I am implementing a two-way OAuth protocol provider side for API authentication. We will provide the consumer with the key and secret of the consumer, which they will use to sign requests. Two-way OAuth is dictated by the compatibility standard and therefore the requirement.
The secret is like a password, and I would never store the password as plain text (bCrypt or similar would be my normal choice). But since my provider needs access to the secret key to verify the signature, it must be either in some text or in a reversible form.
I considered the following options:
Keep secret as plain text
This is the most obvious solution, but if the database is somehow compromised, then all the secrets will need to be changed. For me, this solution is not ideal, because it has all the problems with saving the password in text format.
Apply reversible encryption (e.g. AES) using an encryption key stored elsewhere
This will provide some security because if the database is compromised, the secrets will still be safe. But reversible encryption requires an encryption key, and the key must be stored on the server. This means that if an attacker compromises a machine, then encryption can be circumvented.
Is there something I was not thinking about?
Oauth . "" , , nonce . HMAC-SHA1 . , , , . , HMAC-SHA1 . , , .