Documentation ¶
Overview ¶
Package duoweb provides implements Duo Security's two-factor authentication for web applications
Index ¶
- Variables
- func SignEnrollRequest(ikey, skey, akey string, username string) (string, error)
- func SignRequest(ikey, skey, akey string, username string) (string, error)
- func VerifyEnrollResponse(ikey, skey, akey, response string) string
- func VerifyResponse(ikey, skey, akey, response string) string
- type AuthResponse
- type Client
- func (c *Client) AuthPasscode(userid, passcode string, async bool) (AuthResponse, error)
- func (c *Client) AuthPush(userid string, async bool) (AuthResponse, error)
- func (c *Client) Check() (PingResponse, error)
- func (c *Client) Enroll(username string, validSeconds int) (EnrollResponse, error)
- func (c *Client) Ping() (PingResponse, error)
- func (c *Client) PollAuthStatus(txid string) (AuthResponse, error)
- func (c *Client) PollEnrollStatus(userid, activationCode string) (EnrollStatusResponse, error)
- func (c *Client) Preauth(userid string) (PreauthResponse, error)
- type EnrollResponse
- type EnrollStatusResponse
- type Error
- type PingResponse
- type PreauthResponse
Constants ¶
This section is empty.
Variables ¶
var ErrAKEY = errors.New("ERR|The application secret key passed to sign_request() must be at least 40 characters.")
ErrAKEY is returned if the application secret key is invalid
var ErrIKEY = errors.New("ERR|The Duo integration key passed to sign_request() is invalid.")
ErrIKEY is returned if the integration key is invalid
var ErrSKEY = errors.New("ERR|The Duo secret key passed to sign_request() is invalid.")
ErrSKEY is returned if the Duo secret key is invalid
var ErrUSER = errors.New("ERR|The username passed to sign_request() is invalid.")
ErrUser is returned if the username is invalid
var ErrUnknown = errors.New("ERR|An unknown error has occurred.")
ErrUnknown is returned if an unknown error occurs
Functions ¶
func SignEnrollRequest ¶
SignEnrollRequest generates a signed enrollment request for Duo authentication.
func SignRequest ¶
SignRequest generates a signed request for Duo authentication.
func VerifyEnrollResponse ¶
VerifyEnrollResponse validates the signed enrollment response returned from Duo. Returns the username of the authenticated user.
func VerifyResponse ¶
VerifyResponse validates the signed response returned from Duo. Returns the username of the authenticated user.
Types ¶
type AuthResponse ¶
type AuthResponse struct { Result string `mapstructure:"result"` Status string `mapstructure:"status"` StatusMsg string `mapstructure:"status_msg"` Txid string `mapstsructure:"txid"` }
AuthResponse is a response to an Auth request
type Client ¶
Client is a Duo Security API client
func NewClient ¶
NewClient returns a new API client with the given API host, secret key, and integration key
func (*Client) AuthPasscode ¶
func (c *Client) AuthPasscode(userid, passcode string, async bool) (AuthResponse, error)
AuthPasscode reqeusts an authorization for the given passcode
func (*Client) AuthPush ¶
func (c *Client) AuthPush(userid string, async bool) (AuthResponse, error)
AuthPush requests an authorization via mobile-push
func (*Client) Check ¶
func (c *Client) Check() (PingResponse, error)
Check sends a ping response which validates the credentials
func (*Client) Enroll ¶
func (c *Client) Enroll(username string, validSeconds int) (EnrollResponse, error)
Enroll asks to enroll the given username with a timeout of validSeconds
func (*Client) Ping ¶
func (c *Client) Ping() (PingResponse, error)
Ping sends an Ping request without validation credentials
func (*Client) PollAuthStatus ¶
func (c *Client) PollAuthStatus(txid string) (AuthResponse, error)
PollAuthStatus checks the status for the given authorization request. It blocks until the status changes.
func (*Client) PollEnrollStatus ¶
func (c *Client) PollEnrollStatus(userid, activationCode string) (EnrollStatusResponse, error)
PollEnrollStatus checks the state of the enrollment for the given userid
type EnrollResponse ¶
type EnrollResponse struct { ActivationBarcode string `mapstructure:"activation_barcode"` ActivationCode string `mapstructure:"activation_code"` Expiration int `mapstructure:"expiration"` UserID string `mapstructure:"user_id"` Username string `mapstructure:"username"` }
EnrollResponse is a response for an enrollment request
type EnrollStatusResponse ¶
type EnrollStatusResponse string
EnrollStatusResponse is a response to an enrollment request
type Error ¶
type Error struct { Stat string `mapstructure:"stat"` Code int `mapstructure:"code"` Message string `mapstructure:"message"` MessageDetail string `mapstructure:"message_detail"` }
Error is an API endpoint error
type PingResponse ¶
type PingResponse struct {
Time int
}
PingResponse is a response to a Ping request
type PreauthResponse ¶
type PreauthResponse struct { Result string `mapstructure:"result"` StatusMsg string `mapstructure:"status_msg"` Devices []struct { Device string `mapstructure:"device"` Type string `mapstructure:"type"` Number string `mapstructure:"number"` Name string `mapstructure:"name"` Capabilities []string `mapstructure:"capabilities"` } `mapstructure:"devices"` EnrollPortalURL string `mapstructure:"enroll_portal_url"` }
PreauthResponse is a response for a preauthorization request