(Xojo Plugin) Duo Auth API - Async Auth

See more Duo Auth MFA Examples

If you enable async, then your application will be able to retrieve real-time status updates from the authentication process, rather than receiving no information until the process is complete.

Note: This example requires Chilkat v9.5.0.89 or greater.

For more information, see https://duo.com/docs/authapi#/auth_status

Chilkat Xojo Plugin Download Xojo Plugin for Windows, Linux, Mac OS X, and ARM, ARM64

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

Dim integrationKey As String
integrationKey = "DIMS3V5QDVG9J9ABRXC4"
Dim secretKey As String
secretKey = "HWVQ46nubLBxhnRlKddTltWIi3hL0fIQF2qTvLab"

Dim http As New Chilkat.Http

http.Accept = "application/json"

// Use your own hostname here:
Dim url As String
url = "https://api-a03782e1.duosecurity.com/auth/v2/auth"

// This example requires Chilkat v9.5.0.89 or greater because Chilkat will automatically
// generate and send the HMAC signature for the requires based on the integration key and secret key.
http.Login = integrationKey
http.Password = secretKey

Dim req As New Chilkat.HttpRequest
req.AddParam "username","matt"
req.AddParam "factor","push"
// The device ID can be obtained from the preauth response.  See Duo Preauth Example
req.AddParam "device","DP6GYVTQ5NK82BMR851F"
// Add the async param to get an immediate response, then periodically check for updates to find out when the MFA authentication completes for fails.
req.AddParam "async","1"

Dim resp As Chilkat.HttpResponse
resp = http.PostUrlEncoded(url,req)
If (http.LastMethodSuccess = False) Then
    System.DebugLog(http.LastErrorText)
    Return
End If

System.DebugLog("status code = " + Str(resp.StatusCode))

Dim json As New Chilkat.JsonObject
Dim success As Boolean
success = json.Load(resp.BodyStr)
json.EmitCompact = False
System.DebugLog(json.Emit())

If (resp.StatusCode <> 200) Then

    Return
End If

// Sample successful output:

// status code = 200

// {
//   "stat": "OK",
//   "response": {
//     "txid": "45f7c92b-f45f-4862-8545-e0f58e78075a"
//   }
// }

Dim txid As String
txid = json.StringOf("response.txid")

// Use your own hostname here:
Dim sbUrl As New Chilkat.StringBuilder
success = sbUrl.Append("https://api-a03782e1.duosecurity.com/auth/v2/auth_status?txid=")
success = sbUrl.Append(txid)

System.DebugLog("Auth status URL: " + sbUrl.GetAsString())

Dim sbResult As New Chilkat.StringBuilder
Dim responseStatus As String
Dim responseStatus_msg As String

// Wait for a response...
Dim i As Int32
i = 0
Dim maxWaitIterations As Int32
maxWaitIterations = 100
While i < maxWaitIterations
    // Wait 3 seconds.
    http.SleepMs 3000

    System.DebugLog("Polling...")

    resp = http.QuickRequest("GET",sbUrl.GetAsString())
    If (http.LastMethodSuccess = False) Then
        System.DebugLog(http.LastErrorText)
        Return
    End If

    If (resp.StatusCode <> 200) Then
        System.DebugLog("error status code = " + Str(resp.StatusCode))
        System.DebugLog(resp.BodyStr)
        System.DebugLog("Failed.")

        Return
    End If

    // Sample response:

    // 	{
    // 	  "stat": "OK",
    // 	  "response": {
    // 	    "result": "waiting",
    // 	    "status": "pushed",
    // 	    "status_msg": "Pushed a login request to your phone..."
    // 	  }
    // 	}

    success = json.Load(resp.BodyStr)

    // The responseResult can be "allow", "deny", or "waiting"
    sbResult.Clear 
    success = json.StringOfSb("response.result",sbResult)
    responseStatus = json.StringOf("response.status")
    responseStatus_msg = json.StringOf("response.status_msg")

    System.DebugLog(sbResult.GetAsString())
    System.DebugLog(responseStatus)
    System.DebugLog(responseStatus_msg)
    System.DebugLog("")

    If (sbResult.ContentsEqual("waiting",True) = True) Then
        i = i + 1
    Else
        // Force loop exit..
        i = maxWaitIterations
    End If

Wend

System.DebugLog("Finished.")