search

cevoaustralia / aws-google-auth

Provides AWS STS credentials based on Google Apps SAML SSO auth (what a jumble!)
MIT License
537 stars 181 forks source link

Suddenly receiving error #279

Closed slikk66 closed 2 months ago

slikk66 commented 2 months ago

Hi, has been working fine until today getting error:

➜ aws-google-auth -R us-west-2 -u me@my.com -I XXXXXXXX -S 12345679 -a --profile myprofile --bg-response js_enabled
Google Password: 
Please visit the following URL to view your CAPTCHA: https://accounts.google.com/Captcha?v=2&ctoken=XXXXXXXX
Captcha (case insensitive): extinket
Check your phone - after you have confirmed response press ENTER to continue.
ERROR:root:400 Client Error: Bad Request for url: https://accounts.google.com/o/saml2/initsso?idpid=XXXXXXXX&spid=12345679&forceauthn=false&from_login=1&as=XXXXXXXXX&authuser=0
Traceback (most recent call last):
  File "/usr/local/lib/python3.10/site-packages/aws_google_auth/__init__.py", line 79, in cli
    process_auth(args, config)
  File "/usr/local/lib/python3.10/site-packages/aws_google_auth/__init__.py", line 243, in process_auth
    google_client.do_login()
  File "/usr/local/lib/python3.10/site-packages/aws_google_auth/google.py", line 335, in do_login
    sess = self.handle_dp(sess)
  File "/usr/local/lib/python3.10/site-packages/aws_google_auth/google.py", line 710, in handle_dp
    return self.post(challenge_url, data=payload)
  File "/usr/local/lib/python3.10/site-packages/aws_google_auth/google.py", line 124, in post
    response = self.check_for_failure(self.session.post(url, data=data, json=json_data))
  File "/usr/local/lib/python3.10/site-packages/aws_google_auth/google.py", line 94, in check_for_failure
    raise ex
  File "/usr/local/lib/python3.10/site-packages/aws_google_auth/google.py", line 86, in check_for_failure
    sess.raise_for_status()
  File "/usr/local/lib/python3.10/site-packages/requests/models.py", line 1021, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: https://accounts.google.com/o/saml2/initsso?idpid=XXXXXXXX&spid=12345679&forceauthn=false&from_login=1&as=XXXXXXXXX&authuser=0

with versions:

~ python --version
Python 3.10.14
~ aws-google-auth -V
aws-google-auth 0.0.38
slikk66 commented 2 months ago

Looks like our google cert expired?

Google_2024-4-27-101845_SAML2_0

Doesn't seem to be related to aws-google-auth..

closing