Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use VCR's filter_sensitive_data to avoid writing access tokens and client secrets to YML recordings #13

Closed
dblock opened this issue Dec 4, 2018 · 4 comments
Closed

Use VCR's filter_sensitive_data to avoid writing access tokens and client secrets to YML recordings #13

dblock opened this issue Dec 4, 2018 · 4 comments
Labels
chore

Comments

@dblock
Copy link
Owner

dblock commented Dec 4, 2018
edited
Loading

Couldn't make it work for the Bearer header. Currently having to constantly edit new YMLs and replace the access token with access-token when a new cassette is recorded.
@dblock dblock added the chore label Dec 4, 2018
@dblock dblock changed the title Use VCR's filter_sensitive_data to avoid writing access tokens to YML recordings Use VCR's filter_sensitive_data to avoid writing access tokens and client secrets to YML recordings Dec 4, 2018
dblock added a commit that referenced this issue Dec 4, 2018
@dblock
Replace access token when recording VCR cassettes. Part of #13.
357cda6
@scottolsen
Copy link
Contributor

Is this still an issue? This is what I have in my app.

VCR.configure do |config|
  config.filter_sensitive_data('access-token') { ENV['STRAVA_ACCESS_TOKEN'] }
end

@dblock
Copy link
Owner Author

dblock commented Apr 14, 2020

Not sure. This is about this project, you can check whether it's reproduced, delete any .yml in specs, set STRAVA_ACCESS_TOKEN and run the spec. It will re-record a new VCR yml. Open it, does it have your STRAVA_ACCESS_TOKEN or "access-token"? If it's the former, the bug is the bug, if it's the latter we're good and this can be closed.

@scottolsen
Copy link
Contributor

Looks like it can be closed. Some of the specs failed but it looks like it was due to data changing in Strava, like more people have completed a segment.

headers:
  Authorization:
  - Bearer access-token

@dblock
Copy link
Owner Author

dblock commented Apr 14, 2020

Awesome, thanks for checking.

@dblock dblock closed this as completed Apr 14, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
chore
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@scottolsen @dblock