I'm testing a application that uses OAuth2 with bearer tokens to authorize requests. The problem I'm having is that the access token expires after 600 seconds (10 minutes) and then all requests become 401 Unauthorized. The problem occurring now is that the scanner can continue to run with a bad token and not refresh the token automatically.
What I would like to do in this case is that the application automatically logs back in.
What I have tried is to go to Project options -> Session handling rules -> Add -> Rule Actions -> Check session is valid with options Issue current request. While there I check the response body for "Authorization denied" which is always sent on a HTTP 401. After this happens I have a macro that issues a request to get me a new access token. However I need to map the new access token to the Authorization: Bearer-header. Has anyone done this? It can be easily done with cookies from this view but I can't find how to do it with tokens.
Using Burp Suite Professional v1.7.14
