Closed chikoo77 closed 4 years ago
In summary your password is right, the tool is showing the wrong error message.
We've seen this across a number of users - there looks to be an update to the captcha challenge page as well as the login page that was fixed in 0.0.34.
Like usual, we need to be able to replicate this to resolve it. I've got a sample file from a colleague, will see if there is something I can put together. As I'm not experiencing the issue is a bit like shooting in the dark.
Thank you so much for the reply. Also I was reading that the Google SSO page may vary depending of the country where the request is comming from, it seems that I might be affected by that. Anyway, thank you for releasing an awesome tool. Regards
I believe this was resolved with release 0.0.34
- please reopen if you continue to have the issue.
You can use this command should help pip install --upgrade aws-google-auth
Hello everyone,
I hope you are doing good. I have tried to use this particular package since I'm using G Suite as IDP for AWS and I need access to the AWS CLI as well. As it turns out, I have set up aws-google-auth on a virtual env in order to test it, I use the correct arguments including the username and then it ask me for my password, I enter the password (which is correct) no MFA has been activated for this account but it throws an error saying invalid username or password.
After enabling the --log debug flag, it seems that it can't find the username that I pass in the arguments. Here is the resulting log (I'm not including my IDP nor my SP ID):
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "GET /ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/initsso?idpid%%26spid%%26forceauthn%3Dfalse%26from_login%3D1%26as%3D0SWBfI9xyj4lOIR_5vVJ3Q&followup=https://accounts.google.com/o/saml2/initsso?idpid%%26spid%%26forceauthn%3Dfalse%26from_login%3D1%26as%3D0SWBfI9xyj4lOIR_5vVJ3Q<mpl=popup&oauth=1&faa=1&sarp=1&scc=1 HTTP/1.1" 200 None DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "POST /signin/v1/lookup HTTP/1.1" 200 None DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "POST /signin/v1/lookup HTTP/1.1" 200 None
Since the /signin/v1/lookup is the first step in the process, it seems that it can't find my username (I have made sure that I'm using the correct G Suite account and using FQDN i.e first@domain.com)Things I have tried to far: -Change my user's password -Disable login challenge in G Suite. -Make sure my login credentials works which they are. -I created a profile inside the ~/.aws/config with all parameters including my username but it doesn't recognize it. -I have tried with 2 different G Suite account and same behavior. -I've installed AWS CLI V2 and V1 but neither works. -For testing, I just included the username part only i.e. frank and this time I receive a 302 status code for /signin/v1/lookup but obviouly fails since that's not the correct account so I believe there must be something changing or parsing incorrectly after the '@' sign
Current Setup: -Windows 10 x64 -AWS CLI v1 -Python 3.8.2
Any help will be highly appreciated, thank you.