Home > Enterprise >  Retrieve Azure AD Authorization Bearer with Selenium
Retrieve Azure AD Authorization Bearer with Selenium

Time:05-24

I am trying to build a python script that checks for some configurations upon making a user login into the Azure portal.

wd = webdriver.Firefox()
res=wd.get("https://portal.azure.com/")
input("Press Enter to continue...") # After loggin in
print(wd.execute_script("return sessionStorage"))
print(wd.execute_script("return localStorage"))

With this script I am able to print both the session and the local storage, however I can't seem to find the authorization Bearer there. I do know that the Bearer has been generated as by inspecting the requests with Burp I can see it being inserted between the headers.
Is the bearer encoded in some way? Or do I have to look somewhere else?

CodePudding user response:

I managed to find a solution, however I had to switch to selenium-wire,

from seleniumwire import webdriver

wd = webdriver.Firefox()
res=wd.get("https://portal.azure.com/")
input("Press Enter to continue...") # After loggin in 
for request in wd.requests:
    print("HEADERS: "  str(request.headers)) # The bearer can be found here

This solution is not optimal as I could still isolate the requests where I know the Bearer is placed but, despite its rustiness, it does work.

  • Related