Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AzureAD: reached an unknown page within the authentication process #1219

Open
jf13 opened this issue Feb 20, 2024 · 1 comment
Open

AzureAD: reached an unknown page within the authentication process #1219

jf13 opened this issue Feb 20, 2024 · 1 comment

Comments

@jf13
Copy link

jf13 commented Feb 20, 2024

Hi, Is there any update on this?

There was old topic about it which is closed but it doesn't look like it was resolved.
#628

I am seeing the same error on version 2.36.13:

reached an unknown page within the authentication process provider=AzureAD
failed get SAMLAssertion

Check below:

% saml2aws login --verbose
DEBU[0000] Running                                       command=login
DEBU[0000] Check if creds exist.                         command=login
DEBU[0000] Expand                                        name=/Users/testuser/.aws/credentials pkg=awsconfig
DEBU[0000] resolveSymlink                                name=/Users/testuser/.aws/credentials pkg=awsconfig
DEBU[0000] ensureConfigExists                            filename=/Users/testuser/.aws/credentials pkg=awsconfig
Using IdP Account default to access AzureAD https://account.activedirectory.windowsazure.com
DEBU[0000] Get credentials                               helper=osxkeychain serverURL="https://account.activedirectory.windowsazure.com"
To use saved password just hit enter.
? Username testuser@example.com
? Password *************

DEBU[0010] building provider                             command=login idpAccount="account {\n  AppID: d111a111-1111-1111-1111-111111111111\n  URL: https://account.activedirectory.windowsazure.com\n  Username: testuser@example.com\n  Provider: AzureAD\n  MFA: PhoneAppNotification\n  SkipVerify: false\n  AmazonWebservicesURN: urn:amazon:webservices\n  SessionDuration: 3600\n  Profile: saml\n  RoleARN: \n  Region: us-east-1\n}"
Authenticating as testuser@example.com ...
DEBU[0010] processing ConvergedSignIn                    provider=AzureAD
DEBU[0010] HTTP Req                                      URL="https://login.microsoftonline.com/common/GetCredentialType?mkt=en-US" http=client method=POST
DEBU[0011] HTTP Res                                      Status="200 OK" http=client
DEBU[0011] HTTP Req                                      URL="https://login.microsoftonline.com/common/login" http=client method=POST
DEBU[0011] HTTP Res                                      Status="200 OK" http=client
DEBU[0011] processing a 'hiddenform'                     provider=AzureAD
DEBU[0011] HTTP Req                                      URL="https://device.login.microsoftonline.com:443/" http=client method=POST
DEBU[0011] HTTP Res                                      Status="200 OK" http=client
DEBU[0011] processing a 'hiddenform'                     provider=AzureAD
DEBU[0011] HTTP Req                                      URL="https://login.microsoftonline.com:443/common/DeviceAuthTls/reprocess" http=client method=POST
DEBU[0011] HTTP Res                                      Status="200 OK" http=client
DEBU[0011] processing ConvergedTFA                       provider=AzureAD
DEBU[0011] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/BeginAuth" http=client method=POST
DEBU[0012] HTTP Res                                      Status="200 OK" http=client
Phone approval required. Entropy is: 40
DEBU[0012] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0012] HTTP Res                                      Status="200 OK" http=client
DEBU[0013] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0014] HTTP Res                                      Status="200 OK" http=client
DEBU[0015] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0015] HTTP Res                                      Status="200 OK" http=client
DEBU[0016] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0016] HTTP Res                                      Status="200 OK" http=client
DEBU[0017] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0017] HTTP Res                                      Status="200 OK" http=client
DEBU[0018] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0018] HTTP Res                                      Status="200 OK" http=client
DEBU[0019] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0020] HTTP Res                                      Status="200 OK" http=client
DEBU[0021] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0021] HTTP Res                                      Status="200 OK" http=client
DEBU[0022] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0022] HTTP Res                                      Status="200 OK" http=client
DEBU[0023] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0023] HTTP Res                                      Status="200 OK" http=client
DEBU[0024] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0025] HTTP Res                                      Status="200 OK" http=client
DEBU[0026] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0026] HTTP Res                                      Status="200 OK" http=client
DEBU[0027] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/EndAuth" http=client method=POST
DEBU[0027] HTTP Res                                      Status="200 OK" http=client
DEBU[0027] HTTP Req                                      URL="https://login.microsoftonline.com/common/SAS/ProcessAuth" http=client method=POST
DEBU[0027] HTTP Res                                      Status="200 OK" http=client
DEBU[0027] processing KmsiInterrupt                      provider=AzureAD
DEBU[0027] HTTP Req                                      URL="https://login.microsoftonline.com/kmsi" http=client method=POST
DEBU[0027] HTTP Res                                      Status="200 OK" http=client
DEBU[0027] processing a 'hiddenform'                     provider=AzureAD
DEBU[0027] HTTP Req                                      URL="https://account.activedirectory.windowsazure.com/" http=client method=POST
DEBU[0028] HTTP Res                                      Status="200 OK" http=client
DEBU[0028] reached an unknown page within the authentication process  provider=AzureAD
failed get SAMLAssertion
github.com/versent/saml2aws/v2/pkg/provider/aad.(*Client).Authenticate
	github.com/versent/saml2aws/v2/pkg/provider/aad/aad.go:221
github.com/versent/saml2aws/v2/cmd/saml2aws/commands.Login
	github.com/versent/saml2aws/v2/cmd/saml2aws/commands/login.go:107
main.main
	github.com/versent/saml2aws/v2/cmd/saml2aws/main.go:195
runtime.main
	runtime/proc.go:267
runtime.goexit
	runtime/asm_arm64.s:1197
Error authenticating to IdP.
github.com/versent/saml2aws/v2/cmd/saml2aws/commands.Login
	github.com/versent/saml2aws/v2/cmd/saml2aws/commands/login.go:109
main.main
	github.com/versent/saml2aws/v2/cmd/saml2aws/main.go:195
runtime.main
	runtime/proc.go:267
runtime.goexit
	runtime/asm_arm64.s:1197
@dammsd
Copy link

dammsd commented Apr 26, 2024

I had exactly the same issue and it turned out I was using incorrect app_id

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dammsd @jf13