Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
else if (state === STATES.T1_MSG_CREATED) {
// At this point, we can assume that the type 1 message was sent to the server
// there can be multiple headers present with key `www-authenticate`.
// iterate to get the one which has the NTLM hash. if multiple
// headers have the NTLM hash, use the first one.
ntlmType2Header = response.headers.find(function (header) {
return String(header.key).toLowerCase() === WWW_AUTHENTICATE &&
header.valueOf().startsWith('NTLM ');
});
if (!ntlmType2Header) {
return done(new Error('ntlm: server did not send NTLM type 2 message'));
}
challengeMessage = ntlmUtil.parseType2Message(ntlmType2Header.valueOf(), _.noop);
if (!challengeMessage) {
return done(new Error('ntlm: server did not correctly process authentication request'));
}
authenticateMessage = ntlmUtil.createType3Message(challengeMessage, {
domain: domain,
workstation: workstation,
username: username,
password: password
});
// Now create the type 3 message, and add it to the request
auth.set(NTLM_HEADER, authenticateMessage);
auth.set(STATE, STATES.T3_MSG_CREATED);
function createNTLMServer (options) {
options = options || {};
var type2Message = 'NTLM ' +
'TlRMTVNTUAACAAAAHgAeADgAAAAFgoqiBevywvJykjAAAAAAAAAAAJgAmABWAAAA' +
'CgC6RwAAAA9EAEUAUwBLAFQATwBQAC0ASgBTADQAVQBKAFQARAACAB4ARABFAFMA' +
'SwBUAE8AUAAtAEoAUwA0AFUASgBUAEQAAQAeAEQARQBTAEsAVABPAFAALQBKAFMA' +
'NABVAEoAVABEAAQAHgBEAEUAUwBLAFQATwBQAC0ASgBTADQAVQBKAFQARAADAB4A' +
'RABFAFMASwBUAE8AUAAtAEoAUwA0AFUASgBUAEQABwAIADmguzCHn9UBAAAAAA==',
parsedType2Message = ntlmUtils.parseType2Message(type2Message, _.noop),
username = options.username || 'username',
password = options.password || 'password',
domain = options.domain || '',
workstation = options.workstation || '',
type1Message = ntlmUtils.createType1Message({
domain,
workstation
}),
type3Message = ntlmUtils.createType3Message(parsedType2Message, {
domain,
workstation,
username,
password
}),