-
Notifications
You must be signed in to change notification settings - Fork 20
/
keyring_storage_provider.go
88 lines (75 loc) · 2.38 KB
/
keyring_storage_provider.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package storage
import (
"errors"
"github.com/cyberark/conjur-api-go/conjurapi/logging"
"github.com/zalando/go-keyring"
)
type KeyringStorageProvider struct {
machineName string
}
var keyring_keys = []string{"login", "password", "authn_token"}
var ErrWritingCredentials = errors.New("unable to write credentials to keyring")
var ErrReadingCredentials = errors.New("unable to read credentials from keyring")
func NewKeyringStorageProvider(machineName string) *KeyringStorageProvider {
return &KeyringStorageProvider{
machineName: machineName,
}
}
// IsKeyringAvailable returns true if the keyring is available on the system
func IsKeyringAvailable() bool {
// Try to get a value. If there's an error other than "not found", then the
// keyring is not available.
_, err := keyring.Get("test", "test")
return err == keyring.ErrNotFound
}
func (k *KeyringStorageProvider) StoreCredentials(login string, password string) error {
err := keyring.Set(k.machineName, "login", login)
if err != nil {
logging.ApiLog.Debug(err)
return ErrWritingCredentials
}
err = keyring.Set(k.machineName, "password", password)
if err != nil {
logging.ApiLog.Debug(err)
return ErrWritingCredentials
}
return nil
}
func (k *KeyringStorageProvider) ReadCredentials() (string, string, error) {
login, err := keyring.Get(k.machineName, "login")
if err != nil && err != keyring.ErrNotFound {
logging.ApiLog.Debug(err)
return "", "", ErrReadingCredentials
}
password, err := keyring.Get(k.machineName, "password")
if err != nil && err != keyring.ErrNotFound {
logging.ApiLog.Debug(err)
return "", "", ErrReadingCredentials
}
return login, password, nil
}
func (k *KeyringStorageProvider) ReadAuthnToken() ([]byte, error) {
token, err := keyring.Get(k.machineName, "authn_token")
if err != nil && err != keyring.ErrNotFound {
logging.ApiLog.Debug(err)
return nil, ErrReadingCredentials
}
return []byte(token), nil
}
func (k *KeyringStorageProvider) StoreAuthnToken(token []byte) error {
err := keyring.Set(k.machineName, "authn_token", string(token))
if err != nil {
logging.ApiLog.Debug(err)
return ErrWritingCredentials
}
return nil
}
func (k *KeyringStorageProvider) PurgeCredentials() error {
for _, key := range keyring_keys {
err := keyring.Delete(k.machineName, key)
if err != nil {
logging.ApiLog.Debugf("Error when deleting %s from keyring: %s", key, err)
}
}
return nil
}