Documentation
¶
Overview ¶
Package credentials provides a secure storage and management system for user credentials. The service uses the "go-keyring" library to interact with the system's native keyring service.
This package is not thread safe! Manipulation of credentials from multiple threads can result in data loss. A distributed write lock is required to ensure threads do not overwrite the credential store.
Support for breaking changes to the Credentials schema is supported via version system. The current implementation supports a single version (Version 0), but is designed to be extendable to future versions. For example, adding a new field to Credential.
Migration instructions: - Modify the current version to retain the current Credential structure (i.e., copy the struct of Credential to CredentialV0) - Modify Credential to include required changes. - Create a new version (e.g., CredentialV1) and assign Credential to it (.e.g, CredentialV1 = Credential) - Increment CurrentVersion to match the new version (e.g., CredentialVersion = 1) - Add a case statement for the new version to ToCredential. - Modify the existing ToCredential implementation to accommodate changes to Credential.
Key components include: - Credential: The main structure representing a single credential. - CredentialRecord: A structure for storing credential data along with its version for future compatibility. - CredentialsService: A service that provides methods for managing credentials.
Author: Posit Software, PBC Copyright (C) 2024 by Posit Software, PBC.
Index ¶
Constants ¶
const CurrentVersion = 0
const ServiceName = "Posit Publisher Safe Storage"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CorruptedError ¶
type CorruptedError struct {
GUID string
}
func (*CorruptedError) Error ¶
func (e *CorruptedError) Error() string
type Credential ¶
type CredentialRecord ¶
type CredentialRecord struct {
GUID string `json:"guid"`
Version uint `json:"version"`
Data json.RawMessage `json:"data"`
}
func (*CredentialRecord) ToCredential ¶
func (cr *CredentialRecord) ToCredential() (*Credential, error)
ToCredential converts a CredentialRecord to a Credential based on its version.
type CredentialTable ¶
type CredentialTable = map[string]CredentialRecord
type CredentialV0 ¶
type CredentialV0 = Credential
type CredentialsService ¶
type CredentialsService struct{}
func (*CredentialsService) Delete ¶
func (cs *CredentialsService) Delete(guid string) error
Delete removes a Credential by its guid. If lookup by guid fails, a NotFoundError is returned.
func (*CredentialsService) Get ¶
func (cs *CredentialsService) Get(guid string) (*Credential, error)
Get retrieves a Credential by its guid.
func (*CredentialsService) List ¶
func (cs *CredentialsService) List() ([]Credential, error)
List retrieves all Credentials
func (*CredentialsService) Set ¶
func (cs *CredentialsService) Set(name string, url string, ak string) (*Credential, error)
Set creates a Credential. A guid is assigned to the Credential using the UUIDv4 specification.
type KeyringService ¶
func (*KeyringService) Delete ¶
func (ks *KeyringService) Delete(service, user string) error
func (*KeyringService) Set ¶
func (ks *KeyringService) Set(service, user, password string) error
type NotFoundError ¶
type NotFoundError struct {
GUID string
}
func (*NotFoundError) Error ¶
func (e *NotFoundError) Error() string
type URLCollisionError ¶
type URLCollisionError struct {
URL string
}
URL is used by another credential
func (*URLCollisionError) Error ¶
func (e *URLCollisionError) Error() string
type VersionError ¶
type VersionError struct {
Version uint
}
func (*VersionError) Error ¶
func (e *VersionError) Error() string
Source Files