filter webauthn by authenticatorName

gimme_aws_creds/main.py

@@ -549,6 +549,9 @@ def okta(self):
         if self.conf_dict.get('preferred_mfa_type'):
             okta.set_preferred_mfa_type(self.conf_dict['preferred_mfa_type'])
 
+        if self.conf_dict.get('authenticator_name'):
+            okta.set_authenticator_name(self.conf_dict['authenticator_name'])
+
         if self.config.mfa_code is not None:
             okta.set_mfa_code(self.config.mfa_code)
         elif self.conf_dict.get('okta_mfa_code'):

gimme_aws_creds/okta.py

@@ -63,6 +63,7 @@ def __init__(self, gac_ui, okta_org_url, verify_ssl_certs=True, device_token=Non
         self._username = None
         self._password = None
         self._preferred_mfa_type = None
+        self._authenticator_name = None
         self._mfa_code = None
         self._remember_device = None
 
@@ -102,6 +103,9 @@ def set_password(self, password):
     def set_preferred_mfa_type(self, preferred_mfa_type):
         self._preferred_mfa_type = preferred_mfa_type
 
+    def set_authenticator_name(self, authenticator_name):
+        self._authenticator_name = authenticator_name
+
     def set_mfa_code(self, mfa_code):
         self._mfa_code = mfa_code
 
@@ -778,6 +782,11 @@ def _choose_factor(self, factors):
             factors.append(passcode)
         if self._preferred_mfa_type is not None:
             preferred_factors = list(filter(lambda item: item['factorType'] == self._preferred_mfa_type, factors))
+
+            # if you have more than one webauthn registered
+            if self._authenticator_name is not None:
+                preferred_factors=list(filter(lambda item: item['profile']['authenticatorName'] == 'Authenticator', preferred_factors))
+
             # If the preferred factor isn't in the list of available factors, we'll let the user know before
             # prompting to select another.
             if not preferred_factors: