Userwarning: http.cookiejar bug! and no longer have access to any roles

[reed9999]

Unclear if these are two different issues or two manifestations of one issue. I'd appreciate any help on either:

1. A couple of days ago the first time I logged in with aws-adfs I got a weird cookiejar issue that self-reports as a bug. But otherwise my access seemed normal.
2. Today I still get the cookiejar issue, but now I'm told Cannot extract saml assertion from request's response and that my account has no roles. This seems to be the same as if I put in bogus credentials even though my password should be valid.

Couple of days ago -- cookiejar issue but I could authenticate

1. A couple of days ago when I first set up aws-adfs, I got something like the following Python exception trace. To be clear, I didn't copy it verbatim then; this is what I'm getting now:

 % aws-adfs login --adfs-host=<our host>

Profile: 'default' has been wiped out
/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/http/cookiejar.py:2080: UserWarning: http.cookiejar bug!
Traceback (most recent call last):
  File "/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/http/cookiejar.py", line 2041, in _really_load
    domain, domain_specified, path, secure, expires, name, value = \
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ValueError: not enough values to unpack (expected 7, got 1)

  _warn_unhandled_exception()

I got this after entering username and password and I Ctrl+C quit; the second time I ran it, right after that, it skipped past the username and password to the MFA code, and then everything seemed to work normally.

Status quo -- cookiejar issue and I can no longer authenticate, or at least get no roles

3. In contrast, as of yesterday, I get the above after resetting plus this (at least I doubt this was part of it earlier):

2023-03-10 12:57:01,975 [authenticator authenticator.py:authenticate] [35267-MainProcess] [4682702336-MainThread] - ERROR: Cannot extract saml assertion from request's response. Re-authentication needed?
Username: 

When I then put in a valid username and password I get this:

2023-03-10 13:02:22,692 [authenticator authenticator.py:authenticate] [35400-MainProcess] [4673601024-MainThread] - ERROR: Cannot extract saml assertion from request's response. Re-authentication needed?
This account does not have access to any roles

It seems like this is the same result I get if i put in a completely bogus username/password .

Tried so far

• Another user on same host doesn't see the cookiejar issue and can authenticate.
• ran aws-adfs reset before attempting again today.
• I can use this same username, password, and MFA code generator to get into AWS console.
• attempted reset and login both with and without sudo. (IIRC I had to use sudo to pip3 install in the first place; else I couldn't find the executable. Would appreciate more info on how to get the user install to work.)
• pip3 uninstalled and reinstalled aws-adfs. The uninstall did require sudo.

[reed9999]

The cookiejar issue seems to go away when I delete a cookie file in my .aws directory that has some incomplete lines (or at least lines that aren't 7 tab-delim strings). This makes me wonder if aws-adfs created a non-standard cookie file, or if it's simply something I did like abort prematurely that may have corrupted the cookie file.

Alas I still get "This account does not have access to any roles" so perhaps the two issues are separate.