Some URLs cause parsing error for app-link

[machiev]

Describe the bug
I have noticed that app-link URLs like: https://company.okta.com/home/amazon_aws/0obm6u4wyuVYgbLdJ0x7/172 cause parsing error in okta_auth_config.py at line 45 (version 0.4.4).
It is caused by an underscore character '_' that should be encoded prior verification like '%5F'.

Traceback (most recent call last):
  File "/Users/nowam1/Library/Python/3.7/bin/okta-awscli", line 8, in <module>
    sys.exit(main())
  File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/click/core.py", line 829, in __call__
    return self.main(*args, **kwargs)
  File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/click/core.py", line 782, in main
    rv = self.invoke(ctx)
  File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/click/core.py", line 1066, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/click/core.py", line 610, in invoke
    return callback(*args, **kwargs)
  File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/oktaawscli/okta_awscli.py", line 115, in main
    aws_auth, okta_profile, profile, verbose, logger, token, cache, refresh_role
  File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/oktaawscli/okta_awscli.py", line 18, in get_credentials
    okta = OktaAuth(okta_profile, verbose, logger, totp_token, okta_auth_config)
  File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/oktaawscli/okta_auth.py", line 25, in __init__
    self.app_link = okta_auth_config.app_link_for(okta_profile)
  File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/oktaawscli/okta_auth_config.py", line 45, in app_link_for
    if not validators.url(app_link):
  File "<decorator-gen-29>", line 2, in url
  File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/validators/utils.py", line 83, in wrapper
    value = func(*args, **kwargs)
  File "/Users/nowam1/Library/Python/3.7/lib/python/site-packages/validators/url.py", line 148, in url
    result = pattern.match(value)
TypeError: expected string or bytes-like object
➜  ~ cat /Users/nowam1/Library/Python/3.7/lib/python/site-packages/oktaawscli/okta_auth_config.py

To Reproduce
Steps to reproduce the behavior:

1. Specify app-link URLs in the form specified above.
2. Run octa-awscli
3. See error

Expected behavior
A clear and concise description of what you expected to happen.

Output
Output of your okta-awscli run, using the --debug flag.

Environment (please complete the following information):

• OS: MacOS
• okta-awscli 0.4.4

Additional context
Workaround:

• comment out line 45 - 47
  - OR -
• encode underscore or other invalid URL character with proper sequence e.g. '%5F'

[jmhale]

@machiev I'm not able to reproduce this on version 0.4.4. The validators library shouldn't need to have it's input url encoded.

Specifying the app-link URL that you provided doesn't produce that error for me. The URL validates ok, but I get an expected auth failure. If I then change the URL to an obvious invalid version (such as putting a parenthesis in the hostname), the URL fails validation with a clear error message.

To help diagnose further, can you please paste the following information?

1. The full output of okta-awscli, not just the stack trace.
2. The profile block in .okta-aws that you're using, with sensitive data removed of course.
3. Output of pip freeze

[machiev]

@jmhale Hmm, it's really strange - now I cannot reproduce it either - just works encoded or not. It makes me think that maybe there was a non-ASCII character when I copied the link. I have copied it from some chat window. I think we can close it and wait for the next occurrence.

[jmhale]

Ok, thanks for confirming @machiev! Actually, I think that we should keep this issue open, because pasting in non-ASCII characters is a valid, albeit rare, failure scenario, so it makes sense to catch that TypeError exception and print something useful.