Closed celliott closed 4 years ago
We have been seeing it as well.
I just can not login right now.
ok, tried again 3 minutes later and it works, : \
It has definitely been intermittent for us. Not all users are affected either. My gut is saying that it related to google bot protection for saml endpoints but I'm not sure how to debug and pinpoint yet. Any help would be appreciated.
May be related to https://github.com/cevoaustralia/aws-google-auth/issues/160
I printed out the challenge_page
for both successful and unsuccessful attempts. Goggle is presenting different login pages. the question is why and how can I force the successful page? The unsuccessful page does not contain ProfileInformation
I can post the html bodies of each request if that is helpful. Just ask.
successful
unsuccessful
Also experiencing this issue, on Windows Powershell 7.0.rc3 (PIP up to date, latest version of package according to pip install aws-google-auth[u2f]
).
Trying multiple times seems to finally resolve it.
Normally I use in app authentication which lives in Samsung Secure Folder, which requires additional phone pin code verification which sometimes causes times out. Nonetheless, if it doesn't work there it might then revert to SMS auth.
My line numbers are only slightly different.
ERROR:root:'NoneType' object has no attribute 'get'
Traceback (most recent call last):
File "C:\Users\Myself\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.7_qbz5n2kfra8p0\LocalCache\local-packages\Python37\site-packages\aws_google_auth\__init__.py", line 72, in cli
process_auth(args, config)
File "C:\Users\Myself\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.7_qbz5n2kfra8p0\LocalCache\local-packages\Python37\site-packages\aws_google_auth\__init__.py", line 212, in process_auth
google_client.do_login()
File "C:\Users\Myself\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.7_qbz5n2kfra8p0\LocalCache\local-packages\Python37\site-packages\aws_google_auth\google.py", line 225, in do_login
'name': 'ProfileInformation'
AttributeError: 'NoneType' object has no attribute 'get'```
@JorgenSmith The problem comes from Google returning a different login page on some requests (as @celliott points out), the html source of which does not contain the information that aws-google-auth
is looking for.
We're taking a look at this at the moment.
for the time being I used this extension on chrome to get the credentials https://chrome.google.com/webstore/detail/saml-to-aws-sts-keys-conv/ekniobabpcnfjgfbphhcolcinmnbehde/related
Did --save-failure-html
worked for you in this case?
@jurgenweber Long time no see ;)
--save-failure-html
did not seem to work for me.
The only way I can get around this issues it seems is by using a VPN service to switch to a different country which is peculiar! Then I get the regular 2FA prompt.
@jsafoodpanda G'Day mate. Indeed, long time.
Any closer to a resolution? Brute force logging isn't the best fun. I would say Google have completely rolled over to their new login page now and it is 100% broken. I am now having no success.
We are not seeing any successful attempts here. Anything we can do to help with this, please let me know. π
I have a fix for this that I'm just validating now ... it's worked for me on the "new" page, I'm just cleaning it up before pushing
0.0.34 is live on pypi now and supports the new login form -- go give it a whirl
@nonspecialist Thx for the quick fix! It is working reliably for me. Thx again. Will it also be pushed to homebrew?
@celliott I'll PR it into homebrew-core
now
@nonspecialist thank you again! so much appreciated.
lightning fast turnaround. Thanks
well done team!
came for this exact issue, fix is working well for me. Thanks!
Thanks everyone for confirming, I'll close this now
Thanks @nonspecialist, it works for me π―
I still have problem after update, the error page always says that my password was wrong but in fact it's correct
aws-google-auth -I xxxxxxxxx -S 9xxxxxx -d 43200 -u email@email.com -p default -a -l debug --save-failure-html
INFO:root:aws_google_auth: SAML cache not found
Google Password:
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): accounts.google.com:443
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "GET /o/saml2/initsso?idpid=xxxxxxxxx&spid=9xxxxxx&forceauthn=false HTTP/1.1" 302 0
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "GET /ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/initsso?idpid%3Dxxxxxxxxx%26spid%3D9xxxxxx%26forceauthn%3Dfalse%26from_login%3D1%26as%3Dyj6qP2PkCSIUDToh4es-Xg&followup=https://accounts.google.com/o/saml2/initsso?idpid%3Dxxxxxxxxx%26spid%3D9xxxxxx%26forceauthn%3Dfalse%26from_login%3D1%26as%3Dyj6qP2PkCSIUDToh4es-Xg<mpl=popup&oauth=1&faa=1&sarp=1&scc=1 HTTP/1.1" 200 None
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "POST /signin/v1/lookup HTTP/1.1" 302 552
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "GET /signin/challenge/pwd/1?continue=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Finitsso%3Fidpid%3Dxxxxxxxxx%26spid%3D9xxxxxx%26forceauthn%3Dfalse%26from_login%3D1%26as%3Dyj6qP2PkCSIUDToh4es-Xg&sarp=1&scc=1&checkedDomains=youtube&pstMsg=0&oauth=1&TL=AKCKxpG1VqbfhRUYEpvzdRn74K7iuKNZsI7MfEcl5HTrlZKXeGlVQRU6YaBntygH HTTP/1.1" 200 None
INFO:root:Handling new-style login page
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "POST /signin/challenge/pwd/1 HTTP/1.1" 200 None
ERROR:root:SAML lookup failed, storing failure page to 'saml.html' to assist with debugging.
Something went wrong - Could not find SAML response, check your credentials or use --save-failure-html to debug.
Error page
I'm still seeing this error on version 0.0.34
$ aws-google-auth -V aws-google-auth 0.0.34
$ aws-google-auth Google Password: ERROR:root:'NoneType' object has no attribute 'get' Traceback (most recent call last): File "/Library/Python/3.7/site-packages/aws_google_auth/init.py", line 75, in cli process_auth(args, config) File "/Library/Python/3.7/site-packages/aws_google_auth/init.py", line 222, in process_auth google_client.do_login() File "/Library/Python/3.7/site-packages/aws_google_auth/google.py", line 235, in do_login passwd_challenge_url = 'https://accounts.google.com' + form.get('action') AttributeError: 'NoneType' object has no attribute 'get'
I think the issue is back, many people from out organisation are also facing same issue again.
This time itβs mainly with the users trying to login using Captcha.
May be some thing changed Google side?
Error trace:
Captcha` (case insensitive): noustrumb
ERROR:root:'NoneType' object has no attribute 'text'
Traceback (most recent call last):
File "/usr/lib/python3.8/site-packages/aws_google_auth-0.0.36-py3.8.egg/aws_google_auth/__init__.py", line 78, in cli
process_auth(args, config)
File "/usr/lib/python3.8/site-packages/aws_google_auth-0.0.36-py3.8.egg/aws_google_auth/__init__.py", line 242, in process_auth
google_client.do_login()
File "/usr/lib/python3.8/site-packages/aws_google_auth-0.0.36-py3.8.egg/aws_google_auth/google.py", line 270, in do_login
response_page = BeautifulSoup(sess.text, 'html.parser')
AttributeError: 'NoneType' object has no attribute 'text'
Version 0.0.36 Python 3.8.3 and 3.8.0
Any ideas how to fix ?
Thanks in advance
I'm also seeing this issue ERROR:root:'NoneType' object has no attribute 'get' Traceback (most recent call last): File "/usr/local/Cellar/aws-google-auth/0.0.36_1/libexec/lib/python3.9/site-packages/aws_google_auth/init.py", line 78, in cli process_auth(args, config) File "/usr/local/Cellar/aws-google-auth/0.0.36_1/libexec/lib/python3.9/site-packages/aws_google_auth/init.py", line 242, in process_auth google_client.do_login() File "/usr/local/Cellar/aws-google-auth/0.0.36_1/libexec/lib/python3.9/site-packages/aws_google_auth/google.py", line 235, in do_login passwd_challenge_url = 'https://accounts.google.com' + form.get('action') AttributeError: 'NoneType' object has no attribute 'get'
Have the same problem now: Happens when I allow sign-in on my smartphone
ERROR:root:'NoneType' object has no attribute 'get'
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/aws_google_auth/__init__.py", line 79, in cli
process_auth(args, config)
File "/usr/local/lib/python3.9/site-packages/aws_google_auth/__init__.py", line 243, in process_auth
google_client.do_login()
File "/usr/local/lib/python3.9/site-packages/aws_google_auth/google.py", line 325, in do_login
sess = self.handle_prompt(sess)
File "/usr/local/lib/python3.9/site-packages/aws_google_auth/google.py", line 620, in handle_prompt
response_page.find('input', {
AttributeError: 'NoneType' object has no attribute 'get'
Is there any solution, how to resolve this it? The same issue:
aws-google-auth -I *** -S xxxxxxx -d 28800 -p lmg -R ** -uuser@email.com -k -l debug
INFO:root:aws_google_auth: SAML cache not found
DEBUG:keyring.backend:Loading Gnome
DEBUG:keyring.backend:Loading Google
DEBUG:keyring.backend:Loading Windows (alt)
DEBUG:keyring.backend:Loading file
DEBUG:keyring.backend:Loading keyczar
DEBUG:keyring.backend:Loading multi
DEBUG:keyring.backend:Loading pyfs
DEBUG:keyring.backend:Loading KWallet
DEBUG:keyring.backend:Loading SecretService
DEBUG:keyring.backend:Loading Windows
DEBUG:keyring.backend:Loading chainer
DEBUG:keyring.backend:Loading libsecret
DEBUG:keyring.backend:Loading macOS
Google Password:
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): accounts.google.com:443
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "GET /o/saml2/initsso?idpid=Cxxxxxxx&spid=9xxxxxxxxx&forceauthn=false HTTP/1.1" 302 0
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "GET /ServiceLogin?passive=1xxxxxx&continue=https://accounts.google.com/o/saml2/initsso?idpid%3xxxxxx%26spid%3xxxxxxxxxx%26forceauthn%3Dfalse%26from_login%3Dxxxxxxxxxxxxxxxxxx&followup=https://accounts.google.com/o/saml2/initsso?idpid%3xxxxxxxxxxxxxforceauthn%3Dfalse%26from_login%3xxxxxxxxxxxxxxxxxxxxx=popup&oauth=1&faa=1&sarp=1&scc=1 HTTP/1.1" 200 None
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "POST /signin/v1/lookup HTTP/1.1" 302 242
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "GET /signin/rejected?rrk=88&hl=ru HTTP/1.1" 200 None
INFO:root:Handling new-style login page
ERROR:root:'NoneType' object has no attribute 'get'
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/aws_google_auth/__init__.py", line 79, in cli
process_auth(args, config)
File "/usr/local/lib/python3.6/site-packages/aws_google_auth/__init__.py", line 243, in process_auth
google_client.do_login()
File "/usr/local/lib/python3.6/site-packages/aws_google_auth/google.py", line 256, in do_login
passwd_challenge_url = 'https://accounts.google.com' + form.get('action')
AttributeError: 'NoneType' object has no attribute 'get'
I`ve tried with deferent OS:
CentOS v8; Python 3.6.8; pip 21.3.1; aws-google-auth 0.0.37; aws-cli/2.5.4 "Debian GNU/Linux 11; Python 3.9.2; pip 22.0.4; aws-google-auth 0.0.37; aws-cli/2.5.4 The same result 1:1
I'm seeing the same problem
Same problem for me, version 0.0.38
@axel-gonzalez-121 could you share a stack trace of the error when it occurs?
@kriation sure, im just loggin using $ aws-google-auth on my console (Windows CMD console) and this is what i got after fill all the steps (username, idp, sp, password)
Thanks @axel-gonzalez-121. Could you run through it again, passing --save-failure-html and --save-saml-flow?
The first will save any failures to saml.html in the local directory. The second will generate a directory with multiple files that include the GET and POST responses in each step of the flow.
Once generated, attach them to this issue.
@kriation Where should that files and folder be created? I have run the command with that two flags and check into C:\Python310\lib\site-packages\aws_google_auth and i can't found it . Also i checked in the route that i have open my console, can't found it too
@axel-gonzalez-121, the generated content the local directory that you were in when you ran aws-google-auth.
Tried running with --save-saml-flow
I get the following error from Google
Getting the same issue as others on version 0.0.38
AttributeError: 'NoneType' object has no attribute 'get'
Eventually (if you're in luck) it works after about 20 minutes of inactivity.
We have been successfully using
aws-google-auth
for months and it's been great. Starting Monday 2/24 we started Intermittently seeing the error below. I disabled 2fa on my GSuite account but it did not help. Is anyone else seeing this?