This repository has been archived by the owner on Jul 18, 2022. It is now read-only.
WebSDK v2 to WebSDK v4 Code Migration Guide #57
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Swap out the old Web SDK v2 package for the new Web SDK v4
- ikey and skey renamed to client_id and client_secret - akey no longer needed - redirect_uri is a new field for the URI Duo should redirect to after the prompt
Rather than directly accessing sdk methods as in v2, now all interaction occurs through the Client object
Check Duo service health before attempting 2FA and react appropriately (i.e. fail open or fail closed)
We no longer need the html/javascript/css to display the Duo prompt in an iFrame. Instead, we redirect to a Duo-hosted URL which will display the prompt, and then redirect back into our application.
Previously, the Duo iFrame would POST back to the same page. Now, the Duo-hosted prompt will GET redirect to the URI specified in the redirect_uri parameter.
Both state and username must be accessible from the callback method, so we must store them in the session.
This is an important security check to ensure our session hasn't been tampered with
- username now comes from session instead of sdk return value - exchange_authorization_code_for_2fa_result will raise an Exception if 2FA fails, otherwise we can assume 2FA was successful
This was referenced Jan 25, 2022
This was referenced Feb 3, 2022
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
A step-by-step walk-though on the changes required to migrate a WebSDK v2 integration to the WebSDK v2 Universal Prompt.
Click into each commit for the detailed information and code changes.