AWSSRP aws.authenticate_user(): List index out of range on challenge response
CharlieBurnett opened this issue · 3 comments
When calling AWSSRP's aws.authenticate_user method after initializing the aws object with proper credentials, ids, and users who are authenticated, it appears as if the response is not properly parsed, causing a hard crash
This can be reproduced on a machine running the latest pip version of warrant on Raspian Stretch
crash log:
Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/local/lib/python2.7/dist-packages/warrant/aws_srp.py", line 209, in authenticate_user challenge_response = self.process_challenge(response['ChallengeParameters']) File "/usr/local/lib/python2.7/dist-packages/warrant/aws_srp.py", line 184, in process_challenge self.password, hex_to_long(srp_b_hex), salt_hex) File "/usr/local/lib/python2.7/dist-packages/warrant/aws_srp.py", line 149, in get_password_authentication_key username_password = '%s%s:%s' % (self.pool_id.split('_')[1], username, password) IndexError: list index out of range
I'm running into something similar, also getting 'IndexError: list index out of range' when calling u.authenticate.
File \"/var/task/warrant/__init__.py\", line 383, in authenticate\\n self.verify_token(tokens[\\'AuthenticationResult\\'][\\'IdToken\\'],\\'id_token\\',\\'id\\')\\n', ' File \"/var/task/warrant/__init__.py\", line 202, in verify_token\\n hmac_key = self.get_key(kid)\\n', ' File \"/var/task/warrant/__init__.py\", line 194, in get_key\\n return key[0]\\n', 'IndexError: list index out of range\\n']}"
I am also seeing this issue.
I'm not sure if the pool_id is the same as the user_poor_id in the Cognito object, but if it is, there's no guarantee that a user pool id contains an underscore.
actually I see now that the user_pool_id passed into the Cognito object is expected to be the string that starts with <aws-region-num>_<random characters of ID>. And so everything works if that is supplied.