You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
I have noticed that app-link URLs like: https://company.okta.com/home/amazon_aws/0obm6u4wyuVYgbLdJ0x7/172 cause parsing error in okta_auth_config.py at line 45 (version 0.4.4).
It is caused by an underscore character '_' that should be encoded prior verification like '%5F'.
Traceback (most recent call last):
File "/Users/nowam1/Library/Python/3.7/bin/okta-awscli", line 8, in <module>
sys.exit(main())
File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/click/core.py", line 829, in __call__
return self.main(*args, **kwargs)
File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/click/core.py", line 782, in main
rv = self.invoke(ctx)
File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/click/core.py", line 1066, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/click/core.py", line 610, in invoke
return callback(*args, **kwargs)
File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/oktaawscli/okta_awscli.py", line 115, in main
aws_auth, okta_profile, profile, verbose, logger, token, cache, refresh_role
File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/oktaawscli/okta_awscli.py", line 18, in get_credentials
okta = OktaAuth(okta_profile, verbose, logger, totp_token, okta_auth_config)
File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/oktaawscli/okta_auth.py", line 25, in __init__
self.app_link = okta_auth_config.app_link_for(okta_profile)
File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/oktaawscli/okta_auth_config.py", line 45, in app_link_for
if not validators.url(app_link):
File "<decorator-gen-29>", line 2, in url
File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/validators/utils.py", line 83, in wrapper
value = func(*args, **kwargs)
File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/validators/url.py", line 148, in url
result = pattern.match(value)
TypeError: expected string or bytes-like object
➜ ~ cat /Users/nowam1/Library/Python/3.7/lib/python/site-packages/oktaawscli/okta_auth_config.py
To Reproduce
Steps to reproduce the behavior:
Specify app-link URLs in the form specified above.
Run octa-awscli
See error
Expected behavior
A clear and concise description of what you expected to happen.
Output
Output of your okta-awscli run, using the --debug flag.
Environment (please complete the following information):
OS: MacOS
okta-awscli 0.4.4
Additional context
Workaround:
comment out line 45 - 47
- OR -
encode underscore or other invalid URL character with proper sequence e.g. '%5F'
The text was updated successfully, but these errors were encountered:
@machiev I'm not able to reproduce this on version 0.4.4. The validators library shouldn't need to have it's input url encoded.
Specifying the app-link URL that you provided doesn't produce that error for me. The URL validates ok, but I get an expected auth failure. If I then change the URL to an obvious invalid version (such as putting a parenthesis in the hostname), the URL fails validation with a clear error message.
To help diagnose further, can you please paste the following information?
The full output of okta-awscli, not just the stack trace.
The profile block in .okta-aws that you're using, with sensitive data removed of course.
@jmhale Hmm, it's really strange - now I cannot reproduce it either - just works encoded or not. It makes me think that maybe there was a non-ASCII character when I copied the link. I have copied it from some chat window. I think we can close it and wait for the next occurrence.
Ok, thanks for confirming @machiev! Actually, I think that we should keep this issue open, because pasting in non-ASCII characters is a valid, albeit rare, failure scenario, so it makes sense to catch that TypeError exception and print something useful.
Describe the bug
I have noticed that app-link URLs like:
https://company.okta.com/home/amazon_aws/0obm6u4wyuVYgbLdJ0x7/172
cause parsing error inokta_auth_config.py
at line 45 (version 0.4.4).It is caused by an underscore character '_' that should be encoded prior verification like '%5F'.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A clear and concise description of what you expected to happen.
Output
Output of your okta-awscli run, using the
--debug
flag.Environment (please complete the following information):
Additional context
Workaround:
- OR -
The text was updated successfully, but these errors were encountered: