Feature request: Ability to encrypt access tokens

[ggreer]

Some PSA backends can have very sensitive access tokens. For example, a token can give write access to a user's GitHub repositories. I think that's something that should be given extra protection.

The most reasonable solution, in my opinion, is to encrypt the DB column containing the token. Disk encryption isn't quite the right way to protect this data. Databases are often backed-up or replicated, so protecting sensitive data then requires ensuring everything is encrypted when transmitting to or storing on other machines.

Some cursory searching reveals a couple of handy tools for encrypting fields. https://github.com/defrex/django-encrypted-fields looks like the most promising one.

If people are OK with this, I might play around with hooking it up. I've built similar things before.

[omab]

I don't think the application should take care of that, it should be open enough for devs to include such option (and it's already), but not be tied to any particular encryption mechanism. That being said, I'd be happy to include the needed documentation recommending this protection.

Encryption of extra_data can be implemented by:

• Define a custom storage implementation

# storage.py

from social.apps.django_app.default.models import UserSocialAuth, Nonce, Association, Code, DjangoStorage

class EncryptedUserSocialAuth(UserSocialAuth):
    extra_data = EncryptedJSONField()

class EncryptedDjangoStorage(DjangoStorage):
    user = EncryptedUserSocialAuth
    nonce = Nonce
    association = Association
    code = Code


# in settings.py
SOCIAL_AUTH_STORAGE = 'path.to.storage'

• Extending the pipeline (add it after 'social.pipeline.social_auth.load_extra_data')

def encrypt_extra_data(strategy, details, response, uid, user, social, *args, **kwargs):
    extra_data = encrypt_values(social.extra_data)
    social.set_extra_data(extra_data)