-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve logon with 2FA (#114) #115
Conversation
* Resolves #106 Co-authored-by: Quincy Cheng <[email protected]>
* V0.1.3 beta (#113) * Fixes #108 add authn ldap support (#109) * Fixes #106 Adding 6 CEM sub-commands (#105) (#111) Co-authored-by: Quincy Cheng <[email protected]> Co-authored-by: Joe Garcia <[email protected]> * Improve logon with 2FA Currenly when trying to autenticate against a CyberArk with 2FA enabled the request request fails with the following error: Failed to Logon to the PVWA. Failed to authenticate to the PAS REST API. Received non-200 status code '500' In function `httpjson.SendRequestRay` the response body isn't returned, so the caller function never finds the correct error code. After the previous fix, the second call, the one with the otp code still fails with 403. Debugging it seems that we need to store the cookies between the two logon calls. So a go context is added to the functions. * Fix lint errors and add missing file from previous commit This commit fixes the go lint error related to key type in context and it adds a missing file from previous commit not uploaded by error. * Fix type error in comment * Missing comment on Cookie function Added missing comment * Fix panic when body response is nil Try to catch nil response body on httpjson.SendRequestRaw function Co-authored-by: Andrew Copeland <[email protected]> Co-authored-by: Quincy Cheng <[email protected]> Co-authored-by: Joe Garcia <[email protected]>
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
Hi @infamousjoeg, I was trying to get cybr-cli working with an MFA/RADIUS protected instance and found this and #114 while troubleshooting. The issues fixed in the original PR seem to still be present and prompts for MFA challenges just get 403s. It's been a while, and I'm not sure why this didn't make the original merge, but any chance on getting this actually merged in? |
@Infraded, extremely interesting. It seems like it was staged for release in an early beta version, somehow got untracked from the project and orphaned, then 2 years later when I was cleaning branches, it was deleted. Let me reopen this, restore the branch, and re-investigate. Once I get the branch synchronized with |
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
V0.1.3 beta (V0.1.3 beta #113)
Fixes Support authn-ldap conjur logon #108 add authn ldap support (Fixes #108 add authn ldap support #109)
Fixes Add CEM sub commands #106 Adding 6 CEM sub-commands (Adding 6 CEM sub-commands #105) (Adding 6 CEM sub-commands (#105) #111)
Co-authored-by: Quincy Cheng [email protected]
Co-authored-by: Joe Garcia [email protected]
Currenly when trying to autenticate against a CyberArk with 2FA enabled the
request request fails with the following error:
In function
httpjson.SendRequestRay
the response body isn't returned, sothe caller function never finds the correct error code.
After the previous fix, the second call, the one with the otp code still fails
with 403. Debugging it seems that we need to store the cookies between the
two logon calls. So a go context is added to the functions.
This commit fixes the go lint error related to key type in context and it
adds a missing file from previous commit not uploaded by error.
Fix type error in comment
Missing comment on Cookie function
Added missing comment
Try to catch nil response body on httpjson.SendRequestRaw function
Co-authored-by: Andrew Copeland [email protected]
Co-authored-by: Quincy Cheng [email protected]
Co-authored-by: Joe Garcia [email protected]