From 57a40cf6da0f850febb3a4b2c8fcd414517a4df0 Mon Sep 17 00:00:00 2001
From: Hong Ooi <hongooi@microsoft.com>
Date: Fri, 10 May 2019 10:14:36 +1000
Subject: [PATCH] implement basic secret obfusc

---
 NAMESPACE         |  1 +
 R/stored_secret.R | 16 ++++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/NAMESPACE b/NAMESPACE
index 6c01acf..69561ba 100644
--- a/NAMESPACE
+++ b/NAMESPACE
@@ -1,6 +1,7 @@
 # Generated by roxygen2: do not edit by hand
 
 S3method(print,cert_policy)
+S3method(print,secret_value)
 S3method(print,vault_access_policy)
 export(AzureKeyVault)
 export(az_key_vault)
diff --git a/R/stored_secret.R b/R/stored_secret.R
index adedefc..1eea56e 100644
--- a/R/stored_secret.R
+++ b/R/stored_secret.R
@@ -71,6 +71,14 @@ public=list(
     value=NULL,
     contentType=NULL,
 
+    initialize=function(...)
+    {
+        super$initialize(...)
+
+        # basic obfuscation of value to help mitigate shoulder-surfing
+        class(self$value) <- "secret_value"
+    },
+
     list_versions=function()
     {
         lst <- lapply(get_vault_paged_list(self$do_operation("versions", version=NULL), self$token), function(props)
@@ -99,3 +107,11 @@ public=list(
         invisible(self)
     }
 ))
+
+
+#' @export
+print.secret_value <- function(x, ...)
+{
+    cat("<hidden>\n")
+    invisible(x)
+}