Obfuscate mildly secret information

This pair of functions provides a way to obfuscate mildly confidential information, like OAuth client secrets. The secret can not be revealed from your source code, but a good R programmer could still figure it out with a little effort. The main goal is to protect against scraping; there's no way for an automated tool to grab your obfuscated secrets.

Because un-obfuscation happens at the last possible instant, obfuscated() only works in limited locations:

• The secret argument to oauth_client()

• Elements of the data argument to req_body_form(), req_body_json(), and req_body_multipart().

Usage

obfuscate(x)

obfuscated(x)

Arguments

x

A string to obfuscate, or mark as obfuscated.

Value

obfuscate() prints the obfuscated() call to include in your code. obfuscated() returns an S3 class marking the string as obfuscated so it can be unobfuscated when needed.

Examples

obfuscate("good morning")
#> obfuscated("iHeqjtjNxnyHFPfv7j6SmZ2fOvyXMtOYC079wQ")

# Every time you obfuscate you'll get a different value because it
# includes 16 bytes of random data which protects against certain types of
# brute force attack
obfuscate("good morning")
#> obfuscated("_oq6CR-0v6YyT8PifNGjBDbIQ5Uh8zrolCdUlw")