website/docs: add duo docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
127ebed5c6
commit
ab25610643
|
@ -26,7 +26,7 @@ import "./stages/password/PasswordStage";
|
||||||
import "./stages/prompt/PromptStage";
|
import "./stages/prompt/PromptStage";
|
||||||
import "./sources/plex/PlexLoginInit";
|
import "./sources/plex/PlexLoginInit";
|
||||||
import { StageHost } from "./stages/base";
|
import { StageHost } from "./stages/base";
|
||||||
import { ChallengeChoices, ChallengeResponseRequest, Config, FlowsApi, RedirectChallenge, ShellChallenge } from "authentik-api";
|
import { ChallengeChoices, Config, FlowsApi, RedirectChallenge, ShellChallenge } from "authentik-api";
|
||||||
import { config, DEFAULT_CONFIG } from "../api/Config";
|
import { config, DEFAULT_CONFIG } from "../api/Config";
|
||||||
import { ifDefined } from "lit-html/directives/if-defined";
|
import { ifDefined } from "lit-html/directives/if-defined";
|
||||||
import { until } from "lit-html/directives/until";
|
import { until } from "lit-html/directives/until";
|
||||||
|
@ -97,7 +97,7 @@ export class FlowExecutor extends LitElement implements StageHost {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
submit(payload: ChallengeResponseRequest): Promise<void> {
|
submit(payload: FlowChallengeResponseRequest): Promise<void> {
|
||||||
// @ts-ignore
|
// @ts-ignore
|
||||||
payload.component = this.challenge?.component;
|
payload.component = this.challenge?.component;
|
||||||
console.log(payload);
|
console.log(payload);
|
||||||
|
|
|
@ -584,7 +584,6 @@ msgstr "Click to copy token"
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderViewPage.ts
|
#: src/pages/providers/oauth2/OAuth2ProviderViewPage.ts
|
||||||
#: src/pages/sources/plex/PlexSourceForm.ts
|
#: src/pages/sources/plex/PlexSourceForm.ts
|
||||||
#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
|
|
||||||
msgid "Client ID"
|
msgid "Client ID"
|
||||||
msgstr "Client ID"
|
msgstr "Client ID"
|
||||||
|
|
||||||
|
@ -596,7 +595,6 @@ msgid "Client IP"
|
||||||
msgstr "Client IP"
|
msgstr "Client IP"
|
||||||
|
|
||||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||||
#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
|
|
||||||
msgid "Client Secret"
|
msgid "Client Secret"
|
||||||
msgstr "Client Secret"
|
msgstr "Client Secret"
|
||||||
|
|
||||||
|
@ -1703,6 +1701,10 @@ msgstr "Include User claims from scopes in the id_token, for applications that d
|
||||||
msgid "Include claims in id_token"
|
msgid "Include claims in id_token"
|
||||||
msgstr "Include claims in id_token"
|
msgstr "Include claims in id_token"
|
||||||
|
|
||||||
|
#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
|
||||||
|
msgid "Integration key"
|
||||||
|
msgstr "Integration key"
|
||||||
|
|
||||||
#: src/pages/providers/proxy/ProxyProviderViewPage.ts
|
#: src/pages/providers/proxy/ProxyProviderViewPage.ts
|
||||||
msgid "Internal Host"
|
msgid "Internal Host"
|
||||||
msgstr "Internal Host"
|
msgstr "Internal Host"
|
||||||
|
@ -2854,6 +2856,10 @@ msgstr "Scopes"
|
||||||
msgid "Search..."
|
msgid "Search..."
|
||||||
msgstr "Search..."
|
msgstr "Search..."
|
||||||
|
|
||||||
|
#: src/pages/stages/authenticator_duo/AuthenticatorDuoStageForm.ts
|
||||||
|
msgid "Secret key"
|
||||||
|
msgstr "Secret key"
|
||||||
|
|
||||||
#: src/pages/events/EventInfo.ts
|
#: src/pages/events/EventInfo.ts
|
||||||
msgid "Secret:"
|
msgid "Secret:"
|
||||||
msgstr "Secret:"
|
msgstr "Secret:"
|
||||||
|
|
|
@ -578,7 +578,6 @@ msgstr ""
|
||||||
#:
|
#:
|
||||||
#:
|
#:
|
||||||
#:
|
#:
|
||||||
#:
|
|
||||||
msgid "Client ID"
|
msgid "Client ID"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -589,7 +588,6 @@ msgstr ""
|
||||||
msgid "Client IP"
|
msgid "Client IP"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#:
|
|
||||||
#:
|
#:
|
||||||
msgid "Client Secret"
|
msgid "Client Secret"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -1695,6 +1693,10 @@ msgstr ""
|
||||||
msgid "Include claims in id_token"
|
msgid "Include claims in id_token"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
#:
|
||||||
|
msgid "Integration key"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
#:
|
#:
|
||||||
msgid "Internal Host"
|
msgid "Internal Host"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -2846,6 +2848,10 @@ msgstr ""
|
||||||
msgid "Search..."
|
msgid "Search..."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
#:
|
||||||
|
msgid "Secret key"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
#:
|
#:
|
||||||
msgid "Secret:"
|
msgid "Secret:"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
|
@ -57,13 +57,13 @@ export class AuthenticatorDuoStageForm extends ModelForm<AuthenticatorDuoStage,
|
||||||
</span>
|
</span>
|
||||||
<div slot="body" class="pf-c-form">
|
<div slot="body" class="pf-c-form">
|
||||||
<ak-form-element-horizontal
|
<ak-form-element-horizontal
|
||||||
label=${t`Client ID`}
|
label=${t`Integration key`}
|
||||||
?required=${true}
|
?required=${true}
|
||||||
name="clientId">
|
name="clientId">
|
||||||
<input type="text" value="${first(this.instance?.clientId, "")}" class="pf-c-form-control" required>
|
<input type="text" value="${first(this.instance?.clientId, "")}" class="pf-c-form-control" required>
|
||||||
</ak-form-element-horizontal>
|
</ak-form-element-horizontal>
|
||||||
<ak-form-element-horizontal
|
<ak-form-element-horizontal
|
||||||
label=${t`Client Secret`}
|
label=${t`Secret key`}
|
||||||
?required=${true}
|
?required=${true}
|
||||||
?writeOnly=${this.instance !== undefined}
|
?writeOnly=${this.instance !== undefined}
|
||||||
name="clientSecret">
|
name="clientSecret">
|
||||||
|
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
title: Duo Authentication Setup stage
|
||||||
|
---
|
||||||
|
|
||||||
|
This stage configures a Duo authenticator. To get the API Credentials for this stage, open your Duo Admin dashboard.
|
||||||
|
|
||||||
|
Go to Applications, click on Protect an Application and search for "Auth API". Click on Protect.
|
||||||
|
|
||||||
|
Copy all of the integration key, secret key and API hostname, and paste them in the Stage form.
|
||||||
|
|
||||||
|
Devices created reference the stage they were created with, since the API credentials are needed to authenticate. This also means when the stage is deleted, all devices are removed.
|
|
@ -50,6 +50,7 @@ module.exports = {
|
||||||
type: "category",
|
type: "category",
|
||||||
label: "Stages",
|
label: "Stages",
|
||||||
items: [
|
items: [
|
||||||
|
"flow/stages/authenticator_duo/index",
|
||||||
"flow/stages/authenticator_static/index",
|
"flow/stages/authenticator_static/index",
|
||||||
"flow/stages/authenticator_totp/index",
|
"flow/stages/authenticator_totp/index",
|
||||||
"flow/stages/authenticator_validate/index",
|
"flow/stages/authenticator_validate/index",
|
||||||
|
|
Reference in New Issue