search

cevoaustralia / aws-google-auth

Provides AWS STS credentials based on Google Apps SAML SSO auth (what a jumble!)
MIT License
538 stars 180 forks source link

Having trouble with new-style login page #210

Closed delberthbeti closed 3 years ago

delberthbeti commented 3 years ago

Today when I'm trying to login it takes more time for the prompts to show on my phone, and it's already failed in the terminal.

Any idea about this?

Thank you 🙇🏽

Here's the full log of the attempt:

DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): accounts.google.com:443
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "GET /o/saml2/initsso?idpid=C02ynfcr7&spid=&forceauthn=false HTTP/1.1" 302 0
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "GET /ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/initsso?idpid%3DC02ynfcr7%26spid%%26forceauthn%3Dfalse%26from_login%3D1%26as%HVA&followup=https://accounts.google.com/o/saml2/initsso?idpid%3DC02ynfcr7%26spid%%26forceauthn%3Dfalse%26from_login%3D1%26as%HVA&ltmpl=popup&oauth=1&faa=1&sarp=1&scc=1 HTTP/1.1" 200 None
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "POST /signin/v1/lookup HTTP/1.1" 302 568
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "GET /signin/challenge/pwd/1?continue=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Finitsso%3Fidpid%%26spid%%26forceauthn%3Dfalse%26from_login%3D1%26as%&sarp=1&scc=1&checkedDomains=youtube&pstMsg=0&oauth=1&ltmpl=popup&TL= HTTP/1.1" 200 None
INFO:root:Handling new-style login page
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "POST /signin/challenge/pwd/1 HTTP/1.1" 302 567
DEBUG:urllib3.connectionpool:https://accounts.google.com:443 "GET /signin/challenge/dp/6?continue=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Finitsso%3Fidpid%3DC02ynfcr7%26spid%%26forceauthn%3Dfalse%26from_login%3D1%26as%&sarp=1&scc=1&checkedDomains=youtube&pstMsg=0&oauth=1&ltmpl=popup&TL= HTTP/1.1" 200 None
ERROR:root:SAML lookup failed, storing failure page to 'saml.html' to assist with debugging.
Something went wrong - Could not find SAML response, check your credentials or use --save-failure-html to debug.

And here's the HTML failure output.

image
stevemac007 commented 3 years ago

I ran into that issue personally today too - Given it's occurring to me, I should be able to take a look at getting this working. Will probably open up a whole raft of uplift that has been overlooked recently.

delberthbeti commented 3 years ago

Thank you @stevemac007 !

eugenekainara commented 3 years ago

Also facing similar issue - using aws-google-auth from https://github.com/cevoaustralia/aws-google-auth/pull/203 fixed for me

stevemac007 commented 3 years ago

Thanks for the confirm - I'll validate #203 and get it merged soon.

xmsanchez commented 3 years ago

Also facing similar issue - using aws-google-auth from #203 fixed for me

Not working for me...

UPDATE: Thanks @stevemac007, new version 0.0.37 is working fine for me.

stevemac007 commented 3 years ago

I also still had the issue with #203 - it seems that there is a new challenge type (dp) - I've added support for that and my account can now login.

203 is also good - will release the fix and changes in 203 shortly.

stevemac007 commented 3 years ago

And of course TravisCI is shutting down, and builds look to be suspended - I'll have to dig out the secrets to deploy the updated build.

tomwillfixit commented 3 years ago

Thanks Steve for the quick turnaround time on this fix.

itorres commented 3 years ago

While the release is not published to PyPI people can update pulling from Github with:

pip3 install --upgrade https://github.com/cevoaustralia/aws-google-auth/archive/0.0.37.tar.gz