UNPKG

win-sso

Version:

NTLM single-sign-on for Node.js. Only Windows OS supported.

github.com/bjowes/node-win-sso

bjowes/node-win-sso

65 lines (64 loc) 2.77 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
import { PeerCertificate } from "tls"; /** * Creates authentication tokens for NTLM or Negotiate handshake using the executing users credentials. */ export declare class WinSso { private static NEGOTIATE_NTLM2_KEY; private authContextId; private securityPackage; /** * Creates an authentication context for SSO. * This allocates memory buffers, the freeAuthContext method should be called * to free them (on error or after authentication is no longer needed) * @param securityPackage The name of the security package (NTLM or Negotiate) * @param targetHost The FQDN hostname of the target (optional for NTLM, required for Kerberos) * @param peerCert The certificate of the target server * (optional, for HTTPS channel binding) * @param flags Flags to set in the authentication context * If not set, NTML defaults to no flags, while Negotiate defaults to ISC_REQ_MUTUAL_AUTH | ISC_REQ_SEQUENCE_DETECT * (optional, allows customizing security features) */ constructor(securityPackage: string, targetHost: string | undefined, peerCert: PeerCertificate | undefined, flags: number | undefined); /** * Retrieves the username of the logged in user * @returns user name including domain */ static getLogonUserName(): string; /** * Transforms target TLS certificate into a channel binding application data buffer * @param peerCert Target TLS certificate * @returns Application data buffer */ private getChannelBindingsApplicationData; /** * Releases all allocated resources for the authorization context. * Should be called when the context is no longer required, such as when the * socket was closed. */ freeAuthContext(): void; /** * Creates an authentication request token * @returns Raw token buffer */ createAuthRequest(): Buffer; /** * Creates an authentication request header * @returns The www-authenticate header */ createAuthRequestHeader(): string; /** * Creates an authentication response token * @param inTokenHeader The www-authentication header received from the target * in response to the authentication request * @returns Raw token buffer. May be empty if Negotiate handshake is complete. */ createAuthResponse(inTokenHeader: string): Buffer; private isNtlmV1; /** * Creates an authentication response header * @param inTokenHeader The www-authentication header received from the target * in response to the authentication request * @returns The www-authenticate header. May be an empty string if Negotiate handshake is complete. */ createAuthResponseHeader(inTokenHeader: string): string; }