in pkg/provider/f5apm/f5apm.go [45:111]
func (ac *Client) Authenticate(loginDetails *creds.LoginDetails) (string, error) {
logger.Debug("Get Login Form")
logger.Debugf("Login URL: %s", loginDetails.URL)
logger.Debugf("Login Username: %s", loginDetails.Username)
authForm, err := ac.getLoginForm(loginDetails)
if err != nil {
return "", errors.Wrap(err, "Error getting login form IDP")
}
// Post username/password
logger.Debug("Post UP Login Form")
debugAuthForm(authForm)
upData, err := ac.postLoginForm(loginDetails, authForm)
if err != nil {
return "", errors.Wrap(err, "Error submitting login form")
}
upDoc, err := goquery.NewDocumentFromReader(bytes.NewBuffer(upData))
if err != nil {
return "", errors.Wrap(err, "Error reading UP data")
}
mfaFound, mfaMethods := containsMFAForm(upDoc)
// Prompt for MFA if needed
if mfaFound {
logger.Debug(mfaMethods)
mfaAuthForm := url.Values{}
var mfaToken string
mfaMethod, err := prompter.ChooseWithDefault("MFA Method", mfaMethods[0], mfaMethods)
if err != nil {
return "", errors.Wrap(err, "Error selecting MFA method")
}
switch mfaMethod {
case "token":
mfaToken = prompter.RequestSecurityCode("000000")
case "push":
mfaToken = ""
}
// Post mfatoken
mfaAuthForm.Add("mfatoken", mfaToken)
mfaAuthForm.Add("mfamethod", mfaMethod)
mfaAuthForm.Add("mfa_retry", "")
logger.Debug("Post Token Form")
debugAuthForm(mfaAuthForm)
_, err = ac.postLoginForm(loginDetails, mfaAuthForm)
if err != nil {
return "", errors.Wrap(err, "Error submitting MFA login form")
}
}
// Post to saml endpoint
logger.Debug("Get SAML Form")
samlAssertion, err := ac.getSAMLAssertion(loginDetails)
if err != nil {
return "", errors.Wrap(err, "Error getting saml assertion")
}
decodedAssertion, err := base64.StdEncoding.DecodeString(samlAssertion)
if err != nil {
return "", errors.Wrap(err, "Error decoding saml assertion")
}
if dump.ContentEnable() {
logger.Debugf("SAMLAssertion: %s", string(decodedAssertion))
}
return samlAssertion, nil
}