mirror of
				https://github.com/jellyfin/jellyfin-kodi.git
				synced 2025-10-21 16:56:07 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			115 lines
		
	
	
	
		
			4.4 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
			
		
		
	
	
			115 lines
		
	
	
	
		
			4.4 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
| """
 | |
| NTLM authenticating pool, contributed by erikcederstran
 | |
| 
 | |
| Issue #10, see: http://code.google.com/p/urllib3/issues/detail?id=10
 | |
| """
 | |
| from __future__ import absolute_import
 | |
| 
 | |
| try:
 | |
|     from http.client import HTTPSConnection
 | |
| except ImportError:
 | |
|     from httplib import HTTPSConnection
 | |
| from logging import getLogger
 | |
| from ntlm import ntlm
 | |
| 
 | |
| from urllib3 import HTTPSConnectionPool
 | |
| 
 | |
| 
 | |
| log = getLogger(__name__)
 | |
| 
 | |
| 
 | |
| class NTLMConnectionPool(HTTPSConnectionPool):
 | |
|     """
 | |
|     Implements an NTLM authentication version of an urllib3 connection pool
 | |
|     """
 | |
| 
 | |
|     scheme = 'https'
 | |
| 
 | |
|     def __init__(self, user, pw, authurl, *args, **kwargs):
 | |
|         """
 | |
|         authurl is a random URL on the server that is protected by NTLM.
 | |
|         user is the Windows user, probably in the DOMAIN\\username format.
 | |
|         pw is the password for the user.
 | |
|         """
 | |
|         super(NTLMConnectionPool, self).__init__(*args, **kwargs)
 | |
|         self.authurl = authurl
 | |
|         self.rawuser = user
 | |
|         user_parts = user.split('\\', 1)
 | |
|         self.domain = user_parts[0].upper()
 | |
|         self.user = user_parts[1]
 | |
|         self.pw = pw
 | |
| 
 | |
|     def _new_conn(self):
 | |
|         # Performs the NTLM handshake that secures the connection. The socket
 | |
|         # must be kept open while requests are performed.
 | |
|         self.num_connections += 1
 | |
|         log.debug('Starting NTLM HTTPS connection no. %d: https://%s%s' %
 | |
|                   (self.num_connections, self.host, self.authurl))
 | |
| 
 | |
|         headers = {}
 | |
|         headers['Connection'] = 'Keep-Alive'
 | |
|         req_header = 'Authorization'
 | |
|         resp_header = 'www-authenticate'
 | |
| 
 | |
|         conn = HTTPSConnection(host=self.host, port=self.port)
 | |
| 
 | |
|         # Send negotiation message
 | |
|         headers[req_header] = (
 | |
|             'NTLM %s' % ntlm.create_NTLM_NEGOTIATE_MESSAGE(self.rawuser))
 | |
|         log.debug('Request headers: %s' % headers)
 | |
|         conn.request('GET', self.authurl, None, headers)
 | |
|         res = conn.getresponse()
 | |
|         reshdr = dict(res.getheaders())
 | |
|         log.debug('Response status: %s %s' % (res.status, res.reason))
 | |
|         log.debug('Response headers: %s' % reshdr)
 | |
|         log.debug('Response data: %s [...]' % res.read(100))
 | |
| 
 | |
|         # Remove the reference to the socket, so that it can not be closed by
 | |
|         # the response object (we want to keep the socket open)
 | |
|         res.fp = None
 | |
| 
 | |
|         # Server should respond with a challenge message
 | |
|         auth_header_values = reshdr[resp_header].split(', ')
 | |
|         auth_header_value = None
 | |
|         for s in auth_header_values:
 | |
|             if s[:5] == 'NTLM ':
 | |
|                 auth_header_value = s[5:]
 | |
|         if auth_header_value is None:
 | |
|             raise Exception('Unexpected %s response header: %s' %
 | |
|                             (resp_header, reshdr[resp_header]))
 | |
| 
 | |
|         # Send authentication message
 | |
|         ServerChallenge, NegotiateFlags = \
 | |
|             ntlm.parse_NTLM_CHALLENGE_MESSAGE(auth_header_value)
 | |
|         auth_msg = ntlm.create_NTLM_AUTHENTICATE_MESSAGE(ServerChallenge,
 | |
|                                                          self.user,
 | |
|                                                          self.domain,
 | |
|                                                          self.pw,
 | |
|                                                          NegotiateFlags)
 | |
|         headers[req_header] = 'NTLM %s' % auth_msg
 | |
|         log.debug('Request headers: %s' % headers)
 | |
|         conn.request('GET', self.authurl, None, headers)
 | |
|         res = conn.getresponse()
 | |
|         log.debug('Response status: %s %s' % (res.status, res.reason))
 | |
|         log.debug('Response headers: %s' % dict(res.getheaders()))
 | |
|         log.debug('Response data: %s [...]' % res.read()[:100])
 | |
|         if res.status != 200:
 | |
|             if res.status == 401:
 | |
|                 raise Exception('Server rejected request: wrong '
 | |
|                                 'username or password')
 | |
|             raise Exception('Wrong server response: %s %s' %
 | |
|                             (res.status, res.reason))
 | |
| 
 | |
|         res.fp = None
 | |
|         log.debug('Connection established')
 | |
|         return conn
 | |
| 
 | |
|     def urlopen(self, method, url, body=None, headers=None, retries=3,
 | |
|                 redirect=True, assert_same_host=True):
 | |
|         if headers is None:
 | |
|             headers = {}
 | |
|         headers['Connection'] = 'Keep-Alive'
 | |
|         return super(NTLMConnectionPool, self).urlopen(method, url, body,
 | |
|                                                        headers, retries,
 | |
|                                                        redirect,
 | |
|                                                        assert_same_host)
 |