Version 0.3.9 returns no roles

[quixand]

Hi
ive just installed on a clean debian 9 stretch (vm) install and got the following (some credentials redacted)

$ aws-adfs login --adfs-host myhost.com --profile dev --provider-id urn:amazon:mastersec
2017-08-01 17:17:19,690 [authenticator authenticator.py:authenticate] [16827-MainProcess] [139637160490752-MainThread] - ERROR: Cannot extract saml assertion. Second factor authentication failed?
Username: username
Password:
This account does not have access to any roles

$ aws-adfs --version
0.3.9
$ pip --version
pip 9.0.1 from /usr/lib/python2.7/dist-packages (python 2.7)
$ python --version
Python 2.7.13

So I rolled back with

$ pip install -I aws-adfs==0.3.3
Collecting aws-adfs==0.3.3
...

$ aws-adfs login --adfs-host myhost.com --profile dev --provider-id urn:amazon:mastersec
Please choose the role you would like to assume:

which seemed to fix it. I saw bug #44 I'm guessing its related
thanks

[venth]

Please check if you have AWS_PROFILE enviromental variable set. If it's set then unset it. If it's feasible perform also: aws-adfs reset --profile=default

Then please repeat the login attempt.

[quixand]

ok

$ pip install --upgrade aws-adfs
/home/quixand/.local/bin/aws-adfs --version
0.3.9

$ /home/quixand/.local/bin/aws-adfs login --adfs-host myhost.com --profile dev --provider-id urn:amazon:mastersec
This account does not have access to any roles

$ env|grep -i AWS_PROFILE
$

$ /home/quixand/.local/bin/aws-adfs reset --profile=default
Profile: 'default' has been wiped out

$ /home/quixand/.local/bin/aws-adfs login --adfs-host myhost.com --profile dev --provider-id urn:amazon:mastersec
This account does not have access to any roles

rolled it back

$ pip install -I aws-adfs==0.3.3
...
$ /home/nick/.local/bin/aws-adfs --version
0.3.3

$ /home/quixand/.local/bin/aws-adfs login --adfs-host myhost.com --profile dev --provider-id urn:amazon:mastersec
Please choose the role you would like to assume:

thanks for your help with this
nick

[venth]

Hi, I noticed that in the posted code you use binary from /home/quixand and /home/nick

Is it a typo? Does any hint given by me helped you fix the issue?

[quixand]

no that was just a failure of my obfuscation find and replace
the real path is /home/nick/.local/bin/aws-adfs.

I discovered this problem because I installed it for the first time on my mac (v10.12.6) and had the same issue, I thought I had done something wrong so installed on a fresh copy of debian stretch in virtualbox and got the same problem. That was when I suspected a bug and came looking here.

[venth]

Hi @quixand,

in order to reproduce the issue, I used the docker container built on the top of Debian stretch version. Relevant files you can find here: Dockerfile and docker-compose.yml

I brought up aws-adfs by command: docker-compose run --rm aws-adfs and login via adfs. Unfortunately (or fortunately), I was able to see all roles assigned to the account.

If I could ask you to help me with investigation of the issue, please use docker description provided by me via gist and after docker-compose run --rm aws-adfs try to login via aws-adfs.

[venth]

This issue is already solved. The solving commit is: 2178cf5