nestjs-soap icon indicating copy to clipboard operation
nestjs-soap copied to clipboard

Published 20 hours ago verified publisher icon lehh

Does nestjs-soap supports NTLM authentication?

Open sergiuturus opened this issue 1 year ago • 5 comments

I'm trying to consume a SOAP-based web service using this package (great work btw!). The API requires NTLM based authentication, which the base soap package supports, but I'm not sure how to implement that kind of auth standard using your module wrapper.

SoapModule.forRootAsync(
  { 
   ...
    useFactory: async (
      configService: ConfigService,
    ): Promise<SoapModuleOptions> => ({
      uri: configService.get<string>('soap.uri'),
      auth: {
        type: 'basic',                 // <-- 'ntlm' ?
        username: configService.get<string>('soap.username'),
        password: configService.get<string>('soap.password'),
      },
    }),        
  }
),

Please advise

sergiuturus avatar Oct 06 '23 07:10 sergiuturus

Hello,

Thanks for bringing this up. I don't believe nestjs-soap currently supports this authentication method. I'm out of town right now, so I can't take a proper look. But feel free to open a PR if you feel like so.

Otherwise, I will only be able to take a look at this next week.

lehh avatar Oct 06 '23 17:10 lehh

Hi there,

I'd really appreciate if you can take a look at and get back to me. Would love to know if I can count on this package in my further development!

sergiuturus avatar Oct 06 '23 18:10 sergiuturus

Hello @sergiuturus, sorry for the delay about this issue.

I've opened a PR #37 with the implementation of the NTLM auth. Could you test it? I don't know a SOAP endpoint with this kind of authentication. Also, do you know whether the domain or workspace are required fields or not?

Thanks!

lehh avatar Oct 27 '23 14:10 lehh

Hello @sergiuturus, sorry for the delay about this issue.

I've opened a PR #37 with the implementation of the NTLM auth. Could you test it? I don't know a SOAP endpoint with this kind of authentication. Also, do you know whether the domain or workspace are required fields or not?

Thanks!

Good afternoon. I checked your changes to support ntlm. But it still doesn't work. I also tried to disable SSL validation

SoapModule.forRootAsync(
            {
                clientName: "expert",
                imports: [ConfigModule],
                inject: [ConfigService],
                useFactory: async (
                    configService: ConfigService,
                ): Promise<SoapModuleOptions> => ({
                    uri: configService.get<string>("expert.uri"),
                    clientName: "expert",
                    auth: {
                        type: "ntlm",
                        username: configService.get<string>("expert.username"),
                        password: configService.get<string>("techexpert.password"),
                        options: {
                            domain: configService.get<string>("expert.domain"),
                        }
                    },
                    clientOptions: {
                        wsdl_options: {
                            httpsAgent: new https.Agent({
                                rejectUnauthorized: false
                            }),
                        },
                        returnFault: true
                    }
                })
            }
        )

But in the end I get an error.

Code: 401 Response Body: Authorization required

  • An error occurred while creating the soap client. Check the SOAP service URL and status.

ZiP0iP avatar Apr 03 '24 09:04 ZiP0iP

Hello @ZiP0iP

Unless I have the SOAP service with NTLM auth to test, I don't think I will be of much use here.

Nevertheless, I've added more verbose logs to help debugging.

I suggest testing with the npm soap package to check if it works there directly. If it works, please share the code you used so I can take a look and see what I could have done wrong.

I will need some help to debug that :).

lehh avatar Apr 20 '24 16:04 lehh