duosecurity / duo_api_golang Goto Github PK
View Code? Open in Web Editor NEWLicense: Other
License: Other
Hey Duo!
We've noticed our service receiving 429 responses when hitting your APIs using the golang SDK. It looks like in the docs that the SDK should implement a backoff/retry but it looks like it doesn't. We'll handle this ourselves for now but thought you should know. Please advise.
https://help.duo.com/s/article/1338?language=en_US
Line 239 in 096d330
Line 59 in 096d330
Hi Duo team,
I've been trying to create admins using your Signed call function but I've been running into some errors. I pulled your code and pass in my information like so par := url.Values{} par.Set("name", "TestName") par.Set("email", "[email protected]") resp, _, err := duo.SignedCall("POST", "/admin/v1/admins", par)
problem is I get a 40103 error
"code": 40103,
"message": "Invalid signature in request credentials",
"stat": "FAIL"
}```
I checked the sign function that creates the hmac signature
and the conanicalized information is this
```Mon, 05 Apr 2021 18:21:16 +0000
POST
api-xxxxxxxx.duosecurity.com
/admin/v1/admins
email=test%40test.com&name=TestName```
it seems write but that hmac signature I get generated is wrong I've even tested on an online hmac generator and they don't match up. I haven't modified your code so I'm not sure where the error is coming from
The retryable HTTP call is not closing the response body and doing the next iteration in case of 429 response code. Due to this mechanism eventually, all the persistent TCP connections are getting consumed and unable to make any further calls. As per the official doc, the user is responsible to close the body.
Hi Team, hopefully this is right place to ask, if not, I'd appreciate if you can direct me.
I'm the founder of cloudquery.io, a high performance open source ELT framework.
Our users are interested in an Duo plugin, but as we cannot maintain all the plugins ourselves, I was curious if this would be an interesting collaboration, where we would help implement an initial source plugin version, and you will help maintain it.
This will give your users the ability to sync/ELT their Duo APIs (users/devices) to any of their datalakes/data-warehouses/databases easily using any of the growing list of CQ destination plugins.
Best,
Yevgeny
Currently your SDK covers logs for telephony, auth and admin, which I'm currently using, but looking to expand to also include the Activity logs, and Trust Monitor.
The addition of the Activity log endpoints into the sdk. Following same pattern as admin, auth and Telephony. Looking for similar attributes as the other types.
Extremely similar to 3 other endpoints already in place, and looking to gather these logs as well.
Not currently using any Workarounds, don't want to mix the SDK and API calls in the same program.
Since the SDK doesn't have the capability to run CRUD operations on admins I was trying to make my own. heres my code
d := duoapi.NewDuoApi(configInfo[0], configInfo[1], configInfo[2], "")
params, _ := query.Values(admin)
resp, _, err := d.SignedCall("GET", url, params)
if err != nil {
log.Fatal(err)
}
It seems like the cert you have pinned when creating a newDuoApi isn't trusted
In methods such as Preauth, there currently exists no in-library way of adding the hostname
parameter as there does with other parameters (e.g. authapi.PreauthIpAddr()
).
Can you guys add all the administrative unit functions
This SDK pins the root CA certificates:
Line 154 in 0e07e9f
Go 1.15 beta 1 on Fedora Rawhide
Testing in: /builddir/build/BUILD/duo_api_golang-982114f7995f2fbee17bca19b206fa03e4cc4a12/_build/src
PATH: /builddir/build/BUILD/duo_api_golang-982114f7995f2fbee17bca19b206fa03e4cc4a12/_build/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin
GOPATH: /builddir/build/BUILD/duo_api_golang-982114f7995f2fbee17bca19b206fa03e4cc4a12/_build:/usr/share/gocode
GO111MODULE: off
command: go test -buildmode pie -compiler gc -ldflags "-X github.com/duosecurity/duo_api_golang/version=0 -X github.com/duosecurity/duo_api_golang/version.commit=982114f7995f2fbee17bca19b206fa03e4cc4a12 -extldflags '-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld '"
testing: github.com/duosecurity/duo_api_golang
github.com/duosecurity/duo_api_golang
# github.com/duosecurity/duo_api_golang
./duo_test.go:26:47: conversion from int to string yields a string of one rune
./duo_test.go:243:21: conversion from int to string yields a string of one rune
./duo_test.go:244:30: conversion from int to string yields a string of one rune
./duo_test.go:248:21: conversion from int to string yields a string of one rune
./duo_test.go:249:33: conversion from int to string yields a string of one rune
./duo_test.go:253:27: conversion from Duration (int64) to string yields a string of one rune
./duo_test.go:254:22: conversion from Duration (int64) to string yields a string of one rune
FAIL github.com/duosecurity/duo_api_golang [build failed]
See golang/go#32479
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.