NTLM strategy: 401 Unauthenticated error with a correct credentials on some environments

[koltyakov]

With correct credentials for NTLM auth strategy, fails with 401.
This happens in some environment, didn't get the consistent pattern yet. But found a workaround.

Relevant issues in go-ntlmssp: Azure/go-ntlmssp#12, Azure/go-ntlmssp#16, Azure/go-ntlmssp#14

The workaround is using https://github.com/vadimi/go-http-ntlm, a patch-like usage with current gosip version is:

package main

import (
	"flag"
	"log"
	"strings"

	"github.com/koltyakov/gosip"
	strategy "github.com/koltyakov/gosip/auth/ntlm"
	httpntlm "github.com/vadimi/go-http-ntlm"
)

var (
	siteURL  = flag.String("siteUrl", "", "SharePoint site URL")
	username = flag.String("username", "", "SharePoint user name, must be in the following format `domain\\username`")
	password = flag.String("password", "", "SharePoint password")
)

func main() {
	flag.Parse()

	auth := &strategy.AuthCnfg{
		SiteURL:  *siteURL,
		Username: *username,
		Password: *password,
	}
	client := &gosip.SPClient{
		AuthCnfg: auth,
	}

	// Workaround >>>
	if !strings.Contains(*username, "\\") {
		log.Fatal("incorrect username format, must be in the following format `domain\\username`")
	}
	client.Transport = &httpntlm.NtlmTransport{
		Domain:   strings.Split(*username, "\\")[0],
		User:     strings.Split(*username, "\\")[1],
		Password: *password,
	}
	// <<<

	// Go with SP
}

I'm not planning to migrate to https://github.com/vadimi/go-http-ntlm immediately but wait some time for a response in go-ntlmssp. While a workaround exists, it's not a blocker. Also, finding a consistency pattern might be useful for applying a fix in Azure's library.