Hardcoded Secrets

[sabrehagen]

It seems the OAuth app details are hardcoded into the source. Example 1 Example 2.

Can this be changed to use a central config source (like in cloudbrowser), and can that config inherit from environment variables, not hardcoded source values that require a recompile?

[lemourin]

Hardcoded secrets are only for testing purposes. The management of secrets is a responsibility of a libcloudstorage client. cloudstorage-fuse (being a libcloudstorage client) currently doesn't load secrets from elsewhere.

[sabrehagen]

The management of secrets is a responsibility of a libcloudstorage client. cloudstorage-fuse (being a libcloudstorage client) currently doesn't load secrets from elsewhere.

I'm trying to figure this out but can't. Rephrasing your words might highlight my confusion:

The libcloudstorage cloudstorage-fuse client is responsible for managing secrets, and currently doesn't load secrets from elsewhere.

If this is the case, where does cloudstorage-fuse load its secrets from that it is responsible for? I can't locate any secrets under /bin/fuse.

[lemourin]

cloudstorage-fuse doesn't load secrets from anywhere which means that it just uses the default hardcoded secrets. Loading from other place is not currently implemented in cloudstorage-fuse.