def auth(self):
token = self.config.get(Config.DEFAULT_SECTION, 'token', fallback=None)
if token:
creds = base64.b64decode(token).decode().rstrip()
username, password = creds.split(':')
else:
username, password = common.get_user_credentials()
session = requests.Session()
try:
if self.ntlmauth:
form_response = session.get(self.idpurl,
verify=self.sslverification,
auth=HttpNtlmAuth(username,
password))
else:
form_response = session.get(self.idpurl,
verify=self.sslverification)
formsoup = BeautifulSoup(form_response.text, "html.parser")
payload_dict = {}
for inputtag in formsoup.find_all(re.compile('(INPUT|input)')):
name = inputtag.get('name', '')
value = inputtag.get('value', '')
if "user" in name.lower():
payload_dict[name] = username
elif "pass" in name.lower():
payload_dict[name] = password
else:
# Simply populate the parameter with the existing value
# (picks up hidden fields in the login form)
payload_dict[name] = value
for inputtag in formsoup.find_all(re.compile('(FORM|form)')):
action = inputtag.get('action')
# parsedurl = urlparse(idpentryurl)
# idpauthformsubmiturl = "{scheme}://{netloc}{action}".format(
# scheme=parsedurl.scheme,
# netloc=parsedurl.netloc,
# action=action)
response = session.post(action, data=payload_dict,
verify=self.sslverification)
if response.status_code != 200:
sys.exit(F'There was a problem logging in via ADFS. HTTP '
'Status Code: {response.status_code}')
assertion = common.get_saml_assertion(response)
arn_to_assume = common.get_arns_from_assertion(assertion, self.args.account)
sts_creds = common.get_sts_creds(arn_to_assume)
try:
common.write_credentials(
self.args.profile,
sts_creds
)
except (NoOptionError, NoSectionError) as e:
sys.exit(e.message)
except requests.exceptions.ConnectionError as e:
sys.exit(F'Could not connect to {self.idpurl}. {e}')
def process_success(self, response):
session_token = json.loads(response.text)['sessionToken']
session = requests.Session()
saml = session.get(self.app_url + "?onetimetoken=" + session_token)
assertion = common.get_saml_assertion(saml)
arn_dict = common.get_arns_from_assertion(assertion, self.args)
sts_creds = common.get_sts_creds(arn_dict)
try:
common.write_credentials(self.args.profile, sts_creds)
except (NoOptionError, NoSectionError) as e:
sys.exit(e.message)
def auth(self):
username, password = common.get_user_credentials()
session = requests.Session()
try:
if self.domain:
username = '******'.format(self.domain, username)
if self.ntlmauth:
form_response = session.get(self.idpurl,
verify=self.sslverification,
auth=HttpNtlmAuth(
username, password))
else:
form_response = session.get(self.idpurl,
verify=self.sslverification)
formsoup = BeautifulSoup(form_response.text, "html.parser")
payload_dict = {}
for inputtag in formsoup.find_all(re.compile('(INPUT|input)')):
name = inputtag.get('name', '')
value = inputtag.get('value', '')
if "user" in name.lower():
payload_dict[name] = username
elif "pass" in name.lower():
payload_dict[name] = password
else:
# Simply populate the parameter with the existing value
# (picks up hidden fields in the login form)
payload_dict[name] = value
for inputtag in formsoup.find_all(re.compile('(FORM|form)')):
action = inputtag.get('action')
# parsedurl = urlparse(idpentryurl)
# idpauthformsubmiturl = "{scheme}://{netloc}{action}".format(
# scheme=parsedurl.scheme,
# netloc=parsedurl.netloc,
# action=action)
response = session.post(action,
data=payload_dict,
verify=self.sslverification)
if response.status_code != 200:
sys.exit('There was a problem logging in via ADFS. HTTP '
'Status Code: %s' % (response.status_code))
assertion = common.get_saml_assertion(response)
arn_to_assume = common.get_arns_from_assertion(assertion)
sts_creds = common.get_sts_creds(arn_to_assume)
common.write_credentials(
self.config.get(common.DEFAULT_CONFIG_SECTION,
'aws_credential_profile'), sts_creds)
except requests.exceptions.ConnectionError as e:
sys.exit('Could not connect to %s. %s' % (self.idpurl, e))
def auth(self):
username, password = common.get_user_credentials()
session = requests.Session()
try:
form_response = session.get(
self.idpurl, verify=self.sslverification)
formsoup = BeautifulSoup(form_response.text, "html.parser")
payload_dict = {}
for inputtag in formsoup.find_all(re.compile('(INPUT|input)')):
name = inputtag.get('name', '')
value = inputtag.get('value', '')
if "user" in name.lower():
payload_dict[name] = username
elif "pass" in name.lower():
payload_dict[name] = password
else:
# Simply populate the parameter with the existing value
# (picks up hidden fields in the login form)
payload_dict[name] = value
for inputtag in formsoup.find_all(re.compile('(FORM|form)')):
action = inputtag.get('action')
# parsedurl = urlparse(idpentryurl)
# idpauthformsubmiturl = "{scheme}://{netloc}{action}".format(
# scheme=parsedurl.scheme,
# netloc=parsedurl.netloc,
# action=action)
response = session.post(action, data=payload_dict,
verify=self.sslverification)
if response.status_code != 200:
sys.exit('There was a problem logging in via ADFS. HTTP '
'Status Code: %s' % (response.status_code))
assertion = common.get_saml_assertion(response)
arn_to_assume = common.get_arns_from_assertion(assertion)
sts_creds = common.get_sts_creds(arn_to_assume)
try:
common.write_credentials(
self.config.get(
common.DEFAULT_CONFIG_SECTION,
'aws_credential_profile'
),
sts_creds
)
except (NoOptionError, NoSectionError) as e:
sys.exit(e.message)
except requests.exceptions.ConnectionError as e:
sys.exit('Could not connect to %s. %s' % (self.idpurl, e))
def process_success(self, response):
session_token = json.loads(response.text)['sessionToken']
session = requests.Session()
saml = session.get(self.app_url + "?onetimetoken=" + session_token)
assertion = common.get_saml_assertion(saml)
arn_dict = common.get_arns_from_assertion(assertion)
sts_creds = common.get_sts_creds(arn_dict)
try:
common.write_credentials(
self.config.get(
common.DEFAULT_CONFIG_SECTION,
'aws_credential_profile'
),
sts_creds
)
except (NoOptionError, NoSectionError) as e:
sys.exit(e.message)
