Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WebKitGTK version? #31

Closed
ericonr opened this issue Jun 5, 2024 · 3 comments
Closed

WebKitGTK version? #31

ericonr opened this issue Jun 5, 2024 · 3 comments

Comments

@ericonr
Copy link

ericonr commented Jun 5, 2024

Hi!

Thank you for developing this :)

I use Fortinet with authentication over Duo, and I wasn't able to reach Duo's 2FA prompt with the qt6-webview client. I haven't tried the electron version, which I'd rather avoid, but I saw in one of your comments that you had a python script using WebKitGTK, which worked better with Duo. Do you still have that script? Would you be open to including that script in this repository, or just providing it some other way?

That said, my login flow didn't directly get access to SVPNCOOKIE, because after login there was a redirection to 127.0.0.1:8020, with an ID to be passed to another URL under my VPN's domain, which finally contained the SVPNCOOKIE. That flow is implemented in https://github.com/filippor/XdgOpenSaml/blob/main/XdgOpenSaml.java . Would you be interested in including something similar in this project? I might be able to contribute one in either C++ or Python. I have no idea how to best determine if that sort of workaround is needed, though.
@gm-vm
Copy link
Owner

gm-vm commented Jun 5, 2024
edited
Loading

That script is long gone, but it was something I put together hacking some script I found somewhere on the internet.

Anyway, you are probably better off using this (from the same author): adrienverge/openfortivpn#1217. It implements the flow you describe and let's you use any browser. I haven't actually tried it, just skimmed over the changes, it's been more than one year since I last used openfortivpn and I no longer have access to a gateway to try things out.

@ericonr
Copy link
Author

ericonr commented Jun 5, 2024

I was actually interested in using the obtained cookie in OpenConnect, so a solution in openfortivpn itself doesn't apply for me. Thanks for the suggestion, though!

OpenConnect has the advantage of being able to run as non-root, so implementing that functionality there would be less problematic, but still not ideal, IMO. I think composing the tools so the specific code doesn't have to be included in every single implementation is best.

I will see if I can cook something up in python myself, then. And I will be closing this issue.

Thank you again!

@ericonr ericonr closed this as completed Jun 5, 2024
@filippor
Copy link

I was actually interested in using the obtained cookie in OpenConnect, so a solution in openfortivpn itself doesn't apply for me. Thanks for the suggestion, though!

OpenConnect has the advantage of being able to run as non-root, so implementing that functionality there would be less problematic, but still not ideal, IMO. I think composing the tools so the specific code doesn't have to be included in every single implementation is best.

I will see if I can cook something up in python myself, then. And I will be closing this issue.

Thank you again!

if you are interested I created a pullrequest on openconnect https://gitlab.com/openconnect/openconnect/-/merge_requests/551

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@filippor @ericonr @gm-vm