Skip to content

This pair of functions provides a way to obfuscate mildly confidential information, like OAuth client secrets. The secret can not be revealed from your source code, but a good R programmer could still figure it out with a little effort. The main goal is to protect against scraping; there's no way for an automated tool to grab your obfuscated secrets.

Because un-obfuscation happens at the last possible instant, obfuscated() only works in limited locations:






A string to obfuscate, or mark as obfuscated.


obfuscate() prints the obfuscated() call to include in your code. obfuscated() returns an S3 class marking the string as obfuscated so it can be unobfuscated when needed.


obfuscate("good morning")
#> obfuscated("XnSmN6ikQYMfBa2sexGNZIFjzpTWuSg9Qf3L3A")

# Every time you obfuscate you'll get a different value because it
# includes 16 bytes of random data which protects against certain types of
# brute force attack
obfuscate("good morning")
#> obfuscated("PHvYh4nysXhiZT1l6ad1Lw-ib4liI-Fp9pPCfA")