def auth(self): token = self.config.get(Config.DEFAULT_SECTION, 'token', fallback=None) if token: creds = base64.b64decode(token).decode().rstrip() username, password = creds.split(':') else: username, password = common.get_user_credentials() session = requests.Session() try: if self.ntlmauth: form_response = session.get(self.idpurl, verify=self.sslverification, auth=HttpNtlmAuth(username, password)) else: form_response = session.get(self.idpurl, verify=self.sslverification) formsoup = BeautifulSoup(form_response.text, "html.parser") payload_dict = {} for inputtag in formsoup.find_all(re.compile('(INPUT|input)')): name = inputtag.get('name', '') value = inputtag.get('value', '') if "user" in name.lower(): payload_dict[name] = username elif "pass" in name.lower(): payload_dict[name] = password else: # Simply populate the parameter with the existing value # (picks up hidden fields in the login form) payload_dict[name] = value for inputtag in formsoup.find_all(re.compile('(FORM|form)')): action = inputtag.get('action') # parsedurl = urlparse(idpentryurl) # idpauthformsubmiturl = "{scheme}://{netloc}{action}".format( # scheme=parsedurl.scheme, # netloc=parsedurl.netloc, # action=action) response = session.post(action, data=payload_dict, verify=self.sslverification) if response.status_code != 200: sys.exit(F'There was a problem logging in via ADFS. HTTP ' 'Status Code: {response.status_code}') assertion = common.get_saml_assertion(response) arn_to_assume = common.get_arns_from_assertion(assertion, self.args.account) sts_creds = common.get_sts_creds(arn_to_assume) try: common.write_credentials( self.args.profile, sts_creds ) except (NoOptionError, NoSectionError) as e: sys.exit(e.message) except requests.exceptions.ConnectionError as e: sys.exit(F'Could not connect to {self.idpurl}. {e}')
def process_success(self, response): session_token = json.loads(response.text)['sessionToken'] session = requests.Session() saml = session.get(self.app_url + "?onetimetoken=" + session_token) assertion = common.get_saml_assertion(saml) arn_dict = common.get_arns_from_assertion(assertion, self.args) sts_creds = common.get_sts_creds(arn_dict) try: common.write_credentials(self.args.profile, sts_creds) except (NoOptionError, NoSectionError) as e: sys.exit(e.message)
def auth(self): username, password = common.get_user_credentials() session = requests.Session() try: if self.domain: username = '******'.format(self.domain, username) if self.ntlmauth: form_response = session.get(self.idpurl, verify=self.sslverification, auth=HttpNtlmAuth( username, password)) else: form_response = session.get(self.idpurl, verify=self.sslverification) formsoup = BeautifulSoup(form_response.text, "html.parser") payload_dict = {} for inputtag in formsoup.find_all(re.compile('(INPUT|input)')): name = inputtag.get('name', '') value = inputtag.get('value', '') if "user" in name.lower(): payload_dict[name] = username elif "pass" in name.lower(): payload_dict[name] = password else: # Simply populate the parameter with the existing value # (picks up hidden fields in the login form) payload_dict[name] = value for inputtag in formsoup.find_all(re.compile('(FORM|form)')): action = inputtag.get('action') # parsedurl = urlparse(idpentryurl) # idpauthformsubmiturl = "{scheme}://{netloc}{action}".format( # scheme=parsedurl.scheme, # netloc=parsedurl.netloc, # action=action) response = session.post(action, data=payload_dict, verify=self.sslverification) if response.status_code != 200: sys.exit('There was a problem logging in via ADFS. HTTP ' 'Status Code: %s' % (response.status_code)) assertion = common.get_saml_assertion(response) arn_to_assume = common.get_arns_from_assertion(assertion) sts_creds = common.get_sts_creds(arn_to_assume) common.write_credentials( self.config.get(common.DEFAULT_CONFIG_SECTION, 'aws_credential_profile'), sts_creds) except requests.exceptions.ConnectionError as e: sys.exit('Could not connect to %s. %s' % (self.idpurl, e))
def auth(self): username, password = common.get_user_credentials() session = requests.Session() try: form_response = session.get( self.idpurl, verify=self.sslverification) formsoup = BeautifulSoup(form_response.text, "html.parser") payload_dict = {} for inputtag in formsoup.find_all(re.compile('(INPUT|input)')): name = inputtag.get('name', '') value = inputtag.get('value', '') if "user" in name.lower(): payload_dict[name] = username elif "pass" in name.lower(): payload_dict[name] = password else: # Simply populate the parameter with the existing value # (picks up hidden fields in the login form) payload_dict[name] = value for inputtag in formsoup.find_all(re.compile('(FORM|form)')): action = inputtag.get('action') # parsedurl = urlparse(idpentryurl) # idpauthformsubmiturl = "{scheme}://{netloc}{action}".format( # scheme=parsedurl.scheme, # netloc=parsedurl.netloc, # action=action) response = session.post(action, data=payload_dict, verify=self.sslverification) if response.status_code != 200: sys.exit('There was a problem logging in via ADFS. HTTP ' 'Status Code: %s' % (response.status_code)) assertion = common.get_saml_assertion(response) arn_to_assume = common.get_arns_from_assertion(assertion) sts_creds = common.get_sts_creds(arn_to_assume) try: common.write_credentials( self.config.get( common.DEFAULT_CONFIG_SECTION, 'aws_credential_profile' ), sts_creds ) except (NoOptionError, NoSectionError) as e: sys.exit(e.message) except requests.exceptions.ConnectionError as e: sys.exit('Could not connect to %s. %s' % (self.idpurl, e))
def process_success(self, response): session_token = json.loads(response.text)['sessionToken'] session = requests.Session() saml = session.get(self.app_url + "?onetimetoken=" + session_token) assertion = common.get_saml_assertion(saml) arn_dict = common.get_arns_from_assertion(assertion) sts_creds = common.get_sts_creds(arn_dict) try: common.write_credentials( self.config.get( common.DEFAULT_CONFIG_SECTION, 'aws_credential_profile' ), sts_creds ) except (NoOptionError, NoSectionError) as e: sys.exit(e.message)