1
1
Fork 0
mirror of https://github.com/pypa/pip synced 2023-12-13 21:30:23 +01:00
pip/src/pip/_vendor/urllib3/contrib/ntlmpool.py

122 lines
4.1 KiB
Python
Raw Normal View History

2013-08-15 15:33:47 +02:00
"""
NTLM authenticating pool, contributed by erikcederstran
Issue #10, see: http://code.google.com/p/urllib3/issues/detail?id=10
"""
2016-01-19 00:28:54 +01:00
from __future__ import absolute_import
2013-08-15 15:33:47 +02:00
from logging import getLogger
2020-11-19 15:20:52 +01:00
2013-08-15 15:33:47 +02:00
from ntlm import ntlm
from .. import HTTPSConnectionPool
from ..packages.six.moves.http_client import HTTPSConnection
2013-08-15 15:33:47 +02:00
log = getLogger(__name__)
class NTLMConnectionPool(HTTPSConnectionPool):
"""
Implements an NTLM authentication version of an urllib3 connection pool
"""
2019-10-09 16:16:37 +02:00
scheme = "https"
2013-08-15 15:33:47 +02:00
def __init__(self, user, pw, authurl, *args, **kwargs):
"""
authurl is a random URL on the server that is protected by NTLM.
user is the Windows user, probably in the DOMAIN\\username format.
pw is the password for the user.
"""
super(NTLMConnectionPool, self).__init__(*args, **kwargs)
self.authurl = authurl
self.rawuser = user
2019-10-09 16:16:37 +02:00
user_parts = user.split("\\", 1)
2013-08-15 15:33:47 +02:00
self.domain = user_parts[0].upper()
self.user = user_parts[1]
self.pw = pw
def _new_conn(self):
# Performs the NTLM handshake that secures the connection. The socket
# must be kept open while requests are performed.
self.num_connections += 1
2019-10-09 16:16:37 +02:00
log.debug(
"Starting NTLM HTTPS connection no. %d: https://%s%s",
self.num_connections,
self.host,
self.authurl,
)
2013-08-15 15:33:47 +02:00
2019-10-09 16:16:37 +02:00
headers = {"Connection": "Keep-Alive"}
req_header = "Authorization"
resp_header = "www-authenticate"
2013-08-15 15:33:47 +02:00
conn = HTTPSConnection(host=self.host, port=self.port)
# Send negotiation message
2019-10-09 16:16:37 +02:00
headers[req_header] = "NTLM %s" % ntlm.create_NTLM_NEGOTIATE_MESSAGE(
self.rawuser
)
log.debug("Request headers: %s", headers)
conn.request("GET", self.authurl, None, headers)
2013-08-15 15:33:47 +02:00
res = conn.getresponse()
reshdr = dict(res.getheaders())
2019-10-09 16:16:37 +02:00
log.debug("Response status: %s %s", res.status, res.reason)
log.debug("Response headers: %s", reshdr)
log.debug("Response data: %s [...]", res.read(100))
2013-08-15 15:33:47 +02:00
# Remove the reference to the socket, so that it can not be closed by
# the response object (we want to keep the socket open)
res.fp = None
# Server should respond with a challenge message
2019-10-09 16:16:37 +02:00
auth_header_values = reshdr[resp_header].split(", ")
2013-08-15 15:33:47 +02:00
auth_header_value = None
for s in auth_header_values:
2019-10-09 16:16:37 +02:00
if s[:5] == "NTLM ":
2013-08-15 15:33:47 +02:00
auth_header_value = s[5:]
if auth_header_value is None:
2019-10-09 16:16:37 +02:00
raise Exception(
"Unexpected %s response header: %s" % (resp_header, reshdr[resp_header])
)
2013-08-15 15:33:47 +02:00
# Send authentication message
2019-10-09 16:16:37 +02:00
ServerChallenge, NegotiateFlags = ntlm.parse_NTLM_CHALLENGE_MESSAGE(
auth_header_value
)
auth_msg = ntlm.create_NTLM_AUTHENTICATE_MESSAGE(
ServerChallenge, self.user, self.domain, self.pw, NegotiateFlags
)
headers[req_header] = "NTLM %s" % auth_msg
log.debug("Request headers: %s", headers)
conn.request("GET", self.authurl, None, headers)
2013-08-15 15:33:47 +02:00
res = conn.getresponse()
2019-10-09 16:16:37 +02:00
log.debug("Response status: %s %s", res.status, res.reason)
log.debug("Response headers: %s", dict(res.getheaders()))
log.debug("Response data: %s [...]", res.read()[:100])
2013-08-15 15:33:47 +02:00
if res.status != 200:
if res.status == 401:
2020-01-21 08:49:56 +01:00
raise Exception("Server rejected request: wrong username or password")
2019-10-09 16:16:37 +02:00
raise Exception("Wrong server response: %s %s" % (res.status, res.reason))
2013-08-15 15:33:47 +02:00
res.fp = None
2019-10-09 16:16:37 +02:00
log.debug("Connection established")
2013-08-15 15:33:47 +02:00
return conn
2019-10-09 16:16:37 +02:00
def urlopen(
self,
method,
url,
body=None,
headers=None,
retries=3,
redirect=True,
assert_same_host=True,
):
2013-08-15 15:33:47 +02:00
if headers is None:
headers = {}
2019-10-09 16:16:37 +02:00
headers["Connection"] = "Keep-Alive"
return super(NTLMConnectionPool, self).urlopen(
method, url, body, headers, retries, redirect, assert_same_host
)