Skip to content
This repository has been archived by the owner on Jul 18, 2022. It is now read-only.

WebSDK v2 to WebSDK v4 Code Migration Guide #57

Draft
wants to merge 9 commits into
base: flask_demo
Choose a base branch
from
+41 −635
Draft

WebSDK v2 to WebSDK v4 Code Migration Guide #57

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
e901bfe
Use new duo_universal python package
jeffreyparker Jul 15, 2021
f6469d2
Update duo.conf configuration
jeffreyparker Jul 15, 2021
1c7d5f1
Create Duo Client
jeffreyparker Jul 15, 2021
26939b6
Add Duo health check
jeffreyparker Jul 15, 2021
4dae4ee
Replace locally hosted HTML with a redirect to the Duo
jeffreyparker Jul 15, 2021
443a9fa
Update Duo callback route.
jeffreyparker Jul 15, 2021
ffa746f
Store and retrieve state and username in http session
jeffreyparker Jul 15, 2021
86816d6
Add state and username checking
jeffreyparker Jul 15, 2021
9468184
Use new duo_universal methods to verify duo response
jeffreyparker Jul 15, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 37 additions & 18 deletions demos/flask/app.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
import sys
import argparse
import flask
import duo_web
import duo_universal

app = flask.Flask(__name__, static_url_path='', static_folder='static')
app = flask.Flask(__name__)
app.secret_key = os.urandom(32)

@app.route("/", methods=['GET'])
Expand All @@ -17,29 +17,48 @@ def do_GET():
if username is None:
return 'user query parameter is required', 400

sig_request = duo_web.sign_request(app.ikey, app.skey, app.akey, username)
return flask.render_template('index.html', host=app.host, sig_request=sig_request)
try:
app.duo_client.health_check()
except duo_universal.DuoException:
return 'Duo health check failed. Logged in without 2FA as %s.' % username
# alternatively: return 'Duo health check failed, denying login.'

@app.route("/", methods=['POST'])
def do_POST():
sig_response = flask.request.form.get('sig_response')
if sig_response is None:
return 'sig_response post parameter is required', 400
user = duo_web.verify_response(
app.ikey, app.skey, app.akey, sig_response)
state = app.duo_client.generate_state()
prompt_uri = app.duo_client.create_auth_url(username, state)

if user is None:
flask.session['state'] = state
flask.session['username'] = username

return flask.redirect(prompt_uri)

@app.route("/duo-callback", methods=['GET'])
def do_duo_callback():
state = flask.session['state']
username = flask.session['username']

if (state is None) or (username is None) or (state != flask.request.args.get('state')):
return 'Invalid state or username'

duo_code = flask.request.args.get('duo_code')
if duo_code is None:
return 'duo_code post parameter is required', 400

try:
app.duo_client.exchange_authorization_code_for_2fa_result(duo_code, username)
except duo_universal.DuoException:
return 'Did not authenticate with Duo.'.encode('utf-8')

return ('Authenticated with Duo as %s.' % user).encode('utf-8')
return ('Authenticated with Duo as %s.' % username).encode('utf-8')


def main(ikey, skey, akey, host, port=8080):
def main(client_id, client_secret, host, redirect_uri, port=8080):
port = int(port)
app.ikey = ikey
app.skey = skey
app.akey = akey
app.host = host
app.duo_client = duo_universal.Client(
client_id=client_id,
client_secret=client_secret,
host=host,
redirect_uri=redirect_uri
)
print("Visit the root URL with a 'user' argument, e.g.")
print("'http://localhost:%d/?user=myname'." % port)
app.run(host="0.0.0.0", port=8080)
Expand Down
6 changes: 3 additions & 3 deletions demos/flask/duo.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

[duo]

ikey = ikey
skey = skey
akey = akey
client_id = client_id
client_secret = client_secret
host = host
redirect_uri = http://localhost:8080/duo-callback
2 changes: 1 addition & 1 deletion demos/flask/requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
duo-web
duo-universal
flask
six==1.14.0
15 changes: 0 additions & 15 deletions demos/flask/static/Duo-Frame.css
View file
Open in desktop

This file was deleted.

Loading