forked from Silverfish/proton-bridge
106 lines
2.9 KiB
Go
106 lines
2.9 KiB
Go
// Copyright (c) 2023 Proton AG
|
|
//
|
|
// This file is part of Proton Mail Bridge.
|
|
//
|
|
// Proton Mail Bridge is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// Proton Mail Bridge is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with Proton Mail Bridge. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
package keychain
|
|
|
|
import (
|
|
"reflect"
|
|
|
|
"github.com/docker/docker-credential-helpers/credentials"
|
|
"github.com/docker/docker-credential-helpers/pass"
|
|
"github.com/docker/docker-credential-helpers/secretservice"
|
|
"github.com/sirupsen/logrus"
|
|
"golang.org/x/sys/execabs"
|
|
)
|
|
|
|
const (
|
|
Pass = "pass-app"
|
|
SecretService = "secret-service"
|
|
SecretServiceDBus = "secret-service-dbus"
|
|
)
|
|
|
|
func init() { //nolint:gochecknoinits
|
|
Helpers = make(map[string]helperConstructor)
|
|
|
|
if isUsable(newDBusHelper("")) {
|
|
Helpers[SecretServiceDBus] = newDBusHelper
|
|
}
|
|
|
|
if _, err := execabs.LookPath("gnome-keyring"); err == nil && isUsable(newSecretServiceHelper("")) {
|
|
Helpers[SecretService] = newSecretServiceHelper
|
|
}
|
|
|
|
if _, err := execabs.LookPath("pass"); err == nil && isUsable(newPassHelper("")) {
|
|
Helpers[Pass] = newPassHelper
|
|
}
|
|
|
|
defaultHelper = SecretServiceDBus
|
|
|
|
// If Pass is available, use it by default.
|
|
// Otherwise, if SecretService is available, use it by default.
|
|
if _, ok := Helpers[Pass]; ok {
|
|
defaultHelper = Pass
|
|
} else if _, ok := Helpers[SecretService]; ok {
|
|
defaultHelper = SecretService
|
|
}
|
|
}
|
|
|
|
func newDBusHelper(string) (credentials.Helper, error) {
|
|
return &SecretServiceDBusHelper{}, nil
|
|
}
|
|
|
|
func newPassHelper(string) (credentials.Helper, error) {
|
|
return &pass.Pass{}, nil
|
|
}
|
|
|
|
func newSecretServiceHelper(string) (credentials.Helper, error) {
|
|
return &secretservice.Secretservice{}, nil
|
|
}
|
|
|
|
// isUsable returns whether the credentials helper is usable.
|
|
func isUsable(helper credentials.Helper, err error) bool {
|
|
l := logrus.WithField("helper", reflect.TypeOf(helper))
|
|
|
|
if err != nil {
|
|
l.WithError(err).Warn("Keychain helper couldn't be created")
|
|
return false
|
|
}
|
|
|
|
creds := &credentials.Credentials{
|
|
ServerURL: "bridge/check",
|
|
Username: "check",
|
|
Secret: "check",
|
|
}
|
|
|
|
if err := helper.Add(creds); err != nil {
|
|
l.WithError(err).Warn("Failed to add test credentials to keychain")
|
|
return false
|
|
}
|
|
|
|
if _, _, err := helper.Get(creds.ServerURL); err != nil {
|
|
l.WithError(err).Warn("Failed to get test credentials from keychain")
|
|
return false
|
|
}
|
|
|
|
if err := helper.Delete(creds.ServerURL); err != nil {
|
|
l.WithError(err).Warn("Failed to delete test credentials from keychain")
|
|
return false
|
|
}
|
|
|
|
return true
|
|
}
|