Okta with YubiKey stopped working for me

[svenwal]

I have had my setup with Okta and Yubikey running for a long time but this week or last week it stopped working. saml2aws errors with an error 400

$ saml2aws login             
Using IdP Account default to access Okta https://xxxx.okta.com/home/amazon_aws/xxxxxx
To use saved password just hit enter.
? Username xxxxxx
? Password 

Authenticating as sven.walther@konghq.com ...
Touch the flashing U2F device to authenticate...
  ==> Touch accepted. Proceeding with authentication
Error authenticating to IdP.: error verifying MFA: error retrieving verify response: request for url: https://konghq.okta.com/api/v1/authn/factors/fxxxxxx/verify failed status: 400 Bad Request

Logging in with the browser to Okta still works with Yubikey

$ saml2aws --version
2.36.8

Config:

$ cat ~/.saml2aws
[default]
name                    = default
app_id                  = 
url                     = https://xxxx.okta.com/home/amazon_aws/xxxxx
username                = xxxxxxxx
provider                = Okta
mfa                     = YUBICO TOKEN:HARDWARE
skip_verify             = false
timeout                 = 0
aws_urn                 = urn:amazon:webservices
aws_session_duration    = 43200
aws_profile             = sandbox
resource_id             = 
subdomain               = 
role_arn                = 
region                  = 
http_attempts_count     = 
http_retry_delay        = 
credentials_file        = 
saml_cache              = false
saml_cache_file         = 
target_url              = 
disable_remember_device = false
disable_sessions        = false
prompter                = 

[roptoor]

This is affecting our organization/users also, and looks to be due to the changes introduced in #1039 and fixed in #1059

[Mystik738]

Having similar issues; currently reverted to 2.36.7 which allows us to login.

[roptoor]

Looks to be fixed with the merge of #1059. @mapkon - any chance we can get a new release tagged?