Okta: Please support Additional Factor Number Authorisation

[markus-geiger]

Additional factor correct answer is

Just got that today and was blocked from successful authentication for a moment:

1/3 chance to hit the right number in the authenticator app. And luck was by my side ;)

The challenge numbers will only display when Okta calculates an authentication as being risky.

gimme-aws-creds answers by Additional factor correct answer is: " + str(answer):

Check implementation here: https://github.com/Nike-Inc/gimme-aws-creds/blob/master/gimme_aws_creds/okta.py

if '_embedded' in response_data['_embedded']['factor']:
  if response_data['_embedded']['factor']['_embedded']['challenge']['correctAnswer']:
    if self._print_correct_answer:
      self._print_correct_answer(response_data['_embedded']['factor']['_embedded']['challenge']['correctAnswer'])

It would be nyce to have that also suported in saml2aws since I found that tool far better then gimme-something… though actually testing it might be not so easy.

[amasses]

This has already been built by a few people - a recent one is here: https://github.com/Versent/saml2aws/pull/877

But unfortunately at the moment there's been little response on requests to merge etc... :(