kiketid
commented
1 year ago removing config.toml has make it work again.
Closed kiketid closed 1 year ago
kiketid
commented
1 year ago removing config.toml has make it work again.
I have these errors after my company updates VPN software:
[info ] Browser exited [openconnect_sso.browser.browser] [debug ] Sending auth finish request [openconnect_sso.authenticator] content=b'<?xml version=\'1.0\' encoding=\'UTF-8\'?>\n<config-auth client="vpn" type="auth-reply" aggregate-auth-version="2">\n <version who="vpn">4.7.00136</version>\n <device-id>linux-64</device-id>\n <session-token/>\n <session-id/>\n <opaque is-for="sg">\n <tunnel-group>AAD-MFA</tunnel-group>\n <aggauth-handle>980791142</aggauth-handle>\n <auth-method>single-sign-on-v2</auth-method>\n <config-hash>1689236996742</config-hash>\n </opaque>\n <auth>\n <sso-token></sso-token>\n </auth>\n</config-auth>\n' https://vpn.gvp.telefonica.com:443 "POST /AAD-MFA HTTP/1.1" 200 None [debug ] Auth finish response received [openconnect_sso.authenticator] content=b'<?xml version="1.0" encoding="UTF-8"?>\n<config-auth client="vpn" type="auth-request" aggregate-auth-version="2">\n<opaque is-for="sg">\n<tunnel-group>AAD-MFA</tunnel-group>\n<auth-method>single-sign-on-v2</auth-method>\n<config-hash>1689236996742</config-hash>\n</opaque>\n<auth id="main">\n<title>Login</title>\n<message>Please complete the authentication process in the AnyConnect Login window.</message>\n<banner></banner>\n<error id="1">Unknown error.</error>\n<sso-v2-login>https://vpn.gvp.telefonica.com/+CSCOE+/saml/sp/login?ctx=242851302%0A&acsamlcap=v2</sso-v2-login>\n<sso-v2-login-final>https://vpn.gvp.telefonica.com/+CSCOE+/saml_ac_login.html</sso-v2-login-final>\n<sso-v2-logout>https://vpn.gvp.telefonica.com/+CSCOE+/saml/sp/logout</sso-v2-logout>\n<sso-v2-logout-final>https://vpn.gvp.telefonica.com/+CSCOE+/saml_ac_login.html</sso-v2-logout-final>\n<sso-v2-token-cookie-name>acSamlv2Token</sso-v2-token-cookie-name>\n<sso-v2-error-cookie-name>acSamlv2Error</sso-v2-error-cookie-name>\n<form>\n<input type="sso" name="sso-token"></input>\n</form>\n</auth>\n</config-auth>\n' [info ] Response received [openconnect_sso.authenticator] id=main message=Please complete the authentication process in the AnyConnect Login window. title=Login [error ] Could not finish authentication. Invalid response type in current state [openconnect_sso.authenticator] response=AuthRequestResponse(auth_id='main', auth_title='Login', auth_message='Please complete the authentication process in the AnyConnect Login window.', auth_error='Unknown error.', login_url='https://vpn.gvp.telefonica.com/+CSCOE+/saml/sp/login?ctx=242851302%0A&acsamlcap=v2', login_final_url='https://vpn.gvp.telefonica.com/+CSCOE+/saml_ac_login.html', token_cookie_name='acSamlv2Token', opaque=<Element opaque at 0x1040568c0>) Traceback (most recent call last): File "/Users/enric/.local/bin/openconnect-sso", line 8, in <module> sys.exit(main()) File "/Users/enric/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/openconnect_sso/cli.py", line 169, in main return app.run(args) File "/Users/enric/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/openconnect_sso/app.py", line 34, in run auth_response, selected_profile = asyncio.get_event_loop().run_until_complete( File "/usr/local/Cellar/python@3.10/3.10.12_1/Frameworks/Python.framework/Versions/3.10/lib/python3.10/asyncio/base_events.py", line 649, in run_until_complete return future.result() File "/Users/enric/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/openconnect_sso/app.py", line 139, in _run auth_response = await authenticate_to( File "/Users/enric/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/openconnect_sso/authenticator.py", line 50, in authenticate raise AuthenticationError(response) openconnect_sso.authenticator.AuthenticationError: AuthRequestResponse(auth_id='main', auth_title='Login', auth_message='Please complete the authentication process in the AnyConnect Login window.', auth_error='Unknown error.', login_url='https://vpn.gvp.telefonica.com/+CSCOE+/saml/sp/login?ctx=242851302%0A&acsamlcap=v2', login_final_url='https://vpn.gvp.telefonica.com/+CSCOE+/saml_ac_login.html', token_cookie_name='acSamlv2Token', opaque=<Element opaque at 0x1040568c0>)Any idea about whats missing?
The same problem has been solved in Ubuntu distribution of other colleges via use of --useragent="AnyConnect" flag but isn't working for me. I've tried launching like this: openconnect-sso -s server.vpn.host/GROUP -u USER -- --useragent="AnyConnect" but the error is the same.
I'm using MacOSX with python 3.10.