diff --git a/pkg/provider/googleapps/googleapps.go b/pkg/provider/googleapps/googleapps.go index 83a663f3b..2da8e3307 100644 --- a/pkg/provider/googleapps/googleapps.go +++ b/pkg/provider/googleapps/googleapps.go @@ -154,12 +154,24 @@ func (kc *Client) Authenticate(loginDetails *creds.LoginDetails) (string, error) if responseDoc.Selection.Find("#passwordError").Text() != "" { return "", errors.New("Password error") } + + if err := isMissing2StepSetup(responseDoc); err != nil { + return "", err + } + return "", errors.New("page is missing saml assertion") } return samlAssertion, nil } +func isMissing2StepSetup(responseDoc *goquery.Document) error { + if responseDoc.Selection.Find("section.aN1Vld ").Text() != "" { + return errors.New("Because of your organization settings, you must set-up 2-Step Verification in your account") + } + return nil +} + func (kc *Client) tryDisplayCaptcha(captchaPictureURL string) (string, error) { // TODO: check for user flag for easy captcha presentation diff --git a/pkg/provider/googleapps/googleapps_test.go b/pkg/provider/googleapps/googleapps_test.go index 01d2ac27e..576e7362f 100644 --- a/pkg/provider/googleapps/googleapps_test.go +++ b/pkg/provider/googleapps/googleapps_test.go @@ -172,6 +172,16 @@ func TestWrongPassword(t *testing.T) { require.NotEqual(t, "", txt) } +func TestMustEnable2StepVerification(t *testing.T) { + html := `

Your sign-in settings don’t meet your organization’s 2-Step Verification policy.

Contact your admin for more info.

` + + doc, err := goquery.NewDocumentFromReader(strings.NewReader(html)) + require.Nil(t, err) + twoStepIsMissingErr := isMissing2StepSetup(doc) + require.Error(t, twoStepIsMissingErr) + require.Equal(t, twoStepIsMissingErr.Error(), "Because of your organization settings, you must set-up 2-Step Verification in your account") +} + func TestExtractDevicePushExtraNumber(t *testing.T) { data1, err := os.ReadFile("example/challenge-extra-number.html") require.Nil(t, err)