Add SecretStorage.keys() as proposed API (microsoft#252804)

* Add `SecretStorage.keys()` as proposed API

* Make keys() optional; throw if used when unimplemented

* Handle another case where keys() may be unimplemented

Author: gjsjohnmurray

src/vs/code/browser/workbench/workbench.ts

@@ -276,6 +276,11 @@ export class LocalStorageSecretStorageProvider implements ISecretStorageProvider
 		this.save();
 	}
 
+	async keys(): Promise<string[]> {
+		const secrets = await this.secretsPromise;
+		return Object.keys(secrets) || [];
+	}
+
 	private async save(): Promise<void> {
 		try {
 			const encrypted = await this.crypto.seal(JSON.stringify(await this.secretsPromise));

src/vs/platform/extensions/common/extensionsApiProposals.ts

@@ -335,6 +335,9 @@ const _allApiProposals = {
 	scmValidation: {
 		proposal: 'https://raw.githubusercontent.com/microsoft/vscode/main/src/vscode-dts/vscode.proposed.scmValidation.d.ts',
 	},
+	secretStorageKeys: {
+		proposal: 'https://raw.githubusercontent.com/microsoft/vscode/main/src/vscode-dts/vscode.proposed.secretStorageKeys.d.ts',
+	},
 	shareProvider: {
 		proposal: 'https://raw.githubusercontent.com/microsoft/vscode/main/src/vscode-dts/vscode.proposed.shareProvider.d.ts',
 	},

src/vs/platform/secrets/common/secrets.ts

@@ -19,6 +19,7 @@ export interface ISecretStorageProvider {
 	get(key: string): Promise<string | undefined>;
 	set(key: string, value: string): Promise<void>;
 	delete(key: string): Promise<void>;
+	keys?(): Promise<string[]>;
 }
 
 export interface ISecretStorageService extends ISecretStorageProvider {
@@ -123,6 +124,16 @@ export class BaseSecretStorageService extends Disposable implements ISecretStora
 		});
 	}
 
+	keys(): Promise<string[]> {
+		return this._sequencer.queue('__keys__', async () => {
+			const storageService = await this.resolvedStorageService;
+			this._logService.trace('[secrets] fetching keys of all secrets');
+			const allKeys = storageService.keys(StorageScope.APPLICATION, StorageTarget.MACHINE);
+			this._logService.trace('[secrets] fetched keys of all secrets');
+			return allKeys.filter(key => key.startsWith(this._storagePrefix)).map(key => key.slice(this._storagePrefix.length));
+		});
+	}
+
 	private async initialize(): Promise<IStorageService> {
 		let storageService;
 		if (!this._useInMemoryStorage && await this._encryptionService.isEncryptionAvailable()) {

src/vs/platform/secrets/test/common/testSecretStorageService.ts

@@ -29,6 +29,10 @@ export class TestSecretStorageService implements ISecretStorageService {
 		this._onDidChangeSecretEmitter.fire(key);
 	}
 
+	async keys(): Promise<string[]> {
+		return Array.from(this._storage.keys());
+	}
+
 	// Helper method for tests to clear all secrets
 	clear(): void {
 		this._storage.clear();

src/vs/workbench/api/browser/mainThreadSecretState.ts

@@ -73,6 +73,24 @@ export class MainThreadSecretState extends Disposable implements MainThreadSecre
 		this.logService.trace('[mainThreadSecretState] Password deleted for: ', extensionId, key);
 	}
 
+	$getKeys(extensionId: string): Promise<string[]> {
+		this.logService.trace(`[mainThreadSecretState] Getting keys for ${extensionId} extension: `);
+		return this._sequencer.queue(extensionId, () => this.doGetKeys(extensionId));
+	}
+
+	private async doGetKeys(extensionId: string): Promise<string[]> {
+		if (!this.secretStorageService.keys) {
+			throw new Error('Secret storage service does not support keys() method');
+		}
+		const allKeys = await this.secretStorageService.keys();
+		const keys = allKeys
+			.map(key => this.parseKey(key))
+			.filter(({ extensionId: id }) => id === extensionId)
+			.map(({ key }) => key); // Return only my keys
+		this.logService.trace(`[mainThreadSecretState] Got ${keys.length}key(s) for: `, extensionId);
+		return keys;
+	}
+
 	private getKey(extensionId: string, key: string): string {
 		return JSON.stringify({ extensionId, key });
 	}

src/vs/workbench/api/common/extHost.protocol.ts

@@ -203,6 +203,7 @@ export interface MainThreadSecretStateShape extends IDisposable {
 	$getPassword(extensionId: string, key: string): Promise<string | undefined>;
 	$setPassword(extensionId: string, key: string, value: string): Promise<void>;
 	$deletePassword(extensionId: string, key: string): Promise<void>;
+	$getKeys(extensionId: string): Promise<string[]>;
 }
 
 export interface MainThreadConfigurationShape extends IDisposable {

src/vs/workbench/api/common/extHostSecretState.ts

@@ -32,6 +32,10 @@ export class ExtHostSecretState implements ExtHostSecretStateShape {
 	delete(extensionId: string, key: string): Promise<void> {
 		return this._proxy.$deletePassword(extensionId, key);
 	}
+
+	keys(extensionId: string): Promise<string[]> {
+		return this._proxy.$getKeys(extensionId);
+	}
 }
 
 export interface IExtHostSecretState extends ExtHostSecretState { }

src/vs/workbench/api/common/extHostSecrets.ts

@@ -11,16 +11,19 @@ import { ExtHostSecretState } from './extHostSecretState.js';
 import { ExtensionIdentifier, IExtensionDescription } from '../../../platform/extensions/common/extensions.js';
 import { Event } from '../../../base/common/event.js';
 import { DisposableStore } from '../../../base/common/lifecycle.js';
+import { checkProposedApiEnabled } from '../../services/extensions/common/extensions.js';
 
 export class ExtensionSecrets implements vscode.SecretStorage {
 
+	private readonly _extensionDescription: IExtensionDescription;
 	protected readonly _id: string;
 	readonly #secretState: ExtHostSecretState;
 
 	readonly onDidChange: Event<vscode.SecretStorageChangeEvent>;
 	readonly disposables = new DisposableStore();
 
 	constructor(extensionDescription: IExtensionDescription, secretState: ExtHostSecretState) {
+		this._extensionDescription = extensionDescription;
 		this._id = ExtensionIdentifier.toKey(extensionDescription.identifier);
 		this.#secretState = secretState;
 
@@ -46,4 +49,9 @@ export class ExtensionSecrets implements vscode.SecretStorage {
 	delete(key: string): Promise<void> {
 		return this.#secretState.delete(this._id, key);
 	}
+
+	keys(): Promise<string[]> {
+		checkProposedApiEnabled(this._extensionDescription, 'secretStorageKeys');
+		return this.#secretState.keys(this._id) || [];
+	}
 }

src/vs/workbench/services/secrets/browser/secretStorageService.ts

@@ -69,6 +69,18 @@ export class BrowserSecretStorageService extends BaseSecretStorageService {
 
 		return super.type;
 	}
+
+	override keys(): Promise<string[]> {
+		if (this._secretStorageProvider) {
+			if (!this._secretStorageProvider.keys) {
+				throw new Error('Secret storage provider does not support keys() method');
+			}
+			return this._secretStorageProvider!.keys();
+		}
+
+		return super.keys();
+
+	}
 }
 
 registerSingleton(ISecretStorageService, BrowserSecretStorageService, InstantiationType.Delayed);

src/vscode-dts/vscode.proposed.secretStorageKeys.d.ts

@@ -0,0 +1,16 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the MIT License. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+
+declare module 'vscode' {
+
+	// https://github.com/microsoft/vscode/issues/196616
+
+	export interface SecretStorage {
+		/**
+		 * Retrieve the keys of all the secrets stored by this extension.
+		 */
+		keys(): Thenable<string[] | undefined>;
+	}
+}