Feature Request: Friendly device name

Question

Feature Request: Friendly device name

Closed this issue 7 months ago · 4 comments

Summary:

The 2FA prompt when using the Okta phone app and push notifications lists the requests initiated by tokendito as "UNRECOGNIZED DEVICE". While users should only be approving 2FA push notifications they just initiated, there would be more confidence in making a choice during this process.

Expected Behavior

The push notification should display a device name that is recognizable to the user

Current Behavior

The push notification lists "UNRECOGNIZED DEVICE"

Possible Solution

Report the device name as tokendito
Report the machine name*
Do one of the above options with an optional command line argument to override the default behavior

*: obtaining the machine name could be problematic when using docker containers as the hostname is an environment variable that may not be set properly

Steps to Reproduce (for bugs)

Login using push notifications and the Okta phone app

Your Environment

Tool Version used: tokendito/2.2.0 Python/3.12.0 Linux/5.15.90.1-microsoft-standard-WSL2 botocore/1.31.85 bs4/4.12.2 requests/2.31.0
Environment name and version: PowerShell 7.3.9, Docker version 24.0.2-rd, build e63f5fa
Operating System and version: Windows 10

Answer 1 · 2023-11-15T22:24:41.000Z

Hi @opis-mark! This is definitely an issue, and relatively easy to fix. In #140 , we introduced the ability to save the device token to the configuration file. Unfortunately, we broke that feature immediately when we merged #132 for v2.3.0.

We just need to re-introduce some of the logic we dropped accidentally, and set a slightly better User-Agent string. Let me know if you want a quick workaround for testing.

Answer 2 · 2023-11-15T22:31:47.000Z

I don't need a quick work around. If there's a plan to introduce this capability, I'll gladly wait. Maybe this issue can be closed when that logic is reintroduced. Thanks!

Answer 3 · 2023-11-17T20:18:34.000Z

This should be working as expected in 2.3.1, please give it a try?

Answer 4 · 2023-11-17T20:59:22.000Z

Just a quick note: We don't have the ability to override what Okta sends to the device. It would seem that Okta parses the user-agent that was sent in, and creates a friendly name for it. For instance, with the user agent tokendito/1.2.3 (Darwin; OS_X...) ... the device name will result in 'Unknown'. We worked out what the API expects the browser to send, and added some basic functionality. We're open to ideas on how to improve this.