1
//! File backend implementation that can be backed by the [Secret portal](https://flatpak.github.io/xdg-desktop-portal/docs/doc-org.freedesktop.portal.Secret.html).
2
//!
3
//! ```no_run
4
//! use oo7::{Secret, file::UnlockedKeyring};
5
//!
6
//! # async fn run() -> oo7::Result<()> {
7
//! let keyring = UnlockedKeyring::load("default.keyring", Some(Secret::text("some_text"))).await?;
8
//! keyring
9
//!     .create_item("My Label", &[("account", "alice")], "My Password", true)
10
//!     .await?;
11
//!
12
//! let items = keyring.search_items(&[("account", "alice")]).await?;
13
//! assert_eq!(items[0].secret(), oo7::Secret::blob("My Password"));
14
//!
15
//! keyring.delete(&[("account", "alice")]).await?;
16
//! #   Ok(())
17
//! # }
18
//! ```
19

            
20
#[cfg(feature = "unstable")]
21
#[cfg_attr(docsrs, doc(cfg(feature = "unstable")))]
22
pub mod api;
23
#[cfg(not(feature = "unstable"))]
24
pub(crate) mod api;
25

            
26
mod error;
27
mod locked_item;
28
mod locked_keyring;
29
mod unlocked_item;
30
mod unlocked_keyring;
31

            
32
pub use error::{Error, InvalidItemError, WeakKeyError};
33
pub use locked_item::LockedItem;
34
pub use locked_keyring::LockedKeyring;
35
pub use unlocked_item::UnlockedItem;
36
pub use unlocked_keyring::{ItemDefinition, UnlockedKeyring};
37

            
38
use crate::{AsAttributes, Key, Secret};
39

            
40
#[derive(Debug)]
41
pub enum Item {
42
    Locked(LockedItem),
43
    Unlocked(UnlockedItem),
44
}
45

            
46
impl From<UnlockedItem> for Item {
47
13
    fn from(item: UnlockedItem) -> Self {
48
16
        Self::Unlocked(item)
49
    }
50
}
51

            
52
impl From<LockedItem> for Item {
53
    fn from(item: LockedItem) -> Self {
54
        Self::Locked(item)
55
    }
56
}
57

            
58
impl Item {
59
13
    pub const fn is_locked(&self) -> bool {
60
13
        matches!(self, Self::Locked(_))
61
    }
62

            
63
13
    pub fn as_unlocked(&self) -> &UnlockedItem {
64
13
        match self {
65
13
            Self::Unlocked(item) => item,
66
            _ => panic!("The item is locked"),
67
        }
68
    }
69

            
70
10
    pub fn as_mut_unlocked(&mut self) -> &mut UnlockedItem {
71
10
        match self {
72
10
            Self::Unlocked(item) => item,
73
            _ => panic!("The item is locked"),
74
        }
75
    }
76

            
77
    pub fn as_locked(&self) -> &LockedItem {
78
        match self {
79
            Self::Locked(item) => item,
80
            _ => panic!("The item is unlocked"),
81
        }
82
    }
83

            
84
    /// Check if this item matches the given attributes
85
12
    pub fn matches_attributes(&self, attributes: &impl AsAttributes, key: Option<&Key>) -> bool {
86
10
        match self {
87
11
            Self::Unlocked(unlocked) => {
88
10
                let item_attrs = unlocked.attributes();
89
42
                attributes.search_attributes().iter().all(|(k, value)| {
90
34
                    item_attrs.get(k.as_str()).map(|v| v.as_ref()) == Some(value.as_str())
91
                })
92
            }
93
4
            Self::Locked(locked) => locked.inner.matches(attributes, key),
94
        }
95
    }
96
}
97

            
98
#[derive(Debug)]
99
pub enum Keyring {
100
    Locked(LockedKeyring),
101
    Unlocked(UnlockedKeyring),
102
}
103

            
104
impl From<LockedKeyring> for Keyring {
105
    fn from(keyring: LockedKeyring) -> Self {
106
        Self::Locked(keyring)
107
    }
108
}
109

            
110
impl From<UnlockedKeyring> for Keyring {
111
    fn from(keyring: UnlockedKeyring) -> Self {
112
        Self::Unlocked(keyring)
113
    }
114
}
115

            
116
impl Keyring {
117
    /// Validate that a secret can decrypt the items in this keyring.
118
    #[cfg_attr(feature = "tracing", tracing::instrument(skip(self, secret)))]
119
34
    pub async fn validate_secret(&self, secret: &Secret) -> Result<bool, Error> {
120
8
        match self {
121
16
            Self::Locked(keyring) => keyring.validate_secret(secret).await,
122
            Self::Unlocked(keyring) => keyring.validate_secret(secret).await,
123
        }
124
    }
125

            
126
    pub async fn validate_unencrypted(&self) -> Result<bool, Error> {
127
        match self {
128
            Self::Locked(keyring) => keyring.validate_unencrypted().await,
129
            Self::Unlocked(keyring) => keyring.validate_unencrypted().await,
130
        }
131
    }
132

            
133
    /// Get the modification timestamp
134
119
    pub async fn modified_time(&self) -> std::time::Duration {
135
26
        match self {
136
8
            Self::Locked(keyring) => keyring.modified_time().await,
137
56
            Self::Unlocked(keyring) => keyring.modified_time().await,
138
        }
139
    }
140

            
141
    /// Get the creation timestamp from the filesystem if the keyring has an
142
    /// associated file.
143
110
    pub async fn created_time(&self) -> Option<std::time::Duration> {
144
89
        let path = self.path()?;
145

            
146
        #[cfg(feature = "tokio")]
147
        let metadata = tokio::fs::metadata(path).await.ok()?;
148
        #[cfg(feature = "async-std")]
149
        let metadata = async_fs::metadata(path).await.ok()?;
150

            
151
9
        metadata
152
            .created()
153
            .ok()
154
29
            .and_then(|time| time.duration_since(std::time::SystemTime::UNIX_EPOCH).ok())
155
    }
156

            
157
135
    pub async fn items(&self) -> Result<Vec<Item>, Error> {
158
29
        match self {
159
20
            Self::Locked(keyring) => Ok(keyring
160
4
                .items()
161
12
                .await?
162
4
                .into_iter()
163
4
                .map(Item::Locked)
164
4
                .collect()),
165
154
            Self::Unlocked(keyring) => Ok(keyring
166
31
                .items()
167
115
                .await?
168
36
                .into_iter()
169
32
                .map(Item::Unlocked)
170
72
                .collect()),
171
        }
172
    }
173

            
174
    /// Return the associated file if any.
175
27
    pub fn path(&self) -> Option<&std::path::Path> {
176
29
        match self {
177
4
            Self::Locked(keyring) => keyring.path(),
178
25
            Self::Unlocked(keyring) => keyring.path(),
179
        }
180
    }
181

            
182
21
    pub const fn is_locked(&self) -> bool {
183
21
        matches!(self, Self::Locked(_))
184
    }
185

            
186
17
    pub fn as_unlocked(&self) -> &UnlockedKeyring {
187
17
        match self {
188
17
            Self::Unlocked(unlocked_keyring) => unlocked_keyring,
189
            _ => panic!("The keyring is locked"),
190
        }
191
    }
192

            
193
    pub fn as_locked(&self) -> &LockedKeyring {
194
        match self {
195
            Self::Locked(locked_keyring) => locked_keyring,
196
            _ => panic!("The keyring is unlocked"),
197
        }
198
    }
199
}