mrbbot / ntlm

🔐 NTLM authentication for Dart/Flutter.
https://pub.dev/packages/ntlm
The Unlicense
14 stars 15 forks source link

authentication error for flutter web #18

Open eae1212 opened 3 years ago

eae1212 commented 3 years ago

Hi, I'm working on cross-platform app. It uses Sharepoint 2013 REST API. Mobile app (android) and windows app authenticates correctly. The onle problem is in web app. I've installed CORS module in IIS, and performed all recomendations about Responce headers. Preflight query OPTIONS is success, HTTP 204. Web app fails with HTTP 401 and message "Unsupported operation: Uint64 accessor not supported by dart2js."

Please, help me

mrbbot commented 3 years ago

Hello. 👋

I'll try look into this either today or tomorrow. Does the error only show up when running a release build, or do you get it during development too? Could you also provide the full stack trace for the error?

Thanks!

eae1212 commented 3 years ago

Hello, Yes, this error occurs in release mode. During debug I see just HTTP 401 without any additional messages

mrbbot commented 3 years ago

Thanks again for reporting this issue. I think I've fixed it. You'll have to update your pubspec.yaml to point to a specific branch of this repository for now:

dependencies:
  ntlm:
    git:
      url: git://github.com/mrbbot/ntlm.git
      ref: issue-18-remove-set-uint64

Please let me know if this works for you.

eae1212 commented 3 years ago

Well, previos error is gone. But still unsuccessful authentication. Chrome does not show errors, but Firefox does: FormatException: Invalid character (at character 337) main.dart.js:5008:78 ...GwAZQB0AGUALgByAHUABQAWAGMAbwBtAHAAbABlAHQAZQAuAHIAdQAHAAgAqG8J8VpL1wEAAAAA

All queries are successfull from windows or android app. May be I should change something in CORS ? ^

ntlm-error

RSPONSE: HTTP/1.1 401 Unauthorized Cache-Control: private Content-Length: 0 Vary: Origin SPRequestGuid: 40e4c89f-86eb-10ac-1aa9-68294525bd22 request-id: 40e4c89f-86eb-10ac-1aa9-68294525bd22 X-FRAME-OPTIONS: SAMEORIGIN SPRequestDuration: 4 SPIisLatency: 5 Access-Control-Allow-Origin: http://xxxtest2013:8101 Access-Control-Allow-Credentials: true Access-Control-Expose-Headers: WWW-Authenticate X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET WWW-Authenticate: NTLM TlRMTVNTUAACAAAAEAAQADgAAAAFgomig7mzKsChsj0AAAAAAAAAALQAtABIAAAABgOAJQAAAA9DAE8ATQBQAEwARQBUAEUAAgAQAEMATwBNAFAATABFAFQARQABAB4AVgBNAFMAUABCAFMAUABUAEUAUwBUADIAMAAxADMABAAWAGMAbwBtAHAAbABlAHQAZQAuAHIAdQADADYAdgBtAHMAcABiAFMAUABUAEUAUwBUADIAMAAxADMALgBjAG8AbQBwAGwAZQB0AGUALgByAHUABQAWAGMAbwBtAHAAbABlAHQAZQAuAHIAdQAHAAgA02QKIF5L1wEAAAAA WWW-Authenticate: Basic realm="xxxtest2013.complete.ru" X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly MicrosoftSharePointTeamServices: 15.0.0.4911 Date: Mon, 17 May 2021 20:49:26 GMT

REQUEST: GET /_api/Web/siteusers(@v)?@v=%27i%3A0%23.w%7Ccomplete%5Csptest2%27 HTTP/1.1 Host: xxxtest2013.complete.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0 Accept: application/json;odata=verbose Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate authorization: NTLM TlRMTVNTUAABAAAAB5IIoggACAAoAAAAAAAAAAAAAAAFAQAAAA9DT01QTEVURQAA Origin: http://xxxtest2013:8101 Connection: keep-alive Referer: http://xxxtest2013:8101/

mrbbot commented 3 years ago

Interesting... does your username or password have any cyrillic symbols in it? Is authentication successful in Chrome or does it just not show any errors?

eae1212 commented 3 years ago

my login/password contains latin symbols only. Authentication failed in Chrome, FF, Edge.

mrbbot commented 3 years ago

Sorry I haven't replied in a while, just finished exams. Have you made any progress?

eae1212 commented 3 years ago

No, I haven't any progress