search

Versent / saml2aws

CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP
https://github.com/Versent/saml2aws
MIT License
2.09k stars 564 forks source link

Looping for enter MS authenticator code #1336

Open paokrab opened 3 months ago

paokrab commented 3 months ago 
   I entered the correct code, but it keeps asking for the code again. This issue started about a month ago. I have updated to version 2.36.17, but it didn't help. I'm not sure how to fix it.

Authenticating as somsak.pattanaprateep@xxxxx.io ... Phone approval required. Entropy is: 85 Phone approval required. Entropy is: 90 Phone approval required. Entropy is: 85

🚑🚑 ~ saml2aws --verbose login DEBU[0000] Running command=login DEBU[0000] Check if creds exist. command=login DEBU[0000] Expand name=/Users/paokrab/.aws/credentials pkg=awsconfig DEBU[0000] resolveSymlink name=/Users/paokrab/.aws/credentials pkg=awsconfig DEBU[0000] ensureConfigExists filename=/Users/paokrab/.aws/credentials pkg=awsconfig Using IdP Account default to access AzureAD https://account.activedirectory.windowsazure.com DEBU[0000] Get credentials helper=osxkeychain serverURL="https://account.activedirectory.windowsazure.com" DEBU[0000] Get credentials helper=osxkeychain user=somsak.pattanaprateep@xxxxx.io To use saved password just hit enter. ? Username somsak.pattanaprateep@xxxxx.io ? Password ****

DEBU[0005] building provider command=login idpAccount="account {\n AppID: 26f7f294-6ec6-4a2c-a94f-xxxxxxxxxx\n URL: https://account.activedirectory.windowsazure.com\n Username: somsak.pattanaprateep@xxxxx.io\n Provider: AzureAD\n MFA: Auto\n SkipVerify: false\n AmazonWebservicesURN: urn:amazon:webservices\n SessionDuration: 3600\n Profile: saml\n RoleARN: arn:aws:iam::XXXXXXXXX:role/xxxxxRole\n Region: ap-southeast-1\n}" Authenticating as somsak.pattanaprateep@xxxxx.io ... DEBU[0006] processing ConvergedSignIn provider=AzureAD DEBU[0006] HTTP Req URL="https://login.microsoftonline.com/common/GetCredentialType?mkt=en-US" http=client method=POST DEBU[0006] HTTP Res Status="200 OK" http=client DEBU[0006] HTTP Req URL="https://login.microsoftonline.com/common/login" http=client method=POST DEBU[0007] HTTP Res Status="200 OK" http=client DEBU[0007] processing ConvergedTFA provider=AzureAD DEBU[0007] HTTP Req URL="https://login.microsoftonline.com/common/SAS/BeginAuth" http=client method=POST DEBU[0008] HTTP Res Status="200 OK" http=client Phone approval required. Entropy is: 94 DEBU[0008] HTTP Req URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST DEBU[0009] HTTP Res Status="200 OK" http=client DEBU[0010] HTTP Req URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST DEBU[0025] HTTP Res Status="200 OK" http=client DEBU[0025] processing ConvergedTFA provider=AzureAD DEBU[0025] HTTP Req URL="https://login.microsoftonline.com/common/SAS/BeginAuth" http=client method=POST DEBU[0025] HTTP Res Status="200 OK" http=client Phone approval required. Entropy is: 29 DEBU[0025] HTTP Req URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST DEBU[0026] HTTP Res Status="200 OK" http=client DEBU[0027] HTTP Req URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST DEBU[0027] HTTP Res Status="200 OK" http=client

PaulWebbster commented 2 months ago

Up, I have the same problems starting today.

Pedro-Luzzi commented 2 months ago

I supposed it is the same issue as #1072