From d3da9d8bac52d692e493911143a9371945a64673 Mon Sep 17 00:00:00 2001 From: Michael Louredo Date: Thu, 22 Jul 2021 13:25:30 -0300 Subject: [PATCH] Add force to selectchalleng when MFA is enabled --- aws_google_auth/google.py | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/aws_google_auth/google.py b/aws_google_auth/google.py index 398eff5..6f47116 100644 --- a/aws_google_auth/google.py +++ b/aws_google_auth/google.py @@ -308,7 +308,17 @@ def do_login(self): self.session.headers['Referer'] = sess.url - if "selectchallenge/" in sess.url: + if "challenge/" in sess.url: + form = response_page.find('form', {'id': 'challenge'}) + + payload = {} + for tag in form.find_all('input'): + if tag.get('name') is None: + continue + + payload[tag.get('name')] = tag.get('value') + + sess = self.post(self.base_url + "/signin/selectchallenge", data=payload) sess = self.handle_selectchallenge(sess) # Was there an MFA challenge? @@ -840,6 +850,8 @@ def handle_selectchallenge(self, sess): challenges.append(['YubiKey', i.attrs.get("data-challengeentry")]) elif "challenge/az/" in action: challenges.append(['Google Prompt', i.attrs.get("data-challengeentry")]) + elif "challenge/dp/" in action: + challenges.append(['Dual Prompt', i.attrs.get("data-challengeentry")]) print('Choose MFA method from available:') for i, mfa in enumerate(challenges, start=1): @@ -872,3 +884,4 @@ def handle_selectchallenge(self, sess): # POST to google with the chosen challenge return self.post( self.base_url + challenge_form.get('action'), data=payload) +