I use Ubuntu 22.04, APACHE, PHP 8.2 and Nexcloud 28
open and download from
then extract zip to your Nextcloud path at folder [nextcloud_path]/apps/twofactor_duo
=====================================================================
open file [nextcloud_path]/apps/twofactor_duo/appinfo/info.xml
just delete this code
<dependencies>
<php min-version="5.6" max-version="7.1" />
<nextcloud min-version="13" max-version="13" />
</dependencies>
and replace this <category>auth</category>
to
<category>integration</category>
<category>security</category>
=====================================================================
next, open [nextcloud_path]/config/config.php
add this code before );
'twofactor_duo' => [
'IKEY' => 'xxxx',
'SKEY' => 'xxxxx',
'HOST' => 'xxxxx',
'AKEY' => 'xxxx',
],
note: for AKEY use IKEY value
=====================================================================
open this files [nextcloud_path]/lib/public/Authentication/TwoFactorAuth/IProvider.php
under “interface IProvider
” section find all of the public functions and remove the colon and type after the function name
example: change “public function getId(): string;
” to “public function getId();
”. This needs to be done for all six public functions.
=====================================================================
open [nextcloud_path]/lib/public/Authentication/TwoFactorAuth/IProvidesCustomCSP.php
search for “public function getCSP
”. Comment out line and put in “public function getCSP();
”
=====================================================================
open [nextcloud_path]/lib/public/Authentication/TwoFactorAuth/IProvidesCustomCSP.php
search for “public function getCSP
”. Comment out line and put in “public function getCSP();
”
=====================================================================
open [nextcloud_path]/core/Controller/TwoFactorChallengeController.php
search for “return new StandaloneTemplateResponse
” and comment out that line, and add this code
$response = new TemplateResponse($this->appName, 'twofactorshowchallenge', $data, 'guest');
if ($provider instanceof IProvidesCustomCSP) {
$response->setContentSecurityPolicy($provider->getCSP());
}
return $response;
=====================================================================
after this try to enable twofactor_duo app, you can do it directly from your Nextcloud Apps or use occ
from cli
cd /nextcloud/path/directory
sudo -u apache php occ app:enable twofactor_duo
=====================================================================
use cli
sudo -u apache php occ integrity:check-core
you will see INVALID_HASH ( Failed integrity check, invalid hash)
just see under detect file with have invalid hash, had expected hash and current hash
open [nextcloud_path]/core/signature.json
find expected hash and then replace with current hash, do it all
=====================================================================
now we must create signature for twofactor_duo
first we must generate key and then crt
sudo openssl genrsa -des3 -out /etc/ssl/twofactor.key 2048
sudo openssl req -x509 -nodes -days 36500 -newkey rsa:2048 -keyout /etc/ssl/twofactor.key -out /etc/ssl/twofactor.crt
sudo -u apache php occ integrity:sign-app --path apps/twofactor_duo --privateKey /etc/ssl/twofactor.key --certificate /etc/ssl/twofactor.crt
=====================================================================
try to logout and login again