Send CSRF token in TFA request

This commit is contained in:
I-Al-Istannen 2021-05-25 19:23:06 +02:00
parent 66f0e398a1
commit 2d8dcc87ff

View File

@ -531,13 +531,15 @@ class KitShibbolethLogin:
# credentials rather than after asking. # credentials rather than after asking.
form = soup.find("form", {"method": "post"}) form = soup.find("form", {"method": "post"})
action = form["action"] action = form["action"]
csrf_token = form.find("input", {"name": "csrf_token"})["value"]
# Equivalent: Enter token in # Equivalent: Enter token in
# https://idp.scc.kit.edu/idp/profile/SAML2/Redirect/SSO # https://idp.scc.kit.edu/idp/profile/SAML2/Redirect/SSO
url = "https://idp.scc.kit.edu" + action url = "https://idp.scc.kit.edu" + action
data = { data = {
"_eventId_proceed": "", "_eventId_proceed": "",
"j_tokenNumber": tfa_token "j_tokenNumber": tfa_token,
"csrf_token": csrf_token
} }
return await _post(session, url, data) return await _post(session, url, data)