Closed Bug 1216241 Opened 9 years ago Closed 8 years ago

Show API secret only once.

Categories

(addons.mozilla.org Graveyard :: API, defect)

Product:
addons.mozilla.org Graveyard
Component:
API
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: nolski, Assigned: kumar)

References

Details

For security purposes, let's only show the API secret to the user upon generation and store a hash in our database for authentication
Assignee: nobody → me
I don't think we can store a hash of the secret because we need the original value to verify the signature. I was originally thinking the same thing but I think the best we could do is encrypt it.

Another thought I had was to hash the key instead of the secret which would prevent gaining access to all accounts if the whole table was compromised but that wouldn't help if you knew the key you wanted to attack.

Probably best to get security to weigh in on how to securely store this stuff. Encryption seems like our best bet but it's also the most work.
Blocks: 1206158
Yes, the secret cannot be hashed because the signature needs access to it. The secret is already encrypted in the database so hiding it from the UI won't require any additional backend work.
Assignee: me → kumar.mcmillan
The UX needs to be very clear on key creation that the secret will never be seen again.
Product: addons.mozilla.org → addons.mozilla.org Graveyard
This did not get moved to github during the triage
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.