search

lehh / nestjs-soap

Nestjs module wrapper for soap npm package
MIT License
21 stars 14 forks source link

Does nestjs-soap supports NTLM authentication? #36

Open sergiuturus opened 11 months ago

sergiuturus commented 11 months ago

I'm trying to consume a SOAP-based web service using this package (great work btw!). The API requires NTLM based authentication, which the base soap package supports, but I'm not sure how to implement that kind of auth standard using your module wrapper. 

SoapModule.forRootAsync(
  { 
   ...
    useFactory: async (
      configService: ConfigService,
    ): Promise<SoapModuleOptions> => ({
      uri: configService.get<string>('soap.uri'),
      auth: {
        type: 'basic',                 // <-- 'ntlm' ?
        username: configService.get<string>('soap.username'),
        password: configService.get<string>('soap.password'),
      },
    }),        
  }
),

Please advise

lehh commented 11 months ago

Hello,

Thanks for bringing this up. I don't believe nestjs-soap currently supports this authentication method. I'm out of town right now, so I can't take a proper look. But feel free to open a PR if you feel like so.

Otherwise, I will only be able to take a look at this next week.

sergiuturus commented 11 months ago

Hi there,

I'd really appreciate if you can take a look at and get back to me. Would love to know if I can count on this package in my further development!

lehh commented 10 months ago

Hello @sergiuturus, sorry for the delay about this issue.

I've opened a PR #37 with the implementation of the NTLM auth. Could you test it? I don't know a SOAP endpoint with this kind of authentication. Also, do you know whether the domain or workspace are required fields or not?

Thanks!

ZiP0iP commented 5 months ago

Hello @sergiuturus, sorry for the delay about this issue.

I've opened a PR #37 with the implementation of the NTLM auth. Could you test it? I don't know a SOAP endpoint with this kind of authentication. Also, do you know whether the domain or workspace are required fields or not?

Thanks!

Good afternoon. I checked your changes to support ntlm. But it still doesn't work. I also tried to disable SSL validation

SoapModule.forRootAsync(
            {
                clientName: "expert",
                imports: [ConfigModule],
                inject: [ConfigService],
                useFactory: async (
                    configService: ConfigService,
                ): Promise<SoapModuleOptions> => ({
                    uri: configService.get<string>("expert.uri"),
                    clientName: "expert",
                    auth: {
                        type: "ntlm",
                        username: configService.get<string>("expert.username"),
                        password: configService.get<string>("techexpert.password"),
                        options: {
                            domain: configService.get<string>("expert.domain"),
                        }
                    },
                    clientOptions: {
                        wsdl_options: {
                            httpsAgent: new https.Agent({
                                rejectUnauthorized: false
                            }),
                        },
                        returnFault: true
                    }
                })
            }
        )

But in the end I get an error.

Code: 401 Response Body: Authorization required

lehh commented 4 months ago

Hello @ZiP0iP

Unless I have the SOAP service with NTLM auth to test, I don't think I will be of much use here.

Nevertheless, I've added more verbose logs to help debugging.

I suggest testing with the npm soap package to check if it works there directly. If it works, please share the code you used so I can take a look and see what I could have done wrong.

I will need some help to debug that :).