使用 Python 的集成 Windows 身份验证 (NTLM) 通过 Exchange 进行 SMTP [英] SMTP through Exchange using Integrated Windows Authentication (NTLM) using Python

问题描述

我想使用登录的 Windows 用户的凭据来验证与使用 NTLM 的 Exchange 服务器的 SMTP 连接.

I want to use the credentials of the logged-in Windows user to authenticate an SMTP connection to an Exchange server using NTLM.

我知道 python-ntlm 模块和 两个 补丁 为 SMTP 启用 NTLM 身份验证，但是我想使用当前用户的安全令牌并且没有提供用户名和密码.

I'm aware of the python-ntlm module and the two patches that enable NTLM authentication for SMTP, however I want to use the current user's security token and not have to supply a username and password.

与Windows 身份验证与 Python 和 urllib2 的问题非常相似..>

Very similar problem to Windows Authentication with Python and urllib2.

推荐答案

虽然下面的解决方案仅使用 Python Win32 扩展(Python Win32 扩展中包含的 sspi 示例代码非常有用)，但 python-ntlm IMAP &问题中提到的 SMTP 补丁也可以作为有用的指南.

Although the solution below only uses the Python Win32 extensions (the sspi example code included with the Python Win32 extensions was very helpful), the python-ntlm IMAP & SMTP patches mentioned in the question also served as useful guides.

from smtplib import SMTPException, SMTPAuthenticationError
import string
import base64
import sspi

# NTLM Guide -- http://curl.haxx.se/rfc/ntlm.html

SMTP_EHLO_OKAY = 250
SMTP_AUTH_CHALLENGE = 334
SMTP_AUTH_OKAY = 235

def asbase64(msg):
    # encoding the message then convert to string
    return base64.b64encode(msg).decode("utf-8")

def connect_to_exchange_as_current_user(smtp):
    """Example:
    >>> import smtplib
    >>> smtp = smtplib.SMTP("my.smtp.server")
    >>> connect_to_exchange_as_current_user(smtp)
    """

    # Send the SMTP EHLO command
    code, response = smtp.ehlo()
    if code != SMTP_EHLO_OKAY:
        raise SMTPException("Server did not respond as expected to EHLO command")

    sspiclient = sspi.ClientAuth('NTLM')

    # Generate the NTLM Type 1 message
    sec_buffer=None
    err, sec_buffer = sspiclient.authorize(sec_buffer)
    ntlm_message = asbase64(sec_buffer[0].Buffer)

    # Send the NTLM Type 1 message -- Authentication Request
    code, response = smtp.docmd("AUTH", "NTLM " + ntlm_message)

    # Verify the NTLM Type 2 response -- Challenge Message
    if code != SMTP_AUTH_CHALLENGE:
        raise SMTPException("Server did not respond as expected to NTLM negotiate message")

    # Generate the NTLM Type 3 message
    err, sec_buffer = sspiclient.authorize(base64.decodebytes(response))
    ntlm_message = asbase64(sec_buffer[0].Buffer)

    # Send the NTLM Type 3 message -- Response Message
    code, response = smtp.docmd(ntlm_message)
    if code != SMTP_AUTH_OKAY:
        raise SMTPAuthenticationError(code, response)

这篇关于使用 Python 的集成 Windows 身份验证 (NTLM) 通过 Exchange 进行 SMTP的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！