Automate getting access token from Developer Tools "Storage" pane

33 views
Skip to first unread message

Julius Hamilton

unread,
Oct 9, 2021, 1:13:17 PMOct 9
to Chrome DevTools
Hey,

Right now I am using an API in order which to use I have to load a certain webpage, then inspect it in the Chrome Developer Tools under the "Storage" pane. In "Session Storage" there are two URLS. One of them leads to a single Key-Value pair. Inside Value is a dictionary with one item: {"id_token":"long_string"}.

I would like to automate the process of retrieving "long_string". It is necessary to get a new such token every 15 minutes because the API is in an early development stage.

How could I do this?

Where does the token even come from? When I log in to the web page using my normal credentials (username and password), does the browser return a web page with the authentication credentials somewhere in the HTML response? Does that mean that I could just send an HTTP POST request with my log in credentials to that URL and then parse the HTML response with Beautiful Soup or something?

I'd really appreciate any guidance on this matter.

Thanks very much,
Julius

PhistucK

unread,
Oct 9, 2021, 1:22:28 PMOct 9
to Google Chrome Developer Tools
Session storage data can be accessed via content scripts (Chrome extensions), I believe (or via the debugger API, I think, by executing code on the inspected page and getting the response back).
sessionStorage['key']


PhistucK


--
You received this message because you are subscribed to the Google Groups "Chrome DevTools" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-chrome-develo...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-chrome-developer-tools/d603c2da-14d9-460c-a202-a819ea4a09f8n%40googlegroups.com.

Julius Hamilton

unread,
Oct 18, 2021, 3:59:34 AMOct 18
to Chrome DevTools
Awesome, thank you so much for your response.

I am pretty new to this but would there be any way to just do manually from the command line whatever the browser is doing, to get that token?

All I know is when I load the web page in the browser and enter my user credentials into the form and press "log in" and enter the landing page, that token is now somewhere inside my browser's dev tools.

But how did it get there?

What really happened when I entered those log in credentials?

The only way I have seen so far of authenticating from the command line is an HTTP POST request. Are all web page logins just POST requests, i.e. you could send that log in information in a URL string instead?

Does that mean that the token I received must be somewhere in the HTML response of the web page sent after I logged in?

Thanks very much.

PhistucK

unread,
Oct 18, 2021, 9:26:10 AMOct 18
to Google Chrome Developer Tools
It is beyond the scope of this group to find out how a website generates/gets the token, there is no standard and developers come up with a myriad of ways to do that.

If I were to track this down, I would look at the Network panel of the Developer Tools first and see how the server responds (HTTP headers or body) to a request that is sent when you click on the log-in button.

PhistucK


Reply all
Reply to author
Forward
0 new messages