Hello all. I'm trying to use an Azure MFA server via RADIUS as my auth source for SimpleSAMLphp. It works great for MFA methods that don't require a challenge/response via RADIUS. SimpleSAMLphp throws an error for MFA methods such as TOTP OATH token that require a challenge and response. Looking at the code, I see:
case RADIUS_ACCESS_CHALLENGE:
throw new Exception('Radius authentication error: Challenge requested, but not supported.');
Is this because no one has gotten around to implementing RADIUS_ACCESS_CHALLENGE, or is there some inherent reason this won't work with SimpleSAMLphp?
I looked at privacyIDEA's SimpleSAMLphp which implements a type of challenge/response for their own protocol, but wanted to see if I could get a sanity check before I try to write something similar for the RADIUS.