TyleoDvDelaware3217/Kuma
1
0
Fork 0
mirror of https://github.com/louislam/uptime-kuma.git synced 2025-07-19 07:44:02 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Properly handle the NTLM part being embedded inside other authentication headers

Browse source 
ref: 7d0e834586
This commit is contained in:
Florian Feka 2025-06-02 14:05:15 +02:00
parent c0598ac606
commit 13cf395942
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
server/modules/axios-ntlm/lib/ntlmClient.js
View file

@ -89,6 +89,7 @@ function NtlmClient(credentials, AxiosConfig) {
switch (_b.label) { switch (_b.label) {
case 0: case 0:
error = err.response; error = err.response;
const ntlmheader = error.headers['www-authenticate'].split(',').find(_ => _.match(/ *NTLM/))?.trim() || '';
if (!(error && error.status === 401 if (!(error && error.status === 401
&& error.headers['www-authenticate'] && error.headers['www-authenticate']
&& error.headers['www-authenticate'].includes('NTLM'))) return [3 /*break*/, 3]; && error.headers['www-authenticate'].includes('NTLM'))) return [3 /*break*/, 3];
@ -96,12 +97,12 @@ function NtlmClient(credentials, AxiosConfig) {
// include the Negotiate option when responding with the T2 message // include the Negotiate option when responding with the T2 message
// There is nore we could do to ensure we are processing correctly, // There is nore we could do to ensure we are processing correctly,
// but this is the easiest option for now // but this is the easiest option for now
if (error.headers['www-authenticate'].length < 50) { if (ntlmheader.length < 50) {
t1Msg = ntlm.createType1Message(credentials.workstation, credentials.domain); t1Msg = ntlm.createType1Message(credentials.workstation, credentials.domain);
error.config.headers["Authorization"] = t1Msg; error.config.headers["Authorization"] = t1Msg;
} }
else { else {
t2Msg = ntlm.decodeType2Message((error.headers['www-authenticate'].match(/^NTLM\s+(.+?)(,|\s+|$)/) || [])[1]); t2Msg = ntlm.decodeType2Message((ntlmheader.match(/^NTLM\s+(.+?)(,|\s+|$)/) || [])[1]);
t3Msg = ntlm.createType3Message(t2Msg, credentials.username, credentials.password, credentials.workstation, credentials.domain); t3Msg = ntlm.createType3Message(t2Msg, credentials.username, credentials.password, credentials.workstation, credentials.domain);
error.config.headers["X-retry"] = "false"; error.config.headers["X-retry"] = "false";
error.config.headers["Authorization"] = t3Msg; error.config.headers["Authorization"] = t3Msg;