Vscode-restclient: importing secrets or sensitive variables

Created on 19 Oct 2018  路  7Comments  路  Source: Huachao/vscode-restclient

Is it possible if i could import variables from a different file? I'd like to be able to import variables from another file so that they won't be stored in git.

e.g:

@import {{password}} from './secrets'
@import {{authtoken}} from './secrets'

this way i can .gitignore this folder

Or is there a way to get environment variables from the CLI? I guess i'm asking for something similar to #252

feature request

Most helpful comment

Big +1 to this. It would be really cool if I could store the entire JSON config for a domain in an external file and simply specify the path to that file within "rest-client.certificates" instead of a JSON object, which should be pretty easy to detect as well. Something like this:

{
    // ...
    "rest-client.certificates": {
        "example.com": "/home/myname/secrets/certInfo/example.com.json"
    }
    // ...
}

The contents of ".../example.com.json" should just be the object that you would otherwise put in the config, e.g.:

{
    "pfx": "/home/myname/certs/mycert.p12",
    "passphrase": "iamsupercool"
}

This would be super handy, both for security and because it would allow more easily reusing credentials across domains by simply referring to the same JSON file.

All 7 comments

Big +1 to this. It would be really cool if I could store the entire JSON config for a domain in an external file and simply specify the path to that file within "rest-client.certificates" instead of a JSON object, which should be pretty easy to detect as well. Something like this:

{
    // ...
    "rest-client.certificates": {
        "example.com": "/home/myname/secrets/certInfo/example.com.json"
    }
    // ...
}

The contents of ".../example.com.json" should just be the object that you would otherwise put in the config, e.g.:

{
    "pfx": "/home/myname/certs/mycert.p12",
    "passphrase": "iamsupercool"
}

This would be super handy, both for security and because it would allow more easily reusing credentials across domains by simply referring to the same JSON file.

+1 This would be great. We would prefer passwords and other sensitive data outside the working directory included from an external source. Maybe hook it up to a password vault or keychain type of store?

For anyone reading this:

  • #182 is a similar suggestion, maybe a bit simpler as it would import files entirely instead of specific variables from them.
  • A workaround is to use system variables, like this:
@authToken = {{$processEnv AUTH_TOKEN}}

GET https://example.com
Token: {{authToken}}

The AUTH_TOKEN can be put to keychain (as mentioned by @cloudrkt), e.g., via onyxraven/zsh-osx-keychain, in which case the .bashrc can look like this:

export AUTH_TOKEN=$(keychain-environment-variable AUTH_TOKEN)

For anyone reading this:

  • #182 is a similar suggestion, maybe a bit simpler as it would import files entirely instead of specific variables from them.
  • A workaround is to use system variables, like this:
@authToken = {{$processEnv AUTH_TOKEN}}

GET https://example.com
Token: {{authToken}}

The AUTH_TOKEN can be put to keychain (as mentioned by @cloudrkt), e.g., via onyxraven/zsh-osx-keychain, in which case the .bashrc can look like this:

export AUTH_TOKEN=$(keychain-environment-variable AUTH_TOKEN)

Is this really working ? i didn't get the expected result using $processEnv. I am using environment variable for host url, but i am getting the following error
Connection is being rejected. The service isn鈥檛 running on the server, or incorrect proxy settings in vscode, or a firewall is blocking requests. Details: RequestError: connect ECONNREFUSED 127.0.0.1:443.

but when i directly add the host url it is working. Not working with the $processEnv

I have added host variable in my .bashrc file

@sruthicps Did you fully restart VSCode (not just "reload window" but fully restart the app)? Environment variables are applied once, when VSCode starts, so that might be the reason.

Overall, yes, it works, we use this approach.

@borekb Sorry it was an issue with the shell i am using with vscode. When i changed the default shell, it works :)
Thank you

another good option is to put credentials into a .env file which can be read using: {{$dotenv PASSWORD}}
https://github.com/Huachao/vscode-restclient#system-variables

(remember to .gitignore this file to avoid committing it)

Was this page helpful?
0 / 5 - 0 ratings