如何创建 NTLM 身份验证标头以与 Alamofire 一起使用？答案

【问题标题】：How to create a NTLM authentication header to use with Alamofire?如何创建 NTLM 身份验证标头以与 Alamofire 一起使用？
【发布时间】：2017-08-28 06:33:56
【问题描述】：

这些是请求标头：

let userName = "someUserName"
let password = "aPasswordForSomeUserName"

var headers: HTTPHeaders = [
    "Accept": "application/json",
]

if let authorizationHeader = Request.authorizationHeader(user: userName, password: password) {
    headers[authorizationHeader.key] = authorizationHeader.value
}

所以这是像这样生成Authorization。

Basic aC5paHFoOkulbXKhNpk43A==（我为了安全做了修改）。

但是当我在 Advance Rest Client（Chrome 扩展程序）中提出相同的请求时。我看到了这个：

Accept: application/json
Authorization: NTLM TlMMTVNTUAADAAAAGAAYAG4AAAAYABgAhgAAAAYABgBAAAAADAAMAEYAAAAcABwAUgPPPAAAAACeAAAAAYIAAEUARwBBAGgALgBzAGgAYQBoAUIOVABHAC4AUSDFGC4ARQBHAEEALgBMAEEAToD38IenExnddmNhyXz+u0cmIHEl/p8P9OWe2rePPsiRkZO1Ne6ZrWxnIxHK1CZcyTU=

注意，NTLM 和 Basic 在为我的用户名和密码生成的授权密钥中。

如何在 iOS 中执行此操作（可能还使用 Alamofire）？

这也引出了我之前问过的这个问题。

How to make a NTML request with Alamofire 4.0?

【问题讨论】：

stackoverflow.com/questions/42926996/… + stackoverflow.com/questions/31279362/… 激励你？
谢谢，我可以用 Alamofire 修复它。我稍后会发布我的答案。
你能在这里发布你的工作答案吗？

标签： ios swift alamofire ntlm-authentication

【解决方案1】：

我在link 中增强了正确答案，并处理使用 Alamofire 发送的任何请求，而不是为每个 ViewController 添加登录：

private var manager : SessionManager?
var username: String? = nil
var password: String? = nil

func doesHaveCredentials() -> Bool {
    self.username = Defaults[.username]
    self.password = Defaults[.password]

    guard let _ = self.username else { return false }
    guard let _ = self.password else { return false }
    return true
}

func apiManager() -> SessionManager{
    if let m = self.manager{
        return m
    }else{
        let configuration = URLSessionConfiguration.default
        configuration.timeoutIntervalForRequest = 25
        configuration.timeoutIntervalForResource = 25
        self.manager = Alamofire.SessionManager(configuration: configuration)

        let delegate: Alamofire.SessionDelegate = self.manager!.delegate
        delegate.taskDidReceiveChallengeWithCompletion = { session, task, challenge,  completionHandler in
            print("Got challenge")
            guard challenge.previousFailureCount == 0 else {
                print("too many failures")
                challenge.sender?.cancel(challenge)
                completionHandler(.cancelAuthenticationChallenge, nil)
                return
            }

            guard challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodNTLM else {
                print("unknown authentication method \(challenge.protectionSpace.authenticationMethod)")
                challenge.sender?.cancel(challenge)
                completionHandler(.cancelAuthenticationChallenge, nil)
                return
            }

            guard self.doesHaveCredentials() else {
                challenge.sender?.cancel(challenge)
                completionHandler(.cancelAuthenticationChallenge, nil)
                DispatchQueue.main.async {
                    print("Userdata not set")
                };
                return
            }

            let credentials = URLCredential(user: self.username!, password: self.password!, persistence: .forSession)
            challenge.sender?.use(credentials, for: challenge)
            completionHandler(.useCredential, credentials)
        }

        return self.manager!
    }
}

【讨论】：