mcs/class/System/Mono.Http/NtlmClient.cs

   1 //
   2 // Mono.Http.NtlmClient
   3 //
   4 // Authors:
   5 //      Gonzalo Paniagua Javier (gonzalo@ximian.com)
   6 //
   7 // (c) 2003 Novell, Inc. (http://www.novell.com)
   8 //
   9
  10 //
  11 // Permission is hereby granted, free of charge, to any person obtaining
  12 // a copy of this software and associated documentation files (the
  13 // "Software"), to deal in the Software without restriction, including
  14 // without limitation the rights to use, copy, modify, merge, publish,
  15 // distribute, sublicense, and/or sell copies of the Software, and to
  16 // permit persons to whom the Software is furnished to do so, subject to
  17 // the following conditions:
  18 //
  19 // The above copyright notice and this permission notice shall be
  20 // included in all copies or substantial portions of the Software.
  21 //
  22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  29 //
  30
  31 #if SECURITY_DEP
  32
  33 #if MONO_SECURITY_ALIAS
  34 extern alias MonoSecurity;
  35 using MonoSecurity::Mono.Security.Protocol.Ntlm;
  36 #else
  37 using Mono.Security.Protocol.Ntlm;
  38 #endif
  39
  40 using System;
  41 using System.Collections;
  42 using System.Net;
  43 using System.Runtime.CompilerServices;
  44
  45 namespace Mono.Http
  46 {
  47         class NtlmSession
  48         {
  49                 MessageBase message;
  50
  51                 public NtlmSession ()
  52                 {
  53                 }
  54
  55                 public Authorization Authenticate (string challenge, WebRequest webRequest, ICredentials credentials)
  56                 {
  57                         HttpWebRequest request = webRequest as HttpWebRequest;
  58                         if (request == null)
  59                                 return null;
  60
  61                         NetworkCredential cred = credentials.GetCredential (request.RequestUri, "NTLM");
  62                         if (cred == null)
  63                                 return null;
  64
  65                         string userName = cred.UserName;
  66                         string domain = cred.Domain;
  67                         string password = cred.Password;
  68                         if (userName == null || userName == "")
  69                                 return null;
  70
  71                         if (String.IsNullOrEmpty (domain)) {
  72                                 int idx = userName.IndexOf ('\\');
  73                                 if (idx == -1) {
  74                                         idx = userName.IndexOf ('/');
  75                                 }
  76                                 if (idx >= 0) {
  77                                         domain = userName.Substring (0, idx);
  78                                         userName = userName.Substring (idx + 1);
  79                                 }
  80                         }
  81
  82                         bool completed = false;
  83                         if (message == null) {
  84                                 Type1Message type1 = new Type1Message ();
  85                                 type1.Domain = domain;
  86                                 type1.Host = ""; // MS does not send it
  87                                 type1.Flags |= NtlmFlags.NegotiateNtlm2Key;
  88                                 message = type1;
  89                         } else if (message.Type == 1) {
  90                                 // Should I check the credentials?
  91                                 if (challenge == null) {
  92                                         message = null;
  93                                         return null;
  94                                 }
  95
  96                                 Type2Message type2 = new Type2Message (Convert.FromBase64String (challenge));
  97                                 if (password == null)
  98                                         password = "";
  99
 100                                 Type3Message type3 = new Type3Message (type2);
 101                                 type3.Username = userName;
 102                                 type3.Password = password;
 103                                 type3.Domain = domain;
 104                                 message = type3;
 105                                 completed = true;
 106                         } else {
 107                                 // Should I check the credentials?
 108                                 // type must be 3 here
 109                                 if (challenge == null || challenge == String.Empty) {
 110                                         Type1Message type1 = new Type1Message ();
 111                                         type1.Domain = domain;
 112                                         type1.Host = ""; // MS does not send it
 113                                         message = type1;
 114                                 } else {
 115                                         completed = true;
 116                                 }
 117                         }
 118
 119                         string token = "NTLM " + Convert.ToBase64String (message.GetBytes ());
 120                         return new Authorization (token, completed);
 121                 }
 122         }
 123
 124         class NtlmClient : IAuthenticationModule
 125         {
 126                 static readonly ConditionalWeakTable<HttpWebRequest, NtlmSession> cache =
 127                         new ConditionalWeakTable<HttpWebRequest, NtlmSession> ();
 128
 129                 public Authorization Authenticate (string challenge, WebRequest webRequest, ICredentials credentials)
 130                 {
 131                         if (credentials == null || challenge == null)
 132                                 return null;
 133
 134                         string header = challenge.Trim ();
 135                         int idx = header.ToLower ().IndexOf ("ntlm");
 136                         if (idx == -1)
 137                                 return null;
 138
 139                         idx = header.IndexOfAny (new char [] {' ', '\t'});
 140                         if (idx != -1) {
 141                                 header = header.Substring (idx).Trim ();
 142                         } else {
 143                                 header = null;
 144                         }
 145
 146                         HttpWebRequest request = webRequest as HttpWebRequest;
 147                         if (request == null)
 148                                 return null;
 149
 150                         lock (cache) {
 151                                 var ds = cache.GetOrCreateValue (request);
 152                                 return ds.Authenticate (header, webRequest, credentials);
 153                         }
 154                 }
 155
 156                 public Authorization PreAuthenticate (WebRequest webRequest, ICredentials credentials)
 157                 {
 158                         return null;
 159                 }
 160
 161                 public string AuthenticationType {
 162                         get { return "NTLM"; }
 163                 }
 164
 165                 public bool CanPreAuthenticate {
 166                         get { return false; }
 167                 }
 168         }
 169 }
 170 #endif