Pingfed fail when swipe requires number selection in mobile app
silver886 opened this issue · comments
Attempting perform saml2aws flow with pingfed.
Pingfed requires number selection in its mobile app and there is no number indicate in saml2aws.
OS: Windows 11 (22621.2134)
saml2aws version: 2.36.10
Verbose log (personal info censored):
time="2023-08-23T15:23:41+08:00" level=debug msg=Running command=login
time="2023-08-23T15:23:41+08:00" level=debug msg="Check if creds exist." command=login
time="2023-08-23T15:23:41+08:00" level=debug msg=Expand name="C:\\Users\\user/.aws/credentials" pkg=awsconfig
time="2023-08-23T15:23:41+08:00" level=debug msg=resolveSymlink name="C:\\Users\\user\\.aws\\credentials" pkg=awsconfig
time="2023-08-23T15:23:41+08:00" level=debug msg=ensureConfigExists filename="C:\\Users\\user\\.aws\\credentials" pkg=awsconfig
Using IdP Account saml-admin to access Ping https://login.example.com
To use saved password just hit enter.
? Username (me@example.com)
? Username me@example.com
? Password
time="2023-08-23T15:23:43+08:00" level=debug msg="building provider" command=login idpAccount="account {\n URL: https://login.example.com\n Username: me@example.com\n Provider: Ping\n MFA: Auto\n SkipVerify: false\n AmazonWebservicesURN: urn:amazon:webservices\n SessionDuration: 3600\n Profile: saml-admin\n RoleARN: arn:aws:iam::123456789012:role/admin-from-saml\n Region: us-east-1\n}"
time="2023-08-23T15:23:43+08:00" level=debug msg="MFA Token expiry date:2023-08-23T07:23:03Z" Cache_file="C:/Users/user/.saml2aws/ping.saml" IdpAccount=basic-cid-dt-developer-dev-admin pkg=samlcache
time="2023-08-23T15:23:43+08:00" level=debug msg="Cache is invalid" command=login
Authenticating as me@example.com ...
time="2023-08-23T15:23:43+08:00" level=debug msg="HTTP Req" URL="https://login.example.com/idp/startSSO.ping?PartnerSpId=urn:amazon:webservices" http=client method=GET
time="2023-08-23T15:23:44+08:00" level=debug msg="HTTP Res" Status="401 Unauthorized" http=client
time="2023-08-23T15:23:44+08:00" level=debug msg="doc detect" provider=pingfed type=refresh
time="2023-08-23T15:23:44+08:00" level=debug msg="HTTP Req" URL="https://login.example.com/idp/startSSO.ping?PartnerSpId=urn:amazon:webservices" http=client method=GET
time="2023-08-23T15:23:45+08:00" level=debug msg="HTTP Res" Status="200 OK" http=client
time="2023-08-23T15:23:45+08:00" level=debug msg="doc detect" provider=pingfed type=login
time="2023-08-23T15:23:45+08:00" level=debug msg="HTTP Req" URL="https://login.example.com/idp/r86tA/resumeSAML20/idp/startSSO.ping" http=client method=POST
time="2023-08-23T15:23:46+08:00" level=debug msg="HTTP Res" Status="200 OK" http=client
time="2023-08-23T15:23:46+08:00" level=debug msg="doc detect" provider=pingfed type=form-redirect
time="2023-08-23T15:23:46+08:00" level=debug msg="HTTP Req" URL="https://authenticator.pingone.com/pingid/ppm/auth" http=client method=POST
time="2023-08-23T15:23:47+08:00" level=debug msg="HTTP Res" Status="200 " http=client
time="2023-08-23T15:23:47+08:00" level=debug msg="doc detect" provider=pingfed type=webauthn
time="2023-08-23T15:23:47+08:00" level=debug msg="HTTP Req" URL="https://authenticator.pingone.com/pingid/ppm/auth" http=client method=POST
time="2023-08-23T15:23:47+08:00" level=debug msg="HTTP Res" Status="200 " http=client
time="2023-08-23T15:23:47+08:00" level=debug msg="doc detect" provider=pingfed type=swipe
time="2023-08-23T15:23:50+08:00" level=debug msg="HTTP Req" URL="https://authenticator.pingone.com/pingid/ppm/auth/status" http=client method=GET
time="2023-08-23T15:23:50+08:00" level=debug msg="HTTP Res" Status="200 " http=client
time="2023-08-23T15:23:53+08:00" level=debug msg="HTTP Req" URL="https://authenticator.pingone.com/pingid/ppm/auth/status" http=client method=GET
time="2023-08-23T15:23:54+08:00" level=debug msg="HTTP Res" Status="200 " http=client
time="2023-08-23T15:23:57+08:00" level=debug msg="HTTP Req" URL="https://authenticator.pingone.com/pingid/ppm/auth/status" http=client method=GET
time="2023-08-23T15:23:58+08:00" level=debug msg="HTTP Res" Status="200 " http=client
Add number prompt might fix this issue.