diff --git a/web/src/flows/FlowExecutor.ts b/web/src/flows/FlowExecutor.ts index 29c437121..b141e8a37 100644 --- a/web/src/flows/FlowExecutor.ts +++ b/web/src/flows/FlowExecutor.ts @@ -26,7 +26,7 @@ import "./stages/password/PasswordStage"; import "./stages/prompt/PromptStage"; import "./sources/plex/PlexLoginInit"; import { StageHost } from "./stages/base"; -import { ChallengeChoices, ChallengeResponseRequest, Config, FlowsApi, RedirectChallenge, ShellChallenge } from "authentik-api"; +import { ChallengeChoices, Config, FlowsApi, RedirectChallenge, ShellChallenge } from "authentik-api"; import { config, DEFAULT_CONFIG } from "../api/Config"; import { ifDefined } from "lit-html/directives/if-defined"; import { until } from "lit-html/directives/until"; @@ -97,7 +97,7 @@ export class FlowExecutor extends LitElement implements StageHost { }); } - submit(payload: ChallengeResponseRequest): Promise { + submit(payload: FlowChallengeResponseRequest): Promise { // @ts-ignore payload.component = this.challenge?.component; console.log(payload); diff --git a/web/src/locales/en.po b/web/src/locales/en.po index c73f29173..57ea759eb 100644 --- a/web/src/locales/en.po +++ b/web/src/locales/en.po @@ -584,7 +584,6 @@ msgstr "Click to copy token" #: src/pages/providers/oauth2/OAuth2ProviderForm.ts #: src/pages/providers/oauth2/OAuth2ProviderViewPage.ts #: src/pages/sources/plex/PlexSourceForm.ts -#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts msgid "Client ID" msgstr "Client ID" @@ -596,7 +595,6 @@ msgid "Client IP" msgstr "Client IP" #: src/pages/providers/oauth2/OAuth2ProviderForm.ts -#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts msgid "Client Secret" msgstr "Client Secret" @@ -1703,6 +1701,10 @@ msgstr "Include User claims from scopes in the id_token, for applications that d msgid "Include claims in id_token" msgstr "Include claims in id_token" +#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts +msgid "Integration key" +msgstr "Integration key" + #: src/pages/providers/proxy/ProxyProviderViewPage.ts msgid "Internal Host" msgstr "Internal Host" @@ -2854,6 +2856,10 @@ msgstr "Scopes" msgid "Search..." msgstr "Search..." +#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts +msgid "Secret key" +msgstr "Secret key" + #: src/pages/events/EventInfo.ts msgid "Secret:" msgstr "Secret:" diff --git a/web/src/locales/pseudo-LOCALE.po b/web/src/locales/pseudo-LOCALE.po index 0600119b4..a129d4eea 100644 --- a/web/src/locales/pseudo-LOCALE.po +++ b/web/src/locales/pseudo-LOCALE.po @@ -578,7 +578,6 @@ msgstr "" #: #: #: -#: msgid "Client ID" msgstr "" @@ -589,7 +588,6 @@ msgstr "" msgid "Client IP" msgstr "" -#: #: msgid "Client Secret" msgstr "" @@ -1695,6 +1693,10 @@ msgstr "" msgid "Include claims in id_token" msgstr "" +#: +msgid "Integration key" +msgstr "" + #: msgid "Internal Host" msgstr "" @@ -2846,6 +2848,10 @@ msgstr "" msgid "Search..." msgstr "" +#: +msgid "Secret key" +msgstr "" + #: msgid "Secret:" msgstr "" diff --git a/web/src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts b/web/src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts index a203cae89..64b6dbc43 100644 --- a/web/src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts +++ b/web/src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts @@ -57,13 +57,13 @@ export class AuthenticatorDuoStageForm extends ModelForm
diff --git a/website/docs/flow/stages/authenticator_duo/index.md b/website/docs/flow/stages/authenticator_duo/index.md new file mode 100644 index 000000000..cbdefed70 --- /dev/null +++ b/website/docs/flow/stages/authenticator_duo/index.md @@ -0,0 +1,11 @@ +--- +title: Duo Authentication Setup stage +--- + +This stage configures a Duo authenticator. To get the API Credentials for this stage, open your Duo Admin dashboard. + +Go to Applications, click on Protect an Application and search for "Auth API". Click on Protect. + +Copy all of the integration key, secret key and API hostname, and paste them in the Stage form. + +Devices created reference the stage they were created with, since the API credentials are needed to authenticate. This also means when the stage is deleted, all devices are removed. diff --git a/website/sidebars.js b/website/sidebars.js index 659974c7b..1ea9bc634 100644 --- a/website/sidebars.js +++ b/website/sidebars.js @@ -50,6 +50,7 @@ module.exports = { type: "category", label: "Stages", items: [ + "flow/stages/authenticator_duo/index", "flow/stages/authenticator_static/index", "flow/stages/authenticator_totp/index", "flow/stages/authenticator_validate/index",