1 | # httpntlm
|
2 |
|
3 | __httpntlm__ is a Node.js library to do HTTP NTLM authentication
|
4 |
|
5 | It's a port from the Python libary [python-ntml](https://code.google.com/p/python-ntlm/)
|
6 |
|
7 | ## Install
|
8 |
|
9 | You can install __httpntlm__ using the Node Package Manager (npm):
|
10 |
|
11 | npm install httpntlm
|
12 |
|
13 | ## How to use
|
14 |
|
15 | ```js
|
16 | var httpntlm = require('httpntlm');
|
17 |
|
18 | httpntlm.get({
|
19 | url: "https://someurl.com",
|
20 | username: 'm$',
|
21 | password: 'stinks',
|
22 | workstation: 'choose.something',
|
23 | domain: ''
|
24 | }, function (err, res){
|
25 | if(err) return err;
|
26 |
|
27 | console.log(res.headers);
|
28 | console.log(res.body);
|
29 | });
|
30 | ```
|
31 |
|
32 | It supports __http__ and __https__.
|
33 |
|
34 | ## pre-encrypt the password
|
35 | ```js
|
36 |
|
37 | var httpntlm = require('httpntlm');
|
38 | var ntlm = httpntlm.ntlm;
|
39 | var lm = ntlm.create_LM_hashed_password('Azx123456');
|
40 | var nt = ntlm.create_NT_hashed_password('Azx123456');
|
41 | console.log(lm);
|
42 | console.log(Array.prototype.slice.call(lm, 0));
|
43 | lm = new Buffer([ 183, 180, 19, 95, 163, 5, 118, 130, 30, 146, 159, 252, 1, 57, 81, 39 ]);
|
44 | console.log(lm);
|
45 |
|
46 | console.log(nt);
|
47 | console.log(Array.prototype.slice.call(nt, 0));
|
48 | nt = new Buffer([150, 27, 7, 219, 220, 207, 134, 159, 42, 60, 153, 28, 131, 148, 14, 1]);
|
49 | console.log(nt);
|
50 |
|
51 |
|
52 | httpntlm.get({
|
53 | url: "https://someurl.com",
|
54 | username: 'm$',
|
55 | lm_password: lm,
|
56 | nt_password: nt,
|
57 | workstation: 'choose.something',
|
58 | domain: ''
|
59 | }, function (err, res){
|
60 | if(err) return err;
|
61 |
|
62 | console.log(res.headers);
|
63 | console.log(res.body);
|
64 | });
|
65 |
|
66 | /* you can save the array into your code and use it when you need it
|
67 |
|
68 | <Buffer b7 b4 13 5f a3 05 76 82 1e 92 9f fc 01 39 51 27>// before convert to array
|
69 | [ 183, 180, 19, 95, 163, 5, 118, 130, 30, 146, 159, 252, 1, 57, 81, 39 ]// convert to array
|
70 | <Buffer b7 b4 13 5f a3 05 76 82 1e 92 9f fc 01 39 51 27>//convert back to buffer
|
71 |
|
72 | <Buffer 96 1b 07 db dc cf 86 9f 2a 3c 99 1c 83 94 0e 01>
|
73 | [ 150, 27, 7, 219, 220, 207, 134, 159, 42, 60, 153, 28, 131, 148, 14, 1 ]
|
74 | <Buffer 96 1b 07 db dc cf 86 9f 2a 3c 99 1c 83 94 0e 01>
|
75 | */
|
76 |
|
77 | ```
|
78 |
|
79 |
|
80 | ## Options
|
81 |
|
82 | - `url:` _{String}_ URL to connect. (Required)
|
83 | - `username:` _{String}_ Username. (Required)
|
84 | - `password:` _{String}_ Password. (Required)
|
85 | - `workstation:` _{String}_ Name of workstation or `''`.
|
86 | - `domain:` _{String}_ Name of domain or `''`.
|
87 |
|
88 | if you already got the encrypted password,you should use this two param to replace the 'password' param.
|
89 |
|
90 | - `lm_password` _{Buffer}_ encrypted lm password.(Required)
|
91 | - `nt_password` _{Buffer}_ encrypted nt password. (Required)
|
92 |
|
93 | You can also pass along all other options of [httpreq](https://github.com/SamDecrock/node-httpreq), including custom headers, cookies, body data, ... and use POST, PUT or DELETE instead of GET.
|
94 |
|
95 |
|
96 |
|
97 |
|
98 | ## Advanced
|
99 |
|
100 | If you want to use the NTLM-functions yourself, you can access the ntlm-library like this (https example):
|
101 |
|
102 | ```js
|
103 | var ntlm = require('httpntlm').ntlm;
|
104 | var async = require('async');
|
105 | var httpreq = require('httpreq');
|
106 | var HttpsAgent = require('agentkeepalive').HttpsAgent;
|
107 | var keepaliveAgent = new HttpsAgent();
|
108 |
|
109 | var options = {
|
110 | url: "https://someurl.com",
|
111 | username: 'm$',
|
112 | password: 'stinks',
|
113 | workstation: 'choose.something',
|
114 | domain: ''
|
115 | };
|
116 |
|
117 | async.waterfall([
|
118 | function (callback){
|
119 | var type1msg = ntlm.createType1Message(options);
|
120 |
|
121 | httpreq.get(options.url, {
|
122 | headers:{
|
123 | 'Connection' : 'keep-alive',
|
124 | 'Authorization': type1msg
|
125 | },
|
126 | agent: keepaliveAgent
|
127 | }, callback);
|
128 | },
|
129 |
|
130 | function (res, callback){
|
131 | if(!res.headers['www-authenticate'])
|
132 | return callback(new Error('www-authenticate not found on response of second request'));
|
133 |
|
134 | var type2msg = ntlm.parseType2Message(res.headers['www-authenticate']);
|
135 | var type3msg = ntlm.createType3Message(type2msg, options);
|
136 |
|
137 | setImmediate(function() {
|
138 | httpreq.get(options.url, {
|
139 | headers:{
|
140 | 'Connection' : 'Close',
|
141 | 'Authorization': type3msg
|
142 | },
|
143 | allowRedirects: false,
|
144 | agent: keepaliveAgent
|
145 | }, callback);
|
146 | });
|
147 | }
|
148 | ], function (err, res) {
|
149 | if(err) return console.log(err);
|
150 |
|
151 | console.log(res.headers);
|
152 | console.log(res.body);
|
153 | });
|
154 | ```
|
155 |
|
156 | ## Download binary files
|
157 |
|
158 | ```javascript
|
159 | httpntlm.get({
|
160 | url: "https://someurl.com/file.xls",
|
161 | username: 'm$',
|
162 | password: 'stinks',
|
163 | workstation: 'choose.something',
|
164 | domain: '',
|
165 | binary: true
|
166 | }, function (err, response) {
|
167 | if(err) return console.log(err);
|
168 | fs.writeFile("file.xls", response.body, function (err) {
|
169 | if(err) return console.log("error writing file");
|
170 | console.log("file.xls saved!");
|
171 | });
|
172 | });
|
173 | ```
|
174 |
|
175 | ## More information
|
176 |
|
177 | * [python-ntlm](https://code.google.com/p/python-ntlm/)
|
178 | * [NTLM Authentication Scheme for HTTP](http://www.innovation.ch/personal/ronald/ntlm.html)
|
179 | * [LM hash on Wikipedia](http://en.wikipedia.org/wiki/LM_hash)
|
180 |
|
181 | ## Donate
|
182 |
|
183 | If you like this module or you want me to update it faster, feel free to donate. It helps increasing my dedication to fixing bugs :-)
|
184 |
|
185 | [![](https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=LPYD83FGC7XPW)
|
186 |
|
187 |
|
188 | ## License (MIT)
|
189 |
|
190 | Copyright (c) Sam Decrock <https://github.com/SamDecrock/>
|
191 |
|
192 | Permission is hereby granted, free of charge, to any person obtaining a copy
|
193 | of this software and associated documentation files (the "Software"), to deal
|
194 | in the Software without restriction, including without limitation the rights
|
195 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
196 | copies of the Software, and to permit persons to whom the Software is
|
197 | furnished to do so, subject to the following conditions:
|
198 |
|
199 | The above copyright notice and this permission notice shall be included in
|
200 | all copies or substantial portions of the Software.
|
201 |
|
202 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
203 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
204 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
205 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
206 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
207 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
208 | THE SOFTWARE.
|