2 // Mono.Http.NtlmClient
5 // Gonzalo Paniagua Javier (gonzalo@ximian.com)
7 // (c) 2003 Novell, Inc. (http://www.novell.com)
11 // Permission is hereby granted, free of charge, to any person obtaining
12 // a copy of this software and associated documentation files (the
13 // "Software"), to deal in the Software without restriction, including
14 // without limitation the rights to use, copy, modify, merge, publish,
15 // distribute, sublicense, and/or sell copies of the Software, and to
16 // permit persons to whom the Software is furnished to do so, subject to
17 // the following conditions:
19 // The above copyright notice and this permission notice shall be
20 // included in all copies or substantial portions of the Software.
22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
33 #if MONO_SECURITY_ALIAS
34 extern alias MonoSecurity;
35 using MonoSecurity::Mono.Security.Protocol.Ntlm;
37 using Mono.Security.Protocol.Ntlm;
41 using System.Collections;
43 using System.Runtime.CompilerServices;
55 public Authorization Authenticate (string challenge, WebRequest webRequest, ICredentials credentials)
57 HttpWebRequest request = webRequest as HttpWebRequest;
61 NetworkCredential cred = credentials.GetCredential (request.RequestUri, "NTLM");
65 string userName = cred.UserName;
66 string domain = cred.Domain;
67 string password = cred.Password;
68 if (userName == null || userName == "")
71 if (String.IsNullOrEmpty (domain)) {
72 int idx = userName.IndexOf ('\\');
74 idx = userName.IndexOf ('/');
77 domain = userName.Substring (0, idx);
78 userName = userName.Substring (idx + 1);
82 bool completed = false;
83 if (message == null) {
84 Type1Message type1 = new Type1Message ();
85 type1.Domain = domain;
86 type1.Host = ""; // MS does not send it
87 type1.Flags |= NtlmFlags.NegotiateNtlm2Key;
89 } else if (message.Type == 1) {
90 // Should I check the credentials?
91 if (challenge == null) {
96 Type2Message type2 = new Type2Message (Convert.FromBase64String (challenge));
100 Type3Message type3 = new Type3Message (type2);
101 type3.Username = userName;
102 type3.Password = password;
103 type3.Domain = domain;
107 // Should I check the credentials?
108 // type must be 3 here
109 if (challenge == null || challenge == String.Empty) {
110 Type1Message type1 = new Type1Message ();
111 type1.Domain = domain;
112 type1.Host = ""; // MS does not send it
119 string token = "NTLM " + Convert.ToBase64String (message.GetBytes ());
120 return new Authorization (token, completed);
124 class NtlmClient : IAuthenticationModule
126 static readonly ConditionalWeakTable<HttpWebRequest, NtlmSession> cache =
127 new ConditionalWeakTable<HttpWebRequest, NtlmSession> ();
129 public Authorization Authenticate (string challenge, WebRequest webRequest, ICredentials credentials)
131 if (credentials == null || challenge == null)
134 string header = challenge.Trim ();
135 int idx = header.ToLower ().IndexOf ("ntlm");
139 idx = header.IndexOfAny (new char [] {' ', '\t'});
141 header = header.Substring (idx).Trim ();
146 HttpWebRequest request = webRequest as HttpWebRequest;
151 var ds = cache.GetOrCreateValue (request);
152 return ds.Authenticate (header, webRequest, credentials);
156 public Authorization PreAuthenticate (WebRequest webRequest, ICredentials credentials)
161 public string AuthenticationType {
162 get { return "NTLM"; }
165 public bool CanPreAuthenticate {
166 get { return false; }