Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Authentication failed not handling nested challenges
See original GitHub issueUtilizing the develop branch commit a53cb082b6a07f32ddc5c9cacff6f5dfe926f170
Using this code which seems to be entirely correct doesn’t seem to authenticate correctly
config = ce.get_config('Cognito', args.configfile)
u = Cognito(config['pool_id'],config['client_id'], username=args.username)
response = u.authenticate(args.password)
2017-04-11 12:24:16 DEBUG parsers.parse Response body:
{"ChallengeName":"NEW_PASSWORD_REQUIRED","ChallengeParameters":{"requiredAttributes":"[]","userAttributes":"{\"email_verified\":\"true\",\"email\":\"<ommitted email>\"}"},"Session":"<sessiong string ommitted>"}
2017-04-11 12:24:16 DEBUG hooks._emit Event needs-retry.cognito-idp.RespondToAuthChallenge: calling handler <botocore.retryhandler.RetryHandler object at 0x7fc01d531d90>
2017-04-11 12:24:16 DEBUG retryhandler.__call__ No retry needed.
Traceback (most recent call last):
File "bin/auth-cognito", line 37, in <module>
main()
File "bin/auth-cognito", line 33, in main
response = u.authenticate(args.password)
File "~/.local/lib/python2.7/site-packages/warrant/__init__.py", line 213, in authenticate
self.id_token = tokens['AuthenticationResult']['IdToken']
KeyError: 'AuthenticationResult'
It doesn’t look like there is support for Challenges of NEW_PASSWORD_REQUIRED and it failed to raise like it should https://github.com/capless/warrant/blob/develop/warrant/aws_srp.py#L187
Issue Analytics
- State:
- Created 6 years ago
- Reactions:1
- Comments:9 (3 by maintainers)
Top Results From Across the Web
Kerberos authentication problems - Windows Server
This article helps you solve the problems of Kerberos authentication failure when a user belongs to many groups. Applies to: Windows 10 ...
Read more >Exception authenticating MongoCredential - Drivers & ODMs
Hi Team, Facing issues with MongoSecurityException while trying to connect with mongo server using URI, com.mongodb.
Read more >Authentication Failed error when sending email notifications ...
Error sending email: Authentication failed; nested exception is javax.mail.AuthenticationFailedException: 534-5.7.14 Please log in via your ...
Read more >Steps to resolve authentication failed email error when adding ...
The Account is not authenticated with Google/Google authentication failed email (most common issue); 2-Step verification gmail; Authenticate by ...
Read more >140 - Stack Overflow
If you wish to use GIT CLI and not interact with the build in GIT ... The error output window looks like this:...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
The current state:
Warrant raises
ForceChangePasswordExceptionfor users which are required to change their passwords after successful first login (NEW_PASSWORD_REQUIREDchallenge).new_password_challengemethod is not documentedWarrant raises
NotImplementedErrorwhen a challenge is not supported.Warrant doesn’t support
SMS_MFA,CUSTOM_CHALLENGE,DEVICE_SRP_AUTHDEVICE_PASSWORD_VERIFIERchallenges.The first post says about the problem with the
NEW_PASSWORD_REQUIREDchallenge only and this issue is fixed. The title has more broad meaning, it implies that warrant should support all challenges.@bjinwright The decision of closing the issue depends on what to take into account: the title or the first post.
Looks like it assumes there will only be one response challenge. We’ll need to add the ability to complete the challenge with an additional input (the new password).