RFE - certsrv Negotiate authentication #24

smanross · 2024-09-30T03:38:39Z

Along the same lines as the last suggestion. I've currently overridden _set_credentials to add support for negotiate authentication in order to use the currently logged in credentials for authentication instead of having to pass them in.

This requires requests-negotiate-sspi
https://github.com/brandond/requests-negotiate-sspi

** kudos to this author for additional the drop-in module for the requests module

from certsrv import Certsrv

certificate_server = Certsrv("certserver.whatever.com", auth_method="negotiate")
pem_data = certificate_server.get_cert(pem_csr, certificate_template_name)

def _set_credentials(self, username, password):
    if (not password or not username) and auth_method != "negotiate":
        raise Exception("You can't not send a user/password on any auth method other than negotiate")
    if self.auth_method == "ntlm":
        from requests_ntlm import HttpNtlmAuth

        self.session.auth = HttpNtlmAuth(username, password)
    elif self.auth_method == "cert":
        self.session.cert = (username, password)
    elif self.auth_method == "negotiate":
        from requests_negotiate_sspi import HttpNegotiateAuth
        self.session.auth = HttpNegotiateAuth()
    else:
        self.session.auth = (username, password)

Certsrv._set_credentials = _set_credentials

Thanks,
Steven

The text was updated successfully, but these errors were encountered:

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

RFE - certsrv Negotiate authentication #24

RFE - certsrv Negotiate authentication #24

smanross commented Sep 30, 2024

RFE - certsrv Negotiate authentication #24

RFE - certsrv Negotiate authentication #24

Comments

smanross commented Sep 30, 2024