Problems with SMS Auth

mdiorio · July 27, 2018, 7:36pm

I have PrivacyIDEA working without PIN via ADFS. I’m trying to get SMS enabled, so I turned pin back on so that it can generate a challenge.

I have Twilio set up and can successfully send a message from the server command line using CURL.

When I try to enter the pin for the user, or via API, I get:
The PIN was correct, but the SMS could not be sent: SMSError(error_id=401, description=‘SMS could not be sent: 401’)

Log shows:
[2018-07-27 15:29:53,839][3205][140139817764608][DEBUG][privacyidea.lib.smsprovider.HttpSMSProvider:132] issuing request with parameters {u’Body’: u’877882’, u’To’: u’+11111111111’, u’From’: u’+11234569249’} and method POST and authentication (u’username’, u’password’) to url https://api.twilio.com/2010-04-01/Accounts/AC...15/Messages.json.
[2018-07-27 15:29:53,918][3205][140139817764608][DEBUG][privacyidea.lib.smsprovider.HttpSMSProvider:140] queued SMS on the HTTP gateway. status code returned: 401
[2018-07-27 15:29:53,918][3205][140139817764608][WARNING][privacyidea.lib.tokens.smstoken:301] The PIN was correct, but the SMS could not be sent: SMSError(error_id=401, description=‘SMS could not be sent: 401’)
[2018-07-27 15:29:53,918][3205][140139817764608][DEBUG][privacyidea.lib.tokens.smstoken:302] Traceback (most recent call last):
File “/opt/privacyIDEA/lib/python2.7/site-packages/privacyidea/lib/tokens/smstoken.py”, line 288, in create_challenge
message=message_template)
File “/opt/privacyIDEA/lib/python2.7/site-packages/privacyidea/lib/log.py”, line 193, in log_wrapper
f_result = func(*args, **kwds)
File “/opt/privacyIDEA/lib/python2.7/site-packages/privacyidea/lib/tokens/smstoken.py”, line 394, in _send_sms
ret = sms.submit_message(phone, message)
File “/opt/privacyIDEA/lib/python2.7/site-packages/privacyidea/lib/smsprovider/HttpSMSProvider.py”, line 146, in submit_message
“sent: %s” % r.status_code)
SMSError: SMS could not be sent: 401

The same happens going through the ADFS interface, and that includes an authentication username/password that it uses.

Not really seeing anything wrong per-se myself. Any ideas?

mdiorio · July 27, 2018, 8:00pm

Oops - I was using my prod password with my test api key. DOH.