Skip to content

Capturing authentication traffic using msal_example

Jump to bottom
David Mulder edited this page Nov 8, 2024 · 4 revisions

Capturing OAuth2 traffic when authenticating to Azure Entra ID is essential for debugging and resolving issues in the libhimmelblau library. By inspecting the detailed HTTP requests and responses exchanged during the authentication process, developers can identify discrepancies, such as malformed requests, unexpected status codes, or incorrect parameters. This comprehensive view helps pinpoint where errors occur, enabling targeted fixes and enhancements to improve the reliability and functionality of Himmelblau, ultimately leading to smoother integrations and user experiences.

Step-by-Step Instructions

  1. Obtain the msal_example test binary:

    You can either message on the Himmelblau Matrix Channel and request a test build, or build the sources yourself from the project repo. Make sure you build with the latest version of libhimmelblau.

  2. Download mitmproxy:

    Download mitmproxy from their website, and extract the binaries.

    tar -xf mitmproxy-11.0.0-linux-x86_64.tar.gz

  3. Start mitmweb:

    Run the following command to start mitmweb:

    ./mitmweb

    This starts mitmweb and opens a web interface for monitoring HTTP and HTTPS traffic.

  4. Install the mitmproxy CA Certificate:

    On Ubuntu,

    sudo cp $HOME/.mitmproxy/mitmproxy-ca-cert.pem /usr/local/share/ca-certificates/mitmproxy.crt
sudo update-ca-certificates

    Or on Fedora,

    sudo cp $HOME/.mitmproxy/mitmproxy-ca-cert.pem /etc/pki/ca-trust/source/anchors/
sudo update-ca-trust

  5. Access the Web Interface:

    Open your web browser and go to:

    http://127.0.0.1:8081/

    You should see the mitmweb dashboard for viewing captured traffic.

  6. Run Your Command:

    In a separate terminal, run your program with HTTPS_PROXY set to mitmproxy's proxy port (default is 8080):

    HTTPS_PROXY=https://127.0.0.1:8080 ./msal_example

    This routes your program's HTTPS traffic through mitmproxy.

  7. Capture and Save the HAR File:

    • Go to the mitmweb dashboard in your web browser.
    • Click on the "File" drop down menu, then "Save".
    • Your browser will download a file called 'flows'

That's it! You have now captured and saved HTTP(S) traffic as a HAR file.

Search the contents of the file for your password, as it will be present. Remove this password before sharing the file.

If the authentication was successful, there will also be a valid access token and refresh token present. These should also be removed or obfuscated. Search the file for json keys such as 'refresh_token' and 'access_token'.

Libhimmelblau Design Document

Clone this wiki locally