macOS storage accessor (#18)

Author: chlowell

extensions/cache/accessor/darwin.go

@@ -0,0 +1,72 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License. See LICENSE in the project root for license information.
+
+//go:build darwin && cgo
+// +build darwin,cgo
+
+package accessor
+
+import (
+	"context"
+	"errors"
+
+	"github.com/keybase/go-keychain"
+)
+
+type option func(*Storage) error
+
+// WithAccount sets an optional account name for the keychain item holding cached data.
+func WithAccount(name string) option {
+	return func(s *Storage) error {
+		s.account = name
+		return nil
+	}
+}
+
+// Storage stores data as a password on the macOS keychain. The keychain must be unlocked before Storage can read
+// or write data. macOS may not allow keychain access from a headless environment such as an SSH session.
+type Storage struct {
+	account, service string
+}
+
+// New is the constructor for Storage. "servName" is the service name for the keychain item holding cached data.
+func New(servName string, opts ...option) (*Storage, error) {
+	if servName == "" {
+		return nil, errors.New("servName can't be empty")
+	}
+	s := Storage{service: servName}
+	for _, o := range opts {
+		if err := o(&s); err != nil {
+			return nil, err
+		}
+	}
+	return &s, nil
+}
+
+// Read returns data stored on the keychain or, if the keychain item doesn't exist, a nil slice and nil error.
+func (s *Storage) Read(context.Context) ([]byte, error) {
+	data, err := keychain.GetGenericPassword(s.service, s.account, "", "")
+	if err != nil {
+		return nil, err
+	}
+	return data, nil
+}
+
+// Write stores data on the keychain.
+func (s *Storage) Write(_ context.Context, data []byte) error {
+	pw, err := keychain.GetGenericPassword(s.service, s.account, "", "")
+	if err != nil {
+		return err
+	}
+	item := keychain.NewGenericPassword(s.service, s.account, "", nil, "")
+	if pw == nil {
+		// password not found: add it to the keychain
+		item.SetData(data)
+		err = keychain.AddItem(item)
+	} else {
+		// password found: update its value
+		update := keychain.NewGenericPassword(s.service, s.account, "", data, "")
+		err = keychain.UpdateItem(item, update)
+	}
+	return err
+}

extensions/cache/accessor/darwin_test.go

@@ -0,0 +1,27 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License. See LICENSE in the project root for license information.
+
+//go:build darwin && cgo
+// +build darwin,cgo
+
+package accessor
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func TestWithAccount(t *testing.T) {
+	account := "account"
+	a, err := New(t.Name(), WithAccount(account))
+	require.NoError(t, err)
+
+	expected := []byte("expected")
+	err = a.Write(ctx, expected)
+	require.NoError(t, err)
+
+	actual, err := a.Read(ctx)
+	require.NoError(t, err)
+	require.Equal(t, expected, actual)
+}

extensions/cache/accessor/storage_test.go

@@ -1,8 +1,8 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License. See LICENSE in the project root for license information.
 
-//go:build (linux && cgo) || windows
-// +build linux,cgo windows
+//go:build (darwin && cgo) || (linux && cgo) || windows
+// +build darwin,cgo linux,cgo windows
 
 package accessor
 

go.mod

@@ -4,6 +4,7 @@ go 1.18
 
 require (
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0
+	github.com/keybase/go-keychain v0.0.0-20230523030712-b5615109f100
 	github.com/stretchr/testify v1.8.2
 	golang.org/x/sys v0.8.0
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c

go.sum

@@ -7,6 +7,8 @@ github.com/golang-jwt/jwt/v4 v4.4.3 h1:Hxl6lhQFj4AnOX6MLrsCb/+7tCj7DxP7VA+2rDIq5
 github.com/golang-jwt/jwt/v4 v4.4.3/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/keybase/go-keychain v0.0.0-20230523030712-b5615109f100 h1:rG3VnJUnAWyiv7qYmmdOdSapzz6HM+zb9/uRFr0T5EM=
+github.com/keybase/go-keychain v0.0.0-20230523030712-b5615109f100/go.mod h1:qDHUvIjGZJUtdPtuP4WMu5/U4aVWbFw1MhlkJqCGmCQ=
 github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
 github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=