/psychic-potato

Primary LanguagePythonOtherNOASSERTION

requests-ntlm2

NTLM authentication plugin for Requests

Build Status codecov Python Version PyPI Status Downloads Licence Code Style: Black

requests-ntlm2, which is based on requests-ntlm, allows for HTTP NTLM authentication using the requests library.

Installation

pip install requests-ntlm2

Usage

Basic Usage

HttpNtlmAuth extends requests AuthBase, so usage is simple:

import requests
from requests_ntlm2 import HttpNtlmAuth

auth=HttpNtlmAuth('domain\\username','password')
requests.get("http://ntlm_protected_site.com", auth=auth)

Changing NTLM compatibility level

See this MS doc on LM compatibility levels. requests_ntlm2 defaults to compatibility level 3 which supports NTLMv2 [only]. You can change the compatibility level as follows:

import requests
from requests_ntlm2 import HttpNtlmAuth, NtlmCompatibility

username = 'domain\\username'
password = 'password123'
ntlm_compatibility = NtlmCompatibility.LM_AND_NTLMv1_WITH_ESS  # => level 1
auth=HttpNtlmAuth(username, password, ntlm_compatibility=ntlm_compatibility)

requests.get("http://ntlm_protected_site.com", auth=auth)

Using with Requests Session

HttpNtlmAuth can be used in conjunction with a Session in order to make use of connection pooling. Since NTLM authenticates connections, this is more efficient. Otherwise, each request will go through a new NTLM challenge-response.

import requests
from requests_ntlm2 import HttpNtlmAuth

session = requests.Session()
session.auth = HttpNtlmAuth('domain\\username','password')
session.get('http://ntlm_protected_site.com')

HTTP CONNECT Usage

When using requests-ntlm2 to create SSL proxy tunnel via HTTP CONNECT, the so-called "NTLM Dance" - ie, the NTLM authentication handshake - has to be done at the lower level (at httplib level) at tunnel-creation step. This means that you should use the HttpNtlmAdapter and requests session. This HttpNtlmAdapter is responsible for sending proxy auth information downstream.

Here is a basic example:

import requests
from requests_ntlm2 import (
    HttpNtlmAuth,
    HttpNtlmAdapter,
    NtlmCompatibility
)

username = '...'
password = '...'
proxy_ip = '...'
proxy_port = '...'

proxies = {
    'http': 'http://{}:{}'.format(proxy_ip, proxy_port),
    'https': 'http://{}:{}'.format(proxy_ip, proxy_port)
}

ntlm_compatibility = NtlmCompatibility.NTLMv2_DEFAULT

session = requests.Session()
session.mount(
    'https://',
    HttpNtlmAdapter(
        username,
        password,
        ntlm_compatibility=ntlm_compatibility
    )
)
session.mount(
    'http://',
    HttpNtlmAdapter(
        username,
        password,
        ntlm_compatibility=ntlm_compatibility
    )
)
session.auth = HttpNtlmAuth(
    username,
    password,
    ntlm_compatibility=ntlm_compatibility
)
session.proxies = proxies

response = session.get('http:/foobar.com')

Requirements