forked from SamDecrock/node-http-ntlm
-
Notifications
You must be signed in to change notification settings - Fork 1
/
webauth.js
79 lines (62 loc) · 2.45 KB
/
webauth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
var ntlm = require('./lib/ntlm');
var authMethods = ['NTLM', 'Basic'];
function getAuthMethName (res) {
var authHeader = res.headers['www-authenticate'] || '';
var proposedAuthMethods = authHeader.toLowerCase().split(',');
for (var i = 0; i < authMethods.length; i++) {
for (var j = 0; j < proposedAuthMethods.length; j++) {
if (proposedAuthMethods[j].indexOf(authMethods[i].toLowerCase()) !== -1)
return authMethods[i];
}
}
return '';
}
function addBasicReqInfo (credentials, reqOptions) {
var authReqStr = credentials.username + ':' + credentials.password;
var authReqHeader = 'Basic ' + new Buffer(authReqStr).toString('base64');
reqOptions.headers['Authorization'] = authReqHeader;
}
function addNTLMNegotiateMessageReqInfo (credentials, reqOptions, protocolInterface) {
var agent = new protocolInterface.Agent();
agent.maxSockets = 1;
reqOptions.agent = agent;
reqOptions.headers['connection'] = 'keep-alive';
reqOptions.headers['Authorization'] = ntlm.createType1Message({
domain: credentials.domain || '',
workstation: credentials.workstation || ''
});
}
function addNTLMAuthenticateReqInfo (credentials, reqOptions, res) {
var type2msg = ntlm.parseType2Message(res.headers['www-authenticate']),
type3msg = ntlm.createType3Message(type2msg, {
username: credentials.username,
password: credentials.password,
domain: credentials.domain || '',
workstation: credentials.workstation || ''
});
reqOptions.headers['Authorization'] = type3msg;
reqOptions.headers['connection'] = 'close';
}
exports.addCredentials = function (credentials, reqOptions, res, protocolInterface) {
var authInfo = exports.getAuthInfo(res);
if (authInfo.method === 'Basic')
addBasicReqInfo(credentials, reqOptions);
else if (authInfo.method === 'NTLM') {
if (!authInfo.isChallengeMessage)
addNTLMNegotiateMessageReqInfo(credentials, reqOptions, protocolInterface);
else
addNTLMAuthenticateReqInfo(credentials, reqOptions, res);
}
};
exports.requiresResBody = function (res) {
var authInfo = exports.getAuthInfo(res);
return !authInfo.isChallengeMessage && authInfo.method.toLowerCase() === 'ntlm';
};
exports.getAuthInfo = function (res) {
var method = getAuthMethName(res);
return {
method: method,
isChallengeMessage: method === 'NTLM' ? ntlm.isChallengeMessage(res) : false,
canAuthorize: !!method
}
};