net-http-ntlm 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b136952fd078c094ec85c2e78dd3d7d9a4debabe199dab0bd85f13665cb4a4ff
+  data.tar.gz: b53ab6adf869d124c1e9e4cfdf51737c54225e0f9f18872f661d95cbe148ee84
+SHA512:
+  metadata.gz: ca6f9132f7300130f80e56a1ea41c92154f0e84a149beaee084436bed54364de622d52d3a1a297a934d19d0da6e43fcf7c31cfd045ebaa038da7f9be670b9603
+  data.tar.gz: 745928e94699848e2a6480badecb5f9be7251417bc6644c606d64d96957bd64be69ddd3eb1a6b9f51a4a94a1fb09eb69c47315d6bf7abfe93b6b922dd290c027

data/.github/workflows/ci.yml

@@ -0,0 +1,44 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+  pull_request_target:
+    branches:
+      - main
+
+jobs:
+  ci:
+    name: CI
+    strategy:
+      matrix:
+        os-version: [ 'ubuntu-latest' ]
+        ruby-version:
+          - 2.5
+          - 2.6
+          - 2.7
+          - 3.0
+      fail-fast: true
+
+    runs-on: ${{ matrix.os-version }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+          bundler-cache: true
+
+      - name: Run bundler-audit
+        run: bundle exec bundler-audit
+
+      # - name: Run rubocop
+      #   run: bundle exec rubocop
+
+      - name: Run rspec
+        run: bundle exec rspec

data/.gitignore

@@ -0,0 +1,65 @@
+*.gem
+*.rbc
+/.config
+/coverage/
+/InstalledFiles
+/pkg/
+/spec/reports/
+/spec/examples.txt
+/test/tmp/
+/test/version_tmp/
+/tmp/
+
+# Used by dotenv library to load environment variables.
+# .env
+
+# Ignore Byebug command history file.
+.byebug_history
+
+## Specific to RubyMotion:
+.dat*
+.repl_history
+build/
+*.bridgesupport
+build-iPhoneOS/
+build-iPhoneSimulator/
+
+## Specific to RubyMotion (use of CocoaPods):
+#
+# We recommend against adding the Pods directory to your .gitignore. However
+# you should judge for yourself, the pros and cons are mentioned at:
+# https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control
+#
+# vendor/Pods/
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalization:
+/.bundle/
+/vendor/bundle
+/lib/bundler/man/
+
+# for a library or gem, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+# Gemfile.lock
+# .ruby-version
+# .ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc
+
+# Used by RuboCop. Remote config files pulled in from inherit_from directive.
+# .rubocop-https?--*
+
+# rspec failure tracking
+.rspec_status
+
+# ASDF versioning
+.tool-versions
+
+# MacOS
+.DS_Store

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,15 @@
+AllCops:
+  TargetRubyVersion: 2.5
+  Exclude:
+    - bin/*
+
+Style/ClassAndModuleChildren:
+  Enabled: false
+
+Layout/LineLength:
+  Exclude:
+    - spec/**/*
+
+Metrics/BlockLength:
+  Exclude:
+    - spec/**/*

data/.simplecov

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+SimpleCov.start do
+  add_filter '/spec/'
+end

data/Gemfile

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in net-http-ntlm.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,70 @@
+PATH
+  remote: .
+  specs:
+    net-http-ntlm (0.1.0)
+      rubyntlm (~> 0.6)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    ast (2.4.2)
+    bundler-audit (0.8.0)
+      bundler (>= 1.2.0, < 3)
+      thor (~> 1.0)
+    diff-lcs (1.4.4)
+    docile (1.4.0)
+    parallel (1.20.1)
+    parser (3.0.1.1)
+      ast (~> 2.4.1)
+    rainbow (3.0.0)
+    rake (12.3.3)
+    regexp_parser (2.1.1)
+    rexml (3.2.5)
+    rspec (3.10.0)
+      rspec-core (~> 3.10.0)
+      rspec-expectations (~> 3.10.0)
+      rspec-mocks (~> 3.10.0)
+    rspec-core (3.10.1)
+      rspec-support (~> 3.10.0)
+    rspec-expectations (3.10.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-mocks (3.10.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.10.0)
+    rspec-support (3.10.2)
+    rubocop (1.15.0)
+      parallel (~> 1.10)
+      parser (>= 3.0.0.0)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml
+      rubocop-ast (>= 1.5.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.6.0)
+      parser (>= 3.0.1.1)
+    ruby-progressbar (1.11.0)
+    rubyntlm (0.6.3)
+    simplecov (0.21.2)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.3)
+    thor (1.1.0)
+    unicode-display_width (2.0.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler-audit (~> 0.8)
+  net-http-ntlm!
+  rake (~> 12.0)
+  rspec (~> 3.0)
+  rubocop (~> 1.0)
+  simplecov
+
+BUNDLED WITH
+   2.1.4

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 atpoint ag
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,38 @@
+# net-http-ntlm
+[![CI](https://github.com/at-point/net-http-ntlm/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/at-point/net-http-ntlm/actions/workflows/ci.yml)
+
+Adds NTLM authentication to HTTP requests using the rubyntlm gem.
+A drop-in replacement for ruby-ntlm with NTLMv2 support.
+
+NTLM authentication is used in Microsoft's server products,
+such as MS Exchange Server and IIS.
+
+Install
+-------
+
+```sh
+$ sudo gem install net-http-ntlm
+```
+
+If you'd rather install net-http-ntlm using `bundler`, add a line for it in your Gemfile:
+
+```rb
+gem 'net-http-ntlm'
+```
+
+Usage
+-----
+
+```rb
+require 'ntlm/http'
+http = Net::HTTP.new('www.example.com')
+request = Net::HTTP::Get.new('/')
+request.ntlm_auth('User', 'Domain', 'Password')
+response = http.request(request)
+```
+
+References
+----------
+
+ * rubyntlm: https://github.com/WinRb/rubyntlm
+ * ruby-ntlm: https://github.com/macks/ruby-ntlm

data/Rakefile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/bin/bundle-audit

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'bundle-audit' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("bundler-audit", "bundle-audit")

data/bin/bundler-audit

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'bundler-audit' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("bundler-audit", "bundler-audit")

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "net/http/ntlm"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/rubocop

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rubocop' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rubocop", "rubocop")

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/net/http/ntlm.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'rubyntlm'
+
+require 'net/http/ntlm/version'
+require 'net/http/ntlm/credentials'
+require 'net/http/ntlm/transport'
+
+# Adds NTLM authentication to Net::HTTP
+module Net::HTTP::NTLM
+end
+
+Net::HTTPGenericRequest.include(Net::HTTP::NTLM::Credentials)
+Net::HTTP.include(Net::HTTP::NTLM::Transport)

data/lib/net/http/ntlm/credentials.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+# Manages the credentials on Net::HTTP request objects
+module Net::HTTP::NTLM::Credentials
+  def self.included(base)
+    base.attr_reader :ntlm_auth_domain, :ntlm_auth_user, :ntlm_auth_password
+    super
+  end
+
+  # Sets the NTLM credentials on a request
+  #
+  # @param user [String] Username
+  # @param domain [String] NT-Domain
+  # @param password [String] Password
+  def ntlm_auth(user, domain, password)
+    @ntlm_auth_user = user
+    @ntlm_auth_domain = domain
+    @ntlm_auth_password = password
+  end
+
+  # Returns the NTLM credentials as a hash
+  #
+  # @return [Hash] Hash with user, domain, password
+  def ntlm_auth_params
+    {
+      user: ntlm_auth_user,
+      domain: ntlm_auth_domain,
+      password: ntlm_auth_password
+    }
+  end
+end

data/lib/net/http/ntlm/transport.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+# Overloads the request method of Net::HTTP
+module Net::HTTP::NTLM::Transport
+  def self.included(base)
+    base.alias_method :request_without_ntlm_auth, :request
+    base.alias_method :request, :request_with_ntlm
+  end
+
+  # Replaces the original request method, and tries to negotiate an NTLM authentication
+  #
+  # @param req [Net::HTTPGenericRequest] A Net::HTTP request
+  # @param body [String] Request body
+  # @yield [Net::HTTPResponse] Passes the HTTP response object to the block
+  # @return [Net::HTTPResponse] The HTTP response object
+  def request_with_ntlm(req, body = nil, &block) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/MethodLength
+    # If we don't have NTLM credentials, handle as regular request
+    return request_without_ntlm_auth(req, body, &block) unless req.ntlm_auth_user
+
+    unless started?
+      @original_body = req.body
+      req.body = nil
+      start do
+        req.delete('connection')
+        return request_with_ntlm(req, body, &block)
+      end
+    end
+
+    # Try to negotiate NTLM first
+    negotiation_message = Net::NTLM::Message::Type1.new
+    negotiation_message.domain = req.ntlm_auth_domain
+    req['authorization'] = "NTLM #{negotiation_message.encode64}"
+    res = request_without_ntlm_auth(req, body)
+
+    # Try to extract NTLM challenge from the response
+    www_auth_headers = Array(res.get_fields('www-authenticate'))
+    ntlm_challenge_header = www_auth_headers.find { |h| h.start_with?('NTLM') }
+    challenge = ntlm_challenge_header&.slice(/NTLM (.*)/, 1)
+
+    if challenge && res.code == '401'
+      # We got a challenge and correct response code, sending an authorized request
+      challenge_message = ::Net::NTLM::Message.decode64(challenge)
+      authorization_message = challenge_message.response(req.ntlm_auth_params, ntlmv2: true)
+      req['authorization'] = "NTLM #{authorization_message.encode64}"
+      # We must re-use the connection.
+      req.body_stream&.rewind
+      req.body = @original_body
+      request_without_ntlm_auth(req, body, &block)
+    else
+      # If we can't find a challenge or no authentication is required, return the response.
+      yield res if block_given?
+      res
+    end
+  end
+end

data/lib/net/http/ntlm/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+require 'net/http'
+
+module Net::HTTP::NTLM
+  VERSION = '0.1.0'
+end

data/net-http-ntlm.gemspec

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require_relative 'lib/net/http/ntlm/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'net-http-ntlm'
+  spec.version       = Net::HTTP::NTLM::VERSION
+  spec.authors       = ['Simon Schmid']
+  spec.email         = ['simon@at-point.ch']
+
+  spec.summary       = 'NTLM authentication for Net::HTTP'
+  spec.description   = 'Adds NTLM authentication support for Net::HTTP using rubyntlm'
+  spec.homepage      = 'https://github.com/at-point/net-http-ntlm'
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.5.0')
+
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/at-point/net-http-ntlm'
+  spec.metadata['changelog_uri'] = 'https://github.com/at-point/net-http-ntlm/blob/main/CHANGELOG.md'
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_dependency 'rubyntlm', '~> 0.6'
+
+  spec.add_development_dependency 'bundler-audit', '~> 0.8'
+  spec.add_development_dependency 'rake', '~> 12.0'
+  spec.add_development_dependency 'rspec', '~> 3.0'
+  spec.add_development_dependency 'rubocop', '~> 1.0'
+  spec.add_development_dependency 'simplecov'
+end

metadata

@@ -0,0 +1,150 @@
+--- !ruby/object:Gem::Specification
+name: net-http-ntlm
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Simon Schmid
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2021-05-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rubyntlm
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+- !ruby/object:Gem::Dependency
+  name: bundler-audit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.8'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Adds NTLM authentication support for Net::HTTP using rubyntlm
+email:
+- simon@at-point.ch
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".github/workflows/ci.yml"
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".simplecov"
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
+- Rakefile
+- bin/bundle-audit
+- bin/bundler-audit
+- bin/console
+- bin/rubocop
+- bin/setup
+- lib/net/http/ntlm.rb
+- lib/net/http/ntlm/credentials.rb
+- lib/net/http/ntlm/transport.rb
+- lib/net/http/ntlm/version.rb
+- net-http-ntlm.gemspec
+homepage: https://github.com/at-point/net-http-ntlm
+licenses: []
+metadata:
+  homepage_uri: https://github.com/at-point/net-http-ntlm
+  source_code_uri: https://github.com/at-point/net-http-ntlm
+  changelog_uri: https://github.com/at-point/net-http-ntlm/blob/main/CHANGELOG.md
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.5.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.7.6
+signing_key:
+specification_version: 4
+summary: NTLM authentication for Net::HTTP
+test_files: []