fix too-hurried ambiguity warnings, fix b64 encoding for SAML REDIRECT too

2020-03-22 22:46:53 -07:00 · 2020-03-22 22:46:53 -07:00 · 6bbbe47904
commit 6bbbe47904
parent 2cf05074cc
2 changed files with 6 additions and 8 deletions
--- a/gp-saml-gui.py
+++ b/gp-saml-gui.py
@ -253,22 +253,20 @@ if __name__ == "__main__":
    if args.verbose:
        # Warn about ambiguities
        if server != args.server and not args.uri:
-            print('''IMPORTANT: During the SAML auth, you were redirected from {} to {}. This probably'''
-                  '''means you should specify {} as the server for final connection, but we're not 100%'''
+            print('''IMPORTANT: During the SAML auth, you were redirected from {} to {1}. This probably '''
+                  '''means you should specify {1} as the server for final connection, but we're not 100% '''
                  '''sure about this. You should probably try both.\n'''.format(args.server, server), file=stderr)
        if ifh != args.interface and not args.uri:
-            print('''IMPORTANT: We started with SAML auth to the {} interface, but received a cookie'''
+            print('''IMPORTANT: We started with SAML auth to the {} interface, but received a cookie '''
                  '''that's associated with the {} interface. You should probably try both.\n'''.format(args.interface, ifh),
                  file=stderr)
-
        print('''\nSAML response converted to OpenConnect command line invocation:\n''', file=stderr)
        print('''    echo {} |\n        openconnect --protocol=gp --user={} --usergroup={}:{} --passwd-on-stdin {}'''.format(
            quote(cv), quote(un), quote(ifh), quote(cn), quote(server)), file=stderr)

        print('''\nSAML response converted to test-globalprotect-login.py invocation:\n''', file=stderr)
-        print('''    test-globalprotect-login.py --user={} -p '' \\\n         https://{}{} {}={}\n'''.format(
+        print('''    test-globalprotect-login.py --user={} -p '' \\\n         https://{}/{} {}={}\n'''.format(
            quote(un), quote(server), quote(if2auth[ifh]), quote(cn), quote(cv)), file=stderr)
-
    varvals = {
        'HOST': quote('https://%s/%s:%s' % (server, if2auth[ifh], cn)),
        'USER': quote(un), 'COOKIE': quote(cv),
--- a/test-globalprotect-login.py
+++ b/test-globalprotect-login.py
@ -114,10 +114,10 @@ Extracted connection cookie from <jnlp>. Use this to connect:
 elif xml is not None and xml.tag == 'prelogin-response' and None not in (xml.find('saml-auth-method'), xml.find('saml-request')):
    import webbrowser
    sam = xml.find('saml-auth-method').text
-    sr = xml.find('saml-request').text
+    sr = a2b_base64(xml.find('saml-request').text)
    if sam == 'POST':
        with NamedTemporaryFile(delete=False, suffix='.html') as tf:
-            tf.write(a2b_base64(sr))
+            tf.write(sr)
        if args.browse:
            print("Got SAML POST, browsing to %s" % tf.name)
            webbrowser.open('file://' + tf.name)