Duo Universal Node.js library
Duo Web v4 SDK - Duo Universal Prompt implementation for Node.js
- follows Duo Web v4 SDK implementation
- largely based on Duo Web v4 SDKs for other languages
⚠️ IMPORTANT ⚠️
This package is no longer maintained. Duo team has taken over the code and from now on will be maintaining official implementation of Duo Universal prompt.
New Duo Universal Node.js repository is https://github.com/duosecurity/duo_universal_nodejs.
Upgrade is a drop-in replacement.
- Replace package
npm remove duo_universal
npm install @duosecurity/duo_universal
- Change import statements
// from
import { Client } from 'duo_universal';
// to
import { Client } from '@duosecurity/duo_universal';
Installation
npm install duo_universal
Usage
Read official Duo Web v4 SDK - Duo Universal Prompt docs (https://duo.com/docs/duoweb) to get familiar with the implementation details.
1. Import client
import { Client } from 'duo_universal';
2. Create client
Creates new client instance. Provide your Duo Security application credentials and host URL. Include redirect URL to make a way back to your application.
const client = new Client({
clientId: 'yourDuoApplicationClientId',
clientSecret: 'yourDuoApplicationSecret',
apiHost: 'api-12345678.duosecurity.com',
redirectUrl: 'http://localhost:3000/redirect',
});
3. Heath check
Determines if Duo’s servers are accessible and available to accept the 2FA request.
const status = await client.healthCheck();
4. Generate state
Generates new state (random string) to link the with authentication attempt. Store appropriately, so you can retrieve/compare on callback.
const state = client.generateState();
5. Create authentication URL
Creates authentication URL to redirect user to Duo Security Universal prompt. Provide user identifier and state generated in previous step.
const authUrl = client.createAuthUrl('username', 'state');
6. Token & code exchange
Exchanges received duo code
from callback redirect for token result.
const token = await client.exchangeAuthorizationCodeFor2FAResult('duoCode', 'username');
Example
Complete example of implementation can be found in example folder. It's a simple express-based application. Please follow the README instructions in example
folder to spin it up.
Contribute
Fork the repository
Install dependencies
npm install
Make your proposed changes. Add tests if applicable, lint the code. Submit a pull request.
Tests
npm test
Lint
npm lint