Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Introduce pluggable authentication providers. #624

Open
wants to merge 43 commits into
base: master
Choose a base branch
from
Open

feat: Introduce pluggable authentication providers. #624

wants to merge 43 commits into from

Commits on Oct 13, 2017

  1. feat: Introduce pluggable authentication providers.

    @arthurschreiber
    arthurschreiber committed Oct 13, 2017
    Configuration menu
    Copy the full SHA
    f9d62aa View commit details
    Browse the repository at this point in the history

Commits on Oct 14, 2017

  1. refactor: Simplify state machine states. 

    This merges the `SENT_LOGIN7_WITH_STANDARD_LOGIN`,
`SENT_LOGIN7_WITH_NTLM` and `SENT_NTLM_RESPONSE` states into a single
`SENT_LOGIN7` state.
    @arthurschreiber
    arthurschreiber committed Oct 14, 2017
    Configuration menu
    Copy the full SHA
    f985bf9 View commit details
    Browse the repository at this point in the history

  2. fix: Bring back backwards-compatibility for NTLM domain login options.

    @arthurschreiber
    arthurschreiber committed Oct 14, 2017
    Configuration menu
    Copy the full SHA
    b6d9b92 View commit details
    Browse the repository at this point in the history

  3. refactor: Clean up some more NTLM auth related code.

    @arthurschreiber
    arthurschreiber committed Oct 14, 2017
    Configuration menu
    Copy the full SHA
    de12fa2 View commit details
    Browse the repository at this point in the history

  4. test: Add tests for the default auth provider.

    @arthurschreiber
    arthurschreiber committed Oct 14, 2017
    Configuration menu
    Copy the full SHA
    408ecb8 View commit details
    Browse the repository at this point in the history

  5. fix: Improve domain and workstation handling in the NTLM auth provider. 

    Both domain and workstation are optional according to the MS-NLMP
specification, so we should not require a domain to be given.

This should improve/ease the use of NTLM auth with Azure SQL Server.
    @arthurschreiber
    arthurschreiber committed Oct 14, 2017
    Configuration menu
    Copy the full SHA
    2027aa3 View commit details
    Browse the repository at this point in the history

  6. test: Add an initial set of tests for the NTLM auth provider.

    @arthurschreiber
    arthurschreiber committed Oct 14, 2017
    Configuration menu
    Copy the full SHA
    680cfd6 View commit details
    Browse the repository at this point in the history

  7. refactor: Rename the "SSPI" auth provider to "native". 

    SSPI is the interface name / API that's used for all authentication
providers.. "native" is a more fitting name because it depends on the
operating system's native APIs to provide security support.
    @arthurschreiber
    arthurschreiber committed Oct 14, 2017
    Configuration menu
    Copy the full SHA
    534d789 View commit details
    Browse the repository at this point in the history

  8. refactor: Move challenge parsing into NTLMAuthProvider.

    @arthurschreiber
    arthurschreiber committed Oct 14, 2017
    Configuration menu
    Copy the full SHA
    85db9e6 View commit details
    Browse the repository at this point in the history

Commits on Oct 17, 2017

  1. fix : NTLM connection failure

    Suraiya Hameed committed Oct 17, 2017
    Configuration menu
    Copy the full SHA
    3d22897 View commit details
    Browse the repository at this point in the history

  2. refactor: removing authProvider specific options

    Suraiya Hameed committed Oct 17, 2017
    Configuration menu
    Copy the full SHA
    7908ef6 View commit details
    Browse the repository at this point in the history

Commits on Oct 18, 2017

  1. fix: windows integrated auth

    Suraiya Hameed committed Oct 18, 2017
    Configuration menu
    Copy the full SHA
    41c0118 View commit details
    Browse the repository at this point in the history

  2. refactor: update tests to use connection options

    Suraiya Hameed committed Oct 18, 2017
    Configuration menu
    Copy the full SHA
    e3f4839 View commit details
    Browse the repository at this point in the history

Commits on Oct 21, 2017

  1. fix: sspi token parser test

    Suraiya Hameed committed Oct 21, 2017
    Configuration menu
    Copy the full SHA
    f236c50 View commit details
    Browse the repository at this point in the history

  2. feature: Bring back auth provider specific configuration options. 

    Each auth provider can have different configuration options, and by
keeping them specific to each provider, we can make sure the list of
options that can be passed to the tedious constructor does not grow any
larger than it already is.

Also remove the native auth provider specific `securityPackage` option.
    @arthurschreiber
    arthurschreiber committed Oct 21, 2017
    Configuration menu
    Copy the full SHA
    80f7e64 View commit details
    Browse the repository at this point in the history

  3. test: fix the default auth provider test file name.

    @arthurschreiber
    arthurschreiber committed Oct 21, 2017
    Configuration menu
    Copy the full SHA
    e953f6a View commit details
    Browse the repository at this point in the history

  4. refactor: Improve the NTLM auth provider code.

    @arthurschreiber
    arthurschreiber committed Oct 21, 2017
    Configuration menu
    Copy the full SHA
    cf8757c View commit details
    Browse the repository at this point in the history

  5. test: Fix the default auth provider test case.

    @arthurschreiber
    arthurschreiber committed Oct 21, 2017
    Configuration menu
    Copy the full SHA
    1f52e0b View commit details
    Browse the repository at this point in the history

  6. build: Make sure the auth provider unit tests run during CI.

    @arthurschreiber
    arthurschreiber committed Oct 21, 2017
    Configuration menu
    Copy the full SHA
    0b5c2d3 View commit details
    Browse the repository at this point in the history

Commits on Oct 22, 2017

  1. test: Fix NTLM test cases assertions.

    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    00b95a3 View commit details
    Browse the repository at this point in the history

  2. test: Remove NTLM specific tests from the SSPI token tests. 

    This logic is already covered by the NTLM auth provider tests.
    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    701ce82 View commit details
    Browse the repository at this point in the history

  3. refactor: Rename ntlmpacketBuffer to sspiBuffer. 

    This buffer is used for all SSPI authentication types, not just for
NTLM.
    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    220ce7b View commit details
    Browse the repository at this point in the history

  4. fix: Native auth is now independent of domain name.

    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    d520d58 View commit details
    Browse the repository at this point in the history

  5. fix: Handle zero length SSPI blob buffers correctly.

    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    51c9b2b View commit details
    Browse the repository at this point in the history

  6. fix: Bring back the dependency on sspi-client.

    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    53085e4 View commit details
    Browse the repository at this point in the history

  7. refactor: Only require sspi-client once.

    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    83ee955 View commit details
    Browse the repository at this point in the history

  8. refactor: Remove sspiClientResponsePending check. 

    We only perform handshaking after receiving a message, and no further TDS messages should be received during the handshake, so there is no need to do an explicit check in the auth provider.
    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    38ed20f View commit details
    Browse the repository at this point in the history

  9. fix: Don't read the securityPackage option from the connection.

    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    bc29b0c View commit details
    Browse the repository at this point in the history

  10. docs: Add some very basic auth provider documentation.

    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    b1b8107 View commit details
    Browse the repository at this point in the history

  11. refactor: Stop passing through the domain option.

    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    9812a83 View commit details
    Browse the repository at this point in the history

  12. fix: Do not send username and password via LOGIN7 when a domain is set. 

    This fixes a potentially security relevant issue where `tedious` would
send username and password in plaintext via the LOGIN7 token, even if
the `domain` option was specified and the credentials were sent as
hashes via NTLM as well.
    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    168b845 View commit details
    Browse the repository at this point in the history

  13. fix: Make sure the domain passed to the NTLM auth provider is upperca… 

    …se'd.
    @arthurschreiber
    arthurschreiber committed Oct 22, 2017
    Configuration menu
    Copy the full SHA
    3179b45 View commit details
    Browse the repository at this point in the history

Commits on Oct 23, 2017

  1. fix: Ensure callback is called asynchronously.

    @arthurschreiber
    arthurschreiber committed Oct 23, 2017
    Configuration menu
    Copy the full SHA
    7a83616 View commit details
    Browse the repository at this point in the history

  2. docs: More documentation for the default auth provider.

    @arthurschreiber
    arthurschreiber committed Oct 23, 2017
    Configuration menu
    Copy the full SHA
    1e723c1 View commit details
    Browse the repository at this point in the history

  3. feat: Automatically use the native auth provider. 

    When no username and password are specified, and the native auth
provider is supported, `tedious` will now use it automatically.
    @arthurschreiber
    arthurschreiber committed Oct 23, 2017
    Configuration menu
    Copy the full SHA
    9f8e637 View commit details
    Browse the repository at this point in the history

  4. fix: Fix a weird typo in a comment. 😅

    @arthurschreiber
    arthurschreiber committed Oct 23, 2017
    Configuration menu
    Copy the full SHA
    f1c69c7 View commit details
    Browse the repository at this point in the history

  5. Revert "feat: Automatically use the native auth provider." 

    This reverts commit 9f8e637.
    @arthurschreiber
    arthurschreiber committed Oct 23, 2017
    Configuration menu
    Copy the full SHA
    2ad7601 View commit details
    Browse the repository at this point in the history

  6. docs: Better documentation for the native auth provider.

    @arthurschreiber
    arthurschreiber committed Oct 23, 2017
    Configuration menu
    Copy the full SHA
    1ef9b6e View commit details
    Browse the repository at this point in the history

Commits on Nov 5, 2017

  1. Merge branch 'master' of github.com:tediousjs/tedious into arthur/plu… 

    …ggable-auth-providers
    @arthurschreiber
    arthurschreiber committed Nov 5, 2017
    Configuration menu
    Copy the full SHA
    281a74e View commit details
    Browse the repository at this point in the history

Commits on Nov 6, 2017

  1. Merge branch 'master' of github.com:tediousjs/tedious into arthur/plu… 

    …ggable-auth-providers
    @arthurschreiber
    arthurschreiber committed Nov 6, 2017
    Configuration menu
    Copy the full SHA
    c1d3227 View commit details
    Browse the repository at this point in the history

  2. test: Extend test cases for remaining NTLM auth cases.

    @arthurschreiber
    arthurschreiber committed Nov 6, 2017
    Configuration menu
    Copy the full SHA
    a12b43e View commit details
    Browse the repository at this point in the history

Commits on May 29, 2018

  1. Merge branch 'master' of github.com:tediousjs/tedious into arthur/plu… 

    …ggable-auth-providers
    @arthurschreiber
    arthurschreiber committed May 29, 2018
    Configuration menu
    Copy the full SHA
    b2e8c37 View commit details
    Browse the repository at this point in the history

Commits on Jul 9, 2018

  1. Rename the authProvider option to integratedAuthProvider.

    @arthurschreiber
    arthurschreiber committed Jul 9, 2018
    Configuration menu
    Copy the full SHA
    905ed6d View commit details
    Browse the repository at this point in the history