Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add at-rest encryption for OAuth2 token #14

Closed
levb opened this issue Dec 11, 2019 · 7 comments · Fixed by #143
Closed

Add at-rest encryption for OAuth2 token #14

levb opened this issue Dec 11, 2019 · 7 comments · Fixed by #143
Assignees
@larkox
Labels
Difficulty/1:Easy Easy ticket Good First Issue Suitable for first-time contributors Help Wanted Community help wanted Tech/Go Type/Enhancement New feature or improvement of existing feature
Milestone
v0.1.0-beta

Comments

@levb
Copy link
Contributor

levb commented Dec 11, 2019

Presently, the POC code stores the OAuth token(s) unencrypted. It is a best practice to have it encrypted when stored persistently, so that the encryption keys may (eventually) be stored separately.

This improvement is currently pending to the Zoom plugin, can copy from there, https://github.com/mattermost/mattermost-plugin-zoom/pull/52/files, search for EncryptionKey. Note, TokenEncryptionKey is likely a more intention-revealing name.
@levb levb added Enhancement Difficulty/1:Easy Easy ticket Good First Issue Suitable for first-time contributors Help Wanted Community help wanted Tech/Go Up For Grabs Ready for help from the community. Removed when someone volunteers labels Dec 11, 2019
@gopheros
Copy link

@levb I am taking this one, just to get going with dev setup for this plugin mainly.

@levb levb removed the Up For Grabs Ready for help from the community. Removed when someone volunteers label Dec 14, 2019
@levb
Copy link
Contributor Author

levb commented Jan 21, 2020

Hi @gopheros are you still interested in working on this ticket?

@gopheros
Copy link

Hello @levb, Yeah will provide a PR in couple of days.

Thanks

@hanzei hanzei added Type/Enhancement New feature or improvement of existing feature and removed Enhancement labels Mar 7, 2020
@larkox
Copy link
Contributor

larkox commented Apr 17, 2020

Hi @gopheros ! How are you doing?
Have you been able to continue with this? It would be great to add your contribution to the plugin!

If you are not able to continue working on this, please let us know, so we can mark it as up for grabs for other contributor.

Thanks!

@gopheros
Copy link

Hello @larkox ,

I can continue work on this.

@mickmister mickmister added this to the v0.2.0 milestone May 19, 2020
@mickmister mickmister modified the milestones: v0.2.0, 0.1.0 May 19, 2020
@larkox
Copy link
Contributor

larkox commented May 20, 2020

Hi @gopheros ! How are you?
Have you been able to check on this? We would like to have it for the next release, so we are a bit in a hurry. If you are not able to tackle this, I can take over it.

What do you think?

@larkox
Copy link
Contributor

larkox commented May 22, 2020

Hi @gopheros . I will take this.

Thank you very much for your interest and your contributions.

@larkox larkox mentioned this issue May 22, 2020
Merged
@aaronrothschild aaronrothschild modified the milestones: 0.1.0, 0.1.0-beta May 26, 2020
larkox added a commit that referenced this issue May 28, 2020
@larkox @levb
[GH-14] Add at-rest encryption for OAuth2 token (#143)
0dd13f8 
* Add at-rest encryption for OAuth2 token

* Fix test

* Fix lint

Co-authored-by: Lev <[email protected]>
mickmister added a commit that referenced this issue Jun 1, 2020
@mickmister
Revert "[GH-14] Add at-rest encryption for OAuth2 token (#143)"
c55dead 
This reverts commit 0dd13f8.
mickmister added a commit that referenced this issue Jun 1, 2020
@mickmister
Revert "[GH-14] Add at-rest encryption for OAuth2 token (#143)" (#157)
75fc9b5 
This reverts commit 0dd13f8.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@larkox larkox

Labels
Difficulty/1:Easy Easy ticket Good First Issue Suitable for first-time contributors Help Wanted Community help wanted Tech/Go Type/Enhancement New feature or improvement of existing feature
Projects
None yet
Milestone
v0.1.0-beta
Development

Successfully merging a pull request may close this issue.

[GH-14] Add at-rest encryption for OAuth2 token larkox/mattermost-plugin-mscalendar
6 participants
@aaronrothschild @levb @larkox @mickmister @hanzei @gopheros