cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
854
Views
1
Helpful
2
Replies

Issue Integrating Duo Universal to ASP.NET

ppedersen
Level 1
Level 1

I am working to integrate Duo universal to an older existing ASP.NET MVC application. I am able to generate the URL to the Duo endpoint and successfully go through the Duo prompt process. On the callback, the state and code appear to come through just fine to my callback method. The error occurs when I call client.ExchangeAuthorizationCodeFor2faResult with the following error message:

DuoException: Error exchanging the code for a 2fa token
InnerException: Response status code does not indicate success: 500 (Internal Server Error).

One other thing I noticed was that when I call client.DoHealthCheck() prior to generating the url and redirecting the user, I am getting 'false', though it seems to continue just fine anyway. Not sure if this is a clue to the underlying problem, but I have so far been unable to find any information about what it might mean other than to indicate a service outage, which seems unlikely.

Any help or resources would be much appreciated!

Thank you.

 

1 Accepted Solution

Accepted Solutions

ppedersen
Level 1
Level 1

I found the issue, thought I would post it here for anyone else who runs into it too  As I mentioned, this is an older application, and it had previously been running on .NET 4.5 which I then upgraded to 4.7.2. However, even though it had been upgraded, the application was still using an older TLS 1.1 by default. I was able to fix it by forcing it to use the correct protocol by simply setting it manually. 

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

 

View solution in original post

2 Replies 2

ppedersen
Level 1
Level 1

I found the issue, thought I would post it here for anyone else who runs into it too  As I mentioned, this is an older application, and it had previously been running on .NET 4.5 which I then upgraded to 4.7.2. However, even though it had been upgraded, the application was still using an older TLS 1.1 by default. I was able to fix it by forcing it to use the correct protocol by simply setting it manually. 

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

 

Thank you so very much for rolling up your sleeves to find the solution to this perplexing problem.  Many developers supporting legacy web forms apps (that have upgraded the .net framework version to > 4.5) will find this information helpful when adding DUO 2AF functionality. I gave you kudos on https://www.brandonclaps.com/duo-universal-c-asp-net-web-forms/#comments.  Brandon's post was the only source I could find on adding DUO 2AF to web forms.  Brandon's solution could not function on legacy web forms apps running outdated communication protocols without adding your solution.

Neil Gorin (drgorin)

Quick Links