search

Nike-Inc / gimme-aws-creds

A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials
Apache License 2.0
919 stars 262 forks source link

Python error on Okta retrieval for 2.8.2 #466

Open itsjamie opened 3 months ago

itsjamie commented 3 months ago

Expected Behavior

Role is written successfully.

Current Behavior

Traceback (most recent call last):
  File "snip/bin/gimme-aws-creds", line 17, in <module>
    GimmeAWSCreds().run()
  File "snip/lib/python3.10/site-packages/gimme_aws_creds/main.py", line 453, in run
    self._run()
  File "snip/lib/python3.10/site-packages/gimme_aws_creds/main.py", line 876, in _run
    for data in self.iter_selected_aws_credentials():
  File "snip/lib/python3.10/site-packages/gimme_aws_creds/main.py", line 845, in iter_selected_aws_credentials
    aws_results = executor.map(generate_credentials_prepare_data, self.aws_selected_roles)
  File "snip/lib/python3.10/site-packages/gimme_aws_creds/main.py", line 727, in aws_selected_roles
    selected_roles = self._get_selected_roles(self.requested_roles, self.aws_roles)
  File "snip/lib/python3.10/site-packages/gimme_aws_creds/main.py", line 718, in aws_roles
    self.saml_data['SAMLResponse'],
  File "snip/lib/python3.10/site-packages/gimme_aws_creds/main.py", line 709, in saml_data
    self._cache['saml_data'] = saml_data = self.okta.get_saml_response(self.aws_app['links']['appLink'], self.auth_session)
  File "snip/lib/python3.10/site-packages/gimme_aws_creds/main.py", line 702, in aws_app
    self._cache['aws_app'] = aws_app = self._get_selected_app(self.conf_dict.get('aws_appname'), self.aws_results)
  File "snip/lib/python3.10/site-packages/gimme_aws_creds/main.py", line 644, in aws_results
    aws_results = self._get_aws_account_info(self.okta_org_url, self.config.api_key,
  File "snip/lib/python3.10/site-packages/gimme_aws_creds/main.py", line 227, in _get_aws_account_info
    users_client = APIClient(okta_org_url, okta_api_key, pathname='/api/v1/users')
TypeError: APIClient.__init__() got an unexpected keyword argument 'pathname'

Possible Solution

Rollback to 2.7.2 is successful.

$ pip uninstall gimme-aws-creds
$ pip install gimme-aws-creds==2.7.2

Installing collected packages: okta, gimme-aws-creds
  Attempting uninstall: okta
    Found existing installation: okta 2.9.6
    Uninstalling okta-2.9.6:
      Successfully uninstalled okta-2.9.6
  DEPRECATION: okta is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
  Running setup.py install for okta ... done
Successfully installed gimme-aws-creds-2.7.2 okta-0.0.4

Steps to Reproduce (for bugs)

  1. Using Okta API Key integration
  2. invoke gimme-aws-creds on 2.8.2
  3. Finish login flow, see python stack trace above

Your Environment

trailofdad commented 1 month ago

+1 also having this issue

andrew-hamilton-dev commented 1 month ago

+1 also having this issue