ClientRequest not resusing session of browserwindow


#1

We have a webpage that authenticates through an SSO by redirecting to another page which authenticates via NTLM and then back to the original page.
To be able to then access API provided by the page I’m assuming I should be able to use a ClientRequest setting the session or partition to make a browserwindow which has gone through SSO.

Using postman or other chrome plugins in a chrome window which is already logged in works so why not with electron and client request.

Example code
unfortunately, I cannot share the urls as they are internal but should something like this work?

const {app, session} = require('electron')
app.on('ready', () => {

    let ses = session.fromPartition('persist:sc');
    ses.allowNTLMCredentialsForDomains('*')

    const {BrowserWindow} = require('electron')
  
    let win = new BrowserWindow({width: 800, height: 600,webPreferences: {partition: 'persist:sc', nodeIntegration: false}})
    win.loadURL('https:/page-that-redirects-to-sso')
    

    win.on('page-title-updated', (event,title) => {
        console.log(title);
        if (title === 'My Homepage') {
            const {net} = require('electron')
            const request = net.request({
                method: "get",
                session: session.fromPartition('persist:sc'),
                //partition: "persist:sc",
                url: "https://api-end-point",
                redirect: "manual"
            })
            request.on('response', (response) => {
                console.log(`STATUS: ${response.statusCode}`)
                console.log(`HEADERS: ${JSON.stringify(response.headers)}`)
                response.on('data', (chunk) => {
                    console.log(`BODY: ${chunk}`)
                })
                response.on('end', () => {
                    console.log('No more data in response.')
                })
            })
            request.on('redirect', (statusCode, method, redirectUrl, responseHeaders) => {
                console.log(`redirectUrl: ${redirectUrl}`)
                request.followRedirect;
            })
            request.on('login', (authInfo, callback) => {
                console.log(authInfo)   
                callback();   
            })
            request.end() 
        }
    })
})

#2

Forgot to say the actual problem. The request is firing the request.on(‘login’, () => {}) like its not logged in and asking for credentials (SSO means I don’t have them).
Im assuming that using chrome plugins are just doing get requests in the browser so why do they work once an active session is established