replaced keytar with vscode API (#197)

Author: marcellourbani

CHANGELOG.md

@@ -1,6 +1,12 @@
 # Change Log
 
-## [1.6.9] 2023-09-i7
+## [1.6.10] 2023-10-10
+
+### Fixed
+
+- replaced keytar with vscode secure storage
+
+## [1.6.9] 2023-09-17
 
 ### Added
 

client/src/config.ts

@@ -177,7 +177,7 @@ export class RemoteManager {
   private vault: PasswordVault
 
   private constructor() {
-    this.vault = new PasswordVault()
+    this.vault = PasswordVault.get()
     workspace.onDidChangeConfiguration(this.configChanged, this)
   }
   private configChanged({ affectsConfiguration }: ConfigurationChangeEvent) {
@@ -285,11 +285,12 @@ export class RemoteManager {
     return result
   }
 
-  public clearPassword(connectionId: string, userName: string) {
-    return this.vault.deletePassword(
+  public async clearPassword(connectionId: string, userName: string) {
+    await this.vault.deletePassword(
       `vscode.abapfs.${formatKey(connectionId)}`,
       userName
     )
+    return true
   }
 
   public async getPassword(connectionId: string, userName: string) {

client/src/extension.ts

@@ -16,7 +16,7 @@ import {
   documentWillSave,
   restoreLocks
 } from "./listeners"
-import { log } from "./lib"
+import { PasswordVault, log } from "./lib"
 import { LanguageCommands } from "./langClient"
 import { registerRevisionModel, AbapRevisionLens } from "./scm/abaprevisions"
 import { ClassHierarchyLensProvider } from "./adt/classhierarchy"
@@ -39,6 +39,7 @@ export async function activate(ctx: ExtensionContext): Promise<AbapFsApi> {
   context = ctx
   const startTime = new Date().getTime()
   log("activating ABAPfs...")
+  new PasswordVault(ctx)
   loadTokens()
   clearTokens()
   const sub = context.subscriptions

client/src/lib/externalmodules.ts

@@ -1,49 +1,26 @@
-// keytar depends on a native module shipped in vscode
-// this loads only the type definitions
-import * as keytarType from "./keytar"
-import * as winRegistryType from "vscode-windows-registry";
-
-// get the module from vscode. This is not an official API, might break at some point
-// this is required because keytar includes a binary we can't include
-// see https://github.com/microsoft/vscode/issues/68738
-function getCodeModule<T>(moduleName: string): T | undefined {
-  // adapted from https://github.com/Microsoft/vscode-pull-request-github/blob/master/src/authentication/keychain.ts
-  // I guess we use eval to load the embedded module at runtime
-  // rather than allowing webpack to bundle it
-  // tslint:disable-next-line: no-eval
-  const vscodeRequire = eval("require")
-  try {
-    return vscodeRequire(moduleName)
-  } catch (err) {
-    return undefined
-  }
-}
-
-let keytar: typeof keytarType | undefined
-const keytarErr = () => new Error("Error accessing system secure store")
-
+import { ExtensionContext } from "vscode"
 export class PasswordVault {
-  constructor() {
-    if (!keytar) keytar = getCodeModule<typeof keytarType>("keytar")
+  private static instance: PasswordVault
+  constructor(private context: ExtensionContext) {
+    PasswordVault.instance = this
   }
 
   getPassword(service: string, account: string) {
-    if (!keytar) throw keytarErr()
-    return keytar.getPassword(service, account)
+    return this.context.secrets.get(`${service}:${account}`)
   }
 
   setPassword(service: string, account: string, password: string) {
-    if (!keytar) throw keytarErr()
-    return keytar.setPassword(service, account, password)
+    return this.context.secrets.store(`${service}:${account}`, password)
   }
 
   deletePassword(service: string, account: string) {
-    if (!keytar) throw keytarErr()
-    return keytar.deletePassword(service, account)
+    return this.context.secrets.delete(`${service}:${account}`)
   }
-
-  acounts(service: string) {
-    if (!keytar) throw keytarErr()
-    return keytar.findCredentials(service)
+  async accounts(service: string): Promise<{ account: string, password: string }[]> {
+    return [] //TODO:implement or remove
+  }
+  static get() {
+    if (!PasswordVault.instance) throw new Error("No password vault defined")
+    return PasswordVault.instance
   }
 }

client/src/scm/abapGit/credentials.ts

@@ -40,7 +40,7 @@ const mandInbox = (prompt: string, password = false) =>
 
 export async function repoCredentials(repoUrl: string) {
   const cred: ScmCredentials = { user: getDefaultUser(repoUrl), password: "" }
-  const vault = new PasswordVault()
+  const vault = PasswordVault.get()
   const pwdFromVault = async (x: ScmCredentials) => {
     if (x.user)
       x.password = (await vault.getPassword(pwdService(repoUrl), x.user)) || ""
@@ -81,11 +81,11 @@ export async function dataCredentials(
 }
 
 export const deletePassword = (repo: GitRepo, user: string) => {
-  const vault = new PasswordVault()
+  const vault = PasswordVault.get()
   return vault.deletePassword(pwdService(repo.url), user)
 }
 
 export const listPasswords = (repo: GitRepo) => {
-  const vault = new PasswordVault()
-  return vault.acounts(pwdService(repo.url))
+  const vault = PasswordVault.get()
+  return vault.accounts(pwdService(repo.url))
 }