-
Notifications
You must be signed in to change notification settings - Fork 0
/
keychain.go
55 lines (50 loc) · 1.16 KB
/
keychain.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
package main
import (
"fmt"
"github.com/keybase/go-keychain"
"os"
"strings"
)
func userAccount() string {
spl := strings.Split(os.Getenv("HOME"), "/")
if len(spl) < 2 {
panic("$HOME has not been set")
}
switch n := len(spl); {
case spl[n-1] == "":
return spl[n-2]
default:
return spl[n-1]
}
}
func keychainItem() keychain.Item {
item := keychain.NewItem()
item.SetSecClass(keychain.SecClassGenericPassword)
item.SetService("tucnak/2fa")
item.SetAccount(userAccount())
item.SetLabel("2fa")
item.SetAccessGroup("2fa.group.com.github.tucnak")
item.SetSynchronizable(keychain.SynchronizableNo)
item.SetAccessible(keychain.AccessibleWhenUnlockedThisDeviceOnly)
item.SetReturnData(true)
return item
}
func queryKeychain() ([]byte, error) {
item := keychainItem()
results, err := keychain.QueryItem(item)
switch err {
case nil:
for _, r := range results {
return r.Data, nil
}
fallthrough
case keychain.ErrorItemNotFound:
item.SetData([]byte{})
if err := keychain.AddItem(item); err != nil {
return nil, fmt.Errorf("queryKeychain: no init: %w", err)
}
return nil, nil
default:
return nil, fmt.Errorf("queryKeychain: %w", err)
}
}