keyring-rs icon indicating copy to clipboard operation
keyring-rs copied to clipboard

Published 20 hours ago verified publisher icon hwchen

`set_password` should create collection on Linux if it doesn't exist

Open lucasfernog opened this issue 3 years ago • 4 comments

The Linux implementation throws an error if we use a collection that does not exist, this is the code. I think it should create the collection if it is not found, or we should expose a method to create it. What do you think? I can PR this.

lucasfernog avatar Jan 04 '22 00:01 lucasfernog

Until now we have focused on creating and deleting items not collections (which are very platform-specific). And none of our public (platform-independent) API really addresses "groups" of items because they are so platform-specific.

I would be happy to look at a PR you submit for this, but please try to do it as an extension to the API so as to maintain backward compatibility. (Don't, for example, try to make this the default behavior.)

brotskydotcom avatar Jan 04 '22 01:01 brotskydotcom

@brotskydotcom I agree that, we should use the abstracted term target to stay platform agnostic. But probably, it makes sense to error-handle this following Result with a ss.create_collection(...) call.

https://github.com/hwchen/keyring-rs/blob/8b6a387f362740b054eaebd7c7e8a8dc4cfcd584/src/linux.rs#L13-L14

Would be happy to create a PR if you green-flag this.

rnbguy avatar Jan 24 '22 15:01 rnbguy

Looks like hwchen/secret-service-rs#27 needs to be closed for this.

rnbguy avatar Jan 24 '22 15:01 rnbguy

Hi @rnbguy and @lucasfernog, let me try to clarify what my feeling is about this. The current API of Keyring (which is about to work for iOS as well) is that it gives access to and creates secrets in the existing collections of the underlying credential manager (which vary from platform to platform). If you ask to create or read a secret in a collection that doesn't exist you get an error. Because there is only one platform which allows creating new collections anymore, I'm not a fan of trying to change the default behavior on all platforms if the collection requested doesn't exist. That would only work on one of the four platforms, and a client who was writing for that platform could just do the creation of the collection themself if Keyring failed to find it.

The way I could imagine this being added to Keyring would be for there to be a new configuration object that, for example, had settings for how to handle various errors. Then you could improve the Linux platform implementation so that it handled the missing collection by creating it, and that configuration would be ignored on the other platforms.

brotskydotcom avatar Feb 05 '22 07:02 brotskydotcom

With the release of v2, each platform gets its own credential store implementation which can handle targets however it wants. This paves the way for the secret-service credential store to implement collection creation. @rnbguy and @lucasfernog, do you want to take a shot at a PR for this?

brotskydotcom avatar Jan 31 '23 05:01 brotskydotcom

Awesome! Thanks for reaching out but I am busy these days. Can't really say when I will have some free time to take a dig at it.

On second thought, is it enough to create a new create_collection() along with get_collection()?

https://github.com/hwchen/keyring-rs/blob/89ddbcb86e211ebd5563dc40baa501461cb149ae/src/secret_service.rs#L170-L179

rnbguy avatar Jan 31 '23 10:01 rnbguy

Sorry guys but i'm totally busy with Tauri right now.

lucasfernog avatar Jan 31 '23 23:01 lucasfernog