Configure NLog only in non-development environments

Refactored logging setup to clear providers and use NLog exclusively when not in development. This ensures development uses default logging, while production and other environments leverage NLog.

Common/NtlmHelper.cs

@@ -0,0 +1,33 @@
+using Microsoft.Win32.SafeHandles;
+using System.Runtime.InteropServices;
+
+namespace FakeNTLMServer.Common
+{
+    public static class NtlmHelper
+    {
+        [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
+        private static extern bool LogonUser(
+            string lpszUsername,
+            string lpszDomain,
+            string lpszPassword,
+            int dwLogonType,
+            int dwLogonProvider,
+            out SafeAccessTokenHandle phToken);
+
+        private const int LOGON32_LOGON_NETWORK = 3;
+        private const int LOGON32_PROVIDER_DEFAULT = 0;
+
+        public static bool ValidateCredentials(string username, string domain, string password, out SafeAccessTokenHandle token)
+        {
+            var success = LogonUser(
+                username,
+                domain,
+                password,
+                LOGON32_LOGON_NETWORK,
+                LOGON32_PROVIDER_DEFAULT,
+                out token);
+
+            return success && token is not null && !token.IsInvalid;
+        }
+    }
+}

Controllers/AuthController.cs

@@ -0,0 +1,108 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using System.Security.Principal;
+using FakeNTLMServer.Model;
+using FakeNTLMServer.Common;
+
+namespace FakeNTLMServer.Controllers;
+
+[ApiController]
+[Route("[controller]")]
+public class AuthController : ControllerBase
+{
+    [Authorize]
+    [HttpGet(nameof(Me))]
+    public IActionResult Me()
+    {
+        var identity = User.Identity;
+        return Ok(new
+        {
+            identity?.Name,
+            identity?.AuthenticationType,
+            identity?.IsAuthenticated,
+            Claims = User.Claims.Select(claim => new { claim.Type, claim.Value })
+        });
+    }
+
+    /// <summary>
+    /// NTLM/Negotiate login endpoint.
+    /// Triggers the NTLM handshake and returns authenticated user info.
+    /// </summary>
+    [Authorize]
+    [HttpGet(nameof(Login))]
+    public IActionResult Login()
+    {
+        var identity = User.Identity;
+
+        if (identity is null || !identity.IsAuthenticated)
+            return Unauthorized(new { Message = "NTLM authentication failed." });
+
+        return Ok(new
+        {
+            Message = "NTLM authentication successful.",
+            identity.Name,
+            identity.AuthenticationType,
+            identity.IsAuthenticated,
+            Claims = User.Claims.Select(claim => new { claim.Type, claim.Value })
+        });
+    }
+
+    /// <summary>
+    /// Validates Windows credentials (username/password) using the Win32 LogonUser API.
+    /// Works on local Kestrel without IIS or Negotiate middleware.
+    /// </summary>
+    [AllowAnonymous]
+    [HttpPost("login")]
+    public IActionResult LoginWithCredentials([FromBody] Login request)
+    {
+        var username = request.Username;
+        var domain = request.Domain ?? ".";
+
+        if (username.Contains('\\'))
+        {
+            var parts = username.Split('\\', 2);
+            domain = parts[0];
+            username = parts[1];
+        }
+        else if (username.Contains('@'))
+        {
+            var parts = username.Split('@', 2);
+            username = parts[0];
+            domain = parts[1];
+        }
+
+        if (!NtlmHelper.ValidateCredentials(username, domain, request.Password, out var token))
+        {
+            return Unauthorized(new { Message = "Invalid username or password." });
+        }
+
+        using (token)
+        {
+            var windowsIdentity = new WindowsIdentity(token.DangerousGetHandle());
+            var claims = windowsIdentity.Claims.Select(c => new { c.Type, c.Value }).ToList();
+
+            return Ok(new
+            {
+                Message = "Authentication successful.",
+                Name = windowsIdentity.Name,
+                AuthenticationType = windowsIdentity.AuthenticationType,
+                IsAuthenticated = windowsIdentity.IsAuthenticated,
+                Claims = claims
+            });
+        }
+    }
+
+    [Authorize]
+    [HttpGet(nameof(Status))]
+    public IActionResult Status()
+    {
+        return Ok(new
+        {
+            User.Identity?.Name,
+            User.Identity?.AuthenticationType
+        });
+    }
+
+    [HttpGet(nameof(Test))]
+    public IActionResult Test() => Ok();
+}

FakeNTLMServer.csproj

@@ -0,0 +1,20 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>net8.0</TargetFramework>
+    <Nullable>enable</Nullable>
+    <ImplicitUsings>enable</ImplicitUsings>
+	<Version>1.0.1-beta</Version>
+	<AssemblyVersion>1.0.1.0</AssemblyVersion>
+	<FileVersion>1.0.1.0</FileVersion>
+	<InformationalVersion>1.0.1-beta</InformationalVersion>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.Negotiate" Version="8.0.0" />
+    <PackageReference Include="NLog" Version="6.1.1" />
+    <PackageReference Include="NLog.Web.AspNetCore" Version="6.1.2" />
+    <PackageReference Include="Swashbuckle.AspNetCore" Version="6.6.2" />
+  </ItemGroup>
+
+</Project>

FakeNTLMServer.sln

@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.14.36717.8 d17.14
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "FakeNTLMServer", "FakeNTLMServer.csproj", "{D48FB142-068E-4DFD-B9D3-4F314114C6F3}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{D48FB142-068E-4DFD-B9D3-4F314114C6F3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{D48FB142-068E-4DFD-B9D3-4F314114C6F3}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{D48FB142-068E-4DFD-B9D3-4F314114C6F3}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{D48FB142-068E-4DFD-B9D3-4F314114C6F3}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {C23AD91D-109B-423A-9E13-FABF5B1FBE9E}
+	EndGlobalSection
+EndGlobal

Model/Login.cs

@@ -0,0 +1,23 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace FakeNTLMServer.Model;
+
+public class Login
+{
+    /// <summary>
+    /// Username. Supports formats: "username", "DOMAIN\username", "username@domain"
+    /// </summary>
+    [Required]
+    public string Username { get; set; } = default!;
+
+    /// <summary>
+    /// Password
+    /// </summary>
+    [Required]
+    public string Password { get; set; } = default!;
+
+    /// <summary>
+    /// Domain (optional). Defaults to local machine ("."). Ignored if domain is included in Username.
+    /// </summary>
+    public string? Domain { get; set; }
+}

Program.cs

@@ -0,0 +1,88 @@
+using Microsoft.AspNetCore.Authentication.Negotiate;
+using Microsoft.OpenApi.Models;
+using NLog;
+using NLog.Web;
+
+var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger();
+logger.Info("Logging initialized!");
+
+try
+{
+    var builder = WebApplication.CreateBuilder(args);
+
+    if (!builder.Environment.IsDevelopment())
+    {
+        builder.Logging.ClearProviders();
+        builder.Host.UseNLog();
+    }
+
+    builder.Services.AddControllers();
+    builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
+        .AddNegotiate();
+    builder.Services.AddAuthorization();
+    // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
+    builder.Services.AddEndpointsApiExplorer();
+    builder.Services.AddSwaggerGen(options =>
+    {
+        options.SwaggerDoc("v1", new OpenApiInfo
+        {
+            Title = "FakeNTLMServer",
+            Version = "v1",
+            Description = "NTLM/Negotiate authentication test server"
+        });
+
+        options.AddSecurityDefinition("Negotiate", new OpenApiSecurityScheme
+        {
+            Type = SecuritySchemeType.Http,
+            Scheme = "Negotiate",
+            Description = "Windows Authentication (NTLM/Kerberos). Credentials are sent automatically by the browser."
+        });
+
+        options.AddSecurityRequirement(new OpenApiSecurityRequirement
+    {
+        {
+            new OpenApiSecurityScheme
+            {
+                Reference = new OpenApiReference
+                {
+                    Type = ReferenceType.SecurityScheme,
+                    Id = "Negotiate"
+                }
+            },
+            Array.Empty<string>()
+        }
+    });
+
+        var xmlFile = $"{System.Reflection.Assembly.GetExecutingAssembly().GetName().Name}.xml";
+        var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
+        if (File.Exists(xmlPath))
+            options.IncludeXmlComments(xmlPath);
+    });
+
+    var app = builder.Build();
+
+    // Configure the HTTP request pipeline.
+    if (app.Environment.IsDevelopment() || app.Configuration.GetValue<bool>("EnableSwagger"))
+    {
+        app.UseSwagger();
+        app.UseSwaggerUI(options =>
+        {
+            // Enable sending credentials (NTLM tokens) with Swagger UI requests
+            options.ConfigObject.AdditionalItems["withCredentials"] = true;
+        });
+    }
+
+    app.UseHttpsRedirection();
+
+    app.UseAuthentication();
+    app.UseAuthorization();
+
+    app.MapControllers();
+
+    app.Run();
+}
+catch (Exception ex)
+{
+    logger.Error(ex, "Stopped program because of exception");
+    throw;
+}

Properties/launchSettings.json

@@ -0,0 +1,41 @@
+{
+  "$schema": "http://json.schemastore.org/launchsettings.json",
+  "iisSettings": {
+    "windowsAuthentication": true,
+    "anonymousAuthentication": false,
+    "iisExpress": {
+      "applicationUrl": "http://localhost:3643",
+      "sslPort": 44347
+    }
+  },
+  "profiles": {
+    "http": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "launchUrl": "swagger",
+      "applicationUrl": "http://localhost:5282",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "https": {
+      "commandName": "Project",
+      "dotnetRunMessages": true,
+      "launchBrowser": true,
+      "launchUrl": "swagger",
+      "applicationUrl": "https://localhost:7217;http://localhost:5282",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    },
+    "IIS Express": {
+      "commandName": "IISExpress",
+      "launchBrowser": true,
+      "launchUrl": "swagger",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}

appsettings.Development.json

@@ -0,0 +1,8 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  }
+}

appsettings.json

@@ -0,0 +1,58 @@
+{
+  "Logging": {
+    "LogLevel": {
+      "Default": "Information",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  },
+  "AllowedHosts": "*",
+  "Kestrel": {
+    "EndpointDefaults": {
+      "Protocols": "Http1"
+    }
+  },
+  "EnableSwagger": true,
+  "NLog": {
+    "throwConfigExceptions": true,
+    "variables": {
+      "logDirectory": "E:\\LogFiles\\Digital Data\\FakeNTLMServer",
+      "logFileNamePrefix": "${shortdate}-FakeNTLMServer"
+    },
+    "targets": {
+      "infoLogs": {
+        "type": "File",
+        "fileName": "${logDirectory}\\${logFileNamePrefix}-Info.log",
+        "maxArchiveDays": 30
+      },
+      "errorLogs": {
+        "type": "File",
+        "fileName": "${logDirectory}\\${logFileNamePrefix}-Error.log",
+        "maxArchiveDays": 30
+      },
+      "criticalLogs": {
+        "type": "File",
+        "fileName": "${logDirectory}\\${logFileNamePrefix}-Critical.log",
+        "maxArchiveDays": 30
+      }
+    },
+    // Trace, Debug, Info, Warn, Error and *Fatal*
+    "rules": [
+      {
+        "logger": "*",
+        "minLevel": "Info",
+        "maxLevel": "Warn",
+        "writeTo": "infoLogs"
+      },
+      {
+        "logger": "*",
+        "level": "Error",
+        "writeTo": "errorLogs"
+      },
+      {
+        "logger": "*",
+        "level": "Fatal",
+        "writeTo": "criticalLogs"
+      }
+    ]
+  }
+}

web.config

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+  <system.webServer>
+    <handlers>
+      <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
+    </handlers>
+    <aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" hostingModel="InProcess">
+      <environmentVariables>
+        <environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Development" />
+      </environmentVariables>
+    </aspNetCore>
+  </system.webServer>
+</configuration>