I wanted to use the Get-AADIntAccessToken command to retrieve a token with MFA via OTP.
I ran into a few problems, so here's what I changed in the AccessToken_utils.ps1 file.
If there's an accent in CompanyDisplayName, in the login request response, it's converted to HTML and this causes a problem for the Parse-LoginMicrosoftOnlineComConfig function.
I modified the line $c = Get-StringBetween -String $body -Start '$Config=' -End ';' by $c = (Get-StringBetween -String $body -Start '$Config=' -End '};') + "}" to solve the problem (there's surely a better way).
In the ProcessAuth request, the canary parameter is missing from the body.
The value must be retrieved from $loginResponse.Config.canary.
Thanks for making your scripts available, they're a great help :-)
NestoriSyynimaa
commented
1 year ago
I wanted to use the Get-AADIntAccessToken command to retrieve a token with MFA via OTP. I ran into a few problems, so here's what I changed in the AccessToken_utils.ps1 file.
If there's an accent in CompanyDisplayName, in the login request response, it's converted to HTML and this causes a problem for the Parse-LoginMicrosoftOnlineComConfig function. I modified the line
$c = Get-StringBetween -String $body -Start '$Config=' -End ';'by$c = (Get-StringBetween -String $body -Start '$Config=' -End '};') + "}"to solve the problem (there's surely a better way).In the ProcessAuth request, the canary parameter is missing from the body. The value must be retrieved from $loginResponse.Config.canary.
Thanks for making your scripts available, they're a great help :-)