keyring updates

strawgate · strawgate · commit ec6e847d4bef · 2025-11-07T16:59:39.000-06:00
diff --git a/key-value/key-value-aio/src/key_value/aio/stores/keyring/store.py b/key-value/key-value-aio/src/key_value/aio/stores/keyring/store.py
@@ -1,5 +1,6 @@
 """Python keyring-based key-value store."""
 
+from key_value.shared.errors.key_value import ValueTooLargeError
 from key_value.shared.utils.compound import compound_key
 from key_value.shared.utils.managed_entry import ManagedEntry
 from key_value.shared.utils.sanitization import HybridSanitizationStrategy, SanitizationStrategy
@@ -17,6 +18,8 @@
 
 DEFAULT_KEYCHAIN_SERVICE = "py-key-value"
 
+WINDOWS_MAX_VALUE_LENGTH = 2560  # bytes
+
 MAX_KEY_COLLECTION_LENGTH = 256
 ALLOWED_KEY_COLLECTION_CHARACTERS: str = ALPHANUMERIC_CHARACTERS
 
@@ -106,6 +109,10 @@ async def _put_managed_entry(self, *, key: str, collection: str, managed_entry:
         combo_key: str = compound_key(collection=sanitized_collection, key=sanitized_key)
 
         json_str: str = self._serialization_adapter.dump_json(entry=managed_entry, key=key, collection=collection)
+        encoded_json_bytes: bytes = json_str.encode(encoding="utf-8")
+
+        if len(encoded_json_bytes) > WINDOWS_MAX_VALUE_LENGTH:
+            raise ValueTooLargeError(size=len(encoded_json_bytes), max_size=2560, collection=sanitized_collection, key=sanitized_key)
 
         keyring.set_password(service_name=self._service_name, username=combo_key, password=json_str)
 
diff --git a/key-value/key-value-aio/tests/stores/keyring/test_keyring.py b/key-value/key-value-aio/tests/stores/keyring/test_keyring.py
@@ -54,8 +54,8 @@ async def test_long_collection_name(self, store: KeyringStore, sanitizing_store:
         with pytest.raises(Exception):  # noqa: B017, PT011
             await store.put(collection="test_collection" * 100, key="test_key", value={"test": "test"})
 
-        await sanitizing_store.put(collection="test_collection" * 100, key="test_key", value={"test": "test"})
-        assert await sanitizing_store.get(collection="test_collection" * 100, key="test_key") == {"test": "test"}
+        await sanitizing_store.put(collection="test_collection" * 50, key="test_key", value={"test": "test"})
+        assert await sanitizing_store.get(collection="test_collection" * 50, key="test_key") == {"test": "test"}
 
     @override
     async def test_long_key_name(self, store: KeyringStore, sanitizing_store: KeyringStore):  # pyright: ignore[reportIncompatibleMethodOverride]
diff --git a/key-value/key-value-shared/src/key_value/shared/errors/key_value.py b/key-value/key-value-shared/src/key_value/shared/errors/key_value.py
@@ -37,3 +37,13 @@ def __init__(self, ttl: Any, extra_info: ExtraInfoType | None = None):
 
 class InvalidKeyError(KeyValueOperationError):
     """Raised when a key is invalid (e.g., uses reserved prefixes)."""
+
+
+class ValueTooLargeError(KeyValueOperationError):
+    """Raised when a value is too large."""
+
+    def __init__(self, size: int, max_size: int, collection: str | None = None, key: str | None = None):
+        super().__init__(
+            message="Value size exceeds the maximum allowed size.",
+            extra_info={"size": size, "max_size": max_size, "collection": collection or "default", "key": key},
+        )
diff --git a/key-value/key-value-sync/src/key_value/sync/code_gen/stores/keyring/store.py b/key-value/key-value-sync/src/key_value/sync/code_gen/stores/keyring/store.py
@@ -3,6 +3,7 @@
 # DO NOT CHANGE! Change the original file instead.
 """Python keyring-based key-value store."""
 
+from key_value.shared.errors.key_value import ValueTooLargeError
 from key_value.shared.utils.compound import compound_key
 from key_value.shared.utils.managed_entry import ManagedEntry
 from key_value.shared.utils.sanitization import HybridSanitizationStrategy, SanitizationStrategy
@@ -20,6 +21,8 @@
 
 DEFAULT_KEYCHAIN_SERVICE = "py-key-value"
 
+WINDOWS_MAX_VALUE_LENGTH = 2560  # bytes
+
 MAX_KEY_COLLECTION_LENGTH = 256
 ALLOWED_KEY_COLLECTION_CHARACTERS: str = ALPHANUMERIC_CHARACTERS
 
@@ -105,6 +108,10 @@ def _put_managed_entry(self, *, key: str, collection: str, managed_entry: Manage
         combo_key: str = compound_key(collection=sanitized_collection, key=sanitized_key)
 
         json_str: str = self._serialization_adapter.dump_json(entry=managed_entry, key=key, collection=collection)
+        encoded_json_bytes: bytes = json_str.encode(encoding="utf-8")
+
+        if len(encoded_json_bytes) > WINDOWS_MAX_VALUE_LENGTH:
+            raise ValueTooLargeError(size=len(encoded_json_bytes), max_size=2560, collection=sanitized_collection, key=sanitized_key)
 
         keyring.set_password(service_name=self._service_name, username=combo_key, password=json_str)
 
diff --git a/key-value/key-value-sync/tests/code_gen/stores/keyring/test_keyring.py b/key-value/key-value-sync/tests/code_gen/stores/keyring/test_keyring.py
@@ -61,8 +61,8 @@ def test_long_collection_name(self, store: KeyringStore, sanitizing_store: Elast
         with pytest.raises(Exception):  # noqa: B017, PT011
             store.put(collection="test_collection" * 100, key="test_key", value={"test": "test"})
 
-        sanitizing_store.put(collection="test_collection" * 100, key="test_key", value={"test": "test"})
-        assert sanitizing_store.get(collection="test_collection" * 100, key="test_key") == {"test": "test"}
+        sanitizing_store.put(collection="test_collection" * 50, key="test_key", value={"test": "test"})
+        assert sanitizing_store.get(collection="test_collection" * 50, key="test_key") == {"test": "test"}
 
     @override
     def test_long_key_name(self, store: KeyringStore, sanitizing_store: KeyringStore):  # pyright: ignore[reportIncompatibleMethodOverride]
