shapehq · simonbs · May 10, 2023 · May 10, 2023
@@ -11,12 +11,16 @@ let package = Package(
         .library(name: "KeychainLive", targets: ["KeychainLive"]),
         .library(name: "RSAPrivateKey", targets: ["RSAPrivateKey"])
     ],
+    dependencies: [
+        .package(path: "../Logging")
+    ],
     targets: [
         .target(name: "Keychain", dependencies: [
             "RSAPrivateKey"
         ]),
         .target(name: "KeychainLive", dependencies: [
             "Keychain",
+            .product(name: "LogConsumer", package: "Logging"),
             "RSAPrivateKey"
         ]),
         .target(name: "RSAPrivateKey")

@@ -1,12 +1,15 @@
 import Foundation
 import Keychain
 import LocalAuthentication
+import LogConsumer
 import RSAPrivateKey
 
 public actor KeychainLive: Keychain {
+    private let logger: LogConsumer
     private let accessGroup: String?
 
-    public init(accessGroup: String? = nil) {
+    public init(logger: LogConsumer, accessGroup: String? = nil) {
+        self.logger = logger
         self.accessGroup = accessGroup
     }
 }
@@ -17,14 +20,26 @@ public extension KeychainLive {
         let findQuery = FindPasswordQuery(accessGroup: accessGroup, service: service, account: account)
         if SecItemCopyMatching(findQuery.rawQuery, nil) == errSecSuccess {
             let updateQuery = UpdatePasswordQuery(password: password)
-            guard SecItemUpdate(findQuery.rawQuery, updateQuery.rawQuery) == errSecSuccess else {
+            let updateStatus = SecItemUpdate(findQuery.rawQuery, updateQuery.rawQuery)
+            guard updateStatus == errSecSuccess else {
+                logger.error(
+                    "Failed updating password for account \"%@\" belong to service \"%@\". Received status: %d",
+                    account,
+                    service,
+                    updateStatus
+                )
                 return false
             }
         } else {
             let addQuery = AddPasswordQuery(accessGroup: accessGroup, service: service, account: account, password: password)
-            let status = SecItemAdd(addQuery.rawQuery, nil)
-            guard status == errSecSuccess else {
-                print(status)
+            let addStatus = SecItemAdd(addQuery.rawQuery, nil)
+            guard addStatus == errSecSuccess else {
+                logger.error(
+                    "Failed setting password for account \"%@\" belong to service \"%@\". Received status: %d",
+                    account,
+                    service,
+                    addStatus
+                )
                 return false
             }
         }
@@ -33,6 +48,11 @@ public extension KeychainLive {
 
     func setPassword(_ password: String, forAccount account: String, belongingToService service: String) async -> Bool {
         guard let data = password.data(using: .utf8) else {
+            logger.error(
+                "Failed setting password for account \"%@\" belong to service \"%@\" because the password could not be converted to UTF-8 data",
+                account,
+                service
+            )
             return false
         }
         return await setPassword(data, forAccount: account, belongingToService: service)
@@ -62,12 +82,16 @@ public extension KeychainLive {
     func setKey(_ key: RSAPrivateKey, withTag tag: String) async -> Bool {
         let findQuery = FindKeyQuery(accessGroup: accessGroup, tag: tag)
         if SecItemCopyMatching(findQuery.rawQuery, nil) == errSecSuccess {
-            guard SecItemDelete(findQuery.rawQuery) == errSecSuccess else {
+            let removeStatus = SecItemDelete(findQuery.rawQuery)
+            guard removeStatus == errSecSuccess else {
+                logger.error("Failed removing existing RSA private key with tag \"%@\". Received status code: %d", tag, removeStatus)
                 return false
             }
         }
         let addQuery = AddKeyQuery(accessGroup: accessGroup, tag: tag, key: key.rawValue)
-        guard SecItemAdd(addQuery.rawQuery, nil) == errSecSuccess else {
+        let addStatus = SecItemAdd(addQuery.rawQuery, nil)
+        guard addStatus == errSecSuccess else {
+            logger.error("Failed storing RSA private key with tag \"%@\". Received status code: %d", tag, addStatus)
             return false
         }
         return true

@@ -8,6 +8,8 @@ import GitHubService
 import GitHubServiceLive
 import Keychain
 import KeychainLive
+import LogConsumer
+import LogConsumerOSLog
 import LogExporter
 import LogExporterLive
 import LogStore
@@ -60,6 +62,10 @@ enum CompositionRoot {
 }
 
 private extension CompositionRoot {
+    private static func logger(withCategory category: LoggerCategory) -> LogConsumer {
+        LogConsumerOSLog(category: category.rawValue)
+    }
+
     private static var logExporter: LogExporter {
         LogExporterLive(fileSystem: fileSystem, logStore: logStore)
     }
@@ -121,7 +127,10 @@ private extension CompositionRoot {
     }
 
     private static var keychain: Keychain {
-        KeychainLive(accessGroup: "566MC7D8D4.dk.shape.Tartelet")
+        KeychainLive(
+            logger: logger(withCategory: .keychain),
+            accessGroup: "566MC7D8D4.dk.shape.Tartelet"
+        )
     }
 
     private static var networkingService: NetworkingService {

@@ -0,0 +1,5 @@
+import Foundation
+
+enum LoggerCategory: String {
+    case keychain = "Keychain"
+}