OAUTH TOTP as 3rd prompt
Zappacosta, Rolando (Nokia - US/Overland Park)
rolando.zappacosta at nokia.com
Fri Mar 16 07:55:50 PDT 2018
I'm facing this too, in my case openconnect doesn't detect the "Enter Your Microsoft verification code" OTP prompt from the RAS.
May I suggest to include a "--otp-msg-str" (OTP message string)? As an example for it, in my case I'd add this as a parameter
--otp-msg-str='Enter Your Microsoft verification code'
to trigger the openconnect OTP code generation and sending.
Or it could be made even more generic. For instance, what about {<if receive this string>;<then send this string>} tuples?
With it, one could not only do something like:
--rcv-snd-str='Enter Your Microsoft verification code',`oathtool ...`
but also other things like:
--rcv-snd-str='Please enter your passphrase: ','MyPassword'
or whatever else the RAS can come with in the future...
Last but not lease... openconnect rocks!!! 😉
Thank you guys!,
Rolando Zappacosta
> You're the second person this week to report that our current
> heuristics aren't doing the right thing for them. Quite feasibly the
> second for whom Cisco's native integration with things like the RSA
> Softoken API aren't likely to work either?
>
> If there *is* a "correct" way to determine which form field gets the
> OTP, I cannot imagine what it is.
>
> I think we want a --otp-form-field argument to allow people to
> override it.
More information about the openconnect-devel
mailing list