feat(secure_storage): handle package uninstall/re-install on Linux and Windows

[Jordan-Nelson]

Issue #, if available:

Changes:

General / Utils

• Add FileKeyValueStore for file simple key/value storage in the file system
• Add path_provider in as dependency in amplify_secure_storage to get the application support directory
• Tests for App re-install and utils

Linux

• Add required gio bindings to get app ID on linux
• Add App ID as a namespace for all keys since Linux does not namespace secrets by app (unlike iOS, Android, MacOS)
• Add accessGroup to linux config as an optional override to App ID to allow for sharing of data across apps
• Add initialization logic in flutter to clear all data for a given scope upon first initialization of that scope, set flags in file storage to keep track of scopes using FileKeyValueStore

Windows

• Pass application support dir from flutter package to dart only package
• Add config option for customer to optionally override the storage location
• Add Win32 Data Protection API bindings
• Use the Data Protection APIs to encrypt/decrypt data and FileKeyValueStore to store the data

Motivation:

If a user uninstalls and re-installs an app installed via snap or the Windows app store, the expectation would be that data from their previous install would not persist.

Implementation:

• Linux: Data is cleared immediately after the app is launched for the first time (after a re-install). Flags are set in application file storage to track the apps first launch post re-install.
• Windows: Encrypted data is now stored in application file storage. This removes the need to clear the data as it is removed automatically on app uninstall.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[dnys1]

Should this use the in-mem fs?

[Jordan-Nelson]

It could be updated to use in-mem. AmplifySecureStorageDart would also have to be updated to use in-mem for these tests in that case.

This is more of an integration tests since it isn't mocking libsecret / secret service, so I think it is fine as is.

[codecov-commenter]

Codecov Report

Merging #2044 (829e82b) into next (60210e7) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             next    #2044   +/-   ##
=======================================
  Coverage   42.86%   42.86%           
=======================================
  Files         114      114           
  Lines        7502     7502           
=======================================
  Hits         3216     3216           
  Misses       4286     4286           

Flag	Coverage Δ
android-unit-tests	∅ <ø> (∅)
flutter-unit-tests	25.08% <ø> (ø)
ios-unit-tests	89.06% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

[Jordan-Nelson]

We don't need path_provider_macos, but it is brought in as part of path_provider. We could bring in path_provider_linux and path_provider_windows. They are unlisted packages though. Not sure if we want to bring in unlisted packages or not.

[Jordan-Nelson]

This change is just clean up. It isn't related to this PR. AmplifySecureStorage uses AmplifySecureStorageWorker by default, so these tests were redundant.

[Jordan-Nelson]

Note: These tests were duplicates.

[dnys1]

Minor comments. Looks good, though. Thanks!

[dnys1]

What's the use case for this? Just testing?

[Jordan-Nelson]

Yeah, tests/examples. Could also be a reasonable fallback if/when we support non-flutter use cases for amplify.

[dnys1]

Should this be part of the config?

[Jordan-Nelson]

Yeah. This was unnecessary. I had added storagePath to WindowsSecureStorageOptions already. I was passing both to the _dart package, with storagePath taking priority over applicationDirectory. This made sense when I was using applicationDirectory in the _dart package on linux as well to read/write scope names, but with that happening on the flutter side, passing two values for the same thing didn't make sense.

Updated 👍

[dnys1]

Can we reformat this to not call _initalizeScope if accessGroup is set since the only reason this method has a parameter is to check if it's not null which is kind of confusing.

[dnys1]

I think this makes two copies of the list (List.from, then Uint8List.fromList). I would do Uint8List.fromList((rawData as List).cast()); to avoid that. Is the only failure because of the cast? It's probably more reasonable to do an is check if that's the case.

[Jordan-Nelson]

Updated to use .cast() over List.from.

I kept the try/catch block. rawData could not be a list, or it could be a List that contains data other than integers. Either of those would be problematic. I could do an is check to confirm it is a list, but I would still need to cast to get it to List rather than List.

[dnys1]

Suggested change

	for (var entry in keyValuePairs.entries) {
	for (final entry in keyValuePairs.entries) {

Don't necessarily need to change since I don't care as much about the style of test code but I thought this was a lint