Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Querying Authlog with a maxtime of > now-2 minutes may lead to inconsistent behavior #155

Open
csanders-git opened this issue Dec 17, 2021 · 1 comment
Open

Querying Authlog with a maxtime of > now-2 minutes may lead to inconsistent behavior #155

csanders-git opened this issue Dec 17, 2021 · 1 comment

Comments

@csanders-git
Copy link

Documentation says

There is an intentional two minute delay in availability of new authentications in the API response. Duo operates a large scale distributed system, and this two minute buffer period ensures that calls will return consistent results. Querying for results more recent than two minutes will return as empty.

However, maxtime is set by default to now. (see

duo_client_python/duo_client/admin.py

Line 448 in 7c5b115

params['maxtime'] = int(time.time()) * 1000
). Given this, it is quite possible that depending on refresh intervals the user will receive an empty list, when in fact results would be expected.

PR will appear as follows:

        # Querying for results more recent than two minutes will return as empty.
        if 'maxtime' not in params:
            params['maxtime'] = int(time.time() - 120) * 1000
@csanders-git csanders-git mentioned this issue Jan 4, 2022
Open
@AaronAtDuo
Copy link
Contributor

@csanders-git Duo is looking to improve our developer experience, if you are interested in providing us with feedback, please see the below

Duo is looking to learn how to significantly improve the developer experience and what tools, resources, and technology (eg: sandboxes, new sdks, etc.) would best-enable customers to work faster and build things more easily with Duo's developer ecosystem. If your org is a Duo customer, and you have done development work (ex; authentication integrations, creation of a homegrown admin tool, log consumption for SIEMS, etc) with Duo's developer tools/resources in the past year, we would love to speak with you about your experience, what tools/resources you used, and your pain points.
This will be a 60-minute session during which you’ll have the opportunity to discuss your honest thoughts and feedback with Duo researchers. No preparation is necessary, and please know that this is not a sales call or product demo.
If you’re interested in participating, please email lli@duosecurity.com to start the scheduling process.

Once the 60-minute session is complete, you will receive a token of appreciation in the form of a $75 e-gift card through Tremendous (options for Amazon or select retailers).

Please let me know if you have any questions!
Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@csanders-git @AaronAtDuo