def auth(self):
token = self.config.get(Config.DEFAULT_SECTION, 'token', fallback=None)
if token:
creds = base64.b64decode(token).decode().rstrip()
username, password = creds.split(':')
else:
username, password = common.get_user_credentials()
session = requests.Session()
try:
if self.ntlmauth:
form_response = session.get(self.idpurl,
verify=self.sslverification,
auth=HttpNtlmAuth(username,
password))
else:
form_response = session.get(self.idpurl,
verify=self.sslverification)
formsoup = BeautifulSoup(form_response.text, "html.parser")
payload_dict = {}
for inputtag in formsoup.find_all(re.compile('(INPUT|input)')):
name = inputtag.get('name', '')
value = inputtag.get('value', '')
if "user" in name.lower():
payload_dict[name] = username
elif "pass" in name.lower():
payload_dict[name] = password
else:
# Simply populate the parameter with the existing value
# (picks up hidden fields in the login form)
payload_dict[name] = value
for inputtag in formsoup.find_all(re.compile('(FORM|form)')):
action = inputtag.get('action')
# parsedurl = urlparse(idpentryurl)
# idpauthformsubmiturl = "{scheme}://{netloc}{action}".format(
# scheme=parsedurl.scheme,
# netloc=parsedurl.netloc,
# action=action)
response = session.post(action, data=payload_dict,
verify=self.sslverification)
if response.status_code != 200:
sys.exit(F'There was a problem logging in via ADFS. HTTP '
'Status Code: {response.status_code}')
assertion = common.get_saml_assertion(response)
arn_to_assume = common.get_arns_from_assertion(assertion, self.args.account)
sts_creds = common.get_sts_creds(arn_to_assume)
try:
common.write_credentials(
self.args.profile,
sts_creds
)
except (NoOptionError, NoSectionError) as e:
sys.exit(e.message)
except requests.exceptions.ConnectionError as e:
sys.exit(F'Could not connect to {self.idpurl}. {e}')
def auth(self):
session = requests.Session()
username, password = common.get_user_credentials()
payload_dict = {
"username": username,
"password": password
}
response = session.post(
self.auth_url,
headers=self.headers_dict,
data=json.dumps(payload_dict)
)
if response.status_code != 200:
e = json.loads(response.text)
sys.exit("Primary authentication failed: %s. Error code: %s" %
(e['errorSummary'], e['errorCode']))
auth_response = json.loads(response.text)
if auth_response['status'] == 'MFA_REQUIRED':
print("Please choose a second factor:\n")
for i in range(0, len(auth_response['_embedded']['factors'])):
print("[%s] - %s" % (i,
auth_response['_embedded']['factors'][i]['factorType']))
try:
factor_input = raw_input
except NameError:
factor_input = input
choice = int(factor_input("Chose a second factor: "))
if choice > (len(auth_response['_embedded']['factors']) - 1):
sys.exit('Sorry, that is not a valid role choice.')
chosen_factor = auth_response['_embedded']['factors'][choice]
if (chosen_factor['factorType'] == 'sms' or
chosen_factor['factorType'] == 'token:software:totp'):
response = self.second_factor(
chosen_factor, auth_response['stateToken'])
else:
sys.exit("Unsupported second factor.")
if json.loads(response.text)['status'] == 'SUCCESS':
self.process_success(response)
else:
print("Authentication failed with status: %s" %
(json.loads(response.text)['status'],))
elif auth_response['status'] == 'SUCCESS':
self.process_success(response)
else:
print("Unable to login: %s" % (auth_response['status'],))
def auth(self):
username, password = common.get_user_credentials()
session = requests.Session()
try:
if self.domain:
username = '******'.format(self.domain, username)
if self.ntlmauth:
form_response = session.get(self.idpurl,
verify=self.sslverification,
auth=HttpNtlmAuth(
username, password))
else:
form_response = session.get(self.idpurl,
verify=self.sslverification)
formsoup = BeautifulSoup(form_response.text, "html.parser")
payload_dict = {}
for inputtag in formsoup.find_all(re.compile('(INPUT|input)')):
name = inputtag.get('name', '')
value = inputtag.get('value', '')
if "user" in name.lower():
payload_dict[name] = username
elif "pass" in name.lower():
payload_dict[name] = password
else:
# Simply populate the parameter with the existing value
# (picks up hidden fields in the login form)
payload_dict[name] = value
for inputtag in formsoup.find_all(re.compile('(FORM|form)')):
action = inputtag.get('action')
# parsedurl = urlparse(idpentryurl)
# idpauthformsubmiturl = "{scheme}://{netloc}{action}".format(
# scheme=parsedurl.scheme,
# netloc=parsedurl.netloc,
# action=action)
response = session.post(action,
data=payload_dict,
verify=self.sslverification)
if response.status_code != 200:
sys.exit('There was a problem logging in via ADFS. HTTP '
'Status Code: %s' % (response.status_code))
assertion = common.get_saml_assertion(response)
arn_to_assume = common.get_arns_from_assertion(assertion)
sts_creds = common.get_sts_creds(arn_to_assume)
common.write_credentials(
self.config.get(common.DEFAULT_CONFIG_SECTION,
'aws_credential_profile'), sts_creds)
except requests.exceptions.ConnectionError as e:
sys.exit('Could not connect to %s. %s' % (self.idpurl, e))
def auth(self):
username, password = common.get_user_credentials()
session = requests.Session()
try:
form_response = session.get(
self.idpurl, verify=self.sslverification)
formsoup = BeautifulSoup(form_response.text, "html.parser")
payload_dict = {}
for inputtag in formsoup.find_all(re.compile('(INPUT|input)')):
name = inputtag.get('name', '')
value = inputtag.get('value', '')
if "user" in name.lower():
payload_dict[name] = username
elif "pass" in name.lower():
payload_dict[name] = password
else:
# Simply populate the parameter with the existing value
# (picks up hidden fields in the login form)
payload_dict[name] = value
for inputtag in formsoup.find_all(re.compile('(FORM|form)')):
action = inputtag.get('action')
# parsedurl = urlparse(idpentryurl)
# idpauthformsubmiturl = "{scheme}://{netloc}{action}".format(
# scheme=parsedurl.scheme,
# netloc=parsedurl.netloc,
# action=action)
response = session.post(action, data=payload_dict,
verify=self.sslverification)
if response.status_code != 200:
sys.exit('There was a problem logging in via ADFS. HTTP '
'Status Code: %s' % (response.status_code))
assertion = common.get_saml_assertion(response)
arn_to_assume = common.get_arns_from_assertion(assertion)
sts_creds = common.get_sts_creds(arn_to_assume)
try:
common.write_credentials(
self.config.get(
common.DEFAULT_CONFIG_SECTION,
'aws_credential_profile'
),
sts_creds
)
except (NoOptionError, NoSectionError) as e:
sys.exit(e.message)
except requests.exceptions.ConnectionError as e:
sys.exit('Could not connect to %s. %s' % (self.idpurl, e))
def auth(self):
session = requests.Session()
username, password = common.get_user_credentials()
payload_dict = {"username": username, "password": password}
response = session.post(self.auth_url,
headers=self.headers_dict,
data=json.dumps(payload_dict))
if response.status_code != 200:
e = json.loads(response.text)
sys.exit(
F"Primary authentication failed: {e['errorSummary']}. Error code: {e['errorCode']}"
)
auth_response = json.loads(response.text)
if auth_response['status'] == 'MFA_REQUIRED':
print("Please choose a second factor:\n")
for i in range(0, len(auth_response['_embedded']['factors'])):
print(
F"[{i}] - {auth_response['_embedded']['factors'][i]['factorType']}"
)
try:
factor_input = input
except NameError:
factor_input = input
choice = int(factor_input("Chose a second factor: "))
if choice > (len(auth_response['_embedded']['factors']) - 1):
sys.exit('Sorry, that is not a valid role choice.')
chosen_factor = auth_response['_embedded']['factors'][choice]
if (chosen_factor['factorType'] == 'sms'
or chosen_factor['factorType'] == 'token:software:totp'):
response = self.second_factor(chosen_factor,
auth_response['stateToken'])
else:
sys.exit("Unsupported second factor.")
if json.loads(response.text)['status'] == 'SUCCESS':
self.process_success(response)
else:
print(
F"Authentication failed with status: {json.loads(response.text)['status']}"
)
elif auth_response['status'] == 'SUCCESS':
self.process_success(response)
else:
print(F"Unable to login: {auth_response['status']}")
