2017 © Pedro Peláez
 

roundcube-plugin duo_auth

Duo Security two-factor authentication for Roundcube. Users have multiple ways to authenticate, including: 1. One-tap authentication using Duo’s mobile app. 2. One-time passcodes generated by Duo’s mobile app (works even with no cell coverage) 3. One-time passcodes delivered to any SMS-enabled phone. 4. Phone callback to any phone (mobile or landline!) 5. One-time passcodes generated by an OATH-compliant hardware token

image

lmr/duo_auth

Duo Security two-factor authentication for Roundcube. Users have multiple ways to authenticate, including: 1. One-tap authentication using Duo’s mobile app. 2. One-time passcodes generated by Duo’s mobile app (works even with no cell coverage) 3. One-time passcodes delivered to any SMS-enabled phone. 4. Phone callback to any phone (mobile or landline!) 5. One-time passcodes generated by an OATH-compliant hardware token

  • Monday, June 11, 2018
  • by leonardomarino
  • Repository
  • 1 Watchers
  • 0 Stars
  • 23 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 1 Forks
  • 0 Open issues
  • 4 Versions
  • 77 % Grown

The README.md

Roundcube lmr/duo_auth

This is a Roundcube webmail plugin that enables Duo Security Two Factor Authentication., (*1)

image, (*2)

It redirect to additional page after successful username/password authentication that requires a 2nd Factor of Authentication using Duo Security (push, sms, call, hardware token code)., (*3)

INSTALLATION

Install using Composer (https://getcomposer.org) from the root directory of your roundcube installation:, (*4)

Run $ composer update, (*5)

Run $ composer dumpautoload, (*6)

Run $ composer require "lmr/duo_auth:^1.0.9", (*7)

CONFIGURATION

  1. Go into the plugins/duo_auth/ directory and modify duo_auth.conf as necessary. Enter all keys necessary for integration with Duo in the duo_auth.conf file. Assuming a Duo integration has already been created in Duo's Admin Panel, you will be able to find all the information requested. Specify the location of the redirect URI. After running the post-intall script above the your_page_name_redirect.php file should be located in the root roundcube directory. Modify key "rc_path" in duo.conf file to your particular needs. If you have a subdirectory where you access your WebMail application, adjust accordingly, for example: rc_path = "/WebMail/" or rc_path = "/rc/". If you have root folder installation in your web-server nothing change requirement in duo.conf file, this value ("/") specify by default., (*8)

  2. Add the following line to your roundcube configuration file - config.inc.php located in config/config.inc.php, (*9)

$config['session_storage'] = 'php';, (*10)

  1. Modify your PHP config file (php.ini) as follows:

session.save_handler = files, (*11)

session.save_path = "/var/lib/php/sessions", (*12)

CREDITS

Author: Alexios Polychronopoulos - Wrote duo_auth for Roundcube., (*13)

Author: Leonardo Mariño-Ramírez - Updated the plugin for compatibility with Roundcube 1.3.0., (*14)

Author: Johnson Chow - Added support for IPv4 CIDR matching and 2FA overrride for specific users., (*15)

Author: Pavlo Lyha - Rewrote the plugin to be compatible with Duo Web v4 SDK., (*16)

The Versions

11/06 2018

dev-master

9999999-dev https://github.com/leonardomarino/duo_auth

Duo Security two-factor authentication for Roundcube. Users have multiple ways to authenticate, including: 1. One-tap authentication using Duo’s mobile app. 2. One-time passcodes generated by Duo’s mobile app (works even with no cell coverage) 3. One-time passcodes delivered to any SMS-enabled phone. 4. Phone callback to any phone (mobile or landline!) 5. One-time passcodes generated by an OATH-compliant hardware token

  Sources   Download

AGPL-3.0 AGPLv3

The Requires

 

by Alexios Polychronopoulos
by Leonardo Mariño-Ramírez
by Johnson Chow

authentication two-factor duo security

11/06 2018

v1.0.5

1.0.5.0 https://github.com/leonardomarino/duo_auth

Duo Security two-factor authentication for Roundcube. Users have multiple ways to authenticate, including: 1. One-tap authentication using Duo’s mobile app. 2. One-time passcodes generated by Duo’s mobile app (works even with no cell coverage) 3. One-time passcodes delivered to any SMS-enabled phone. 4. Phone callback to any phone (mobile or landline!) 5. One-time passcodes generated by an OATH-compliant hardware token

  Sources   Download

AGPL-3.0

The Requires

 

by Alexios Polychronopoulos
by Leonardo Mariño-Ramírez
by Johnson Chow

authentication two-factor duo security

01/02 2018

v1.0.4

1.0.4.0 https://github.com/leonardomarino/duo_auth

Duo Security two-factor authentication for Roundcube. Users have multiple ways to authenticate, including: 1. One-tap authentication using Duo’s mobile app. 2. One-time passcodes generated by Duo’s mobile app (works even with no cell coverage) 3. One-time passcodes delivered to any SMS-enabled phone. 4. Phone callback to any phone (mobile or landline!) 5. One-time passcodes generated by an OATH-compliant hardware token

  Sources   Download

AGPL-3.0

The Requires

  • php >=5.3.0
  • roundcube/plugin-installer ~0.1.9

 

by Alexios Polychronopoulos
by Leonardo Mariño-Ramírez

authentication two-factor duo security

30/08 2017

1.0.3

1.0.3.0 https://github.com/leonardomarino/duo_auth

Duo Security two-factor authentication for Roundcube. Users have multiple ways to authenticate, including: 1. One-tap authentication using Duo’s mobile app. 2. One-time passcodes generated by Duo’s mobile app (works even with no cell coverage) 3. One-time passcodes delivered to any SMS-enabled phone. 4. Phone callback to any phone (mobile or landline!) 5. One-time passcodes generated by an OATH-compliant hardware token

  Sources   Download

AGPLv3

The Requires

  • php >=5.3.0
  • roundcube/plugin-installer >=0.1.6

 

by Alexios Polychronopoulos
by Leonardo Mariño-Ramírez

authentication two-factor duo security