(AutoIt) Duo Auth API - Async Auth

See more Duo Auth MFA Examples

If you enable async, then your application will be able to retrieve real-time status updates from the authentication process, rather than receiving no information until the process is complete.

Note: This example requires Chilkat v9.5.0.89 or greater.

For more information, see https://duo.com/docs/authapi#/auth_status

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

; This example assumes the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.

Local $sIntegrationKey = "DIMS3V5QDVG9J9ABRXC4"
Local $secretKey = "HWVQ46nubLBxhnRlKddTltWIi3hL0fIQF2qTvLab"

$oHttp = ObjCreate("Chilkat.Http")

$oHttp.Accept = "application/json"

; Use your own hostname here:
Local $sUrl = "https://api-a03782e1.duosecurity.com/auth/v2/auth"

; This example requires Chilkat v9.5.0.89 or greater because Chilkat will automatically
; generate and send the HMAC signature for the requires based on the integration key and secret key.
$oHttp.Login = $sIntegrationKey
$oHttp.Password = $secretKey

$oReq = ObjCreate("Chilkat.HttpRequest")
$oReq.AddParam "username","matt"
$oReq.AddParam "factor","push"
; The device ID can be obtained from the preauth response.  See Duo Preauth Example
$oReq.AddParam "device","DP6GYVTQ5NK82BMR851F"
; Add the async param to get an immediate response, then periodically check for updates to find out when the MFA authentication completes for fails.
$oReq.AddParam "async","1"

Local $oResp = $oHttp.PostUrlEncoded($sUrl,$oReq)
If ($oHttp.LastMethodSuccess = False) Then
    ConsoleWrite($oHttp.LastErrorText & @CRLF)
    Exit
EndIf

ConsoleWrite("status code = " & $oResp.StatusCode & @CRLF)

$oJson = ObjCreate("Chilkat.JsonObject")
Local $bSuccess = $oJson.Load($oResp.BodyStr)
$oJson.EmitCompact = False
ConsoleWrite($oJson.Emit() & @CRLF)

If ($oResp.StatusCode <> 200) Then

    Exit
EndIf

; Sample successful output:

; status code = 200

; {
;   "stat": "OK",
;   "response": {
;     "txid": "45f7c92b-f45f-4862-8545-e0f58e78075a"
;   }
; }

Local $sTxid = $oJson.StringOf("response.txid")

; Use your own hostname here:
$oSbUrl = ObjCreate("Chilkat.StringBuilder")
$oSbUrl.Append("https://api-a03782e1.duosecurity.com/auth/v2/auth_status?txid=")
$oSbUrl.Append($sTxid)

ConsoleWrite("Auth status URL: " & $oSbUrl.GetAsString() & @CRLF)

$oSbResult = ObjCreate("Chilkat.StringBuilder")
Local $sResponseStatus
Local $sResponseStatus_msg

; Wait for a response...
Local $i = 0
Local $iMaxWaitIterations = 100
While $i < $iMaxWaitIterations
    ; Wait 3 seconds.
    $oHttp.SleepMs 3000

    ConsoleWrite("Polling..." & @CRLF)

    $oResp = $oHttp.QuickRequest("GET",$oSbUrl.GetAsString())
    If ($oHttp.LastMethodSuccess = False) Then
        ConsoleWrite($oHttp.LastErrorText & @CRLF)
        Exit
    EndIf

    If ($oResp.StatusCode <> 200) Then
        ConsoleWrite("error status code = " & $oResp.StatusCode & @CRLF)
        ConsoleWrite($oResp.BodyStr & @CRLF)
        ConsoleWrite("Failed." & @CRLF)

        Exit
    EndIf

    ; Sample response:

    ; 	{
    ; 	  "stat": "OK",
    ; 	  "response": {
    ; 	    "result": "waiting",
    ; 	    "status": "pushed",
    ; 	    "status_msg": "Pushed a login request to your phone..."
    ; 	  }
    ; 	}

    $oJson.Load($oResp.BodyStr)

    ; The responseResult can be "allow", "deny", or "waiting"
    $oSbResult.Clear 
    $oJson.StringOfSb("response.result",$oSbResult)
    $sResponseStatus = $oJson.StringOf("response.status")
    $sResponseStatus_msg = $oJson.StringOf("response.status_msg")

    ConsoleWrite($oSbResult.GetAsString() & @CRLF)
    ConsoleWrite($sResponseStatus & @CRLF)
    ConsoleWrite($sResponseStatus_msg & @CRLF)
    ConsoleWrite("" & @CRLF)

    If ($oSbResult.ContentsEqual("waiting",True) = True) Then
        $i = $i + 1
    Else
        ; Force loop exit..
        $i = $iMaxWaitIterations
    EndIf

Wend

ConsoleWrite("Finished." & @CRLF)