microsoft / BotFramework-Emulator

A desktop application that allows users to locally test and debug chat bots built with the Bot Framework SDK.
https://aka.ms/botemulator
MIT License
1.81k stars 753 forks source link

2FA with Pin, Smart Card and Dongle support #963

Open carlosscastro opened 6 years ago

carlosscastro commented 6 years ago

In the nightly build, all kinds of multi factor FA are working fine except for PIN. This is because chromium does not natively support the certificate selection process.

MsTeams already solved this problem. I'm working with MsTeams to learn from them, and work on a solution. The solution is non-trivial and includes potentially the creation of custom visual components for certificate selection.

justinwilaby commented 6 years ago

It seems this may not be the case for all platforms and/or installations. The entry in the admin policy list for chrome states:

If this policy is left not set, no auto-selection will be done for any site.

It might be worthwhile to test this on Mac and linux installations to see if they are equally affected.

Also, #961 updated electron to 2.0.9 which includes a later version of chrome that may have changed this behavior

carlosscastro commented 6 years ago

Yes, trying the updated version now. The solution can be very simple, simply subscribing to the 'select-client-certificate' event of the app or browser window and let the user choose their cert. Teams went with a MUCH more complicated solution that is not open source-ready, so likely not an option. But they did struggle with some special certs like dongles or physical smart cards. Definitely need to test on other platforms.