Avoid exfiltering OAuth Credentials in Git Repository
I am using ReadyAPI to test an OAuth2.0 secured API. I am using a Composite project with Git integration and I do not see how could I make use of Auth Manager without exfiltering my OAuth credentials into Git in plaintext, as part of the settings.xml file, within con:oAuth2ProfileContainer and con:oAuth20AuthEntry
I tried using client-id and client-secret as encrypted properties, but as soon as the groovy script sets them in the profile, they appear in clear text in the settings.xml file.
I think @HimanshuTayal answered a similar question a while back....could be wrong, but i think it was Himanshu.
@nmrao definitely answered this, but he's disappeared! 😔
if this helped answer the post, could you please mark it as 'solved'? Also if you consider whether the title of your post is relevant? Perhaps if the post is solved, it might make sense to update the Subject header field of the post to something more descriptive? This will help people when searching for problems. Ta