add example of keeping secret when auth is done via an OAuth token

ropensci-books / http-testing

HTTP testing for R

https://books.ropensci.org/http-testing/

Creative Commons Zero v1.0 Universal

53 stars 17 forks source link

add example of keeping secret when auth is done via an OAuth token #15

Closed maelle closed 3 years ago

sckott commented 4 years ago

i'm not sure i know exactly what you mean - can you give an example?

maelle commented 4 years ago

related to #2 (i.e. how do you perform tests and keep cassettes secure when there is an OAuth token)

sckott commented 4 years ago

Are you talking about an interactive OAuth flow where a browser tab opens, etc.? Or where a user sets their token using R options or an env var?

maelle commented 4 years ago

The package author would keep their token secure after generating it interactively, but one should make sure there's no secret in the stored cassettes (I am not sure it'd be very different from the API key stuff, but I want to write an example to see how things go).

sckott commented 4 years ago

good idea

maelle commented 3 years ago

things will be easier after https://github.com/ropensci/vcr/issues/58