Add sessionToken to dict where step-up code expects it

[aogail]

Description

Sometimes, Okta requires a step-up authentication when accessing the AWS Okta application. The Duo Universal prompt support worked in the case where step-up was not required, but returned a session data structure that the step-up handling code did not expect. I've changed the Duo Universal Prompt auth to return sessionToken where OktaClassicClient.get_saml_response() expects to find it for use in step-up authentication.

Related Issue

447

Motivation and Context

Authentication doesn't work if Okta requires step-up auth with Duo Universal Prompt enabled.

How Has This Been Tested?

We had a few people at our org encounter this issue after disabling Duo's traditional prompt in our Okta tenant. I found the additional step-up authentication code path when debugging with them, and realized the data structure I had returned from Univeral Prompt implementation was different than the step-up code expected. Adding the session token at the expected key resolved the issue for them.

Screenshots (if appropriate):

Types of changes

• [x] Bug fix (non-breaking change which fixes an issue)

Checklist:

• [x] My code follows the code style of this project.
• [ ] My change requires a change to the documentation.
• [ ] I have updated the documentation accordingly.
• [x] I have read the CONTRIBUTING document.
• [x] I have added tests to cover my changes.
• [x] All new and existing tests passed.

[aogail]

Apparently I ran the tests from the wrong branch x.x. Will fix and update the PR.