vikunja/veans/internal/credentials/store.go

101 lines
3.1 KiB
Go

// Vikunja is a to-do list application to facilitate your life.
// Copyright 2018-present Vikunja and contributors. All rights reserved.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.
// Package credentials handles bot-token storage with a keychain → env → file
// fallback chain. The store is keyed by (server, account); `account` is the
// bot's username — the human's token is never persisted.
package credentials
import (
"errors"
"fmt"
)
// ErrNotFound is returned when no backend has the requested credential.
var ErrNotFound = errors.New("credential not found")
// Store is the read/write contract every backend implements.
type Store interface {
Get(server, account string) (string, error)
Set(server, account, token string) error
// Name is used in error messages.
Name() string
}
// Chain queries each backend in order on Get; writes go to the first writable
// backend. Env (read-only) is skipped on writes. The order is keychain →
// env → file, matching the plan.
type Chain struct {
Backends []Store
}
func (c *Chain) Name() string { return "chain" }
// Get returns the first non-NotFound result from any backend.
func (c *Chain) Get(server, account string) (string, error) {
var lastErr error
for _, b := range c.Backends {
tok, err := b.Get(server, account)
if err == nil {
return tok, nil
}
if !errors.Is(err, ErrNotFound) {
lastErr = fmt.Errorf("%s: %w", b.Name(), err)
}
}
if lastErr != nil {
return "", lastErr
}
return "", ErrNotFound
}
// Set writes to the first backend that accepts a write. Env is read-only.
// Backends that error out (e.g. keyring on a host with no dbus) are skipped
// transparently, falling through to the next — the file backend is the
// reliable last-resort. Only if every writable backend fails do we surface
// the last error.
func (c *Chain) Set(server, account, token string) error {
var lastErr error
for _, b := range c.Backends {
if _, ok := b.(*EnvBackend); ok {
continue
}
if err := b.Set(server, account, token); err == nil {
return nil
} else if !errors.Is(err, errReadOnly) {
lastErr = fmt.Errorf("%s: %w", b.Name(), err)
}
}
if lastErr != nil {
return lastErr
}
return errors.New("no writable backend available")
}
// errReadOnly is sentinel for backends that refuse writes (env).
var errReadOnly = errors.New("read-only backend")
// Default builds the standard keychain → env → file chain.
func Default() *Chain {
return &Chain{
Backends: []Store{
NewKeyringBackend(),
NewEnvBackend(),
NewFileBackend(""),
},
}
}