musicus/src/backend/secure.rs

use crate::backend::{LoginData, Result};
use futures_channel::oneshot;
use secret_service::{Collection, EncryptionType, SecretService};
use std::collections::HashMap;
use std::thread;

/// Savely store the user's current login credentials.
pub async fn store_login_data(data: LoginData) -> Result<()> {
    let (sender, receiver) = oneshot::channel();
    thread::spawn(move || sender.send(store_login_data_priv(data)).unwrap());
    receiver.await?
}

/// Savely store the user's current login credentials.
fn store_login_data_priv(data: LoginData) -> Result<()> {
    let ss = SecretService::new(EncryptionType::Dh)?;
    let collection = get_collection(&ss)?;

    let key = "musicus-login-data";
    delete_secrets(&collection, key)?;

    let mut attributes = HashMap::new();
    attributes.insert("username", data.username.as_str());
    collection.create_item(key, attributes, data.password.as_bytes(), true, "text/plain")?;

    Ok(())
}

/// Get the login credentials from secret storage.
pub fn load_login_data() -> Result<Option<LoginData>> {
    let ss = SecretService::new(EncryptionType::Dh)?;
    let collection = get_collection(&ss)?;

    let items = collection.get_all_items()?;

    let key = "musicus-login-data";
    let item = items.iter().find(|item| item.get_label().unwrap_or_default() == key);

    Ok(match item {
        Some(item) => {
            // TODO: Delete the item when malformed.
            let username = item.get_attributes()?.get("username").unwrap().to_owned();
            let password = std::str::from_utf8(&item.get_secret()?)?.to_owned();

            Some(LoginData { username, password })
        }
        None => None,
    })
}

/// Delete all stored secrets for the provided key.
fn delete_secrets(collection: &Collection, key: &str) -> Result<()> {
    let items = collection.get_all_items()?;

    for item in items {
        if item.get_label().unwrap_or_default() == key {
            item.delete()?;
        }
    }

    Ok(())
}

/// Get the default SecretService collection and unlock it.
fn get_collection<'a>(ss: &'a SecretService) -> Result<Collection<'a>> {
    let collection = ss.get_default_collection()?;
    collection.unlock()?;

    Ok(collection)
}
Add custom error type for the backend 2021-02-04 16:31:37 +01:00			`use crate::backend::{LoginData, Result};`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00			`use futures_channel::oneshot;`
			`use secret_service::{Collection, EncryptionType, SecretService};`
Port to secret_service 2.0 2021-02-04 16:14:42 +01:00			`use std::collections::HashMap;`
			`use std::thread;`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00
			`/// Savely store the user's current login credentials.`
			`pub async fn store_login_data(data: LoginData) -> Result<()> {`
Port to secret_service 2.0 2021-02-04 16:14:42 +01:00			`let (sender, receiver) = oneshot::channel();`
			`thread::spawn(move \|\| sender.send(store_login_data_priv(data)).unwrap());`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00			`receiver.await?`
			`}`

			`/// Savely store the user's current login credentials.`
			`fn store_login_data_priv(data: LoginData) -> Result<()> {`
Port to secret_service 2.0 2021-02-04 16:14:42 +01:00			`let ss = SecretService::new(EncryptionType::Dh)?;`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00			`let collection = get_collection(&ss)?;`

			`let key = "musicus-login-data";`
			`delete_secrets(&collection, key)?;`

Port to secret_service 2.0 2021-02-04 16:14:42 +01:00			`let mut attributes = HashMap::new();`
			`attributes.insert("username", data.username.as_str());`
			`collection.create_item(key, attributes, data.password.as_bytes(), true, "text/plain")?;`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00
			`Ok(())`
			`}`

			`/// Get the login credentials from secret storage.`
			`pub fn load_login_data() -> Result<Option<LoginData>> {`
Port to secret_service 2.0 2021-02-04 16:14:42 +01:00			`let ss = SecretService::new(EncryptionType::Dh)?;`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00			`let collection = get_collection(&ss)?;`

Port to secret_service 2.0 2021-02-04 16:14:42 +01:00			`let items = collection.get_all_items()?;`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00
			`let key = "musicus-login-data";`
Port to secret_service 2.0 2021-02-04 16:14:42 +01:00			`let item = items.iter().find(\|item\| item.get_label().unwrap_or_default() == key);`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00
			`Ok(match item {`
			`Some(item) => {`
Port to secret_service 2.0 2021-02-04 16:14:42 +01:00			`// TODO: Delete the item when malformed.`
			`let username = item.get_attributes()?.get("username").unwrap().to_owned();`
			`let password = std::str::from_utf8(&item.get_secret()?)?.to_owned();`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00
			`Some(LoginData { username, password })`
			`}`
			`None => None,`
			`})`
			`}`

			`/// Delete all stored secrets for the provided key.`
			`fn delete_secrets(collection: &Collection, key: &str) -> Result<()> {`
Port to secret_service 2.0 2021-02-04 16:14:42 +01:00			`let items = collection.get_all_items()?;`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00
			`for item in items {`
			`if item.get_label().unwrap_or_default() == key {`
Port to secret_service 2.0 2021-02-04 16:14:42 +01:00			`item.delete()?;`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00			`}`
			`}`

			`Ok(())`
			`}`

			`/// Get the default SecretService collection and unlock it.`
Port to secret_service 2.0 2021-02-04 16:14:42 +01:00			`fn get_collection<'a>(ss: &'a SecretService) -> Result<Collection<'a>> {`
			`let collection = ss.get_default_collection()?;`
			`collection.unlock()?;`
Add HTTP client and login support 2020-11-14 22:32:21 +01:00
			`Ok(collection)`
			`}`