NTLM Api access with Node.js
Full disclaimer: I have never worked with Microsofts NTLM before.
I've tried around 30 different ways to access the 7Pace timetracker API on our local TFS instance. I know it works if i access the URI directly in Chrome, it prompts me for my AD login, and swiftly serves me all the data requested. Same for Postman, except there is an authentication tab for NTLM ahead of time.
Postman suggests this for Node.js using request:
var request = require("request");
var options = {
method: 'GET',
url: 'http://TFSURL/odata/TimeExport%28StartDate=%272018-11-14%27,EndDate=%272018-11-14%27%20,PopulateTopParentColumns=null,GroupTimeByDateByUser=null,IncludeBillable=null%29',
headers: {
'cache-control': 'no-cache',
Authorization: 'NTLM NOTTHEREALTOKENKJASDKLHWKLLASBEDBSDAOBAW'
}
};
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
This returns nothing. Notice the Authorization header. I've tested multiple different variants of similar. My next guess was to request through Chrome, then sniff it with Tellerik Fiddler and try to replicate the headers. I've done this as well, but to no avail. I end up with a very similar result to that above, except chrome uses negotiate:
Any ideas on how to go about this ? Maybe other debugging options?
You will need to through the 3 steps of authentication for NTLM. It's not that easy if you want to do it manually as the NTLM spec is not really open.
There's Node.js module you can use: https://www.npmjs.com/package/httpntlm (disclaimer: I created it)
To GET your url, you would need the following:
var httpntlm = require('httpntlm');
httpntlm.get({
url: "http://tfs2:8090/api/someclient/odata/TimeExport%28StartDate=%272018-11-14%27,EndDate=%272018-11-14%27%20,PopulateTopParentColumns=null,GroupTimeByDateByUser=null,IncludeBillable=null%29",
username: 'your username',
password: 'your password',
workstation: 'anything',
domain: ''
}, function (err, res){
if(err) return err;
console.log(res.headers);
console.log(res.body);
});
- MongoDB Authentication Issues with Node.js and Mongo-Express in Docker Compose setup
- How does minecraft actually connect to a server?
- MongoDB Authentication failes for any user
- Processing an exception through Apollo Server (NestJS)
- Why doesn't CSS work when I deploy the Next.js sample project in production?
- Next.js form works locally but not on live server
- fs.readFileSync is not file relative? Node.js
- How do I completely uninstall Node.js, and reinstall from beginning (Mac OS X)
- Quasar Error: Cannot find module 'ajv/dist/compile/codegen'
- What does --save-dev (or -D) mean in npm install grunt --save-dev?
- What If Session Expires While User Is Still On The Website
- Deleting `package-lock.json` to Resolve Conflicts quickly
- Upgrading Node.js to the latest version
- Run of a next js app stuck, npm run dev doesn't work
- Mustache(-like) template engine for Express?
- How to list npm user-installed packages?
- How do I check Content-Type using ExpressJS?
- Can't run "node index.js" due to a syntaxError
- What happens if NPM ever goes belly up?
- npm install takes forever when running docker-compose
- Remix run: Authentication succeeds on validation failures
- Fixing npm path in Windows 8 and 10
- How to add a custom script to package.json that runs a javascript file?
- node-fetch azure document translator
- Unable to import ESM module in Nestjs
- how ca I fix this error after exacting npx cap add android?
- multer-gridfs error " TypeError: Cannot read properties of undefined (reading '_id') "
- How to resolve Node.js: "Error: ENOENT: no such file or directory"
- Write the contents of node debug log to file
- How to use promisify() with the spawn() function for the 'child_process'?