Lightly obscure secrets

2024-11-25 09:54:44 +01:00 · 2015-09-01 22:33:34 +01:00 · 2015-09-01 22:33:34 +01:00 · c98a51b26c
commit c98a51b26c
parent e2717a031e
5 changed files with 46 additions and 6 deletions
--- a/drive/drive.go
+++ b/drive/drive.go
@ -29,7 +29,7 @@ import (
 // Constants
 const (
 	rcloneClientID     = "202264815644.apps.googleusercontent.com"
-	rcloneClientSecret = "X4Z3ca8xfWDb1Voo-F9a7ZxJ"
+	rcloneClientSecret = "8p/yms3OlNXE9OTDl/HLypf9gdiJ5cT3"
 	driveFolderType    = "application/vnd.google-apps.folder"
 	timeFormatIn       = time.RFC3339
 	timeFormatOut      = "2006-01-02T15:04:05.000000000Z07:00"
@ -52,7 +52,7 @@ var (
 		Scopes:       []string{"https://www.googleapis.com/auth/drive"},
 		Endpoint:     google.Endpoint,
 		ClientID:     rcloneClientID,
-		ClientSecret: rcloneClientSecret,
+		ClientSecret: fs.Reveal(rcloneClientSecret),
 		RedirectURL:  oauthutil.TitleBarRedirectURL,
 	}
 )
--- a/dropbox/dropbox.go
+++ b/dropbox/dropbox.go
@ -28,7 +28,7 @@ import (
 // Constants
 const (
 	rcloneAppKey    = "5jcck7diasz0rqy"
-	rcloneAppSecret = "1n9m04y2zx7bf26"
+	rcloneAppSecret = "m8WRxJ6b1Z/Y25fDwJWS"
 	metadataLimit   = dropbox.MetadataLimitDefault // max items to fetch at once
 )
@ -134,7 +134,7 @@ func newDropbox(name string) *dropbox.Dropbox {
 	}
 	appSecret := fs.ConfigFile.MustValue(name, "app_secret")
 	if appSecret == "" {
-		appSecret = rcloneAppSecret
+		appSecret = fs.Reveal(rcloneAppSecret)
 	}
 	db.SetAppInfo(appKey, appSecret)
--- a/fs/config.go
+++ b/fs/config.go
@ -4,6 +4,7 @@ package fs
 import (
 	"bufio"
 	"encoding/base64"
 	"fmt"
 	"log"
 	"math"
@ -121,6 +122,27 @@ func (x *SizeSuffix) Type() string {
 // Check it satisfies the interface
 var _ pflag.Value = (*SizeSuffix)(nil)
 // Obscure a config value
 func Obscure(x string) string {
 	y := []byte(x)
 	for i := range y {
 		y[i] ^= byte(i) ^ 0xAA
 	}
 	return base64.StdEncoding.EncodeToString(y)
 }
 // Reveal a config value
 func Reveal(y string) string {
 	x, err := base64.StdEncoding.DecodeString(y)
 	if err != nil {
 		log.Fatalf("Failed to reveal %q: %v", y, err)
 	}
 	for i := range x {
 		x[i] ^= byte(i) ^ 0xAA
 	}
 	return string(x)
 }
 // Filesystem config options
 type ConfigInfo struct {
 	Verbose        bool
--- a/fs/config_test.go
+++ b/fs/config_test.go
@ -55,3 +55,21 @@ func TestSizeSuffixSet(t *testing.T) {
 		}
 	}
 }
 func TestReveal(t *testing.T) {
 	for _, test := range []struct {
 		in   string
 		want string
 	}{
 		{"", ""},
 		{"2sTcyNrA", "potato"},
 	} {
 		got := Reveal(test.in)
 		if got != test.want {
 			t.Errorf("%q: want %q got %q", test.in, test.want, got)
 		}
 		if Obscure(got) != test.in {
 			t.Errorf("%q: wasn't bidirectional", test.in)
 		}
 	}
 }
--- a/googlecloudstorage/googlecloudstorage.go
+++ b/googlecloudstorage/googlecloudstorage.go
@ -35,7 +35,7 @@ import (
 const (
 	rcloneClientID     = "202264815644.apps.googleusercontent.com"
-	rcloneClientSecret = "X4Z3ca8xfWDb1Voo-F9a7ZxJ"
+	rcloneClientSecret = "8p/yms3OlNXE9OTDl/HLypf9gdiJ5cT3"
 	timeFormatIn       = time.RFC3339
 	timeFormatOut      = "2006-01-02T15:04:05.000000000Z07:00"
 	metaMtime          = "mtime" // key to store mtime under in metadata
@ -48,7 +48,7 @@ var (
 		Scopes:       []string{storage.DevstorageFullControlScope},
 		Endpoint:     google.Endpoint,
 		ClientID:     rcloneClientID,
-		ClientSecret: rcloneClientSecret,
+		ClientSecret: fs.Reveal(rcloneClientSecret),
 		RedirectURL:  oauthutil.TitleBarRedirectURL,
 	}
 )