feat: better keyring handling
This commit is contained in:
jane400
jane400
parent
d7e905f7eb
commit
11d7cb2ef4
1 changed files with 111 additions and 11 deletions
|
|
@ -1,4 +1,8 @@
|
||||||
use std::sync::OnceLock;
|
use std::{str::FromStr as _, sync::OnceLock};
|
||||||
|
|
||||||
|
use gtk::glib;
|
||||||
|
use libpaket::{locker::crypto::CustomerKeySeed, login::RefreshToken, LibraryError};
|
||||||
|
use secrecy::{zeroize::Zeroize, ExposeSecret, SecretBox};
|
||||||
|
|
||||||
pub static KEYRING: OnceLock<oo7::Keyring> = OnceLock::new();
|
pub static KEYRING: OnceLock<oo7::Keyring> = OnceLock::new();
|
||||||
|
|
||||||
|
|
@ -7,13 +11,18 @@ fn get_keyring_base_attribute() -> (&'static str, &'static str) {
|
||||||
}
|
}
|
||||||
|
|
||||||
fn get_keyring_attributes_refresh_token() -> Vec<(&'static str, &'static str)> {
|
fn get_keyring_attributes_refresh_token() -> Vec<(&'static str, &'static str)> {
|
||||||
vec![get_keyring_base_attribute(), ("type", "refresh_token")]
|
vec![
|
||||||
|
get_keyring_base_attribute(),
|
||||||
|
("type", "refresh_token"),
|
||||||
|
("version", "1"),
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
fn get_keyring_attributes_packstation() -> Vec<(&'static str, &'static str)> {
|
fn get_keyring_attributes_packstation() -> Vec<(&'static str, &'static str)> {
|
||||||
vec![
|
vec![
|
||||||
get_keyring_base_attribute(),
|
get_keyring_base_attribute(),
|
||||||
("type", "packstation-gerät-secret"),
|
("type", "packstation-gerät-secret"),
|
||||||
|
("version", "1"),
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -30,7 +39,7 @@ fn get_keyring<'a>() -> &'a oo7::Keyring {
|
||||||
KEYRING.get().unwrap()
|
KEYRING.get().unwrap()
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn keyring_get_refresh_token() -> oo7::Result<Option<String>> {
|
pub async fn keyring_get_refresh_token() -> oo7::Result<Option<RefreshToken>> {
|
||||||
let items = get_keyring()
|
let items = get_keyring()
|
||||||
.search_items(&get_keyring_attributes_refresh_token())
|
.search_items(&get_keyring_attributes_refresh_token())
|
||||||
.await?;
|
.await?;
|
||||||
|
|
@ -40,7 +49,9 @@ pub async fn keyring_get_refresh_token() -> oo7::Result<Option<String>> {
|
||||||
item.unlock().await?;
|
item.unlock().await?;
|
||||||
}
|
}
|
||||||
let data = item.secret().await.unwrap();
|
let data = item.secret().await.unwrap();
|
||||||
Ok(Some(String::from_utf8(data.to_vec()).unwrap()))
|
Ok(Some(
|
||||||
|
RefreshToken::new(String::from_utf8(data.to_vec()).unwrap()).unwrap(),
|
||||||
|
))
|
||||||
} else {
|
} else {
|
||||||
Ok(None)
|
Ok(None)
|
||||||
}
|
}
|
||||||
|
|
@ -57,23 +68,112 @@ pub async fn keyring_set_refresh_token(value: String) -> oo7::Result<()> {
|
||||||
.await
|
.await
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn keyring_get_packstation() -> oo7::Result<Option<String>> {
|
#[derive(serde::Serialize, serde::Deserialize, Clone)]
|
||||||
|
struct PackstationSecrets {
|
||||||
|
postnumber: String,
|
||||||
|
seed: String,
|
||||||
|
uuid: String,
|
||||||
|
device_id: String,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl secrecy::SerializableSecret for PackstationSecrets {}
|
||||||
|
|
||||||
|
impl Zeroize for PackstationSecrets {
|
||||||
|
fn zeroize(&mut self) {
|
||||||
|
self.device_id.zeroize();
|
||||||
|
self.postnumber.zeroize();
|
||||||
|
self.seed.zeroize();
|
||||||
|
self.uuid.zeroize();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Debug)]
|
||||||
|
pub enum KeyringError {
|
||||||
|
OO7(oo7::Error),
|
||||||
|
Libpaket(LibraryError),
|
||||||
|
SerdeJson(serde_json::Error),
|
||||||
|
Uuid(uuid::Error),
|
||||||
|
}
|
||||||
|
|
||||||
|
type KeyringResult<T> = Result<T, KeyringError>;
|
||||||
|
|
||||||
|
impl From<oo7::Error> for KeyringError {
|
||||||
|
fn from(value: oo7::Error) -> Self {
|
||||||
|
KeyringError::OO7(value)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl From<LibraryError> for KeyringError {
|
||||||
|
fn from(value: LibraryError) -> Self {
|
||||||
|
KeyringError::Libpaket(value)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl From<serde_json::Error> for KeyringError {
|
||||||
|
fn from(value: serde_json::Error) -> Self {
|
||||||
|
Self::SerdeJson(value)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl From<uuid::Error> for KeyringError {
|
||||||
|
fn from(value: uuid::Error) -> Self {
|
||||||
|
KeyringError::Uuid(value)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
pub async fn keyring_get_packstation() -> KeyringResult<Option<CustomerKeySeed>> {
|
||||||
let items = get_keyring()
|
let items = get_keyring()
|
||||||
.search_items(&get_keyring_attributes_packstation())
|
.search_items(&get_keyring_attributes_packstation())
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
todo!()
|
if let Some(item) = items.get(0) {
|
||||||
|
if item.is_locked().await? {
|
||||||
|
item.unlock().await?;
|
||||||
|
}
|
||||||
|
let data = item.secret().await.unwrap();
|
||||||
|
let data = serde_json::from_slice::<SecretBox<PackstationSecrets>>(data.as_slice())?;
|
||||||
|
let data = data.expose_secret();
|
||||||
|
|
||||||
|
let uuid = uuid::Uuid::from_str(data.uuid.as_str())?;
|
||||||
|
let seed = glib::base64_decode(&data.seed);
|
||||||
|
Ok(Some(CustomerKeySeed::from(
|
||||||
|
&data.postnumber,
|
||||||
|
seed,
|
||||||
|
&uuid,
|
||||||
|
data.device_id.clone(),
|
||||||
|
)))
|
||||||
|
} else {
|
||||||
|
Ok(None)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn keyring_set_packstation(value: String) -> oo7::Result<()> {
|
pub async fn keyring_set_packstation(data: &CustomerKeySeed) -> KeyringResult<()> {
|
||||||
get_keyring()
|
if data.device_id.is_none() {
|
||||||
|
return Ok(());
|
||||||
|
}
|
||||||
|
let seed = secrecy::SecretString::from(Into::<String>::into(glib::base64_encode(
|
||||||
|
data.seed.expose_secret().as_bytes(),
|
||||||
|
)));
|
||||||
|
let uuid = data.uuid.to_string();
|
||||||
|
let device_id = data.device_id.as_ref().unwrap().to_string();
|
||||||
|
|
||||||
|
let secret = SecretBox::new(Box::new(PackstationSecrets {
|
||||||
|
postnumber: data.postnumber.clone(),
|
||||||
|
seed: seed.expose_secret().to_string(),
|
||||||
|
uuid,
|
||||||
|
device_id,
|
||||||
|
}));
|
||||||
|
|
||||||
|
let string = secrecy::SecretString::from(serde_json::to_string_pretty(&secret)?);
|
||||||
|
|
||||||
|
Ok(get_keyring()
|
||||||
.create_item(
|
.create_item(
|
||||||
"Paket: Device keys",
|
"Paket: Device keys",
|
||||||
&get_keyring_attributes_refresh_token(),
|
&get_keyring_attributes_packstation(),
|
||||||
value,
|
string.expose_secret(),
|
||||||
true,
|
true,
|
||||||
)
|
)
|
||||||
.await
|
.await?)
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn keyring_is_available() -> bool {
|
pub fn keyring_is_available() -> bool {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue