totahuanocotl
commented
5 years ago Hey @nickperry thanks for the comment.
I was trying to make osprey a bit more independent of the backend, so that it could also use other connectors that return custom login pages, but I haven't spent much time with it. The idea was to allow a configuration for osprey per connector so that it knows how to read and post the login form. That way we could use any backend and the config would be on osprey itself.
I was using htmlquery and xpath, but I was not very happy with the way I did it. The only other branch in the repo is the one with the code, in case you want to take a look, but it is pretty much a very raw attempt.
jseadragon
I love Osprey, but we have a new requirement for multi factor authentication.
There are other tools I can use to achieve OTP MFA for Kubernetes with OIDC, but as far as I can see they are all reliant on using a web browser, but I am loathed to abandon the clean, CLI only approach of Osprey.
From a quick look at the Dex code, I don't think it supports MFA.
If an alternative OIDC provider with MFA support offered customisable web templates like Dex does, it would be quite easy to adapt Osprey to work with it and pass an OTP value along with the username / password.