Alternative Openconnect-sso¶
This is an alternative way to use the Openconnect SSO if you're having trouble getting the QT5 dependancies to resolve, which is a particular problem on macOS with M1/M2 silicon. At some point the more official openconnect-sso will change to QT6 and this shouldn't be needed anymore.
Note for this you will be running a fork of the openconnect-sso on my github, so it's good practise to havea look at make sure I'm not doing anything nefariouss. I'm not, but then I would say that. Also the code is not mine, it's a fork of a pull request on another repo that I;ve setup to be the main branch to simplify this process. Use with caution.
You'll also need a new version of chrome or chromium-browser to do this as we'll be using selenium to drive a webbrowser (in this case a chromelike browser) to handle the web part of the 2fa.
create a directory somewhere convenient, like vuwvpn or omething and cd there. then
python3 -m venv env
source env/bin/activate # activate our python venv
wget https://raw.githubusercontent.com/andre-geldenhuis/openconnect-sso/master/requirements.txt
Then install those requirements, note they will install some stuff from my fork
pip install -r requirements.txt
wget https://raw.githubusercontent.com/andre-geldenhuis/openconnect-sso/master/vuwssl.conf
OPENSSL_CONF=vuwssl.conf openconnect-sso --server vpn.victoria.ac.nz --user andre.geldenhuis@vuw.ac.nz
#!/bin/bash
source ~/vuwvpn/env/bin/activate
OPENSSL_CONF=~/vuwvpn/ssl.conf openconnect-sso --server vpn.victoria.ac.nz --user <firstname>.<lastname>@vuw.ac.nz