diff --git a/drive/drive.go b/drive/drive.go index 7c01b681e..f3efe6222 100644 --- a/drive/drive.go +++ b/drive/drive.go @@ -29,7 +29,7 @@ import ( // Constants const ( rcloneClientID = "202264815644.apps.googleusercontent.com" - rcloneClientSecret = "X4Z3ca8xfWDb1Voo-F9a7ZxJ" + rcloneClientSecret = "8p/yms3OlNXE9OTDl/HLypf9gdiJ5cT3" driveFolderType = "application/vnd.google-apps.folder" timeFormatIn = time.RFC3339 timeFormatOut = "2006-01-02T15:04:05.000000000Z07:00" @@ -52,7 +52,7 @@ var ( Scopes: []string{"https://www.googleapis.com/auth/drive"}, Endpoint: google.Endpoint, ClientID: rcloneClientID, - ClientSecret: rcloneClientSecret, + ClientSecret: fs.Reveal(rcloneClientSecret), RedirectURL: oauthutil.TitleBarRedirectURL, } ) diff --git a/dropbox/dropbox.go b/dropbox/dropbox.go index c97ee451a..7a94b2b4f 100644 --- a/dropbox/dropbox.go +++ b/dropbox/dropbox.go @@ -28,7 +28,7 @@ import ( // Constants const ( rcloneAppKey = "5jcck7diasz0rqy" - rcloneAppSecret = "1n9m04y2zx7bf26" + rcloneAppSecret = "m8WRxJ6b1Z/Y25fDwJWS" metadataLimit = dropbox.MetadataLimitDefault // max items to fetch at once ) @@ -134,7 +134,7 @@ func newDropbox(name string) *dropbox.Dropbox { } appSecret := fs.ConfigFile.MustValue(name, "app_secret") if appSecret == "" { - appSecret = rcloneAppSecret + appSecret = fs.Reveal(rcloneAppSecret) } db.SetAppInfo(appKey, appSecret) diff --git a/fs/config.go b/fs/config.go index 5adde7c11..e751cd852 100644 --- a/fs/config.go +++ b/fs/config.go @@ -4,6 +4,7 @@ package fs import ( "bufio" + "encoding/base64" "fmt" "log" "math" @@ -121,6 +122,27 @@ func (x *SizeSuffix) Type() string { // Check it satisfies the interface var _ pflag.Value = (*SizeSuffix)(nil) +// Obscure a config value +func Obscure(x string) string { + y := []byte(x) + for i := range y { + y[i] ^= byte(i) ^ 0xAA + } + return base64.StdEncoding.EncodeToString(y) +} + +// Reveal a config value +func Reveal(y string) string { + x, err := base64.StdEncoding.DecodeString(y) + if err != nil { + log.Fatalf("Failed to reveal %q: %v", y, err) + } + for i := range x { + x[i] ^= byte(i) ^ 0xAA + } + return string(x) +} + // Filesystem config options type ConfigInfo struct { Verbose bool diff --git a/fs/config_test.go b/fs/config_test.go index 00bb6d723..d71f21c60 100644 --- a/fs/config_test.go +++ b/fs/config_test.go @@ -55,3 +55,21 @@ func TestSizeSuffixSet(t *testing.T) { } } } + +func TestReveal(t *testing.T) { + for _, test := range []struct { + in string + want string + }{ + {"", ""}, + {"2sTcyNrA", "potato"}, + } { + got := Reveal(test.in) + if got != test.want { + t.Errorf("%q: want %q got %q", test.in, test.want, got) + } + if Obscure(got) != test.in { + t.Errorf("%q: wasn't bidirectional", test.in) + } + } +} diff --git a/googlecloudstorage/googlecloudstorage.go b/googlecloudstorage/googlecloudstorage.go index f467df81d..904606346 100644 --- a/googlecloudstorage/googlecloudstorage.go +++ b/googlecloudstorage/googlecloudstorage.go @@ -35,7 +35,7 @@ import ( const ( rcloneClientID = "202264815644.apps.googleusercontent.com" - rcloneClientSecret = "X4Z3ca8xfWDb1Voo-F9a7ZxJ" + rcloneClientSecret = "8p/yms3OlNXE9OTDl/HLypf9gdiJ5cT3" timeFormatIn = time.RFC3339 timeFormatOut = "2006-01-02T15:04:05.000000000Z07:00" metaMtime = "mtime" // key to store mtime under in metadata @@ -48,7 +48,7 @@ var ( Scopes: []string{storage.DevstorageFullControlScope}, Endpoint: google.Endpoint, ClientID: rcloneClientID, - ClientSecret: rcloneClientSecret, + ClientSecret: fs.Reveal(rcloneClientSecret), RedirectURL: oauthutil.TitleBarRedirectURL, } )