duosecurity / duo_api_golang Goto Github PK

Detailed Description

Use Case

Workarounds

Hey Duo!

We've noticed our service receiving 429 responses when hitting your APIs using the golang SDK. It looks like in the docs that the SDK should implement a backoff/retry but it looks like it doesn't. We'll handle this ourselves for now but thought you should know. Please advise.

https://help.duo.com/s/article/1338?language=en_US

Hi Duo team,

I've been trying to create admins using your Signed call function but I've been running into some errors. I pulled your code and pass in my information like so par := url.Values{} par.Set("name", "TestName") par.Set("email", "[email protected]") resp, _, err := duo.SignedCall("POST", "/admin/v1/admins", par)
problem is I get a 40103 error

    "code": 40103,
    "message": "Invalid signature in request credentials",
    "stat": "FAIL"
}```

I checked the sign function that creates the hmac signature 
and the conanicalized information is this 

```Mon, 05 Apr 2021 18:21:16 +0000
POST
api-xxxxxxxx.duosecurity.com
/admin/v1/admins
email=test%40test.com&name=TestName```
it  seems write but that hmac signature I get generated is wrong I've even tested on an online hmac generator and they don't match up. I haven't modified your code so I'm not sure where the error is coming from

The retryable HTTP call is not closing the response body and doing the next iteration in case of 429 response code. Due to this mechanism eventually, all the persistent TCP connections are getting consumed and unable to make any further calls. As per the official doc, the user is responsible to close the body.

Hi Team, hopefully this is right place to ask, if not, I'd appreciate if you can direct me.

I'm the founder of cloudquery.io, a high performance open source ELT framework.

Our users are interested in an Duo plugin, but as we cannot maintain all the plugins ourselves, I was curious if this would be an interesting collaboration, where we would help implement an initial source plugin version, and you will help maintain it.

This will give your users the ability to sync/ELT their Duo APIs (users/devices) to any of their datalakes/data-warehouses/databases easily using any of the growing list of CQ destination plugins.

Best,
Yevgeny

Currently your SDK covers logs for telephony, auth and admin, which I'm currently using, but looking to expand to also include the Activity logs, and Trust Monitor.

Detailed Description

The addition of the Activity log endpoints into the sdk. Following same pattern as admin, auth and Telephony. Looking for similar attributes as the other types.

Use Case

Extremely similar to 3 other endpoints already in place, and looking to gather these logs as well.

Workarounds

Not currently using any Workarounds, don't want to mix the SDK and API calls in the same program.

Since the SDK doesn't have the capability to run CRUD operations on admins I was trying to make my own. heres my code

       d := duoapi.NewDuoApi(configInfo[0], configInfo[1], configInfo[2], "")
	params, _ := query.Values(admin)
	resp, _, err := d.SignedCall("GET", url, params)
	if err != nil {
		log.Fatal(err)
	}

It seems like the cert you have pinned when creating a newDuoApi isn't trusted

In methods such as Preauth, there currently exists no in-library way of adding the hostname parameter as there does with other parameters (e.g. authapi.PreauthIpAddr()).

Can you guys add all the administrative unit functions

This SDK pins the root CA certificates:

Go 1.15 beta 1 on Fedora Rawhide

Testing    in: /builddir/build/BUILD/duo_api_golang-982114f7995f2fbee17bca19b206fa03e4cc4a12/_build/src
         PATH: /builddir/build/BUILD/duo_api_golang-982114f7995f2fbee17bca19b206fa03e4cc4a12/_build/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin
       GOPATH: /builddir/build/BUILD/duo_api_golang-982114f7995f2fbee17bca19b206fa03e4cc4a12/_build:/usr/share/gocode
  GO111MODULE: off
      command: go test -buildmode pie -compiler gc -ldflags "-X github.com/duosecurity/duo_api_golang/version=0 -X github.com/duosecurity/duo_api_golang/version.commit=982114f7995f2fbee17bca19b206fa03e4cc4a12 -extldflags '-Wl,-z,relro -Wl,--as-needed  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld '"
      testing: github.com/duosecurity/duo_api_golang
github.com/duosecurity/duo_api_golang
# github.com/duosecurity/duo_api_golang
./duo_test.go:26:47: conversion from int to string yields a string of one rune
./duo_test.go:243:21: conversion from int to string yields a string of one rune
./duo_test.go:244:30: conversion from int to string yields a string of one rune
./duo_test.go:248:21: conversion from int to string yields a string of one rune
./duo_test.go:249:33: conversion from int to string yields a string of one rune
./duo_test.go:253:27: conversion from Duration (int64) to string yields a string of one rune
./duo_test.go:254:22: conversion from Duration (int64) to string yields a string of one rune
FAIL	github.com/duosecurity/duo_api_golang [build failed]

See golang/go#32479