Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Duo Auth API - Async Auth

See more Duo Auth MFA Examples

If you enable async, then your application will be able to retrieve real-time status updates from the authentication process, rather than receiving no information until the process is complete.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.Http,
  Chilkat.HttpRequest,
  Chilkat.StringBuilder,
  Chilkat.HttpResponse,
  Chilkat.JsonObject;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  integrationKey: string;
  secretKey: string;
  http: THttp;
  url: string;
  req: THttpRequest;
  resp: THttpResponse;
  json: TJsonObject;
  txid: string;
  sbUrl: TStringBuilder;
  url: string;
  sbResult: TStringBuilder;
  responseStatus: string;
  responseStatus_msg: string;
  i: Integer;
  maxWaitIterations: Integer;

begin
  success := False;

  //  This example assumes the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  integrationKey := 'DIMS3V5QDVG9J9ABRXC4';
  secretKey := 'HWVQ46nubLBxhnRlKddTltWIi3hL0fIQF2qTvLab';

  http := THttp.Create;

  http.Accept := 'application/json';

  //  Use your own hostname here:
  url := 'https://api-a03782e1.duosecurity.com/auth/v2/auth';

  //  This example requires Chilkat v9.5.0.89 or greater because Chilkat will automatically
  //  generate and send the HMAC signature for the requires based on the integration key and secret key.
  http.Login := integrationKey;
  http.Password := secretKey;

  req := THttpRequest.Create;
  req.AddParam('username','matt');
  req.AddParam('factor','push');
  //  The device ID can be obtained from the preauth response.  See Duo Preauth Example
  req.AddParam('device','DP6GYVTQ5NK82BMR851F');
  //  Add the async param to get an immediate response, then periodically check for updates to find out when the MFA authentication completes for fails.
  req.AddParam('async','1');

  req.HttpVerb := 'POST';
  req.ContentType := 'application/x-www-form-urlencoded';

  resp := THttpResponse.Create;
  success := http.HttpReq(url,req,resp);
  if (success = False) then
    begin
      WriteLn(http.LastErrorText);
      Exit;
    end;

  WriteLn('status code = ' + resp.StatusCode);

  json := TJsonObject.Create;
  success := json.Load(resp.BodyStr);
  json.EmitCompact := False;
  WriteLn(json.Emit());

  if (resp.StatusCode <> 200) then
    begin
      Exit;
    end;

  //  Sample successful output:

  //  status code = 200

  //  {
  //    "stat": "OK",
  //    "response": {
  //      "txid": "45f7c92b-f45f-4862-8545-e0f58e78075a"
  //    }
  //  }

  txid := json.StringOf('response.txid');

  //  Use your own hostname here:
  sbUrl := TStringBuilder.Create;
  sbUrl.Append('https://api-a03782e1.duosecurity.com/auth/v2/auth_status?txid=');
  sbUrl.Append(txid);
  url := sbUrl.GetAsString();

  WriteLn('Auth status URL: ' + url);

  sbResult := TStringBuilder.Create;

  //  Wait for a response...
  i := 0;
  maxWaitIterations := 100;
  while i < maxWaitIterations do
    begin
      //  Wait 3 seconds.
      http.SleepMs(3000);

      WriteLn('Polling...');

      success := http.HttpNoBody('GET',url,resp);
      if (success = False) then
        begin
          WriteLn(http.LastErrorText);
          Exit;
        end;

      if (resp.StatusCode <> 200) then
        begin
          WriteLn('error status code = ' + resp.StatusCode);
          WriteLn(resp.BodyStr);
          WriteLn('Failed.');
          Exit;
        end;

      //  Sample response:

      //  	{
      //  	  "stat": "OK",
      //  	  "response": {
      //  	    "result": "waiting",
      //  	    "status": "pushed",
      //  	    "status_msg": "Pushed a login request to your phone..."
      //  	  }
      //  	}

      json.Load(resp.BodyStr);

      //  The responseResult can be "allow", "deny", or "waiting"
      sbResult.Clear();
      json.StringOfSb('response.result',sbResult);
      responseStatus := json.StringOf('response.status');
      responseStatus_msg := json.StringOf('response.status_msg');

      WriteLn(sbResult.GetAsString());
      WriteLn(responseStatus);
      WriteLn(responseStatus_msg);
      WriteLn('');

      if (sbResult.ContentsEqual('waiting',True) = True) then
        begin
          i := i + 1;
        end
      else
        begin
          //  Force loop exit..
          i := maxWaitIterations;
        end;
    end;

  WriteLn('Finished.');


  http.Free;
  req.Free;
  resp.Free;
  json.Free;
  sbUrl.Free;
  sbResult.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.