Secure storage for tokens, credentials and other secrete

[nickrandolph]

What would you like to be added:

Proposed interface is essentially a key-value repository with implementations for:

• In memory
• ApplicationData using DataProtection API (Windows)
• Keychain (iOS)
• Keystore (Android)

public interface IKeyedStorage
{
	/// <summary>
	/// Removes any value stored under the provided key.
	/// </summary>
	/// <param name="key">The key to clear (pass null to clear all)</param>
	/// <param name="ct">A cancellation token.</param>
	/// <returns></returns>
	ValueTask Clear(string? key, CancellationToken ct);

	/// <summary>
	/// Gets a value saved under that name. If that value does not exist, throws a <seealso cref="KeyNotFoundException"/>.
	/// </summary>
	/// <typeparam name="TValue">The returned value type. This type must be serializable.</typeparam>
	/// <param name="key">The key to get the value for.</param>
	/// <param name="ct">A cancellation token.</param>
	/// <returns></returns>
	/// <remarks>When the default selector is called, this default value is not stored.</remarks>
	ValueTask<TValue> GetValue<TValue>(string key, CancellationToken ct);


	/// <summary>
	/// Sets the value for the specified key (overrides any existing value)
	/// </summary>
	/// <typeparam name="TValue">The updated value type. This type must be serializable.</typeparam>
	/// <param name="key">The key to save the value under.</param>
	/// <param name="value">The value to save under the provided key.</param>
	/// <param name="ct">A cancellation token.</param>
	/// <returns></returns>
	ValueTask SetValue<TValue>(string key, TValue value, CancellationToken ct) where TValue : notnull;

	/// <summary>
	/// Indicates whether there's a value stored for the key.
	/// </summary>
	/// <param name="key">The key to inspect value for.</param>
	/// <param name="ct">A cancellation token.</param>
	/// <returns></returns>
	ValueTask<bool> ContainsKey(string key, CancellationToken ct);

	/// <summary>
	/// Gets an array of all keys that currently have a value saved under their name.
	/// </summary>
	/// <param name="ct">A cancellation token.</param>
	/// <returns></returns>
	ValueTask<string[]> GetAllKeys(CancellationToken ct);
}

Why is this needed:

This is required for authentication to ensure that tokens aren't saved in plain text and are only accessible via the app

For which Platform:

• iOS
• Android
• WebAssembly
• WebAssembly renders for Xamarin.Forms
• Windows
• Build tasks

Anything else we need to know?

[francoistanguay]

Dont they all need to be suffixed with Async?

Also, should we call it IKeyValueStorage? Is Keyed a known term and used somewhere?

[Xiaoy312]

The interface look much like the IDictionary<TKey,TValue>.
"Keyed" isnt a term that get used, although I've used that in personal project... "KeyValue" is a much better descriptor since we already have KeyValuePair, which we are all familiar with.
IDictionaryStorage or IKeyValueStorage?
edit: given all methods are async, maybe suffix -Async to the class/interface name and methods name too.

[jeromelaban]

Also, what's the difference with https://github.com/unoplatform/uno/blob/a5a2962c30cbbd626c9ea548a94aad70d5bf5024/doc/articles/features/PasswordVault.md ?

GitHub

uno/PasswordVault.md at a5a2962c30cbbd626c9ea548a94aad70d5bf5024 · unoplatform/uno

Build Mobile, Desktop and WebAssembly apps with C# and XAML. Today. Open source and professionally supported. - uno/PasswordVault.md at a5a2962c30cbbd626c9ea548a94aad70d5bf5024 · unoplatform/uno

[jeanplevesque]

I'm seeing TValue instead of string. This implies that implementations will be coupled with serializers?