Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
662
Views
1
Helpful
2
Replies

Issue Integrating Duo Universal to ASP.NET

Go to solution
ppedersen
Level 1
Level 1

‎10-04-2023 10:39 AM

I am working to integrate Duo universal to an older existing ASP.NET MVC application. I am able to generate the URL to the Duo endpoint and successfully go through the Duo prompt process. On the callback, the state and code appear to come through just fine to my callback method. The error occurs when I call client.ExchangeAuthorizationCodeFor2faResult with the following error message:

DuoException: Error exchanging the code for a 2fa token
InnerException: Response status code does not indicate success: 500 (Internal Server Error).

One other thing I noticed was that when I call client.DoHealthCheck() prior to generating the url and redirecting the user, I am getting 'false', though it seems to continue just fine anyway. Not sure if this is a clue to the underlying problem, but I have so far been unable to find any information about what it might mean other than to indicate a service outage, which seems unlikely.

Any help or resources would be much appreciated!

Thank you.

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ppedersen
Level 1
Level 1

‎10-04-2023 03:23 PM

I found the issue, thought I would post it here for anyone else who runs into it too  As I mentioned, this is an older application, and it had previously been running on .NET 4.5 which I then upgraded to 4.7.2. However, even though it had been upgraded, the application was still using an older TLS 1.1 by default. I was able to fix it by forcing it to use the correct protocol by simply setting it manually. 

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

 

View solution in original post

2 Replies 2

Go to solution
ppedersen
Level 1
Level 1

‎10-04-2023 03:23 PM

I found the issue, thought I would post it here for anyone else who runs into it too  As I mentioned, this is an older application, and it had previously been running on .NET 4.5 which I then upgraded to 4.7.2. However, even though it had been upgraded, the application was still using an older TLS 1.1 by default. I was able to fix it by forcing it to use the correct protocol by simply setting it manually. 

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

 

Go to solution
drgorin
Level 1
Level 1
In response to ppedersen

‎01-20-2024 04:13 PM - edited ‎01-20-2024 04:19 PM

Thank you so very much for rolling up your sleeves to find the solution to this perplexing problem.  Many developers supporting legacy web forms apps (that have upgraded the .net framework version to > 4.5) will find this information helpful when adding DUO 2AF functionality. I gave you kudos on https://www.brandonclaps.com/duo-universal-c-asp-net-web-forms/#comments.  Brandon's post was the only source I could find on adding DUO 2AF to web forms.  Brandon's solution could not function on legacy web forms apps running outdated communication protocols without adding your solution.

Neil Gorin (drgorin)

0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents