From 35181c055e1399033de128c313642cb9332fea35 Mon Sep 17 00:00:00 2001 From: bcaselden-viasat Date: Wed, 15 May 2024 08:44:23 -0400 Subject: [PATCH 1/3] catch failed cookie save --- alohomora/__init__.py | 2 +- alohomora/req.py | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/alohomora/__init__.py b/alohomora/__init__.py index 58073cb..ed491ff 100644 --- a/alohomora/__init__.py +++ b/alohomora/__init__.py @@ -16,7 +16,7 @@ import sys -__version__ = '3.1.0' +__version__ = '3.1.1' __author__ = 'Viasat' __author_email__ = 'vice-support@viasat.com' __license__ = '(c) 2022 Viasat, Inc. See the LICENSE file for more details.' diff --git a/alohomora/req.py b/alohomora/req.py index 4060a08..d9269d0 100644 --- a/alohomora/req.py +++ b/alohomora/req.py @@ -806,7 +806,13 @@ def _make_request(self, url, func, data=None, headers=None, soup=True): LOG.debug("Post cookie jar: %s", self.session.cookies) LOG.debug("Request headers: %s", response.request.headers) LOG.debug("Response headers: %s", response.headers) - self.session.cookies.save(ignore_discard=True, ignore_expires=True) + # On Windows the python builtin cookiejar chokes on a returned timestamps + # in a DUO cookie. The role assumption still function, but subsequent calls will + # require password and MFA to be entered again when the cookie fails to save. + try: + self.session.cookies.save(ignore_discard=True, ignore_expires=True) + except OSError as err: + LOG.debug("WARN: unable to save cookie.") if soup: the_soup = BeautifulSoup(response.text, 'html.parser') else: From 091bb8fdaa2c02d421a5cd7ee98d5717d78ff728 Mon Sep 17 00:00:00 2001 From: bcaselden-viasat Date: Wed, 15 May 2024 11:56:40 -0400 Subject: [PATCH 2/3] fix future timestamp for windows --- alohomora/req.py | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/alohomora/req.py b/alohomora/req.py index d9269d0..54aef8e 100644 --- a/alohomora/req.py +++ b/alohomora/req.py @@ -22,6 +22,7 @@ import time import os import base64 +from datetime import datetime, timedelta from http.cookiejar import LWPCookieJar try: @@ -806,13 +807,16 @@ def _make_request(self, url, func, data=None, headers=None, soup=True): LOG.debug("Post cookie jar: %s", self.session.cookies) LOG.debug("Request headers: %s", response.request.headers) LOG.debug("Response headers: %s", response.headers) - # On Windows the python builtin cookiejar chokes on a returned timestamps - # in a DUO cookie. The role assumption still function, but subsequent calls will - # require password and MFA to be entered again when the cookie fails to save. - try: - self.session.cookies.save(ignore_discard=True, ignore_expires=True) - except OSError as err: - LOG.debug("WARN: unable to save cookie.") + # On Windows the python builtin cookiejar chokes on a returned timestamp + # in the DUO status cookie. It is set to expire far in the future in the + # year 9999. Windows can not parse this timestamp, so we overwite it with + # an expiration 30 days in the future so it is parsable in Windows. + future_ts = (datetime.now() + timedelta(days=30)).timestamp() + for cookie in self.session.cookies: + if cookie.expires and cookie.expires > future_ts: + LOG.debug(f"rewrite coookie expires from: {cookie.expires} to: {future_ts}") + cookie.expires = future_ts + self.session.cookies.save(ignore_discard=True, ignore_expires=True) if soup: the_soup = BeautifulSoup(response.text, 'html.parser') else: From 55897f742d826951251e3934dc02cf866ea0f55f Mon Sep 17 00:00:00 2001 From: bcaselden-viasat Date: Wed, 15 May 2024 11:57:43 -0400 Subject: [PATCH 3/3] fix license date --- alohomora/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/alohomora/__init__.py b/alohomora/__init__.py index ed491ff..f753d15 100644 --- a/alohomora/__init__.py +++ b/alohomora/__init__.py @@ -19,7 +19,7 @@ __version__ = '3.1.1' __author__ = 'Viasat' __author_email__ = 'vice-support@viasat.com' -__license__ = '(c) 2022 Viasat, Inc. See the LICENSE file for more details.' +__license__ = '(c) 2024 Viasat, Inc. See the LICENSE file for more details.' __url__ = 'https://github.com/Viasat/alohomora' __description__ = 'Get AWS API keys for a SAML-federated identity'