If you just want to protect the secret from casual view (but don't need strong encryption), then you could just use a basic encryption/decryption algorithm, include the encrypted secret in the package and have the function decrypt it before sending. See the "petals" function in the TeachingDemos package for one simple example of doing this. This would not be strong encryption, an intermediate level R programmer would be able to print the secret in plain text, but it does protect from accidental or casual viewing (anyone seeing it would have to have deliberately set out to do so and would not be able to claim that they just accidentally saw it). This is fairly quick, easy, and self contained in the package.
On Fri, Jun 5, 2015 at 4:19 PM, Neal Fultz <nfu...@gmail.com> wrote: > I am working on updating the RGoogleDocs package to use OAuth2, since the > old api was recently turned off (at my job we use it as a poor mans > database). > > As part of the auth process, I need to send google a client key and secret > in order to gain access to a spreadsheet. Is there a 'safe' place to store > the secret? > I would strongly prefer not requiring my end users to have to sign up for > their own google API keys, but I also do not want to store the secret in > the clear. > > Any suggestions on best practices? > > -Neal Fultz > > [[alternative HTML version deleted]] > > ______________________________________________ > R-package-devel@r-project.org mailing list > https://stat.ethz.ch/mailman/listinfo/r-package-devel -- Gregory (Greg) L. Snow Ph.D. 538...@gmail.com ______________________________________________ R-package-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-package-devel
