search

nexcess / magento-sentry-two-factor-authentication

28 stars 18 forks source link

Bug with DUO in CE 1.7 #19

Closed matiasserrano closed 7 years ago

matiasserrano commented 7 years ago

I'm having an issue trying to use DUO with 1.7. Basically when I try to finish the configuration nothing appears. Do I'm missing something?? I have all the configuration apparently correct.

screen shot 2016-12-16 at 1 49 52 pm
miguelbalparda commented 7 years ago

Anything in the logs? What have you tried so far to debug this?

matiasserrano commented 7 years ago

Here are the logs

2016-12-16T19:08:37+00:00 ERR (3): isValid - Credentials for Duo API server accepted - TFA settings validated. 2016-12-16T19:08:37+00:00 EMERG (0): check_twofactor_active - tfa state processing 2016-12-16T19:08:37+00:00 EMERG (0): check_twofactor_active - not active, try again 2016-12-16T19:08:37+00:00 EMERG (0): check_twofactor_active - redirect to https://*****/admin/twofactor/duo/ 2016-12-16T19:08:37+00:00 EMERG (0): duoAction start 2016-12-16T19:08:37+00:00 EMERG (0): in signRequest with jon 2016-12-16T19:08:38+00:00 ERR (3): isValid - Credentials for Duo API server accepted - TFA settings validated. 2016-12-16T19:08:38+00:00 EMERG (0): check_twofactor_active - tfa state processing 2016-12-16T19:08:38+00:00 EMERG (0): check_twofactor_active - return controller twofactor or is active

If I refresh the page, I get:

2016-12-16T19:11:14+00:00 EMERG (0): duoAction start 2016-12-16T19:11:14+00:00 EMERG (0): in signRequest with jon 2016-12-16T19:11:15+00:00 ERR (3): isValid - Credentials for Duo API server accepted - TFA settings validated. 2016-12-16T19:11:15+00:00 EMERG (0): check_twofactor_active - tfa state processing 2016-12-16T19:11:15+00:00 EMERG (0): check_twofactor_active - return controller twofactor or is active

miguelbalparda commented 7 years ago

I'm still not sure about the cause of this. 1.7 is quite old and probably a part of this issue (form_key maybe?), is there any chance you can try this with an updated version of Magento?

miguelbalparda commented 7 years ago

Also there is a new version waiting to be tested in the devel branch. While it's not completely related I would give it a try.

matiasserrano commented 7 years ago

I cannot test it in a new version... the client has that version and he wants to keep it. is there any workaround?? some tip you can give me so I can debug it and maybe fix it?

miguelbalparda commented 7 years ago

Your logs seems to be okey, what do you have in the 2 fact authentication screen you pasted here?

miguelbalparda commented 7 years ago

Is #21 related to this issue?

miguelbalparda commented 7 years ago

Closing for lack of feedback