AzureAuth icon indicating copy to clipboard operation
AzureAuth copied to clipboard
verified publisher icon Azure

Investigate non-plaintext token cache

Open hongooi73 opened this issue 6 years ago • 2 comments

Email from Storage team

according to the Storage Team’s security experts, it’s best to store the tokens in a secret store rather than exposing them as plaintext. We also had the same conversation with them when we were implementing OAuth authentication, and they advised us to not follow the CLI’s example, as it’s always possible that a malicious agent is running when the user is logged in.

hongooi73 avatar Oct 27 '19 08:10 hongooi73

I came across your thread on Ars and did some preliminary work on allowing R to make use of DPAPI: https://github.com/qingchenl/DPAPIinterface. Hope this helps!

qingchenl avatar Nov 03 '19 10:11 qingchenl

Hey thanks, this is awesome. I'm going to be talking to the team later this week, so I'll be able to pin down exactly what's needed.

hongooi73 avatar Nov 04 '19 10:11 hongooi73