DUO and angular

Hello,

we are developing a prototype portal using angular as front-end and django restframework as backend. Duo authentication has just been added and we successfully receive/acknowledge the duo push requests.

There is one issue though… upon the duo push acknowledge the Web SDK issue back a POST message with the sig_response but angular framework only deals with GET hence it fails with a “Cannot POST /login” error message.

How can we configure duo’s callback action to avoid POST and just load a different page instead ?

Thx,
Andrea

Hello,

issue solved.

Looking at the Duo-Web-v2.js I realized that an hidden form is created upon duo push acknoledge.
If we define a submit_callback during the Duo.init this avoid the hidden’s form submit and give control back to the code.
Below you see I can dump the sig_response and based on that verify and handle 2FA consequently.

Thx.
A.

Duo.init({
  iframe: "duo_iframe",
  host: "■■■■■■■■■■■■■■■■■■■■■■■■■■■",
  sig_request: this.duo_sign_request,
  submit_callback: (data:any) => {
    var elem = document.getElementsByName('sig_response');
    var sig_response = elem[0].getAttribute('value');
    console.log(sig_response)
  },
});
1 Like

fyi…

fully working example:

DevNet Code Exchange: abuzzi-cisco/angular-duo is now published

Thx,
A.

1 Like

Hi Andrea,

Thank you so much for following up here in the community to share the answer you found with others! I’m glad you got the solution you were looking for. :slight_smile:

FYI I am going to relabel this to our “Web SDK” category since it’s just a bit more specific to the exact issue you describe. Although “Protecting applications” makes sense and is relevant too, this will help others find the answer too in the future!