Change secret schema type to avoid no password prompt #231
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As shown in #213, mailnag won't authenticate on first start. The reason can be found in https://gitlab.gnome.org/GNOME/libsecret/-/issues/7. It is because that when creating schema using `Secret.SchemaFlags.NONE`. The schema name is sent as attribute to match (`xdg:schema`). However, for gnome-keyring side, when the secret is locked. The secret will have extra attributes which makes that the lookup fails. And use `Secret.Schema.Flags.DONT_MATCH_NAME` flag creates the schema can avoid this situation. However, there is also another situation, just make the schema name to be `None`, which would be `org.freedesktop.Secret.Generic` schema, which means no schema at all, so any attributes can be used. So the `password_lookpup_sync` can also success to allow the password prompt. This PR adopts the first solution, simply change the FLAG. Closes #213
This pull request was closed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As shown in #213, mailnag won't authenticate on first start. The reason
can be found in https://gitlab.gnome.org/GNOME/libsecret/-/issues/7. It
is because that when creating schema using
Secret.SchemaFlags.NONE.The schema name is sent as attribute to match (
xdg:schema). However,for gnome-keyring side, when the secret is locked. The secret will have
extra attributes which makes that the lookup fails. And use
Secret.Schema.Flags.DONT_MATCH_NAMEflag creates the schema can avoidthis situation.
However, there is also another situation, just make the schema name to
be
None, which would beorg.freedesktop.Secret.Genericschema, whichmeans no schema at all, so any attributes can be used. So the
password_lookpup_synccan also success to allow the password prompt.This PR adopts the first solution, simply change the FLAG.
Closes #213
When using
secret-tool search --all xdg:schema org.freedesktop.Secret.Generic. The following picture illustrates partial result.We can see that
gnome-keyringadd attributeattribute.gkr:compat:hashed:xdg:schemaand there are two original attributesaccountandservice. When the secret is locked. The attributes becomeattribute.gkr:compat:hashed:accountandattribute.gkr:compat:hashed:service. And when executing the commandsecret-tool search --all xdg:schema com.github.pulb.mailnag, the result is:There would be no actions.
The reason can be found in https://gitlab.gnome.org/GNOME/libsecret/-/issues/7.