Contrib.social

Integrate with the Key module

Open on Drupal.org β†’
Created on 23 September 2024, about 2 months ago

Problem/Motivation

When the module is configured with the connector token, the token is saved in clear text as part of the exported configuration, exposing the authenticate key to the website.

This module should be integrated with the Key module β†’ , which provides a way to store sensitive credentials in an encrypted manner to better protect exposing those credentials inadvertently.

Steps to reproduce

  • Install the module
  • Obtain an access token
  • Navigate to /admin/config/system/monit_drupal_connector_config, add the access token and save.
  • Exposure Method 1:
    • Export configuration with drush
    • Observe access key exported in clear text in exported configuration
  • Exposure Method 2:
    • Navigate to /admin/config/development/configuration/single/export
    • Select "Simple Configuration" as the "Configuration Type"
    • Select "monit_drupal_connector.adminsettings" as the "Configuration Name"
    • Observe exposure of the token in clear text

Proposed resolution

Integrate with Key module to facilitate exporting saved access tokens in an encrypted manner.

✨ Feature request
Status

Active

Version

2.0

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States lhridley

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024