starred/yaak-mountain-loop
1
0
Fork 0
mirror of https://github.com/mountain-loop/yaak.git synced 2026-03-24 02:11:10 +01:00
Code Issues 8 Packages Projects Releases 10 Wiki Activity

Fix NTLM challenge parsing when WWW-Authenticate has Negotiate first (#402)

Browse Source
This commit is contained in:
Gregory Schier
2026-02-20 08:48:27 -08:00
committed by GitHub
parent 1f588d0498
commit 949c4a445a
3 changed files with 100 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
plugins/auth-ntlm/src/index.ts
View File

@@ -2,6 +2,16 @@ import type { PluginDefinition } from '@yaakapp/api';
import { ntlm } from 'httpntlm';
function extractNtlmChallenge(headers: Array<{ name: string; value: string }>): string | null {
const authValues = headers
.filter((h) => h.name.toLowerCase() === 'www-authenticate')
.flatMap((h) => h.value.split(','))
.map((v) => v.trim())
.filter(Boolean);
return authValues.find((v) => /^NTLM\s+\S+/i.test(v)) ?? null;
}
export const plugin: PluginDefinition = {
authentication: {
name: 'windows',
@@ -68,15 +78,12 @@ export const plugin: PluginDefinition = {
},
});
const wwwAuthenticateHeader = negotiateResponse.headers.find(
(h) => h.name.toLowerCase() === 'www-authenticate',
);
if (!wwwAuthenticateHeader?.value) {
throw new Error('Unable to find www-authenticate response header for NTLM');
const ntlmChallenge = extractNtlmChallenge(negotiateResponse.headers);
if (ntlmChallenge == null) {
throw new Error('Unable to find NTLM challenge in WWW-Authenticate response headers');
}
const type2 = ntlm.parseType2Message(wwwAuthenticateHeader.value, (err: Error | null) => {
const type2 = ntlm.parseType2Message(ntlmChallenge, (err: Error | null) => {
if (err != null) throw err;
});
const type3 = ntlm.createType3Message(type2, options);