github.com/2lambda123/git-lfs@v2.5.2+incompatible/lfsapi/ntlm_auth_nix.go (about) 1 // +build !windows 2 3 package lfsapi 4 5 import ( 6 "encoding/base64" 7 "fmt" 8 "net/http" 9 10 "github.com/ThomsonReutersEikon/go-ntlm/ntlm" 11 ) 12 13 func (c *Client) ntlmAuthenticateRequest(req *http.Request, creds *ntmlCredentials) (*http.Response, error) { 14 negotiate, err := base64.StdEncoding.DecodeString(ntlmNegotiateMessage) 15 if err != nil { 16 return nil, err 17 } 18 19 chRes, challengeMsg, err := c.ntlmSendType1Message(req, negotiate) 20 if err != nil { 21 return chRes, err 22 } 23 24 challenge, err := ntlm.ParseChallengeMessage(challengeMsg) 25 if err != nil { 26 return nil, err 27 } 28 29 session, err := c.ntlmClientSession(creds) 30 if err != nil { 31 return nil, err 32 } 33 34 session.ProcessChallengeMessage(challenge) 35 authenticate, err := session.GenerateAuthenticateMessage() 36 if err != nil { 37 return nil, err 38 } 39 40 return c.ntlmSendType3Message(req, authenticate.Bytes()) 41 } 42 43 func (c *Client) ntlmClientSession(creds *ntmlCredentials) (ntlm.ClientSession, error) { 44 c.ntlmMu.Lock() 45 defer c.ntlmMu.Unlock() 46 47 if creds == nil { 48 return nil, fmt.Errorf("Your user name must be of the form DOMAIN\\user. Single-sign-on is not supported.") 49 } 50 51 if c.ntlmSessions == nil { 52 c.ntlmSessions = make(map[string]ntlm.ClientSession) 53 } 54 55 if ses, ok := c.ntlmSessions[creds.domain]; ok { 56 return ses, nil 57 } 58 59 session, err := ntlm.CreateClientSession(ntlm.Version2, ntlm.ConnectionOrientedMode) 60 if err != nil { 61 return nil, err 62 } 63 64 session.SetUserInfo(creds.username, creds.password, creds.domain) 65 c.ntlmSessions[creds.domain] = session 66 return session, nil 67 } 68 69 const ntlmNegotiateMessage = "TlRMTVNTUAABAAAAB7IIogwADAAzAAAACwALACgAAAAKAAAoAAAAD1dJTExISS1NQUlOTk9SVEhBTUVSSUNB"