Create a node module:
mkdir project
cd project
npm init -y
npm i express node-expose-sspi
First we need an HTTP server that wants to authenticate with a Negotiate protocol (NTLM and Kerberos).
By chance, we can have one with node-expose-sspi.
Note: If you have already your own server, you don't need this one.
Create the server.js:
const express = require('express');
const { sso } = require('node-expose-sspi');
const app = express();
app.use(sso.auth());
app.use((req, res) => {
res.json({
sso: req.sso.user.displayName,
});
});
app.listen(3000, () =>
console.log('Server started on port 3000')
);Create an client.js script with the following content:
const { sso } = require('node-expose-sspi');
(async () => {
try {
const response = await new sso.Client().fetch('http://localhost:3000');
const json = await response.json();
console.log('json: ', json);
} catch (e) {
console.error(e);
}
})();You need a first terminal for the server, and second one for running the client.
node server.jsThe script output:
Server started on port 3000
node client.jsYou should have this output:
json: { sso: 'Jean-Louis GUÉNÉGO' }
Of course, this will be your windows account display name. Not mine 😄
sso.Client is a Javascript class with fetch method.
The sso.Client.fetch method exactly works as the node-fetch utility, which is completed by:
- Negotiate, Kerberos, NTLM protocol
- Cookies management
The client can be configured:
setSSP(): set NTLM, Kerberos, or Negotiate.setCredentials(): set the credentials of another user.setTargetName(): set the Service Principal Name to be what you need exactly. Useful for doing Kerberos onlocalhostfor instance. Browsers cannot do that.
Thanks to the node-fetch project.
More information on the fetch API on the MDN website.
Jean-Louis GUENEGO [email protected]