fix(secure-storage): [PM-33582] Remove obsolete secure storage code

* Remove obsolete JSON value parsing.

* Remove obsolete method.
This commit is contained in:
Todd Martin 2026-04-02 19:41:28 -04:00 committed by GitHub
parent 9093a35de1
commit 8a260537e4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 3 additions and 55 deletions

View File

@ -1,20 +1,12 @@
use std::collections::HashMap;
use anyhow::{anyhow, Result};
use oo7::dbus::{self};
use tracing::info;
use crate::password::PASSWORD_NOT_FOUND;
/// Retrieves a password from the Linux Secret Service keyring.
pub async fn get_password(service: &str, account: &str) -> Result<String> {
match get_password_new(service, account).await {
Ok(res) => Ok(res),
Err(_) => get_password_legacy(service, account).await,
}
}
async fn get_password_new(service: &str, account: &str) -> Result<String> {
let keyring = oo7::Keyring::new().await?;
let _ = try_prompt(&keyring).await;
let attributes = HashMap::from([("service", service), ("account", account)]);
@ -29,29 +21,6 @@ async fn get_password_new(service: &str, account: &str) -> Result<String> {
}
}
// forces to read via secret service; remvove after 2025.03
async fn get_password_legacy(service: &str, account: &str) -> Result<String> {
info!("falling back to get legacy {} {}", service, account);
let svc = dbus::Service::new().await?;
let collection = svc.default_collection().await?;
let keyring = oo7::Keyring::DBus(collection);
let _ = try_prompt(&keyring).await;
let attributes = HashMap::from([("service", service), ("account", account)]);
let results = keyring.search_items(&attributes).await?;
let res = results.first();
match res {
Some(res) => {
let secret = res.secret().await?;
info!(service, account, "deleting legacy secret service entry",);
keyring.delete(&attributes).await?;
let secret_string = String::from_utf8(secret.to_vec())?;
set_password(service, account, &secret_string).await?;
Ok(secret_string)
}
None => Err(anyhow!(PASSWORD_NOT_FOUND)),
}
}
/// Stores a password in the Linux Secret Service keyring.
pub async fn set_password(service: &str, account: &str, password: &str) -> Result<()> {
let keyring = oo7::Keyring::new().await?;

View File

@ -28,14 +28,14 @@ export class DesktopCredentialStorageListener {
let val: string | boolean = null;
if (message.action && message.key) {
if (message.action === "getPassword") {
val = await this.getPassword(serviceName, message.key, message.keySuffix);
val = await passwords.getPassword(serviceName, message.key);
} else if (message.action === "hasPassword") {
const result = await passwords.getPassword(serviceName, message.key);
val = result != null;
} else if (message.action === "setPassword" && message.value) {
await this.setPassword(serviceName, message.key, message.value, message.keySuffix);
await passwords.setPassword(serviceName, message.key, message.value);
} else if (message.action === "deletePassword") {
await this.deletePassword(serviceName, message.key, message.keySuffix);
await passwords.deletePassword(serviceName, message.key);
}
}
return val;
@ -50,25 +50,4 @@ export class DesktopCredentialStorageListener {
}
});
}
// Gracefully handle old keytar values, and if detected updated the entry to the proper format
private async getPassword(serviceName: string, key: string, keySuffix: string) {
const val = await passwords.getPassword(serviceName, key);
try {
JSON.parse(val);
} catch (e) {
throw new Error("Password in bad format" + e + val);
}
return val;
}
private async setPassword(serviceName: string, key: string, value: string, keySuffix: string) {
await passwords.setPassword(serviceName, key, value);
}
private async deletePassword(serviceName: string, key: string, keySuffix: string) {
await passwords.deletePassword(serviceName, key);
}
}