brave / brave-browser

Brave browser for Android, iOS, Linux, macOS, Windows.
https://brave.com
Mozilla Public License 2.0
17.94k stars 2.35k forks source link

Duo 2FA does not work with Brave Version 1.0.1 Chromium: 78.0.3904.108 (Official Build) (64-bit) on Windows 10 #7088

Open JediPirateNinja opened 5 years ago

JediPirateNinja commented 5 years ago

Description

Brave does not allow Duo authentication for sites using Azure AD login integration and Duo 2FA

Steps to Reproduce

  1. Attempt to log in to Office 365, Sharepoint, or other sites using Azure AD login with Duo authentication
  2. Receive an Oops! error from Duo security that cannot provide the Duo authentication screen (offering push or SMS) at https://us.azureauth.duosecurity.com/authorization
  3. Disable Shields for both microsoft.com and Duo.com, issue still occurs.

Actual result:

Error duo-error

Correct behavior properauth

Expected result:

Expected result (experienced on MS Edge) is a screen that shows Duo options to send a push, or an SMS. A push is sent to the user's Duo-configured mobile device and when acknowledged, the user is directed to the proper site, having authenticated.

Reproduces how often:

Happens every time.

Brave version (brave://version info)

78.0.3904.108

Other Additional Information:

JediPirateNinja commented 4 years ago

Update: This actually does work if Shields are disabled for associated Microsoft and Duo websites.

ryanbr commented 4 years ago

@JediPirateNinja is this still an issue? If so, which shield setting is causing the issue? Does it work if we Allow all cookies

iamkilo commented 4 years ago

@JediPirateNinja is this still an issue? If so, which shield setting is causing the issue? Does it work if we Allow all cookies

@ryanbr I can confirm that this happens on version 80.0.3987.132 in our organization. As mentioned, disabling shields on:

https://login.microsoftonline.com/federation/redirecttoexternalprovider and: https://us.azureauth.duosecurity.com/authorization

solved the problem for me. Note that just disabling on the us.azureauth.duosecurity.com did not resolve the problem, I had to go back and disable it on the redirect site (it's essentially two redirects after typing in your credentials).

usscarter commented 4 years ago

Can confirm this is an issue I am personally seeing. I had to manually visit those two sites, disabling shields, to be able to login.

OSX Version 1.8.95 Chromium: 81.0.4044.138 (Official Build) (64-bit)

izenn commented 4 years ago

this is still an issue with Version 1.10.97 Chromium: 83.0.4103.116 (Official Build) (64-bit)

i have tried manually visiting both sites and whitelisting them but i still get the Oops prompt

VadneyK commented 3 years ago

I'm on a macOS Catalina Version 10.15.7 w/ Intel i5 processor and the duo 2fa is not working for me either. I try to login to my G-suite account that requires Duo 2FA to log in by entering my email on my desktop web browser. Then I get an error message stating "This account cannot be accessed because your credentials were not verified"

Additionally, I tried on my iOS 14.3 iPhone 8 and I was able to get to the duo login page and authorized the log in via the DUO app. But when I got back to the browser, instead of logging in I was given the "This account cannot be accessed because your credentials were not verified" error page again.

However, I just followed @iamkilo 's suggestion and it worked! Thanks!