keychain

package
v0.1.10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 12, 2026 License: MIT Imports: 5 Imported by: 0

Documentation

Overview

Package keychain provides cross-platform secure credential storage.

This package provides a unified interface for storing and retrieving sensitive credentials (tokens, API keys) using OS-level secure storage:

  • macOS: Keychain Services
  • Linux: Secret Service (libsecret)
  • Windows: Credential Manager (via Windows Credential API)

Features:

  • Store access tokens securely
  • Store refresh tokens securely
  • Store API keys and other credentials
  • Retrieve credentials with error handling
  • Delete credentials on logout
  • Cross-platform unified API

The package automatically detects the operating system and uses the appropriate backend. All storage is encrypted by the OS.

Example usage: 

import "github.com/AINative-studio/ainative-code/internal/auth/keychain"

// Get the platform-specific keychain
kc := keychain.Get()

// Store tokens
err := kc.SetAccessToken("my-access-token")
if err != nil {
    log.Fatal(err)
}

// Retrieve tokens
token, err := kc.GetAccessToken()
if err != nil {
    log.Fatal(err)
}

// Delete all credentials
err = kc.DeleteAll()

Index

Constants

View Source 
const (
	// ServiceName is the identifier for this application in the keychain
	ServiceName = "ainative-code"

	// AccessTokenKey is the key for storing access tokens
	AccessTokenKey = "access_token"

	// RefreshTokenKey is the key for storing refresh tokens
	RefreshTokenKey = "refresh_token"

	// TokenPairKey is the key for storing the complete token pair
	TokenPairKey = "token_pair"

	// APIKeyKey is the key for storing API keys
	APIKeyKey = "api_key"

	// UserEmailKey is the key for storing user email
	UserEmailKey = "user_email"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Keychain 

type Keychain interface {
	// SetAccessToken stores an access token
	SetAccessToken(token string) error

	// GetAccessToken retrieves the access token
	GetAccessToken() (string, error)

	// SetRefreshToken stores a refresh token
	SetRefreshToken(token string) error

	// GetRefreshToken retrieves the refresh token
	GetRefreshToken() (string, error)

	// SetTokenPair stores both access and refresh tokens
	SetTokenPair(tokens *jwt.TokenPair) error

	// GetTokenPair retrieves both access and refresh tokens
	GetTokenPair() (*jwt.TokenPair, error)

	// SetAPIKey stores an API key
	SetAPIKey(key string) error

	// GetAPIKey retrieves the API key
	GetAPIKey() (string, error)

	// SetUserEmail stores the user's email
	SetUserEmail(email string) error

	// GetUserEmail retrieves the user's email
	GetUserEmail() (string, error)

	// Delete removes a specific key
	Delete(key string) error

	// DeleteAll removes all stored credentials
	DeleteAll() error

	// Exists checks if a key exists
	Exists(key string) bool
}

Keychain provides secure credential storage using OS-level services.

func Get 

func Get() Keychain

Get returns the platform-specific keychain instance.

func New 

func New(config keyring.Config) (Keychain, error)

New creates a new keychain instance with custom configuration.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.