Merge pull request #1 from plumber-cd/init

Init

Author: dee-kryvenko

.github/workflows/release.yml

@@ -0,0 +1,22 @@
+on:
+  push:
+    tags:
+      - "v*"
+
+name: Create Release
+
+jobs:
+  release:
+    name: Draft Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+      - name: Release
+        uses: docker://antonyurchenko/git-release:v4
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          DRAFT_RELEASE: "true"
+          PRE_RELEASE: "false"
+          CHANGELOG_FILE: "CHANGELOG.md"
+          ALLOW_EMPTY_CHANGELOG: "false"

CHANGELOG.md

@@ -0,0 +1,14 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [0.0.1] - 2022-05-22
+
+### Added
+
+- Initial release

README.md

@@ -1,2 +1,70 @@
 # go-credentials
 Cross Platform Go Credentials Provider
+
+This simple library provides common interface for working with credentials.
+
+By default it uses the following interfaces:
+
+- MacOS: https://github.com/keybase/go-keychain
+- Linux: https://github.com/keybase/dbus
+- Windows: https://github.com/danieljoos/wincred
+
+You can substitute it with your own interface per platform.
+
+# Example
+
+```go
+package main
+
+import (
+    "fmt"
+
+    "github.com/plumber-cd/go-credentials"
+)
+
+func main() {
+    domain := &credentials.Domain{
+        Service:     "My App Name",
+        AccessGroup: "github.com/plumber-cd/go-credentials", // Define some unique for your app instance value
+    }
+
+    if err := credentials.SetDomain(domain); err != nil {
+        panic(err)
+    }
+
+    if err := err = credentials.Create("http://example.com", "<name/username/title/display name>", "password"); err != nil {
+        panic(err)
+    }
+    
+    name, secret, err := credentials.Retrieve("http://example.com")
+    if err != nil {
+        panic(err)
+    }
+    fmt.Printf("Name: %s\n", name)
+    fmt.Printf("Secret: %s\n", secret)
+
+    if err := credentials.Update("http://example.com", "new title", "new password"); err != nil {
+        panic(err)
+    }
+
+    if err := credentials.Delete("http://example.com"); err {
+        panic(err)
+    }
+}
+```
+
+# Custom provider
+
+You need to create new `struct` than implements `credentials.Provider` interface. Somewhere in your app, you then will need to:
+
+```go
+package main
+
+import "github.com/plumber-cd/go-credentials"
+
+func init() {
+    credentials.Current = &MyCustomProvider{}
+}
+```
+
+That's it. All other code that is using this same library - will now use your custom provider instead of default.

credentials.go

@@ -0,0 +1,96 @@
+package credentials
+
+// Domain is the configuration for provider.
+// It is used to avoid collisions with other applications.
+type Domain struct {
+	// Service is a display name or a title for your credentials.
+	Service string
+
+	// AccessGroup is a label on your credentials.
+	// Some provider implementations will allow you to have multiple credentials for the same URL and Service while they have different Group.
+	AccessGroup string
+}
+
+// Provider interface is the main CRUD interface for your credentials.
+type Provider interface {
+	// This has to be called only once per provider instance.
+	SetDomain(domain *Domain)
+
+	// Returns true if provider is ready to be used.
+	IsConfigured() bool
+
+	// Create creates a new secret. URL is the ultimate key for it.
+	Create(url, name, secret string) error
+
+	// Retrieve returns credentials entry by URL.
+	Retrieve(url string) (name, secret string, err error)
+
+	// Update finds existing credentials for URL and updates name and secret on it.
+	Update(url, name, secret string) error
+
+	// Delete credentials for this URL.
+	Delete(url string) error
+
+	// This function should convert downstream libraries errors to common error interfaces.
+	ErrorWrap(url string, err error) error
+}
+
+var (
+	Current Provider
+)
+
+func SetDomain(domain *Domain) error {
+	if Current == nil {
+		return ErrProviderUndefined
+	}
+	Current.SetDomain(domain)
+	return nil
+}
+
+func IsDefined() bool {
+	return Current != nil
+}
+
+func IsConfigured() bool {
+	return IsDefined() && Current.IsConfigured()
+}
+
+func Create(name, url, secret string) error {
+	if !IsDefined() {
+		return ErrProviderUndefined
+	}
+	if !IsConfigured() {
+		return ErrNotConfigured
+	}
+	return Current.Create(name, url, secret)
+}
+
+func Retrieve(url string) (name, secret string, err error) {
+	if !IsDefined() {
+		return "", "", ErrProviderUndefined
+	}
+	if !IsConfigured() {
+		return "", "", ErrNotConfigured
+	}
+	return Current.Retrieve(url)
+}
+
+func Update(name, url, secret string) error {
+	if !IsDefined() {
+		return ErrProviderUndefined
+	}
+	if !IsConfigured() {
+		return ErrNotConfigured
+	}
+	return Current.Update(name, url, secret)
+}
+
+func Delete(url string) error {
+	if !IsDefined() {
+		return ErrProviderUndefined
+	}
+	if !IsConfigured() {
+		return ErrNotConfigured
+	}
+	return Current.Delete(url)
+}

credentials_darwin.go

@@ -0,0 +1,112 @@
+//go:build darwin
+// +build darwin
+
+package credentials
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/keybase/go-keychain"
+)
+
+func init() {
+	Current = &DarwinProvider{}
+}
+
+type DarwinProvider struct {
+	domain *Domain
+}
+
+func (p *DarwinProvider) ErrorWrap(url string, err error) error {
+	if err == nil {
+		return nil
+	}
+	if errors.Is(err, keychain.ErrorDuplicateItem) {
+		return fmt.Errorf("%w: %s: %v", ErrDuplicate, url, err)
+	}
+	if errors.Is(err, keychain.ErrorItemNotFound) {
+		return fmt.Errorf("%w: %s: %v", ErrNotFound, url, err)
+	}
+	return fmt.Errorf("%w: %s", err, url)
+}
+
+func (p *DarwinProvider) SetDomain(domain *Domain) {
+	p.domain = domain
+}
+
+func (p *DarwinProvider) IsConfigured() bool {
+	return p.domain != nil
+}
+
+func (p *DarwinProvider) NewCreateItem(url, name, secret string) keychain.Item {
+	item := keychain.NewItem()
+	item.SetSecClass(keychain.SecClassGenericPassword)
+	item.SetService(p.domain.Service)
+	item.SetAccessGroup(p.domain.AccessGroup)
+	item.SetAccount(url)
+	item.SetLabel(name)
+	item.SetData([]byte(secret))
+	item.SetSynchronizable(keychain.SynchronizableNo)
+	item.SetAccessible(keychain.AccessibleWhenUnlocked)
+	return item
+}
+
+func (p *DarwinProvider) Create(url, name, secret string) error {
+	item := p.NewCreateItem(url, name, secret)
+	err := keychain.AddItem(item)
+	return p.ErrorWrap(url, err)
+}
+
+func (p *DarwinProvider) NewRetrieveItem(url string) keychain.Item {
+	item := keychain.NewItem()
+	item.SetSecClass(keychain.SecClassGenericPassword)
+	item.SetService(p.domain.Service)
+	item.SetAccessGroup(p.domain.AccessGroup)
+	item.SetAccount(url)
+	item.SetMatchLimit(keychain.MatchLimitOne)
+	item.SetReturnAttributes(true)
+	item.SetReturnData(true)
+	return item
+}
+
+func (p *DarwinProvider) QueryItem(query keychain.Item) (keychain.QueryResult, error) {
+	secret, err := keychain.QueryItem(query)
+	if err != nil {
+		return keychain.QueryResult{}, err
+	} else if len(secret) < 1 {
+		return keychain.QueryResult{}, keychain.ErrorItemNotFound
+	} else if len(secret) > 1 {
+		return keychain.QueryResult{}, keychain.ErrorDuplicateItem
+	}
+	return secret[0], nil
+}
+
+func (p *DarwinProvider) Retrieve(url string) (string, string, error) {
+	query := p.NewRetrieveItem(url)
+	secret, err := p.QueryItem(query)
+	if err != nil {
+		return "", "", p.ErrorWrap(url, err)
+	}
+	return secret.Label, string(secret.Data), nil
+}
+
+func (p *DarwinProvider) Update(url, name, secret string) error {
+	oldItem := p.NewDeleteItem(url)
+	newItem := p.NewCreateItem(url, name, secret)
+	return p.ErrorWrap(url, keychain.UpdateItem(oldItem, newItem))
+}
+
+func (p *DarwinProvider) NewDeleteItem(url string) keychain.Item {
+	item := keychain.NewItem()
+	item.SetSecClass(keychain.SecClassGenericPassword)
+	item.SetService(p.domain.Service)
+	item.SetAccessGroup(p.domain.AccessGroup)
+	item.SetAccount(url)
+	return item
+}
+
+func (p *DarwinProvider) Delete(url string) error {
+	item := p.NewDeleteItem(url)
+	return p.ErrorWrap(url, keychain.DeleteItem(item))
+}