Duo Auth

2025-01-18 20:59:58 +01:00
parent 5cf8231500
commit c4404e3baf
24 changed files with 3408 additions and 190 deletions
--- a/src/PreferencesKeys.h
+++ b/src/PreferencesKeys.h
@@ -76,6 +76,18 @@
 #define preference_mqtt_ssl_enabled (char*)"mqttSSLena"
 #define preference_lock_gemini_pin (char*)"geminiPin"
 #define preference_lock_gemini_enabled (char*)"geminiena"
+#define preference_cred_duo_enabled (char*)"duoena"
+#define preference_cred_duo_host (char*)"duoHost"
+#define preference_cred_duo_ikey (char*)"duoIkey"
+#define preference_cred_duo_skey (char*)"duoSkey"
+#define preference_cred_duo_user (char*)"duoUser"
+#define preference_https_fqdn (char*)"httpsFQDN"
+#define preference_bypass_proxy (char*)"credBypass"
+#define preference_cred_session_lifetime (char*)"credLf"
+#define preference_cred_session_lifetime_remember (char*)"credLfRmbr"
+#define preference_cred_session_lifetime_duo (char*)"credLfDuo"
+#define preference_cred_session_lifetime_duo_remember (char*)"credLfDuoRmbr"
+#define preference_cred_duo_approval (char*)"duoApprove"

 // CHANGE DOES NOT REQUIRE REBOOT TO TAKE EFFECT
 #define preference_find_best_rssi (char*)"nwbestrssi"
@@ -130,6 +142,7 @@
 #define preference_hybrid_reboot_on_disconnect (char*)"hybridRbtLck"

 //NOT USER CHANGABLE
+#define preference_mfa_reconfigure (char*)"mfaRECONF"
 #define preference_ntw_reconfigure (char*)"ntwRECONF"
 #define preference_updater_version (char*)"updVer"
 #define preference_updater_build (char*)"updBuild"
@@ -179,8 +192,15 @@ inline void initPreferences(Preferences* preferences)
        preferences->putBytes(preference_conf_lock_advanced_acl, (byte*)(&advancedLockConfigAclPrefs), sizeof(advancedLockConfigAclPrefs));
        uint32_t advancedOpenerConfigAclPrefs[21] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
        preferences->putBytes(preference_conf_opener_advanced_acl, (byte*)(&advancedOpenerConfigAclPrefs), sizeof(advancedOpenerConfigAclPrefs));
+
        preferences->putString(preference_mqtt_lock_path, "nukihub");
        preferences->putString(preference_time_server, "pool.ntp.org");
+        preferences->putString(preference_cred_duo_host, "");
+        preferences->putString(preference_cred_duo_ikey, "");
+        preferences->putString(preference_cred_duo_skey, "");
+        preferences->putString(preference_cred_duo_user, "");
+        preferences->putString(preference_https_fqdn, "");
+        preferences->putString(preference_bypass_proxy, "");

        preferences->putBool(preference_check_updates, true);
        preferences->putBool(preference_opener_continuous_mode, false);
@@ -194,7 +214,6 @@ inline void initPreferences(Preferences* preferences)
        preferences->putBool(preference_enable_bootloop_reset, false);
        preferences->putBool(preference_show_secrets, false);
        preferences->putBool(preference_find_best_rssi, true);
-
        preferences->putBool(preference_conf_info_enabled, true);
        preferences->putBool(preference_keypad_info_enabled, false);
        preferences->putBool(preference_keypad_topic_per_entry, false);
@@ -208,6 +227,16 @@ inline void initPreferences(Preferences* preferences)
        preferences->putBool(preference_register_opener_as_app, false);
        preferences->putBool(preference_mqtt_ssl_enabled, false);
        preferences->putBool(preference_lock_gemini_enabled, false);
+        preferences->putBool(preference_debug_connect, false);
+        preferences->putBool(preference_debug_communication, false);
+        preferences->putBool(preference_debug_readable_data, false);
+        preferences->putBool(preference_debug_hex_data, false);
+        preferences->putBool(preference_debug_command, false);
+        preferences->putBool(preference_connect_mode, true);
+        preferences->putBool(preference_retain_gpio, false);
+        preferences->putBool(preference_enable_debug_mode, false);
+        preferences->putBool(preference_cred_duo_enabled, false);
+        preferences->putBool(preference_cred_duo_approval, false);

        preferences->putInt(preference_mqtt_broker_port, 1883);
        preferences->putInt(preference_buffer_size, CHAR_BUFFER_SIZE);
@@ -227,15 +256,10 @@ inline void initPreferences(Preferences* preferences)
        preferences->putInt(preference_query_interval_battery, 1800);
        preferences->putInt(preference_query_interval_keypad, 1800);
        preferences->putInt(preference_http_auth_type, 0);
-
-        preferences->putBool(preference_debug_connect, false);
-        preferences->putBool(preference_debug_communication, false);
-        preferences->putBool(preference_debug_readable_data, false);
-        preferences->putBool(preference_debug_hex_data, false);
-        preferences->putBool(preference_debug_command, false);
-        preferences->putBool(preference_connect_mode, true);
-        preferences->putBool(preference_retain_gpio, false);
-        preferences->putBool(preference_enable_debug_mode, false);
+        preferences->putInt(preference_cred_session_lifetime, 3600);
+        preferences->putInt(preference_cred_session_lifetime_remember, 720);
+        preferences->putInt(preference_cred_session_lifetime_duo, 3600);
+        preferences->putInt(preference_cred_session_lifetime_duo_remember, 720);

 #ifndef CONFIG_IDF_TARGET_ESP32H2
        WiFi.begin();
@@ -488,16 +512,19 @@ private:
        preference_update_from_mqtt, preference_show_secrets, preference_ble_tx_power, preference_webserial_enabled, preference_find_best_rssi, preference_lock_gemini_enabled,
        preference_network_custom_mdc, preference_network_custom_clk, preference_network_custom_phy, preference_network_custom_addr, preference_network_custom_irq,
        preference_network_custom_rst, preference_network_custom_cs, preference_network_custom_sck, preference_network_custom_miso, preference_network_custom_mosi,
-        preference_network_custom_pwr, preference_network_custom_mdio, preference_ntw_reconfigure, preference_lock_max_auth_entry_count, preference_opener_max_auth_entry_count,
+        preference_network_custom_pwr, preference_network_custom_mdio, preference_lock_max_auth_entry_count, preference_opener_max_auth_entry_count,
        preference_auth_control_enabled, preference_auth_topic_per_entry, preference_auth_info_enabled, preference_auth_max_entries, preference_wifi_ssid, preference_wifi_pass,
        preference_keypad_check_code_enabled, preference_disable_network_not_connected, preference_mqtt_hass_enabled, preference_hass_device_discovery, preference_retain_gpio,
        preference_debug_connect, preference_debug_communication, preference_debug_readable_data, preference_debug_hex_data, preference_debug_command, preference_connect_mode,
-        preference_lock_force_id, preference_lock_force_doorsensor, preference_lock_force_keypad, preference_opener_force_id, preference_opener_force_keypad, preference_nukihub_id
+        preference_lock_force_id, preference_lock_force_doorsensor, preference_lock_force_keypad, preference_opener_force_id, preference_opener_force_keypad, preference_nukihub_id,
+        preference_cred_duo_host, preference_cred_duo_ikey, preference_cred_duo_skey, preference_cred_duo_user, preference_cred_duo_enabled, preference_https_fqdn, preference_bypass_proxy,
+        preference_cred_session_lifetime, preference_cred_session_lifetime_remember, preference_cred_session_lifetime_duo, preference_cred_session_lifetime_duo_remember,
+        preference_cred_duo_approval
    };
    std::vector<char*> _redact =
    {
        preference_mqtt_user, preference_mqtt_password, preference_cred_user, preference_cred_password, preference_nuki_id_lock, preference_nuki_id_opener, preference_wifi_pass,
-        preference_lock_gemini_pin
+        preference_lock_gemini_pin, preference_cred_duo_host, preference_cred_duo_ikey, preference_cred_duo_skey, preference_cred_duo_user, preference_https_fqdn, preference_bypass_proxy
    };
    std::vector<char*> _boolPrefs =
    {
@@ -508,10 +535,10 @@ private:
        preference_publish_authdata, preference_publish_debug_info, preference_official_hybrid_enabled, preference_mqtt_hass_enabled, preference_retain_gpio,
        preference_official_hybrid_actions, preference_official_hybrid_retry, preference_conf_info_enabled, preference_disable_non_json, preference_update_from_mqtt,
        preference_auth_control_enabled, preference_auth_topic_per_entry, preference_auth_info_enabled, preference_webserial_enabled, preference_hass_device_discovery,
-        preference_ntw_reconfigure, preference_keypad_check_code_enabled, preference_disable_network_not_connected, preference_find_best_rssi,
+        preference_keypad_check_code_enabled, preference_disable_network_not_connected, preference_find_best_rssi,
        preference_debug_connect, preference_debug_communication, preference_debug_readable_data, preference_debug_hex_data, preference_debug_command, preference_connect_mode,
        preference_lock_force_id, preference_lock_force_doorsensor, preference_lock_force_keypad, preference_opener_force_id, preference_opener_force_keypad, preference_mqtt_ssl_enabled,
-        preference_hybrid_reboot_on_disconnect, preference_lock_gemini_enabled, preference_enable_debug_mode
+        preference_hybrid_reboot_on_disconnect, preference_lock_gemini_enabled, preference_enable_debug_mode, preference_cred_duo_enabled, preference_cred_duo_approval
    };
    std::vector<char*> _bytePrefs =
    {
@@ -528,7 +555,8 @@ private:
        preference_task_size_network, preference_task_size_nuki, preference_authlog_max_entries, preference_keypad_max_entries, preference_timecontrol_max_entries,
        preference_ble_tx_power, preference_network_custom_mdc, preference_network_custom_clk, preference_network_custom_phy, preference_network_custom_addr,
        preference_network_custom_irq, preference_network_custom_rst, preference_network_custom_cs, preference_network_custom_sck, preference_network_custom_miso,
-        preference_network_custom_mosi, preference_network_custom_pwr, preference_network_custom_mdio, preference_http_auth_type
+        preference_network_custom_mosi, preference_network_custom_pwr, preference_network_custom_mdio, preference_http_auth_type,
+        preference_cred_session_lifetime, preference_cred_session_lifetime_remember, preference_cred_session_lifetime_duo, preference_cred_session_lifetime_duo_remember
    };
    std::vector<char*> _uintPrefs =
    {