Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
jallmann 5 hours ago

> OAuth with refresh tokens.

Then the LLM slurps up your refresh token. What's next?

kittoes 5 hours ago | parent | next [-]

Is that really a concern though in the same way API keys are? Since when do OAuth clients store refresh tokens in areas that LLMs regularly scan? API keys are truly passwords, while refresh tokens are exchanged for a password.

Sure, a leak would be bad but I'd argue that it's orders of magnitude less likely compared to the accepted norm.

jallmann 4 hours ago | parent | next [-]

The accepted norm is, increasingly, full disk access, regardless of how bad of an idea it is. At a minimum, agents typically will have a way of obtaining new access tokens.

Refresh tokens don't solve anything in this case; they just shuffle the problem around, and introduce other complications of their own.

What you want are capability scoped credentials that are enforced on the backend. That is agnostic to credential issuance mechanism, although passkeys are the best.

Using these credentials effectively still presupposes hygiene that might not exist in a typical developer environment, eg no root credentials (or access to such) sitting anywhere. There's probably a good product and market for whoever can solve this in a low-friction way.

Sohcahtoa82 3 hours ago | parent | prev [-]

> Since when do OAuth clients store refresh tokens in areas that LLMs regularly scan?

If you can store your refresh token outside of where LLMs regularly scan, then why not just store your API token in that place?

The point is that refresh tokens do nothing to increase security. If a refresh token can be used to get a token, then the refresh token might as well be the actual token.

It's akin to performing client-side password hashing. It doesn't make your password more secure, it just means your hash is now your password. If someone is able to sniff your traffic, hashing the password first doesn't change anything.

I grow so tired of half-baked security theater.

jpalawaga 2 hours ago | parent | prev | next [-]

depends on the grant type and what scenario we're talking about. things change if we're talking about 3-legged oauth or client-device oauth. for example, in an authorization code flow, the refresh token is useless without the client id/secret.

more providers are making refresh-tokens single shot. this means that if someone refreshes your token for you, your own auth will break as you will not be eligible to refresh the token, at which point you could reconnect the app and void the old (stolen) session.

time-limiting and single-purposing the tokens are not cure-alls, but they do certainly offer enhanced security by limiting the amount and scope of damage.

5 hours ago | parent | prev [-]
[deleted]