-
Notifications
You must be signed in to change notification settings - Fork 179
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ERROR:root:'NoneType' object has no attribute 'get' #280
Comments
I've been digging into this issue a bit (I work with @LeRocque) to just poke around at the responses this tool is getting back from Google. Using our identity provider and secret provider to build the URL in this code In google.Google
Does indeed produce a valid URL allow for my federated Google identity to provide access to AWS. If I was already logged into my corporate Google account, it routes me directly to the AWS console. If I'm not logged into said account, I'm dropped to the normal Google account selection page. I'm currently analyzing the issue from the perspective of the first page that URL loads (probably not reflective of what I'm seeing in foreground testing) is not the page this tool is expecting to receive. From what I currently understand about BeautifulSoup (never used it before today), the listed stack trace shows an inability to pull a named 'continue's value. More concerning though, is that if you comment this out or just feed it some value, the subsequent line fails In google.Google.do_login GAIA is Google's login and identity service (correct?) and there are no search hits on the text 'gaia' in the page I'm getting back at all. I'm at a bit of a loss as to what to look into next here, so some input from a main dev would be greatly appreciated. Possibly worth noting here is that this issue started on May 1st, so a month transition (yes, we paid our bill). Likely nothing, but it's a more suspicious date of occurrence than most others. |
It seems Google has changed the workflow and all the pages are different. I have hacked together enough to successfully login with captcha and TOTP MFA. See #281 |
Same issue here, used to work just fine and all of a sudden started failing today. @mestuddtc I pulled down your fix and the process gets me to captcha but it always fails further on. Failure HTML look like that: Looks like captcha field is not getting the text it's supposed to get? |
@mestuddtc I have tweaked your change to add support for the handle_dp method. I have raised the PR against your branch to simplify the process of delivering both. I assume the simplest thing to do would be for you to fast-forward your branch to the tip of mine which will close my PR and consolidate both fixes into your PR, but I leave that up to you. mestuddtc#3 <- my tweak of your PR |
Thank you everyone! I implemented your fix @jonseymour. It is working for me now. |
This fix is partially(?) working for me. I am getting through the password now but getting stuck on the captcha. Before this issue/fix, when I failed the captcha, it would give me an "invalid credential" type error. Now I am getting "Something went wrong - Could not find SAML response, check your credentials or use --save-failure-html to debug.", as shown in the pic. Is this the new "you failed captcha error"? or is this something else? To implement this fix I replaced my "google.py" with the "google.py" from jonseymour's PR above. Some people in my company have had success replacing their "google.py". The difference we've noticed is the people it works for have their installs in something like: /Unbuntu/usr/local/lib/python3.10/dist-packages/aws-google-auth |
To add to @LukeMooney's comment. It also seems to only work if you're using a MFA method of an authenticator token or by opening the Gmail app on your phone + clicking confirm. SMS is still broken |
@mestuddtc didn't work for me
I was able to log in with @jonseymour code but with a little change: Now is working form me |
@juancarlosm fix worked for me. |
Thanks @juancarlosm and @jonseymour -- officially saved my workday. |
I'm pulling fixes into my PR and fork. If you have problems, run with the |
Right, this basically was my workday yesterday! |
I have taken the latest google.py from https://github.com/mestuddtc/aws-google-auth/blob/master/aws_google_auth/google.py but still it did not fix the issue for me. My installation path: |
@ismail0352 that file doesn't have either of the fixes above. Try adding them manually. |
Did anyone else start getting "Match the number" MFA prompt after clicking on "it's me" verification? now I have 33% of chance to go through the auth. |
UPDATE: 7th May It just started working for some reason.... very weird! Is there a fix for this yet?
when I try to run the aws-google-auth -u ... |
Hello, |
I tried the solution provided by @juancarlosm and @jonseymour. Also, your master branch @mestuddtc but still having the same issue
|
@vrathore18 Are you sure you're using the new code? The stack trace does not line up with it. It looks much closer to the old master branch without the fixes. |
@vrathore18 - make sure you have the version of @mestuddtc's branch that includes d363cad. I was happily using the slightly earlier revision I submitted until today, then started to experience the issues fyodor-roam reported. When I upgraded to d363cad which includes @juancarlosm's fixes, it started working again for me. Prior to that time, the captcha request was silently failing and leaving the login sequence at the captcha submission stage, although it took some debugging to workout that was what was happening. |
Started getting the issue today again. Can confirm that d363cad solves it for me. |
Guys I applied the recent fix from @mestuddtc's branch and I am getting a different error now
Can anyone be kind enough to create a docker image with the fix and share the public image here? That would be very helpful |
I used the --save-failure-html flag to see what is the issue and this is what the html was like (attaching screenshot) |
@syedkumail95, independently of this issue, months ago, I experienced this prompt unexpectedly. If I initiated the login manually from an incognito window and selected the option I normally use, it didn't happen again when aws-google-auth was next called and I changed nothing else, indicating that this manual intervention caused a change of state on the Google side. So, worth trying that. It might be that now that Google has been rolling out passkey support, it is providing users with an opportunity to select it, though, of course, aws-google-auth may or not support it directly (IDK). |
@jonseymour thanks alot man. It worked :D |
Unfortunately, the fix from #281 stopped helping for me just today. It helped before, but now I'm getting a saml issue:
|
Hm never mind. Looks like this suggestion (just above my comment) fixes it: #280 (comment) |
Thanks @mestuddtc , It's worked for me |
Attempting to use the tool this morning is resulting in
Is anybody else having this issue?
Thanks!
The text was updated successfully, but these errors were encountered: