scpcom created GUACAMOLE-1955:
---------------------------------
Summary: Auth extension for privacyIDEA push two-factor
authentication
Key: GUACAMOLE-1955
URL: https://issues.apache.org/jira/browse/GUACAMOLE-1955
Project: Guacamole
Issue Type: Wish
Components: guacamole-client
Reporter: scpcom
With privacyIDEA you can implement push two-factor authentication on your own
server.
I would like to ad this as auth extension for guacamole.
The implementation may be quite simple. Here is a demonstration how it works
with curl.
First the server (guacamole) tells privacyIDEA to ask the user jon.doe to
accept the login on the mobile device:
{code:java}
transaction_id=`curl -k --silent --request POST --data
"realm=defrealm&user=jon.doe&pass="
https://myprivacyidea.example/validate/check | jq .detail.transaction_id | cut
-d '"' -f 2`{code}
Next the server (guacamole) has to wait until the result of this request is
"ACCEPT"
{code:java}
curl -k --silent --request GET --data "transaction_id=$transaction_id"
https://myprivacyidea.example/validate/polltransaction | jq
.result.authentication{code}
You can find a Java example on the official java-client here:
[https://github.com/privacyidea/java-client/blob/master/src/test/java/org/privacyidea/TestPollTransaction.java]
I tried to modify a copy of extensions/guacamole-auth-duo and
extensions/guacamole-auth-totp to understand how to implement it but did not
have success yet.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
