1. 技术文章
  2. DUO Web how to post to URL after authentication?

DUO Web how to post to URL after authentication?

半腔热情 提交于 2021-01-28 05:40:32

问题


I'm implementing f2a on a Laravel app using DUO Web. I've installed the APK and Javascript library and am able to successfully authenticate a DUO user. The authentications are also showing as successful on the DUO Dashboard.

My problem is that when trying to post the response to a URL on the app using the post_action parameter or the data-post-action iframe attribute, the page is always sent back to the same page.

Here's my markup:

<iframe
        id="duo_iframe"
        data-host="{{ $host }}"
        data-sig-request="{{ $sig_request }}"
        data-post-action="{{ $post_action }}">
</iframe>
<style>
    #duo_iframe {
        width: 100%;
        min-width: 304px;
        max-width: 620px;
        height: 330px;
        border: none;
    }
</style>
<script src="https://api.duosecurity.com/frame/hosted/Duo-Web-v2.min.js"></script>

Here's my controller method:

public function duoAuthentication()
{
    $username = $input['email'];
    $sig_request = Web::signRequest($ikey, $skey, $akey, $username);
    return view('users::duo', [
        'host' => "api-5ccb0890.duosecurity.com",
        'sig_request' => $sig_request,
        'post_action' => '/user/redirect/to/dashboard',
        'user_id' => $usercheck['id'],
    ]);
}

Any help would be appreciated.


回答1:


Since the data-post-action attribute would not work, I had to run each part of the authentication on the same route/method. Another key part was adding a form with a csrf_token() to pass the user ID after the initial authentication. In Laravel, you cannot post data without a csrf_token. All DUO keys are being stored in the .env file.

Route:
Route::any('/login/duo', 'AuthController@duoAuthentication');

Controller Method:

public function duoAuthentication()
{
    if (isset($input['sig_response'])) {
        $userAuthenticated = Web::verifyResponse($ikey, $skey, $akey, $input['sig_response']);
        if ($userAuthenticated) {
            Sentry::login(Sentry::findUserById($input['user_id']));
            return Redirect::to('/dashboard');
        }
    }

    $username = $input['email'];
    $sig_request = Web::signRequest($ikey, $skey, $akey, $username);
    return view('users::duo', [
        'host' => "api-5ccb0890.duosecurity.com",
        'sig_request' => $sig_request,
        'post_action' => '/user/redirect/to/dashboard',
        'user_id' => $usercheck['id'],
    ]);
}

Blade Template:

<div class="container">
    <div class="row justify-content-center">
        <div class="col-md-12">
            <script>
                Duo.init({
                    'host': '{{ $host }}',
                    'sig_request': '{{ $sig_request }}'
                });
            </script>
            <iframe id="duo_iframe">
            </iframe>
            <form id="duo_form" method="post">
                <input type="hidden" name="_token" value="{{ csrf_token() }}">
                <input type="hidden" name="user_id" value="{{ $user_id }}">
            </form>
            <style>
                #duo_iframe {
                    width: 100%;
                    min-width: 304px;
                    max-width: 620px;
                    height: 330px;
                    border: none;
                }
            </style>
        </div>
    </div>
</div>


来源:https://stackoverflow.com/questions/55637847/duo-web-how-to-post-to-url-after-authentication

标签
php
authentication
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!