Node.js HTTP client with kerberos/gssapi/negotiate/spnego authentication

http_client_spnego.js

//
// tested with kerberos 0.0.12 on linux against apache running mod_auth_kerb with Samba AD providing KDC
//
var Kerberos = require('kerberos').Kerberos;
var kerberos = new Kerberos();
var http = require('http');

function httpget(opts, callback) {
	console.log('submitting to '+(opts.hostname||opts.host)+' with authorization header: '+(opts.headers||{}).authorization);
	var req = http.get(opts, function(res) {
		if (res.statusCode == 401) {
			submitWithAuthorization(req, opts, callback);
			return;
		}
		callback(res);
	});
	return req;
}

function submitWithAuthorization(oldreq, opts, callback) {
	kerberos.authGSSClientInit("HTTP@"+(opts.hostname || opts.host), 0, function(err, ctx) {
		if (err) {
			throw new Error(""+err);
		}
		console.log('done init '+ctx);
		kerberos.authGSSClientStep(ctx, "", function (err) {
			if (err) {
				throw new Error(""+err);
			}
			console.log('done step '+ctx.response);
			var headers = opts.headers || {};
			headers.authorization = "Negotiate "+ctx.response;
			opts.headers = headers;
			var newreq = httpget(opts, callback);

			// tell oldReq "owner" about newReq. resubmit is an "unofficial" event
			oldreq.emit('resubmit', newreq);
			kerberos.authGSSClientClean(ctx, function(err) {
				if (err) {
					throw new Error(""+err);
				}
			});
		});
	});
}

// //////////////////////////////////////////////////////////////////

var options = {
		hostname : "somehost.protected.by.spnego.example.com"
		, path : "/"
};

var req = httpget(options, function(res) {
	var body = '';
	res.on('data', function(chunk) {
		body += chunk;
	});
	res.on('end', function() {
		console.log("BODY: "+body);
	});
});

req.on('resubmit', function(newreq) {
	console.log('request resubmitted');
	req = newreq;
});

return;

I keep getting undefined for the security header output. Any suggestions?

What can be done to make it work on Windows?

@cnayan https://stackoverflow.com/a/61512453/7583101