Unable to log in with google from security reasons

[omerbarlev]

Hi, up unitl recently, everything was working great, than I changed my password and start getting the following error:

ERROR:root:'NoneType' object has no attribute 'get'
Traceback (most recent call last):
  File "/home/omer/.local/lib/python3.8/site-packages/aws_google_auth/__init__.py", line 79, in cli
    process_auth(args, config)
  File "/home/omer/.local/lib/python3.8/site-packages/aws_google_auth/__init__.py", line 243, in process_auth
    google_client.do_login()
  File "/home/omer/.local/lib/python3.8/site-packages/aws_google_auth/google.py", line 257, in do_login
    passwd_challenge_url = 'https://accounts.google.com' + form.get('action')
AttributeError: 'NoneType' object has no attribute 'get'

This is what causing the issue (translated from Hebrew) -

Tried to delete saml cache, reinstall aws-google-auth, restart computer, sign out in and from all my google accounts and nothing worked...

Any ideas?

[jpedrobf]

I'm also facing the same issue, and there was no change before the problem started. Tried everything so far, but nothing helped yet. @omerbarlev are you still facing this?

I've tried using a co-worker user with the -u flag, and it passes the Google Authentication part, so I'm thinking my problem is with my Gsuite account. But then again, I can still log into AWS Console via Web

[omerbarlev]

@jpedrobf For now I'm still having this issue... I have tried doing the authentication flow myself manually (opening the authentication link in the browser) and managed to authenticate successfully. aws-google-auth is using some custom user agent for the oauth flow, and only with that user agent I get this error...

For now I found some workaround - I'm doing the oauth flow manually and fetching the saml XML response from the captured network request in chrome. Than I paste this in the aws-google-auth code so script can skip the authentication flow and get the credentials.

[alexandrevieira-ze]

Same here.

[vishalbhogate]

You need to enable the challenges option on SSO for your User or organization level. That will fix the issue.

Disable the challenge feature can be done on the org or user level. so it may work seamlessly for one user but not for another user.

[jpllana]

I was having the same issue for a while but with the realease of aws-google-auth==0.0.38 I am not having this issue any more.

[Nalum]

I've just installed this and I'm hitting this issue with v0.0.38.

❯ aws-google-auth -V
aws-google-auth 0.0.38
❯ aws-google-auth --resolve-aliases --idp-id ${IDPID} --sp-id ${SPID} --username ${GSUIT_USER} --region ${AWS_REGION}
Google Password:
ERROR:root:'NoneType' object has no attribute 'get'
Traceback (most recent call last):
  File "/usr/lib/python3.10/site-packages/aws_google_auth/__init__.py", line 79, in cli
    process_auth(args, config)
  File "/usr/lib/python3.10/site-packages/aws_google_auth/__init__.py", line 243, in process_auth
    google_client.do_login()
  File "/usr/lib/python3.10/site-packages/aws_google_auth/google.py", line 256, in do_login
    passwd_challenge_url = 'https://accounts.google.com' + form.get('action')
AttributeError: 'NoneType' object has no attribute 'get'

I've tried both the Arch AUR and the PIP install.

[miklinson]

@Nalum can you try adding --bg-response js_enabled this resolves the issue on my end. aws-google-auth --idp-id ${IDPID} --sp-id ${SPID} --username ${GSUIT_USER} --region ${AWS_REGION} --bg-response js_enabled