From f8f9ab0ed8e9627a0bad042302ddeec49da18908 Mon Sep 17 00:00:00 2001 From: Alex B Date: Mon, 23 Apr 2018 12:03:09 -0400 Subject: [PATCH 1/4] moving handle_unauthorized function to options --- lib/express-ntlm.js | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/lib/express-ntlm.js b/lib/express-ntlm.js index ac2f714..4c12e72 100644 --- a/lib/express-ntlm.js +++ b/lib/express-ntlm.js @@ -32,7 +32,11 @@ module.exports = function(options) { forbidden: function(request, response, next) { response.sendStatus(403); }, - + handleunauthorized: function(request, response, next) { + response.statusCode = 401; + response.setHeader('WWW-Authenticate', 'NTLM'); + response.end(); + }, prefix: '[express-ntlm]', debug: function() { @@ -87,12 +91,6 @@ module.exports = function(options) { return false; } - function handle_unauthorized(request, response, next) { - response.statusCode = 401; - response.setHeader('WWW-Authenticate', 'NTLM'); - response.end(); - } - function connect_to_proxy(type1, callback) { var domain = options.domain, pdc = options.primarydomaincontroller, @@ -218,7 +216,7 @@ module.exports = function(options) { if (!auth_headers) { options.debug(options.prefix, 'No Authorization header present'); - return handle_unauthorized(request, response, next); + return options.handleunauthorized(request, response, next); } var ah_data = decode_http_authorization_header(auth_headers); From 2c97f28e8290ee29fced307bde4c0b6d2d5d28d8 Mon Sep 17 00:00:00 2001 From: Alex B Date: Mon, 23 Apr 2018 12:12:59 -0400 Subject: [PATCH 2/4] simplified names of functions --- lib/express-ntlm.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/express-ntlm.js b/lib/express-ntlm.js index 4c12e72..c25c6b4 100644 --- a/lib/express-ntlm.js +++ b/lib/express-ntlm.js @@ -32,7 +32,7 @@ module.exports = function(options) { forbidden: function(request, response, next) { response.sendStatus(403); }, - handleunauthorized: function(request, response, next) { + unauthorized: function(request, response, next) { response.statusCode = 401; response.setHeader('WWW-Authenticate', 'NTLM'); response.end(); @@ -216,7 +216,7 @@ module.exports = function(options) { if (!auth_headers) { options.debug(options.prefix, 'No Authorization header present'); - return options.handleunauthorized(request, response, next); + return options.unauthorized(request, response, next); } var ah_data = decode_http_authorization_header(auth_headers); From 301a1f58f8b0dbb70c1c1beff788c35e291645e5 Mon Sep 17 00:00:00 2001 From: "A.B" Date: Mon, 23 Apr 2018 12:40:27 -0400 Subject: [PATCH 3/4] added docs for new option --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index b5b4e2c..4514708 100644 --- a/README.md +++ b/README.md @@ -91,6 +91,7 @@ It's not recommended, but it's possible to add NTLM-Authentication without valid | `badrequest` | `function` | `function(request, response, next) { response.sendStatus(400); }` | Function to handle HTTP 400 Bad Request. | | `internalservererror` | `function` | `function(request, response, next) { response.sendStatus(500); }` | Function to handle HTTP 500 Internal Server Error. | | `forbidden` | `function` | `function(request, response, next) { response.sendStatus(403); }` | Function to handle HTTP 403 Forbidden. | +| `unauthorized` | `function` | `function(request, response, next) { response.end() }` | Function to handle HTTP 401 Unauthorized. | | `prefix` | `string` | `[express-ntlm]` | The prefix is the first argument passed to the `debug`-function. | | `debug` | `function` | `function() {}` | Function to log the debug messages. See [logging](#logging) for more details. | | `domain` | `string` | `undefined` | Default domain if the DomainName-field cannot be parsed. | From 330b1712bb94328273e300b08b686b74c8212267 Mon Sep 17 00:00:00 2001 From: Fabio Poloni Date: Tue, 24 Apr 2018 10:08:23 +0200 Subject: [PATCH 4/4] Fixed default value --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4514708..6c78c62 100644 --- a/README.md +++ b/README.md @@ -91,7 +91,7 @@ It's not recommended, but it's possible to add NTLM-Authentication without valid | `badrequest` | `function` | `function(request, response, next) { response.sendStatus(400); }` | Function to handle HTTP 400 Bad Request. | | `internalservererror` | `function` | `function(request, response, next) { response.sendStatus(500); }` | Function to handle HTTP 500 Internal Server Error. | | `forbidden` | `function` | `function(request, response, next) { response.sendStatus(403); }` | Function to handle HTTP 403 Forbidden. | -| `unauthorized` | `function` | `function(request, response, next) { response.end() }` | Function to handle HTTP 401 Unauthorized. | +| `unauthorized` | `function` | `function(request, response, next) { response.statusCode = 401; response.setHeader('WWW-Authenticate', 'NTLM'); response.end(); }` | Function to handle HTTP 401 Unauthorized. | | `prefix` | `string` | `[express-ntlm]` | The prefix is the first argument passed to the `debug`-function. | | `debug` | `function` | `function() {}` | Function to log the debug messages. See [logging](#logging) for more details. | | `domain` | `string` | `undefined` | Default domain if the DomainName-field cannot be parsed. |