https://duo.com/docs/duoweb#wait-for-the-redirect-from-duo-back-to-your-redirect-uri

You include the following example code at the above url:

code = request.args.get('code')

That does not work for me, but with duo_ prefixed to the parameter name it does. I assume it is a typo and it should actually read the following:

code = request.args.get('duo_code')

Description

The code comments for the state parameter indicate the minimum length of state is 22 characters, but the Duo docs (https://duo.com/docs/oauthapi#authorization-request) indicate it's 16. Let's reconcile the two.

Expected Behavior

Anywhere the parameter limits (state and nonce primarily) are described, they agree with the Duo documentation.

Actual Behavior

The state parameter limits disagree.

Steps to Reproduce

N/A

Workarounds

N/A

I am currently running a late 2020 MacBook Air with an M1 chip and I was unable to install using conda / pip through any of the suggested channels. Curious if anyone else had any luck installing the package on an M1 Mac and what your process was to get it to work. Please let me know if you need any more information and I'm happy to provide it.

The PyPI tarball doesn't include the requirements.txt file which is explicitly used by setup.py

Hi! This is really more of a user-experience issue that I'm having, but I was wondering whether there is any way to embed the new universal prompt into my existing website without having the user redirected to the Duo website and then back to mine? From a user perspective, it is quite jarring to go from my website with one (let's say dark) color palette and then to be tossed into a really bright one on the splash screen. If I could embed an iframe of basically just the prompt into my own website, like the old prompt allowed me to do, I think that it would be a much more seamless experience for my users. Happy to talk about it, thanks!

Hello,
I have followed the demos and I am getting CORS error on browser when I am trying to redirect to the prompt_uri.
Any idea why?

.
.
.
    prompt_uri = duo_client.create_auth_url(username, state)

    # Redirect to prompt URI which will redirect to the client's redirect URI
    # after 2FA
    return redirect(prompt_uri)
.
.
.

Could the python dependencies for this be bumped to latest/highest compatible if possible?

Following readme still leads to

duo_universal.client.DuoException: HTTPSConnectionPool(host='api-duo1.duo.test', port=443): Max retries exceeded with url: /oauth/v1/health_check (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate (_ssl.c:997)')))

Solve it by adding

duo_certs = DISABLE

to your duo.conf file

Description

Expected Behavior

Actual Behavior

Steps to Reproduce

Workarounds

https://duo.com/docs/duoweb#call-health_check()

You include the following example code at the above url:

try:
  duo_client.healthcheck()

That does not work for me, but with an underscore it does. I assume it is a typo and it should actually read the following:

try:
  duo_client.health_check()

I would recommend teaching people to use PyPi. I tested it and this works:

Flask>=1.1.2
configparser>=4.0.2
duo_universal>=2.0.1

Hi,
I am trying to migrate to this package (as part of migrating to the universal prompt - https://duo.com/docs/universal-prompt-update-guide)
However, the constraint on the pyjwt conflicts with another package that we use:https://github.com/python-social-auth/social-core/blob/master/requirements-base.txt#L4
Note that the reason tests are breaking is because pyjwt 2 dropped support for python 2.7 and python 3.5 both are EOL for a while now...
Maybe this library can drop support for those too ?
Alternatively, the setup.py can be modified to have a different pyjwt for different python version, i.e. python 3.5 & 2.7 have the pyjwt<2 constraint and for newer versions the constraint can be pyjwt>=2