2a166fd94e
This brings support for SingleSignOn on windows using the default credentials of the currently logged in user if an empty username and empty password is provided from gitcredentials. This plays well with the Git for windows implementation which stores an empty username and password if it should use the default credentials.
44 lines
914 B
Go
44 lines
914 B
Go
// +build windows
|
|
|
|
package lfsapi
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/alexbrainman/sspi"
|
|
"github.com/alexbrainman/sspi/ntlm"
|
|
)
|
|
|
|
func (c *Client) ntlmAuthenticateRequest(req *http.Request, creds *ntmlCredentials) (*http.Response, error) {
|
|
var sspiCreds *sspi.Credentials
|
|
var err error
|
|
if creds == nil {
|
|
sspiCreds, err = ntlm.AcquireCurrentUserCredentials()
|
|
} else {
|
|
sspiCreds, err = ntlm.AcquireUserCredentials(creds.domain, creds.username, creds.password)
|
|
}
|
|
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer sspiCreds.Release()
|
|
|
|
secctx, negotiate, err := ntlm.NewClientContext(sspiCreds)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer secctx.Release()
|
|
|
|
chRes, challengeMsg, err := c.ntlmSendType1Message(req, negotiate)
|
|
if err != nil {
|
|
return chRes, err
|
|
}
|
|
|
|
authenticateMsg, err := secctx.Update(challengeMsg)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return c.ntlmSendType3Message(req, authenticateMsg)
|
|
}
|