search

vlaci / openconnect-sso

Wrapper script for OpenConnect supporting Azure AD (SAMLv2) authentication to Cisco SSL-VPNs
GNU General Public License v3.0
294 stars 126 forks source link

Incorrect padding error #174

Closed marosrojis closed 2 months ago

marosrojis commented 5 months ago

Hi, it the past it worked well. But now I have problem with using openconnect-sso. I get this error:

Traceback (most recent call last):
  File "/home/maros/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/openconnect_sso/app.py", line 35, in run
    auth_response, selected_profile = asyncio.get_event_loop().run_until_complete(
  File "/usr/lib/python3.10/asyncio/base_events.py", line 649, in run_until_complete
    return future.result()
  File "/home/maros/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/openconnect_sso/app.py", line 121, in _run
    if credentials and not credentials.totp:
  File "/home/maros/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/openconnect_sso/config.py", line 129, in totp
    return pyotp.TOTP(totpsecret).now() if totpsecret else None
  File "/home/maros/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/pyotp/totp.py", line 64, in now
    return self.generate_otp(self.timecode(datetime.datetime.now()))
  File "/home/maros/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/pyotp/otp.py", line 35, in generate_otp
    hasher = hmac.new(self.byte_secret(), self.int_to_bytestring(input), self.digest)
  File "/home/maros/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/pyotp/otp.py", line 52, in byte_secret
    return base64.b32decode(secret, casefold=True)
  File "/usr/lib/python3.10/base64.py", line 253, in b32decode
    return _b32decode(_b32alphabet, s, casefold, map01)
  File "/usr/lib/python3.10/base64.py", line 239, in _b32decode
    raise binascii.Error('Incorrect padding')
binascii.Error: Incorrect padding

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/maros/.local/bin/openconnect-sso", line 8, in <module>
    sys.exit(main())
  File "/home/maros/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/openconnect_sso/cli.py", line 175, in main
    return app.run(args)
  File "/home/maros/.local/pipx/venvs/openconnect-sso/lib/python3.10/site-packages/openconnect_sso/app.py", line 42, in run
    msg, retval = e.args
ValueError: not enough values to unpack (expected 2, got 1)

Do you have any idea why and how can I fix it?

Thank you for your help.

andrashor commented 3 months ago

I have the same problem on Fedora 39 with python3.12.3.

shell-raiser commented 2 months ago

Deleting the keyring entry fixed it for me

marosrojis commented 2 months ago

Deleting the keyring entry fixed it for me

Can you please describe it more? I don't have keyring entry in my config file and I don't know where it is located.

shell-raiser commented 2 months ago

The creds are stored in the login keyring when you use --user user@domain.com like this.

You can use a GUI application like seahorse to manually delete associated password/creds

andrashor commented 2 months ago

I confirm that it worked after I deleted the creds stored in keyring. Thanks for the help. (I used seahorse in Fedora linux)

marosrojis commented 2 months ago

Me too, thank you.