Environment
- CENTOS 7
- HTTPD
- PHP 7.4
- Nextcloud 21
Open and download files from GitHub
then extract zip to your Nextcloud path at folder [nextcloud_path]/apps/twofactor_duo
=====================================================================
open file [nextcloud_path]/apps/twofactor_duo/appinfo/info.xml
Find and delete below code:
<dependencies>
<php min-version="5.6" max-version="7.1" />
<nextcloud min-version="13" max-version="13" />
</dependencies>
and replace this <category>auth</category> to
<category>integration</category>
<category>security</category>
=====================================================================
next, open [nextcloud_path]/config/config.php
add this code before );
'twofactor_duo' => [
'IKEY' => 'xxxx',
'SKEY' => 'xxxxx',
'HOST' => 'xxxxx',
'AKEY' => 'xxxx',
],
note: for AKEY use IKEY value
=====================================================================
open this files [nextcloud_path]/lib/public/Authentication/TwoFactorAuth/IProvider.php
under “interface IProvider” section find all of the public functions and remove the colon and type after the function name
example: change “public function getId(): string;” to “public function getId();”. This needs to be done for all six public functions.
=====================================================================
open [nextcloud_path]/lib/public/Authentication/TwoFactorAuth/IProvidesCustomCSP.php
search for “public function getCSP”. Comment out line and put in “public function getCSP();”
=====================================================================
open [nextcloud_path]/lib/public/Authentication/TwoFactorAuth/IProvidesCustomCSP.php
search for “public function getCSP”. Comment out line and put in “public function getCSP();”
=====================================================================
open [nextcloud_path]/core/Controller/TwoFactorChallengeController.php
search for “return new StandaloneTemplateRe sponse” and comment out that line, and add this code
$response = new TemplateResponse($this->appName, 'twofactorshowchallenge', $data, 'guest');
if ($provider instanceof IProvidesCustomCSP) {
$response->setContentSecurityPolicy($provider->getCSP());
}
return $response;
=====================================================================
after this try to enable twofactor_duo app, you can do it directly from your Nextcloud Apps or use occ from cli
cd /nextcloud/path/directory
sudo -u apache php occ app:enable twofactor_duo
=====================================================================
use clisudo -u apache php occ integrity:check-core
you will see INVALID_HASH ( Failed integrity check, invalid hash)
just see under detect file with have invalid hash, had expected hash and current hash
open [nextcloud_path]/core/signature.json
find expected hash and then replace with current hash, do it all
=====================================================================
now we must create signature for twofactor_duo
first we must generate key and then crt
sudo openssl genrsa -des3 -out /etc/ssl/twofactor.key 2048
sudo openssl req -x509 -nodes -days 36500 -newkey rsa:2048 -keyout /etc/ssl/twofactor.key -out /etc/ssl/twofactor.crt
sudo -u apache php occ integrity:sign-app --path apps/twofactor_duo --privateKey /etc/ssl/twofactor.key --certificate /etc/ssl/twofactor.crt
=====================================================================
try to logout and login again
Comments
gsigyhxtyi - 15 Apr 2022
Integrating DUO Security MFA with Nextcloud 21 – Insights
[url=http://www.gve4502w06l365m7c171aq3mmpw3hlz4s.org/]ugsigyhxtyi[/url]
agsigyhxtyi
gsigyhxtyi http://www.gve4502w06l365m7c171aq3mmpw3hlz4s.org/
alay4d - 25 Apr 2024
Wow Thanks for this guide i find it hard to see excellent particulars out there when it comes to this subject material thank for the blog post site
nydtobdrangpur - 27 Apr 2024
nice blog mate.. amazing content.. this one i search for. thank you