Add dual prompt fix

cevoaustralia · Oct 28, 2020 · 77e7544 · 77e7544
1 parent d473d67
commit 77e7544
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 2 deletions.
diff --git a/README.rst b/README.rst
@@ -278,6 +278,9 @@ by this tool are:
 | Security key     | ``.../signin/challenge/sk/...``     |
 |  (eg yubikey)    |                                     |
 +------------------+-------------------------------------+
+| Dual prompt      | ``.../signin/challenge/dp/...``     |
+|  (Validate 2FA ) |                                     |
++------------------+-------------------------------------+
 | Backup code      | ``... (unknown yet) ...``           |
 |  (printed codes) |                                     |
 +------------------+-------------------------------------+

diff --git a/aws_google_auth/google.py b/aws_google_auth/google.py
@@ -309,6 +309,9 @@ def do_login(self):
         elif "challenge/ootp/5" in sess.url:
             raise NotImplementedError(
                 'Offline Google App OOTP not implemented')
+        elif "challenge/dp/" in sess.url:
+            sess = self.handle_dp(sess)
+
 
         # ... there are different URLs for backup codes (printed)
         # and security keys (eg yubikey) as well
@@ -334,13 +337,60 @@ def parse_saml(self):
             if self.save_failure:
                 logging.error("SAML lookup failed, storing failure page to "
                               "'saml.html' to assist with debugging.")
-                with open("saml.html", 'w') as out:
-                    out.write(str(self.session_state.text.encode('utf-8')))
+                with open("saml.html", 'wb') as out:
+                    out.write(self.session_state.text.encode('utf-8'))
 
             raise ExpectedGoogleException('Something went wrong - Could not find SAML response, check your credentials or use --save-failure-html to debug.')
 
         return base64.b64decode(saml_element)
 
+    def handle_dp(self, sess):
+        response_page = BeautifulSoup(sess.text, 'html.parser')
+        challenge_url = sess.url.split("?")[0]
+        input("I have responded from my phone:")
+
+        payload = {
+            'challengeId':
+                response_page.find('input', {
+                    'name': 'challengeId'
+                }).get('value'),
+            'challengeType':
+                response_page.find('input', {
+                    'name': 'challengeType'
+                }).get('value'),
+            'continue':
+                response_page.find('input', {
+                    'name': 'continue'
+                }).get('value'),
+            'scc':
+                response_page.find('input', {
+                    'name': 'scc'
+                }).get('value'),
+            'sarp':
+                response_page.find('input', {
+                    'name': 'sarp'
+                }).get('value'),
+            'checkedDomains':
+                response_page.find('input', {
+                    'name': 'checkedDomains'
+                }).get('value'),
+            'pstMsg':
+                response_page.find('input', {
+                    'name': 'pstMsg'
+                }).get('value'),
+            'TL':
+                response_page.find('input', {
+                    'name': 'TL'
+                }).get('value'),
+            'gxf':
+                response_page.find('input', {
+                    'name': 'gxf'
+                }).get('value'),
+            'TrustDevice':
+                'on',
+        }
+        return self.post(challenge_url, data=payload)
+
     def handle_captcha(self, sess, payload):
         response_page = BeautifulSoup(sess.text, 'html.parser')