Firefox Extension Set Proxy Auth - firefox

I am trying to develop and Firefox Extension, which sets a proxy and does some other things after doing that. So i know how to set proxy http and port.
var prefManager = Cc["#mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
prefManager.setIntPref("network.proxy.type", 1);
prefManager.setCharPref("network.proxy.http",aProxy[0]);
prefManager.setIntPref("network.proxy.http_port",aProxy[1]);
But i was not able to find the properties for username and password. Seems it will need to be set differently.
Someone can help?

Have you tried saving the passwords using nsILoginManager? In Firefox, password for proxies are handled like any other password.
let LoginInfo = new Components.Constructor("#mozilla.org/login-manager/loginInfo;1", Components.interfaces.nsILoginInfo, "init");
let loginInfo = new LoginInfo(
hostname,
null,
realm,
user,
password,
'',
''
);
let loginManager = Components.classes["#mozilla.org/login-manager;1"].getService(Components.interfaces.nsILoginManager);
loginManager.addLogin(loginInfo);
Proxies don't have a scheme, so I've seen code in Firefox do something like this (code from https://hg.mozilla.org/mozilla-central/file/69d61e42d5df/toolkit/components/passwordmgr/nsLoginManagerPrompter.js#l1400):
// Proxies don't have a scheme, but we'll use "moz-proxy://"
// so that it's more obvious what the login is for.
var idnService = Cc["#mozilla.org/network/idn-service;1"].
getService(Ci.nsIIDNService);
hostname = "moz-proxy://" +
idnService.convertUTF8toACE(info.host) +
":" + info.port;
realm = aAuthInfo.realm;
if (!realm)
realm = hostname;
I think it's just for readability (when the user opens the password manager), but it shouldn't be required.
P.S.: There's also a preference, signon.autologin.proxy, that makes Firefox not prompt for authentication if a password is saved.

Related

Chrome headless browser with corporate proxy authetication not working

I am trying to run a Chrome headless browser sitting behind a corporate proxy. I tried below code. But unable to pass through it.
public class HeadlessChrome
{
WebDriver driver;
#Test
public void createChromeDriverHeadless() throws InterruptedException
{
System.setProperty("webdriver.chrome.driver", "D:\\LocalData\\workspace\\Drivers and Libraries\\driver\\chromedriver.exe");
ChromeOptions chromeOptions = new ChromeOptions();
Proxy proxy = new Proxy();
proxy.setHttpProxy("http://user:pwd#server:port");
proxy.setSslProxy("http://user:pwd#server:port");
// chromeOptions.setCapability("proxy", proxy);
chromeOptions.addArguments("--proxy-server=user:pwd#server:port");
chromeOptions.addArguments("--headless");
chromeOptions.addArguments("--disable-gpu");
chromeOptions.addArguments("start-maximized");
driver = new ChromeDriver(chromeOptions);
driver.get("http://seleniumhq.org");
Thread.sleep(5000);
System.out.println("Title : " + driver.getTitle());
assertTrue(driver.findElement(By.id("q")).isDisplayed());
driver.quit();
}
}
Please help me out.
If you were not using headless you could have used the approach in below link
user:pass proxies with selenium
But with headless extension are currently not allowed. So now your option is add another proxy
chrome -> (intermediate proxy w/o auth) -> corporate proxy w/ auth -> internet
One options is to use polipo
https://www.irif.fr/~jch/software/polipo/
with below config
parentAuthCredentials=username:password
parentProxy=corporateproxy:port
and then use
chromeOptions.addArguments("--proxy-server=http://polipoproxy:port");
The default would be 127.0.0.1:8123 in don't override in polipo config.
Other options you can use
Use squid proxy instead of polipo
Write your own proxy forwarder using python or node or any other language you are comfortable with
There is headless browser called Linken-sphere who cooperates with Luminati. They some good offers . you should check them up.
https://miped.ru/f/threads/linken-sphere-antidetekt-brauzer-novogo-pokolenija.67098/
It's easy to achieve with selenium 4 (currently in beta). You can do it in multiple ways:
You basically need to register a check for whether to apply the credentials for any request for authorization. Works for both - basic and proxy auth popups.
ChromeDriver driver = new ChromeDriver(new ChromeOptions().setHeadless(true));
String USER_NAME = "guest";
String PASSWORD = "guest";
//register our check here
driver.register(UsernameAndPassword.of(USER_NAME, PASSWORD));
driver.get("https://jigsaw.w3.org/HTTP/");
//Click on the link to show an authentication popup
driver.findElement(By.linkText("Basic Authentication test")).click();
String msg = driver.findElement(By.tagName("html")).getText();
assert msg.equalsIgnoreCase("Your browser made it!");
Using CDP Network domain. Doesn't work for proxy authorization popup (for example here is the similar issue in puppeteer which goes down to the chrome project)
ChromeDriver driver = new ChromeDriver(new ChromeOptions().setHeadless(true));
String USER_NAME = "guest";
String PASSWORD = "guest";
DevTools devTools = driver.getDevTools();
//create a cdp session
devTools.createSession();
//enable network first
devTools.send(Network.enable(Optional.empty(), Optional.empty(), Optional.empty()));
//Open website
driver.get("https://jigsaw.w3.org/HTTP/");
//Create and send the authorization header
Map<String, Object> headers = new HashMap<>();
String basicAuth = "Basic " + new String(Base64.getEncoder().encode(String.format("%s:%s", USER_NAME, PASSWORD).getBytes()));
headers.put("Authorization", basicAuth);
devTools.send(Network.setExtraHTTPHeaders(new Headers(headers)));
//Click on the link to show an authentication popup
driver.findElement(By.linkText("Basic Authentication test")).click();
String msg = driver.findElement(By.tagName("html")).getText();
assert msg.equalsIgnoreCase("Your browser made it!");
Using the CDP Fetch domain. Works for both - basic and proxy auth popups.
ChromeDriver driver = new ChromeDriver(new ChromeOptions().setHeadless(true));
String USER_NAME = "guest";
String PASSWORD = "guest";
DevTools devTools = driver.getDevTools();
//create a cdp session
devTools.createSession();
//enable Fetch first
devTools.send(Fetch.enable(Optional.empty(), Optional.of(true)));
devTools.addListener(Fetch.requestPaused(), requestPaused -> devTools.send(Fetch.continueRequest(requestPaused.getRequestId(), Optional.empty(), Optional.empty(), Optional.empty(), Optional.empty())));
devTools.addListener(Fetch.authRequired(), authRequired -> devTools.send(Fetch.continueWithAuth(authRequired.getRequestId(), new AuthChallengeResponse(PROVIDECREDENTIALS, Optional.of(USER_NAME), Optional.of(PASSWORD)))));
//Open website
driver.get("https://jigsaw.w3.org/HTTP/");
//Click on the link to show an authentication popup
driver.findElement(By.linkText("Basic Authentication test")).click();
String msg = driver.findElement(By.tagName("html")).getText();
assert msg.equalsIgnoreCase("Your browser made it!");

Either Negotiate or SimpleBind must be specified and they cannot be combined

i am trying to validate the credentials of a user against a active directory with a principalcontext but always get an error.
I try to connect via ssl, because it is sensitive data, but it always give me the error in the headline.
try
{
PrincipalContext pc = new PrincipalContext(ContextType.Domain, "myAwesomeDomain.com", null, ContextOptions.SecureSocketLayer, adUser, adPassword);
using (pc)
{
retVal = pc.ValidateCredentials(userID, password, ContextOptions.SecureSocketLayer);
}
}
I also tried to set DC="myAwesomeDomain,DC=COM" for the container instead of null.
The Credentials to log into the AD are correct, they are working fine with DirectoryEntry.
I have no clue how to go on.
Any idea?
Mh, it is some time since now, i found a solution back then:
try
{
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, "myAwesomeDomain.com", null, ContextOptions.SecureSocketLayer, adUser, adPassword);
{
retVal = pc.ValidateCredentials(userID, password, ContextOptions.SecureSocketLayer);
}
}
it really worked this way, i can not explain why

ServiceStack Accessing Session Directly

I'm having trouble getting direct manipulation of sessions working properly.
Using some code from the source and a tip from Demis, I've put together something in our unit test client to auth the user and then recover the session.
The AuthResponse I'm getting from the service has a SessionId of 533, which results in a constructed urn of "urn:iauthsession:533", whereas the urn in the Redis cache is "urn:iauthsession:sbQBLwb1WpRj8DqQ7EdL", so obviously, the thing being passed to the urn builder in the running code is not simply the session id (or the overload being used is not what I think it is).
Here's the code we're using in our test base class to try to recover the session from the auth call:
var client = new JsonServiceClient(ServiceTestAppHost.BaseUrl)
{
UserName = userName,
Password = password,
AlwaysSendBasicAuthHeader = true
};
var response = client.Post<AuthResponse>("/auth/basic", new Auth() { UserName = userName, Password = password, RememberMe = true });
var sessionKey = IdUtils.CreateUrn<IAuthSession>(response.SessionId);
var session = _appHost.TryResolve<ICacheClient>().Get<SsoUserSession>(sessionKey);
Any idea why the constructed urn is not matching?
This should now be fixed with this commit which is available in v4.0.22 that's now available on MyGet.

Get User Profile Picture Without Credentials, Possible?

Working on an email client.
Does anyone know if it is possible to get the profile pic of a user from the email and server URL without their password?
I'm working with Exchange 2013. I tried the HTTP POST option provided. It works like a charm but requires a log in.
Have a look at Exchange Impersonation.
You can have a specific user account impersonate another user account and access their details without the need for their username and password.
string impName = #"impy";
string impPassword = #"password";
string impDomain = #"domain";
string impEmail = #"impy#domain.com";
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2010);
service.Credentials = new NetworkCredential(impName, impPassword, impDomain);
service.AutodiscoverUrl(impEmail);
service.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.SmtpAddress, #"user#domain.com");
More references:
http://msdn.microsoft.com/en-us/library/dd633680(v=exchg.80).aspx
you can use like this..
var userpicUrl = "/_layouts/15/userphoto.aspx?accountname=" + user.UserName + "&size=M&url=" + user.ProfilePictureURl;

Windows Authentication With WMI

I want to use Windows current credential when using WMI to query data on a remote machine, but in many examples I found that I have to use Connection object which needs you to provide a username, password and authority for validating username and password as shown below:
Dim connection As New ConnectionOptions
connection.Username = userNameBox.Text
connection.Password = passwordBox.Text
connection.Authority = "ntlmdomain:MyDomain"
Dim scope As New ManagementScope( _
"\\RemoteMachine\root\CIMV2", connection)
scope.Connect()
I want to bypass these inputs and use current Windows logon credentials instead, is there any way for this?
Here' the C# example with connnection options using Windows credentials.
ConnectionOptions connectionOptions = new ConnectionOptions
{
Authentication = AuthenticationLevel.PacketPrivacy,
Impersonation = ImpersonationLevel.Impersonate
};

Resources