kerberos-agent
Version:
HTTP.Agent implementation which provides Kerberos authentication
78 lines (59 loc) • 2.05 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.default = kerberosAgent;
var _kerberos = require('kerberos');
var _agentBase = require('agent-base');
var _agentBase2 = _interopRequireDefault(_agentBase);
var _net = require('net');
var _net2 = _interopRequireDefault(_net);
var _tls = require('tls');
var _tls2 = _interopRequireDefault(_tls);
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
function kerberosAgent(options) {
return (0, _agentBase2.default)(function (req, opts, callback) {
var spn = 'HTTP/' + opts.host;
getToken(spn, function (error, token) {
if (error) {
return callback(error);
}
addAuthHeader(req, token);
var socket = void 0;
if (opts.secureEndpoint) {
socket = _tls2.default.connect(opts);
} else {
socket = _net2.default.connect(opts);
}
callback(null, socket);
});
});
}
function getToken(spn, callback) {
_kerberos.SSIP.SecurityCredentials.acquire('Negotiate', '', function (error, creds) {
if (error) {
return callback(error);
}
_kerberos.SSIP.SecurityContext.initialize(creds, spn, '', function (err, context) {
if (err) {
return callback(err);
}
return callback(null, context.payload);
});
});
}
function addAuthHeader(req, token) {
if (req._header) {
req._header = null;
req.setHeader('Authorization', 'Negotiate ' + token);
req._implicitHeader();
if (req.output && req.output.length > 0) {
var first = req.output[0];
var endOfHeaders = first.indexOf('\r\n\r\n') + 4;
req.output[0] = req._header + first.substring(endOfHeaders);
}
} else {
req.setHeader('Authorization', 'Negotiate ' + token);
}
}
module.exports = exports['default'];