my findings, see jlguenego/node-expose-sspi#117 (comment)

back/package.json

@@ -21,27 +21,28 @@
     "posttest": "npm run lint"
   },
   "dependencies": {
-    "cors": "^2.8.5",
-    "express": "^4.17.1",
-    "express-session": "^1.17.1",
-    "nodemon": "^2.0.6",
-    "serve-index": "^1.9.1",
+    "@cspotcode/source-map": "^0.8.0",
     "@jlguenego/asn.1": "^0.0.4",
     "@types/node-fetch": "^2.5.7",
+    "cors": "^2.8.5",
     "debug": "^4.3.1",
+    "express": "^4.17.1",
+    "express-session": "^1.17.1",
     "http-errors": "^1.8.0",
     "node-fetch": "3.0.0-beta.9",
-    "ntlm-parser": "^1.0.9"
+    "nodemon": "^2.0.6",
+    "ntlm-parser": "^1.0.9",
+    "serve-index": "^1.9.1"
   },
   "devDependencies": {
-	"@types/cors": "^2.8.8",
+    "@types/cors": "^2.8.8",
     "@types/debug": "^4.1.5",
     "@types/express": "^4.17.9",
     "@types/express-session": "^1.17.2",
     "@types/http-auth": "^4.1.0",
     "@types/http-errors": "^1.8.0",
     "@types/mocha": "^7.0.2",
-	"@types/node": "^14.11.2",
+    "@types/node": "^14.11.2",
     "@types/serve-index": "^1.7.30",
     "ejs": "^3.1.5",
     "eslint-plugin-mocha": "^8.1.0",
@@ -64,5 +65,4 @@
     "typedoc-plugin-markdown": "^2.4.2",
     "typescript": "^4.2.3"
   }
-
 }

back/src/server.ts

@@ -2,15 +2,15 @@ import express = require('express');
 import serveIndex = require('serve-index');
 import session = require('express-session');
 import {sso, sspi, UserCredential, AcceptSecurityContextInput} from 'F:/Apps/ng/angular-sso-example/back/lib/node-expose-sspi/src/index';
-const { impersonateLoggedOnUser,  revertToSelf, logonUser} = require('F:\\Apps\\ng\\angular-sso-example\\back\\build\\Release\\users.node');
+const { impersonateLoggedOnUser, impersonateLoggedOnUserSSPI, revertToSelf, logonUser} = require('F:\\Apps\\ng\\angular-sso-example\\back\\build\\Release\\users.node');
 import cors from 'cors';
 import os = require('os');
 const fs = require('fs');
 const util = require('util');
 const exec = util.promisify(require('child_process').exec);
 const MAX_BUFFER_SIZE = 2000 * 1024;
 const app = express();
-
+	
 app.use((req, res, next) => {
   console.log('req.url', req.url);
   console.log('origin', req.headers.origin);
@@ -40,7 +40,8 @@ app.use(
   })
 );
 
-app.use('/mysso/ws/logonUser', (req, res, next) => {
+app.use('/mysso/ws/logonUser', async (req, res, next) => {
+try{
 	console.log('userInfo now %o', os.userInfo()); 
 	// it shows the process_owner that is different from myuser
 	console.log('user %s domain %s',
@@ -49,10 +50,9 @@ app.use('/mysso/ws/logonUser', (req, res, next) => {
 	);
 	const logon_ticket = logonUser(
 		  process.env.myuser, 
-		  process.env.mypassword,
 		  process.env.mydomain,
-		  // all the others give error "The user name or password is incorrect."
-		  9, //  LogonType.LOGON32_LOGON_NEW_CREDENTIALS ,
+		  process.env.mypassword,
+		  2, 
 		  // it has no effect as impersonation 
 		  /*
 	export enum LogonType {
@@ -75,10 +75,52 @@ app.use('/mysso/ws/logonUser', (req, res, next) => {
 		  */
 		  0 // instead of 3, // LogonProvider.WINNT50
 		);
-	impersonateLoggedOnUser(logon_ticket);
-	console.log('userInfo now %o ticket %o', os.userInfo(), logon_ticket); 
+
+
+
+	const imp_res = impersonateLoggedOnUser(logon_ticket);
+	console.log('impersonateLoggedOnUser %s', imp_res);
+
+	// os.userInfo() throws
+	// "A system error occurred: uv_os_get_passwd returned EPERM (operation not permitted)"
+	// console.log('userInfo now %o', os.userInfo());
+
+
+	fs.writeFile('helloworld.txt', 'Hello World!', function (err: any) {
+	  if (err) 
+		{
+			console.error('%s', err.message);
+			res.json({ error: err.message});
+			return;
+		}
+	  console.log('Hello World > helloworld.txt');
+	  res.json({ file: 'written'});
+	});
+
+  const callback =  (ret:any) => 
+	{
+		console.log('revertToSelf');
+		revertToSelf();
+		console.log('return json');
+		return res.json(ret);
+	}
+  // sqlite test	
+  //const db = DBLayer.sqlite_connect(callback);
+  // TEST 2 sqlite connection: 'SQLITE_CANTOPEN: unable to open database file'
+  // ms sql test
+  // const db = await DBLayer.mssql_connect(callback);
+
+
+    // revertToSelf();	
+	// console.log('userInfo now %o ticket %o', os.userInfo(), logon_ticket); 
 	// problem: it still shows the process owner that is different from myuser! 
-	 res.json({test:'OK?', userInfo:os.userInfo()});
+	 // res.json({test:'OK?', userInfo:os.userInfo()});
+	 return;
+} catch (err: any) {
+	console.error('logon err', err);
+	res.json({ error: err.message});
+}
+
 });
 
 app.use('/mysso/ws/protected', sso.auth(),  (req, res, next) => {
@@ -172,10 +214,12 @@ app.use('/mysso/ws/protected/secret', async (req, res) => {
 	//schManager.set(req, serverContextHandle);
 	//sspi.ImpersonateSecurityContext(serverContextHandle);
 	const new_access_token = sspi.OpenThreadToken();
-	impersonateLoggedOnUser(new_access_token);
+	const result_new_access_token = impersonateLoggedOnUserSSPI(new_access_token);
+	console.log('result_new_access_token %s', result_new_access_token)
+
 	// TEST 1 impersonateLoggedOnUser : 'Access is denied.'
-	sspi.RevertSecurityContext(serverContextHandle);
-	sspi.CloseHandle(new_access_token);
+	// sspi.RevertSecurityContext(serverContextHandle);
+	// sspi.CloseHandle(new_access_token);
 
 	}
   }
@@ -184,7 +228,7 @@ app.use('/mysso/ws/protected/secret', async (req, res) => {
 		  //res.json({error: error.message});
 		  // try DBLayer anyway
 		}
-  console.log('impersonateLoggedOnUser done %o', os.userInfo()); // %o', handle_str);
+  console.log('impersonateLoggedOnUser done'); // %o', handle_str);
   const callback =  (ret:any) => 
 	{
 		console.log('revertToSelf');
@@ -193,10 +237,10 @@ app.use('/mysso/ws/protected/secret', async (req, res) => {
 		return res.json(ret);
 	}
   // sqlite test	
-  // const db = DBLayer.sqlite_connect(callback);
+  const db = DBLayer.sqlite_connect(callback);
   // TEST 2 sqlite connection: 'SQLITE_CANTOPEN: unable to open database file'
   // ms sql test
-  const db = await DBLayer.mssql_connect(callback);
+  // const db = await DBLayer.mssql_connect(callback);
   } else {
 	res.json({hello: username, authorized: false});
   }