From a5db02fa9ff55623fedeb06dd5bee093a760bec6 Mon Sep 17 00:00:00 2001
From: Patrick Decat <pdecat@gmail.com>
Date: Fri, 3 Jun 2022 11:37:16 +0200
Subject: [PATCH] Support RSA SecurIDv2Authentication

---
 aws_adfs/_rsa_authenticator.py | 15 +++++++++------
 aws_adfs/authenticator.py      |  8 ++++----
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/aws_adfs/_rsa_authenticator.py b/aws_adfs/_rsa_authenticator.py
index 13f9720b..03c32830 100644
--- a/aws_adfs/_rsa_authenticator.py
+++ b/aws_adfs/_rsa_authenticator.py
@@ -41,17 +41,20 @@ def _context(html_response):
     return element.get('value')
 
 
-def _retrieve_roles_page(roles_page_url, context, session, ssl_verification_enabled,
-                         rsa_securid_code):
+def _retrieve_roles_page(html_response, roles_page_url, context, session, ssl_verification_enabled, rsa_securid_code):
+    auth_query = './/input[@id="authMethod"]'
+    element = html_response.find(auth_query)
+    authMethod = element.get("value")
+
     response = session.post(
         roles_page_url,
         verify=ssl_verification_enabled,
         allow_redirects=True,
         data={
-            'AuthMethod': 'SecurIDAuthentication',
-            'Context': context,
-            'Passcode': rsa_securid_code,
-        }
+            "AuthMethod": authMethod,
+            "Context": context,
+            "Passcode": rsa_securid_code,
+        },
     )
     trace_http_request(response)
 
diff --git a/aws_adfs/authenticator.py b/aws_adfs/authenticator.py
index a5b9774c..6d971497 100644
--- a/aws_adfs/authenticator.py
+++ b/aws_adfs/authenticator.py
@@ -170,13 +170,12 @@ def _is_symantec_vip_authentication(html_response):
     ):
         return True
 
+
 def _is_rsa_authentication(html_response):
     auth_method = './/input[@id="authMethod"]'
     element = html_response.find(auth_method)
-    return (
-        element is not None
-        and element.get('value') == 'SecurIDAuthentication'
-    )
+    return element is not None and element.get("value") in ("SecurIDAuthentication", "SecurIDv2Authentication")
+
 
 def _is_azure_mfa_authentication(html_response):
     auth_method = './/input[@id="authMethod"]'
@@ -186,6 +185,7 @@ def _is_azure_mfa_authentication(html_response):
         and element.get('value') == 'AzureMfaServerAuthentication'
     )
 
+
 def _is_azure_cloud_mfa_authentication(html_response):
     auth_method = './/input[@id="authMethod"]'
     element = html_response.find(auth_method)