From ef73af391f5b98744cbebe43434fc6684ca67bca Mon Sep 17 00:00:00 2001 From: Christopher Pickering Date: Fri, 13 May 2022 12:58:23 -0500 Subject: [PATCH] added option for ntlm authorization --- db/patch-add-other-auth.sql | 17 ++++++++------ package-lock.json | 47 +++++++++++++++++++++++++++++++++++++ package.json | 1 + server/database.js | 1 + server/model/monitor.js | 25 ++++++++++++++++---- server/server.js | 6 +++++ server/util-server.js | 21 +++++++++++++++++ src/pages/EditMonitor.vue | 37 ++++++++++++++++++++--------- 8 files changed, 133 insertions(+), 22 deletions(-) diff --git a/db/patch-add-other-auth.sql b/db/patch-add-other-auth.sql index 93a1064c..b83f1ee7 100644 --- a/db/patch-add-other-auth.sql +++ b/db/patch-add-other-auth.sql @@ -3,13 +3,16 @@ BEGIN TRANSACTION; ALTER TABLE monitor ADD auth_method VARCHAR(250); - COMMIT + ALTER TABLE monitor + ADD auth_domain TEXT; + ALTER TABLE monitor - -BEGIN TRANSACTION; - -UPDATE monitor - SET auth_method = 'basic' - WHERE basic_auth_user is not null + ADD auth_workstation TEXT; COMMIT; + +BEGIN TRANSACTION; + UPDATE monitor + SET auth_method = 'basic' + WHERE basic_auth_user is not null; +COMMIT; diff --git a/package-lock.json b/package-lock.json index 561bdf31..d4635fd5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -17,6 +17,7 @@ "@popperjs/core": "~2.10.2", "args-parser": "~1.3.0", "axios": "~0.26.1", + "axios-ntlm": "^1.3.0", "badge-maker": "^3.3.1", "bcryptjs": "~2.4.3", "bootstrap": "5.1.3", @@ -4129,6 +4130,23 @@ "follow-redirects": "^1.14.8" } }, + "node_modules/axios-ntlm": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/axios-ntlm/-/axios-ntlm-1.3.0.tgz", + "integrity": "sha512-NPNsIMO1SGX5scs3ZWJqsV7iRLvET+DlRl94aZ7Sx14zA8RTQh9EDxsJmxB9cKjardKfp2Vge444uYYLfvWC0Q==", + "dependencies": { + "axios": "^0.21.3", + "dev-null": "^0.1.1" + } + }, + "node_modules/axios-ntlm/node_modules/axios": { + "version": "0.21.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", + "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==", + "dependencies": { + "follow-redirects": "^1.14.0" + } + }, "node_modules/babel-jest": { "version": "27.5.1", "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-27.5.1.tgz", @@ -5938,6 +5956,11 @@ "node": ">=8" } }, + "node_modules/dev-null": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/dev-null/-/dev-null-0.1.1.tgz", + "integrity": "sha1-WiBc48Ky73e2I41roXnrdMag6Bg=" + }, "node_modules/devtools-protocol": { "version": "0.0.948846", "resolved": "https://registry.npmjs.org/devtools-protocol/-/devtools-protocol-0.0.948846.tgz", @@ -19978,6 +20001,25 @@ "follow-redirects": "^1.14.8" } }, + "axios-ntlm": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/axios-ntlm/-/axios-ntlm-1.3.0.tgz", + "integrity": "sha512-NPNsIMO1SGX5scs3ZWJqsV7iRLvET+DlRl94aZ7Sx14zA8RTQh9EDxsJmxB9cKjardKfp2Vge444uYYLfvWC0Q==", + "requires": { + "axios": "^0.21.3", + "dev-null": "^0.1.1" + }, + "dependencies": { + "axios": { + "version": "0.21.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", + "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==", + "requires": { + "follow-redirects": "^1.14.0" + } + } + } + }, "babel-jest": { "version": "27.5.1", "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-27.5.1.tgz", @@ -21376,6 +21418,11 @@ "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", "dev": true }, + "dev-null": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/dev-null/-/dev-null-0.1.1.tgz", + "integrity": "sha1-WiBc48Ky73e2I41roXnrdMag6Bg=" + }, "devtools-protocol": { "version": "0.0.948846", "resolved": "https://registry.npmjs.org/devtools-protocol/-/devtools-protocol-0.0.948846.tgz", diff --git a/package.json b/package.json index e9b7003b..2faf8913 100644 --- a/package.json +++ b/package.json @@ -68,6 +68,7 @@ "@popperjs/core": "~2.10.2", "args-parser": "~1.3.0", "axios": "~0.26.1", + "axios-ntlm": "^1.3.0", "badge-maker": "^3.3.1", "bcryptjs": "~2.4.3", "bootstrap": "5.1.3", diff --git a/server/database.js b/server/database.js index b17e7f4e..58e55826 100644 --- a/server/database.js +++ b/server/database.js @@ -58,6 +58,7 @@ class Database { "patch-monitor-expiry-notification.sql": true, "patch-status-page-footer-css.sql": true, "patch-added-mqtt-monitor.sql": true, + "patch-add-other-auth.sql": { parents: [ "patch-monitor-basic-auth.sql" ] }, }; /** diff --git a/server/model/monitor.js b/server/model/monitor.js index f2d16524..5ef55c28 100644 --- a/server/model/monitor.js +++ b/server/model/monitor.js @@ -7,7 +7,7 @@ dayjs.extend(timezone); const axios = require("axios"); const { Prometheus } = require("../prometheus"); const { log, UP, DOWN, PENDING, flipStatus, TimeLogger } = require("../../src/util"); -const { tcping, ping, dnsResolve, checkCertificate, checkStatusCode, getTotalClientInRoom, setting, mqttAsync } = require("../util-server"); +const { tcping, ping, dnsResolve, checkCertificate, checkStatusCode, getTotalClientInRoom, setting, mqttAsync, httpNtlm } = require("../util-server"); const { R } = require("redbean-node"); const { BeanModel } = require("redbean-node/dist/bean-model"); const { Notification } = require("../notification"); @@ -87,7 +87,10 @@ class Monitor extends BeanModel { mqttUsername: this.mqttUsername, mqttPassword: this.mqttPassword, mqttTopic: this.mqttTopic, - mqttSuccessMessage: this.mqttSuccessMessage + mqttSuccessMessage: this.mqttSuccessMessage, + authMethod: this.authMethod, + authWorkstation: this.authWorkstation, + authDomain: this.authDomain, }; if (includeSensitiveData) { @@ -213,7 +216,7 @@ class Monitor extends BeanModel { // HTTP basic auth let basicAuthHeader = {}; - if (this.basic_auth_user) { + if (this.auth_method === "basic") { basicAuthHeader = { "Authorization": "Basic " + this.encodeBase64(this.basic_auth_user, this.basic_auth_pass), }; @@ -264,7 +267,21 @@ class Monitor extends BeanModel { log.debug("monitor", `[${this.name}] Axios Options: ${JSON.stringify(options)}`); log.debug("monitor", `[${this.name}] Axios Request`); - let res = await axios.request(options); + let res; + if (this.auth_method === "ntlm") { + options.httpsAgent.keepAlive = true; + + res = await httpNtlm(options, { + username: this.basic_auth_user, + password: this.basic_auth_pass, + domain: this.authDomain, + workstation: this.authWorkstation, + }); + + } else { + res = await axios.request(options); + } + bean.msg = `${res.status} - ${res.statusText}`; bean.ping = dayjs().valueOf() - startTime; diff --git a/server/server.js b/server/server.js index 79cb2102..9f3dea24 100644 --- a/server/server.js +++ b/server/server.js @@ -674,6 +674,9 @@ try { bean.mqttPassword = monitor.mqttPassword; bean.mqttTopic = monitor.mqttTopic; bean.mqttSuccessMessage = monitor.mqttSuccessMessage; + bean.authMethod = monitor.authMethod; + bean.authWorkstation = monitor.authWorkstation; + bean.authDomain = monitor.authDomain; await R.store(bean); @@ -1247,8 +1250,11 @@ try { method: monitorListData[i].method || "GET", body: monitorListData[i].body, headers: monitorListData[i].headers, + authMethod: monitorListData[i].authMethod, basic_auth_user: monitorListData[i].basic_auth_user, basic_auth_pass: monitorListData[i].basic_auth_pass, + authWorkstation: monitorListData[i].authWorkstation, + authDomain: monitorListData[i].authDomain, interval: monitorListData[i].interval, retryInterval: retryInterval, hostname: monitorListData[i].hostname, diff --git a/server/util-server.js b/server/util-server.js index 54974e14..e782cdf0 100644 --- a/server/util-server.js +++ b/server/util-server.js @@ -10,6 +10,7 @@ const chardet = require("chardet"); const mqtt = require("mqtt"); const chroma = require("chroma-js"); const { badgeConstants } = require("./config"); +const { NtlmClient } = require("axios-ntlm"); // From ping-lite exports.WIN = /^win/.test(process.platform); @@ -172,6 +173,26 @@ exports.mqttAsync = function (hostname, topic, okMessage, options = {}) { }); }; +/** + * Use NTLM Auth for a http request. + * @param {Object} options The http request options + * @param {Object} ntlmOptions The auth options + * @returns {Promise<(string[]|Object[]|Object)>} + */ +exports.httpNtlm = function (options, ntlmOptions) { + return new Promise((resolve, reject) => { + let client = NtlmClient(ntlmOptions); + + client(options) + .then((resp) => { + resolve(resp); + }) + .catch((err) => { + reject(err); + }); + }); +}; + /** * Resolves a given record using the specified DNS server * @param {string} hostname The hostname of the record to lookup diff --git a/src/pages/EditMonitor.vue b/src/pages/EditMonitor.vue index b42c285c..ab018d77 100644 --- a/src/pages/EditMonitor.vue +++ b/src/pages/EditMonitor.vue @@ -358,24 +358,39 @@
+