httpntlm

What is httpntlm?

The httpntlm npm package is used to perform HTTP NTLM (NT LAN Manager) authentication. This is particularly useful for interacting with services that require NTLM authentication, such as certain Microsoft services and APIs.

What are httpntlm's main functionalities?

NTLM Authentication

This feature allows you to perform a GET request with NTLM authentication. You need to provide the URL, username, password, workstation, and domain.

const httpntlm = require('httpntlm');

httpntlm.get({
    url: 'https://example.com/api',
    username: 'yourUsername',
    password: 'yourPassword',
    workstation: 'yourWorkstation',
    domain: 'yourDomain'
}, function (err, res) {
    if (err) return console.log(err);
    console.log(res.headers);
    console.log(res.body);
});

POST Request with NTLM Authentication

This feature allows you to perform a POST request with NTLM authentication. You need to provide the URL, username, password, workstation, domain, request body, and headers.

const httpntlm = require('httpntlm');

httpntlm.post({
    url: 'https://example.com/api',
    username: 'yourUsername',
    password: 'yourPassword',
    workstation: 'yourWorkstation',
    domain: 'yourDomain',
    body: '<xml>yourData</xml>',
    headers: {
        'Content-Type': 'application/xml'
    }
}, function (err, res) {
    if (err) return console.log(err);
    console.log(res.headers);
    console.log(res.body);
});

Other packages similar to httpntlm

axios-ntlm

The axios-ntlm package is an NTLM authentication interceptor for the popular axios HTTP client. It provides similar functionality to httpntlm but integrates with axios, allowing you to use axios' features and syntax while adding NTLM support.

node-http-ntlm

The node-http-ntlm package is another library for NTLM authentication in Node.js. It offers similar capabilities to httpntlm but with a different API design. It is also actively maintained and provides comprehensive documentation.

request-ntlm

The request-ntlm package is an NTLM authentication extension for the request library. It allows you to perform NTLM authenticated requests using the request library's API. This package is useful if you are already using request and need to add NTLM support.

README

httpntlm

httpntlm is a Node.js library to do HTTP NTLM authentication

It's a port from the Python libary python-ntml

Install

You can install httpntlm using the Node Package Manager (npm):

npm install httpntlm

How to use

var httpntlm = require('httpntlm');

httpntlm.get({
    url: "https://someurl.com",
    username: 'm$',
    password: 'stinks',
    workstation: 'choose.something',
    domain: ''
}, function (err, res){
    if(err) return err;

    console.log(res.headers);
    console.log(res.body);
});

It supports http and https.

Options

• url: {String} URL to connect. (Required)
• username: {String} Username. (Required)
• password: {String} Password. (Required)
• workstation: {String} Name of workstation or ''.
• domain: {String} Name of domain or ''.

You can also pass along all other options of httpreq, including custom headers, cookies, body data, ... and use POST, PUT or DELETE instead of GET.

Advanced

If you want to use the NTLM-functions yourself, you can access the ntlm-library like this (https example):

var ntlm = require('httpntlm').ntlm;
var async = require('async');
var httpreq = require('httpreq');
var HttpsAgent = require('agentkeepalive').HttpsAgent;
var keepaliveAgent = new HttpsAgent();

var options = {
    url: "https://someurl.com",
    username: 'm$',
    password: 'stinks',
    workstation: 'choose.something',
    domain: ''
};

async.waterfall([
    function (callback){
        var type1msg = ntlm.createType1Message(options);

        httpreq.get(options.url, {
            headers:{
                'Connection' : 'keep-alive',
                'Authorization': type1msg
            },
            agent: keepaliveAgent
        }, callback);
    },

    function (res, callback){
        if(!res.headers['www-authenticate'])
            return callback(new Error('www-authenticate not found on response of second request'));

        var type2msg = ntlm.parseType2Message(res.headers['www-authenticate']);
        var type3msg = ntlm.createType3Message(type2msg, options);

        httpreq.get(options.url, {
            headers:{
                'Connection' : 'Close',
                'Authorization': type3msg
            },
            allowRedirects: false,
            agent: keepaliveAgent
        }, callback);
    }
], function (err, res) {
    if(err) return console.log(err);

    console.log(res.headers);
    console.log(res.body);
});

More information

• python-ntlm
• NTLM Authentication Scheme for HTTP
• LM hash on Wikipedia

License (MIT)

Copyright (c) Sam Decrock https://github.com/SamDecrock/

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.