search

cevoaustralia / aws-google-auth

Provides AWS STS credentials based on Google Apps SAML SSO auth (what a jumble!)
MIT License
537 stars 181 forks source link

RuntimeError: Could not find SAML response, check your credentials #84

Closed wandergeek closed 6 years ago

wandergeek commented 6 years ago

I seem to be having sporadic issues with logging in with 2FA. Following a login and clicking the 'Yes' button in the google app, I get an error asking me to check my creds. The full error is below. 

Failed to import U2F libraries, U2F login unavailable. Other methods can still continue.
Google Password:
Open the Google App, and tap 'Yes' on the prompt to sign in ...
Traceback (most recent call last):
  File "/usr/local/lib/python3.6/site-packages/aws_google_auth/google.py", line 208, in parse_saml
    saml_element = parsed.find('input', {'name': 'SAMLResponse'}).get('value')
AttributeError: 'NoneType' object has no attribute 'get'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/bin/aws-google-auth", line 11, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.6/site-packages/aws_google_auth/__init__.py", line 224, in main
    cli(cli_args)
  File "/usr/local/lib/python3.6/site-packages/aws_google_auth/__init__.py", line 63, in cli
    process_auth(args, config)
  File "/usr/local/lib/python3.6/site-packages/aws_google_auth/__init__.py", line 185, in process_auth
    saml_xml = google_client.parse_saml()
  File "/usr/local/lib/python3.6/site-packages/aws_google_auth/google.py", line 210, in parse_saml
    raise RuntimeError('Could not find SAML response, check your credentials')
RuntimeError: Could not find SAML response, check your credentials

Most times this goes away after I try again a few times, but this time it is not going away. Any ideas?

BeardedPug commented 6 years ago

Heyah I just had this problem too, for me it turned out that since I was using my phone for mfa (say yes on phone when logging in) it was trying to contact that but couldn't and so resulted in this error, don't know if this is the same for you but hope it helps. It needs a better error message thats for sure.

wandergeek commented 6 years ago

It seems to go away with a few retries. In this case I had to retry over 5 times before it worked.

On Thu, Jul 26, 2018, 12:19 AM Mark Hardwick notifications@github.com wrote:

Heyah I just had this problem too, for me it turned out that since I was using my phone for mfa (say yes on phone when logging in) it was trying to contact that but couldn't and so resulted in this error, don't know if this is the same for you but hope it helps. It needs a better error message thats for sure.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/cevoaustralia/aws-google-auth/issues/84#issuecomment-407770838, or mute the thread https://github.com/notifications/unsubscribe-auth/AAkfNBlM6lBjLuAFy3SYzXw__1ZkCKHzks5uKH5jgaJpZM4VfQbc .

tyler274 commented 6 years ago

I have a patch for this. Will update when I'm ready to open a pr

tinder-tylerport commented 6 years ago

https://github.com/cevoaustralia/aws-google-auth/pull/87 pr that fixes this