website/docs: add duo docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-05-24 21:58:45 +02:00
parent 127ebed5c6
commit ab25610643
6 changed files with 32 additions and 8 deletions

View File

@ -26,7 +26,7 @@ import "./stages/password/PasswordStage";
import "./stages/prompt/PromptStage"; import "./stages/prompt/PromptStage";
import "./sources/plex/PlexLoginInit"; import "./sources/plex/PlexLoginInit";
import { StageHost } from "./stages/base"; import { StageHost } from "./stages/base";
import { ChallengeChoices, ChallengeResponseRequest, Config, FlowsApi, RedirectChallenge, ShellChallenge } from "authentik-api"; import { ChallengeChoices, Config, FlowsApi, RedirectChallenge, ShellChallenge } from "authentik-api";
import { config, DEFAULT_CONFIG } from "../api/Config"; import { config, DEFAULT_CONFIG } from "../api/Config";
import { ifDefined } from "lit-html/directives/if-defined"; import { ifDefined } from "lit-html/directives/if-defined";
import { until } from "lit-html/directives/until"; import { until } from "lit-html/directives/until";
@ -97,7 +97,7 @@ export class FlowExecutor extends LitElement implements StageHost {
}); });
} }
submit(payload: ChallengeResponseRequest): Promise<void> { submit(payload: FlowChallengeResponseRequest): Promise<void> {
// @ts-ignore // @ts-ignore
payload.component = this.challenge?.component; payload.component = this.challenge?.component;
console.log(payload); console.log(payload);

View File

@ -584,7 +584,6 @@ msgstr "Click to copy token"
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts #: src/pages/providers/oauth2/OAuth2ProviderForm.ts
#: src/pages/providers/oauth2/OAuth2ProviderViewPage.ts #: src/pages/providers/oauth2/OAuth2ProviderViewPage.ts
#: src/pages/sources/plex/PlexSourceForm.ts #: src/pages/sources/plex/PlexSourceForm.ts
#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
msgid "Client ID" msgid "Client ID"
msgstr "Client ID" msgstr "Client ID"
@ -596,7 +595,6 @@ msgid "Client IP"
msgstr "Client IP" msgstr "Client IP"
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts #: src/pages/providers/oauth2/OAuth2ProviderForm.ts
#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
msgid "Client Secret" msgid "Client Secret"
msgstr "Client Secret" msgstr "Client Secret"
@ -1703,6 +1701,10 @@ msgstr "Include User claims from scopes in the id_token, for applications that d
msgid "Include claims in id_token" msgid "Include claims in id_token"
msgstr "Include claims in id_token" msgstr "Include claims in id_token"
#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
msgid "Integration key"
msgstr "Integration key"
#: src/pages/providers/proxy/ProxyProviderViewPage.ts #: src/pages/providers/proxy/ProxyProviderViewPage.ts
msgid "Internal Host" msgid "Internal Host"
msgstr "Internal Host" msgstr "Internal Host"
@ -2854,6 +2856,10 @@ msgstr "Scopes"
msgid "Search..." msgid "Search..."
msgstr "Search..." msgstr "Search..."
#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
msgid "Secret key"
msgstr "Secret key"
#: src/pages/events/EventInfo.ts #: src/pages/events/EventInfo.ts
msgid "Secret:" msgid "Secret:"
msgstr "Secret:" msgstr "Secret:"

View File

@ -578,7 +578,6 @@ msgstr ""
#: #:
#: #:
#: #:
#:
msgid "Client ID" msgid "Client ID"
msgstr "" msgstr ""
@ -589,7 +588,6 @@ msgstr ""
msgid "Client IP" msgid "Client IP"
msgstr "" msgstr ""
#:
#: #:
msgid "Client Secret" msgid "Client Secret"
msgstr "" msgstr ""
@ -1695,6 +1693,10 @@ msgstr ""
msgid "Include claims in id_token" msgid "Include claims in id_token"
msgstr "" msgstr ""
#:
msgid "Integration key"
msgstr ""
#: #:
msgid "Internal Host" msgid "Internal Host"
msgstr "" msgstr ""
@ -2846,6 +2848,10 @@ msgstr ""
msgid "Search..." msgid "Search..."
msgstr "" msgstr ""
#:
msgid "Secret key"
msgstr ""
#: #:
msgid "Secret:" msgid "Secret:"
msgstr "" msgstr ""

View File

@ -57,13 +57,13 @@ export class AuthenticatorDuoStageForm extends ModelForm<AuthenticatorDuoStage,
</span> </span>
<div slot="body" class="pf-c-form"> <div slot="body" class="pf-c-form">
<ak-form-element-horizontal <ak-form-element-horizontal
label=${t`Client ID`} label=${t`Integration key`}
?required=${true} ?required=${true}
name="clientId"> name="clientId">
<input type="text" value="${first(this.instance?.clientId, "")}" class="pf-c-form-control" required> <input type="text" value="${first(this.instance?.clientId, "")}" class="pf-c-form-control" required>
</ak-form-element-horizontal> </ak-form-element-horizontal>
<ak-form-element-horizontal <ak-form-element-horizontal
label=${t`Client Secret`} label=${t`Secret key`}
?required=${true} ?required=${true}
?writeOnly=${this.instance !== undefined} ?writeOnly=${this.instance !== undefined}
name="clientSecret"> name="clientSecret">

View File

@ -0,0 +1,11 @@
---
title: Duo Authentication Setup stage
---
This stage configures a Duo authenticator. To get the API Credentials for this stage, open your Duo Admin dashboard.
Go to Applications, click on Protect an Application and search for "Auth API". Click on Protect.
Copy all of the integration key, secret key and API hostname, and paste them in the Stage form.
Devices created reference the stage they were created with, since the API credentials are needed to authenticate. This also means when the stage is deleted, all devices are removed.

View File

@ -50,6 +50,7 @@ module.exports = {
type: "category", type: "category",
label: "Stages", label: "Stages",
items: [ items: [
"flow/stages/authenticator_duo/index",
"flow/stages/authenticator_static/index", "flow/stages/authenticator_static/index",
"flow/stages/authenticator_totp/index", "flow/stages/authenticator_totp/index",
"flow/stages/authenticator_validate/index", "flow/stages/authenticator_validate/index",