Authentication strategies
SharePoint client
Samples
Sandbox
Cpass
π Simple secure string password convertor
By default, Cpass uses Machine ID as an encryption key so a secret hash can only be decrypted on a machine where it was generated.
Cpass's approach is appropriate in local development scenarios. The main goal is "not to show raw secret while presenting a desktop" or "not to commit raw secret by an incident to code source".
Installation
1
go get github.com/koltyakov/gosip/cpass
Copied!
Convertor
1
package main
2
β
3
import (
4
"flag"
5
"fmt"
6
β
7
"github.com/koltyakov/gosip/cpass"
8
)
9
β
10
func main() {
11
β
12
var rawSecret string
13
β
14
flag.StringVar(&rawSecret, "secret", "", "Raw secret string")
15
flag.Parse()
16
β
17
crypt := cpass.Cpass("")
18
β
19
secret, _ := crypt.Encode(rawSecret)
20
fmt.Println(secret)
21
β
22
}
Copied!
Encrypt secrets
1
go run ./ -secret "[email protected]$word"
2
#> -lywbAGD4iPYdJXDxLAQoMUbfBXBIQR2UZYl
Copied!
When use result token/hash as a secret in
private.json file(s).From sandbox
Another option would be installing
cpass from sandbox:1
go install github.com/koltyakov/gosip-sandbox/samples/cpass
Copied!
And using
cpass as a CLI, with no parameters the secret can be provided in a masked form without keeping it in console history:1
$ cpass
2
Password to encode: ********
3
poXx8zaJM6gLazPCtv4rMVLoTuzX_1BvYJlMAQqK
Copied!
Last modified 1yr ago
Export as PDF
Copy link