I specifically have a use case for incorporating a Duo Security MFA flow into the credential processor. At my institution, we use Duo Security's Duo Prompt to provide a 2nd factor for authentication. After a user enters her institutional credentials (username and password), the Duo Prompt appears in an IFRAME element and allows the user to select a device and authentication method. We allow U2F devices, phone callback, one-use codes, or Duo Push. The current form scraping credential processor doesn't handle this additional flow.

I have some experience with the kind of web scraping that would be needed to get this to work, and I could submit a PR if you are interested.

I've created a fork where I've successfully used Duo Push and my FIDO2 compatible Yubikey as 2nd factors. I managed to get the Yubikey working with the Python fido2 module by Yubico .