId)
         {
             try
@@ -68,6 +69,68 @@ namespace UmlautAdaptarr.Services
             return (null, null);
         }
 
+        public async Task<Dictionary<string, (string? germanTitle, string[]? aliases)>> FetchGermanTitlesAndAliasesByExternalIdBulkAsync(IEnumerable<string> tvdbIds)
+        {
+            try
+            {
+                await EnsureMinimumDelayAsync();
+
+                var httpClient = clientFactory.CreateClient();
+                var bulkApiUrl = $"{Options.UmlautAdaptarrApiHost}/tvshow_german.php?bulk=true";
+                logger.LogInformation($"TitleApiService POST {UrlUtilities.RedactApiKey(bulkApiUrl)}");
+
+                // Prepare POST request payload
+                var payload = new { tvdbIds = tvdbIds.ToArray() };
+                var jsonPayload = JsonConvert.SerializeObject(payload);
+                var content = new StringContent(jsonPayload, Encoding.UTF8, "application/json");
+
+                // Send POST request
+                var response = await httpClient.PostAsync(bulkApiUrl, content);
+                if (!response.IsSuccessStatusCode)
+                {
+                    logger.LogError($"Failed to fetch German titles via bulk API. Status Code: {response.StatusCode}");
+                    return [];
+                }
+
+                var responseContent = await response.Content.ReadAsStringAsync();
+                var bulkApiResponseData = JsonConvert.DeserializeObject<dynamic>(responseContent);
+
+                if (bulkApiResponseData == null || bulkApiResponseData.status != "success")
+                {
+                    logger.LogError($"Parsing UmlautAdaptarr Bulk API response resulted in null or an error status.");
+                    return [];
+                }
+
+                // Process response data
+                var results = new Dictionary<string, (string? germanTitle, string[]? aliases)>();
+                foreach (var entry in bulkApiResponseData.data)
+                {
+                    string tvdbId = entry.tvdbId;
+                    string? germanTitle = entry.germanTitle;
+
+                    string[]? aliases = null;
+                    if (entry.aliases != null)
+                    {
+                        JArray aliasesArray = JArray.FromObject(entry.aliases);
+                        aliases = aliasesArray.Children<JObject>()
+                            .Select(alias => alias["name"].ToString())
+                            .ToArray();
+                    }
+
+                    results[tvdbId] = (germanTitle, aliases);
+                }
+
+                logger.LogInformation($"Successfully fetched German titles for {results.Count} TVDB IDs via bulk API.");
+
+                return results;
+            }
+            catch (Exception ex)
+            {
+                logger.LogError($"Error fetching German titles in bulk: {ex.Message}");
+                return new Dictionary<string, (string? germanTitle, string[]? aliases)>();
+            }
+        }
+
         public async Task<(string? germanTitle, string? externalId, string[]? aliases)> FetchGermanTitleAndExternalIdAndAliasesByTitle(string mediaType, string title)
         {
             try

UmlautAdaptarr/UmlautAdaptarr.csproj

@@ -9,13 +9,13 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="FluentValidation.DependencyInjectionExtensions" Version="11.9.2" />
+    <PackageReference Include="FluentValidation.DependencyInjectionExtensions" Version="12.0.0-preview1" />
     <PackageReference Include="IL.FluentValidation.Extensions.Options" Version="11.0.2" />
-    <PackageReference Include="Microsoft.Extensions.Options" Version="8.0.2" />
+    <PackageReference Include="Microsoft.Extensions.Options" Version="9.0.0" />
-    <PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="8.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="9.0.0" />
     <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
-    <PackageReference Include="Serilog.AspNetCore" Version="8.0.2" />
+    <PackageReference Include="Serilog.AspNetCore" Version="9.0.0" />
-    <PackageReference Include="Swashbuckle.AspNetCore" Version="6.7.3" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="7.2.0" />
   </ItemGroup>
 
 </Project>