-
Notifications
You must be signed in to change notification settings - Fork 314
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
Push via Telegram bot #3615
Comments
Thank you for filing an issue and sharing your observations or ideas. Please be sure to provide as much information as possible to help us to work on this issue. |
Hi @gbtb |
In my understanding this is not possible in a sensible way: #364 (comment) |
I think next comment #364 (comment) in this issue actually clarifies things pretty good. I'm sure it can be done on a Telegram side, because we currently have a commercial 2FA solution which does push delivery via private chat with a bot. User has to initiate dialog with a bot account once - to perform a registration of an account. Afterwards bot is able to send you messages into this chat at will. Telegram bots have support for inlining buttons below a message, so user just clicks accept and gets connected to a vpn. |
Hello again 馃憢 Also, I want to ask you about one particular problem I can't get how to fix. I want to add a nav link alongside the QR code (as Push does), but href gets mangled for some reason - like that |
We disable all links to unknown sources here: privacyidea/privacyidea/static/app.js Line 161 in 0a9c618
This is to avoid XSS attacks: https://docs.angularjs.org/api/ng/provider/$compileProvider#aHrefSanitizationTrustedUrlList We need to think about trusting all t.me URLs...
|
Hello 馃槂
I'm working on integration project of PrivacyIDEA into VPN authentication workflow of my employer. Due to UX requirements and some limitations of our AD and Cisco setup we decided on using push tokens in a push_wait mode as a main option of doing 2FA. Our internal customer also requested another option of delivering push notifications - Telegram bot. And so I'm currently in a process of adding said functionality into PrivacyIDEA.
Roughly, here is what I plan to do:
Will you be interested in accepting such integration into main repository or should I develop it in our private fork?
If you're interested, I'm going to post updates and probably some questions as I move along. I would also much appreciate any additional advice you might have.
Thanks!
The text was updated successfully, but these errors were encountered: