func (k KeychainSecretStore) ClearSecret(accountName NormalizedUsername) error {
query := keychain.NewGenericPassword(k.serviceName(), string(accountName), "", nil, "")
query.SetMatchLimit(keychain.MatchLimitAll)
err := keychain.DeleteItem(query)
if err == keychain.ErrorItemNotFound {
return nil
}
return err
}
func (k KeychainSecretStore) StoreSecret(secret []byte) (err error) {
// GetStoredSecretAccessGroup MUST be "" for the simulator
item := keychain.NewGenericPassword(G.Env.GetStoredSecretServiceName(), k.accountName, "", secret, G.Env.GetStoredSecretAccessGroup())
item.SetSynchronizable(keychain.SynchronizableNo)
item.SetAccessible(keychain.AccessibleWhenUnlockedThisDeviceOnly)
keychain.DeleteItem(item)
return keychain.AddItem(item)
}
func (k KeychainSecretStore) StoreSecret(accountName NormalizedUsername, secret []byte) (err error) {
// Base64 encode to make it easy to work with Keychain Access (since we are using a password item and secret is not utf-8)
encodedSecret := base64.StdEncoding.EncodeToString(secret)
item := keychain.NewGenericPassword(k.serviceName(), string(accountName), "", []byte(encodedSecret), k.accessGroup())
item.SetSynchronizable(k.synchronizable())
item.SetAccessible(k.accessible())
keychain.DeleteItem(item)
return keychain.AddItem(item)
}
func (k KeychainSecretStore) ClearSecret() (err error) {
query := keychain.NewGenericPassword(G.Env.GetStoredSecretServiceName(), k.accountName, "", nil, "")
query.SetMatchLimit(keychain.MatchLimitAll)
return keychain.DeleteItem(query)
}