fix error displayed when entering invalid otp#120
Conversation
Codecov Report
@@ Coverage Diff @@
## master #120 +/- ##
==========================================
- Coverage 78.54% 78.36% -0.18%
==========================================
Files 6 6
Lines 317 319 +2
==========================================
+ Hits 249 250 +1
- Misses 68 69 +1
Continue to review full report at Codecov.
|
onelogin_aws_cli/__init__.py
Outdated
| saml_resp.mfa.state_token, | ||
| self.mfa.otp | ||
| ) | ||
| if saml_resp is None: |
There was a problem hiding this comment.
Great catch! How would you feel about pulling this code out into a separate function so there's less duplication with the other None check?
slycoder
left a comment
slycoder
left a comment
There was a problem hiding this comment.
Thanks lgtm. Could you resolve the conflicts and I'll merge =).
|
Is it possible to mock out the |
when typing an invalid otp, the error message was not helpful.
error now:
Exception: Onelogin Error: '401' 'Failed authentication with this factor'
error before:
```AttributeError: 'NoneType' object has no attribute 'saml_response'```
stack trace:
```
Traceback (most recent call last):
File "/usr/local/bin/onelogin-aws-login", line 11, in <module>
load_entry_point('onelogin-aws-cli==0.1.11', 'console_scripts', 'onelogin-aws-login')()
File "/usr/local/lib/python3.6/site-packages/onelogin_aws_cli/cli.py", line 65, in login
raise e
File "/usr/local/lib/python3.6/site-packages/onelogin_aws_cli/cli.py", line 61, in login
api.save_credentials()
File "/usr/local/lib/python3.6/site-packages/onelogin_aws_cli/__init__.py", line 139, in save_credentials
self.assume_role()
File "/usr/local/lib/python3.6/site-packages/onelogin_aws_cli/__init__.py", line 125, in assume_role
self.get_role()
File "/usr/local/lib/python3.6/site-packages/onelogin_aws_cli/__init__.py", line 108, in get_role
self.get_arns()
File "/usr/local/lib/python3.6/site-packages/onelogin_aws_cli/__init__.py", line 86, in get_arns
base64.b64decode(self.saml.saml_response))
AttributeError: 'NoneType' object has no attribute 'saml_response'
```
chrono
force-pushed
the
fix-mfa-error-handling
branch
from
c05323c to
c6554f3
Compare
…ling * physera/master: v0.1.13 version bump (physera#124) auto_determine_ip_address is not a required value (physera#123)
…ling * physera/master: Make sts client region aware (physera#134) Fix inconsistent profile names with different AWS partitions (physera#133) fix company typo (physera#129) Version bump Update pipfile.lock Add region option to command line and configuration file. (physera#127)
|
This keeps tripping developers up.
|
|
CI seems to be failing on flake8, complaining about files that haven't even been touched :/ |
|
I'm swamped and can't look into the flake8 issues right now but if anyone else wants to roll that patch into this PR or a separate PR, we'd be glad to have it =). |
|
(Hopefully I can look at it some time next week) |
|
Ok, violations are fixed on master thanks to quick work by @drewsonne . |
|
I think flake8 should be resolved on master; I agree that there should be more test coverage here but we can do that as a followup since there are so many people waiting on this. |
|
Oops, this did in fact break some tests. I'll patch those up shortly. |
6 participants
Description
When fetching saml from onelogin after providing an OTP, no errors were handled. One of the expected errors is the OTP not being valid. Now handles error responses from Onelogin and prints them to the user.
Example message returned when entering an invalid OTP:
Exception: Onelogin Error: '401' 'Failed authentication with this factor'Related Issue
when typing an invalid otp, the error message was:
AttributeError: 'NoneType' object has no attribute 'saml_response'The stack trace associated with this exception:
How Has This Been Tested?
Applied patch locally and tested by entering valid/invalid otp