rfcs icon indicating copy to clipboard operation
rfcs copied to clipboard
verified publisher icon obsproject

Add RFC: libobs keychain APIs

Open derrod opened this issue 2 years ago • 2 comments

Summary

Proposes a libobs platform API for keychain access which can be used to securely store credentials.

Motivation and Context

While the credentials stored by OBS in profiles are not of severe sensitivity due to limited scope, as a modern desktop application we should still do our best to store them securely.

Link to RFC

derrod avatar Jun 14 '23 18:06 derrod

In implemeting this in https://github.com/obsproject/obs-studio/pull/9122 I was wondering if perhaps there is a need for something like bool os_keychain_available(void) to query keychain support? This may be important mostly on Linux where the keychain is not guaranteed to be provided by the OS e.g. to be able to determine whether or not to fall back to unsecured file storage or warn the users.

derrod avatar Jun 24 '23 21:06 derrod

Updated with os_keychain_available() and a label parameter that is used to specify a user-facing name for the group/service a keychain entry belongs to, e.g. "OBS Studio OAuth Credentials".

derrod avatar Jun 25 '23 02:06 derrod