search

cevoaustralia / aws-google-auth

Provides AWS STS credentials based on Google Apps SAML SSO auth (what a jumble!)
MIT License
537 stars 181 forks source link

save-failure-html always gives TypeError #122

Closed max-rocket-internet closed 5 years ago

max-rocket-internet commented 5 years ago

I always get this when trying to use the --save-failure-html argument:

$ aws-google-auth --role-arn arn:aws:iam::666666666:role/sso/sso-xxxxxxxx --duration 43200 --profile xx-xxxx --keyring --save-failure-html
Failed to import U2F libraries, U2F login unavailable. Other methods can still continue.
Open the Google App, and tap 'Yes' on the prompt to sign in ...
SAML lookup failed, storing failure page to 'saml.html' to assist with debugging.
Traceback (most recent call last):
  File "/Users/max.williams/Library/Python/3.6/lib/python/site-packages/aws_google_auth/google.py", line 284, in parse_saml
    saml_element = parsed.find('input', {'name': 'SAMLResponse'}).get('value')
AttributeError: 'NoneType' object has no attribute 'get'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/Users/max.williams/Library/Python/3.6/bin/aws-google-auth", line 11, in <module>
    sys.exit(main())
  File "/Users/max.williams/Library/Python/3.6/lib/python/site-packages/aws_google_auth/__init__.py", line 232, in main
    cli(cli_args)
  File "/Users/max.williams/Library/Python/3.6/lib/python/site-packages/aws_google_auth/__init__.py", line 66, in cli
    process_auth(args, config)
  File "/Users/max.williams/Library/Python/3.6/lib/python/site-packages/aws_google_auth/__init__.py", line 192, in process_auth
    saml_xml = google_client.parse_saml()
  File "/Users/max.williams/Library/Python/3.6/lib/python/site-packages/aws_google_auth/google.py", line 290, in parse_saml
    out.write(self.session_state.text.encode('utf-8'))
TypeError: write() argument must be str, not bytes
stevemac007 commented 5 years ago

Grrrr - going to guess this is another python 3 vs python 2 issue - let me see if I can add some test coverage for this one to reproduce it and squash it.

max-rocket-internet commented 5 years ago

Or just don't support both versions? Just aim for 3 😎

max-rocket-internet commented 5 years ago

OK I edited aws_google_auth/google.py to capture the output HTML and it looks like this:

screen shot 2019-02-06 at 12 05 18
max-rocket-internet commented 5 years ago

There was no delay though. Run command and click yes in the Google app within 1 second.

stevemac007 commented 5 years ago

Just pushed test_saml_parse to protect against this issue.

max-rocket-internet commented 5 years ago

OK thanks Steve! The problem seems to happen much less for me these days but I'll use this branch next time.

stevemac007 commented 5 years ago

Merging the fix to master - it looks like it was a defect with python3 and the save flag fix.

max-rocket-internet commented 5 years ago

This was fixed. Thanks @stevemac007!