sandbox - move keytar into native host service (#107292)

0299fd43 · Benjamin Pasero · GitHub · 635cfbcd · 0299fd43 · 635cfbcd
12 changed file
--- a/src/vs/code/electron-browser/sharedProcess/sharedProcessMain.ts
+++ b/src/vs/code/electron-browser/sharedProcess/sharedProcessMain.ts
@@ -55,8 +55,6 @@ import { UserDataSyncChannel, UserDataSyncUtilServiceClient, UserDataAutoSyncCha
 import { INativeHostService } from 'vs/platform/native/electron-sandbox/native';
 import { LoggerService } from 'vs/platform/log/node/loggerService';
 import { UserDataSyncLogService } from 'vs/platform/userDataSync/common/userDataSyncLog';
-import { ICredentialsService } from 'vs/platform/credentials/common/credentials';
-import { KeytarCredentialsService } from 'vs/platform/credentials/node/credentialsService';
 import { UserDataAutoSyncService } from 'vs/platform/userDataSync/electron-sandbox/userDataAutoSyncService';
 import { NativeStorageService } from 'vs/platform/storage/node/storageService';
 import { GlobalStorageDatabaseChannelClient } from 'vs/platform/storage/node/storageIpc';
@@ -198,7 +196,6 @@ async function main(server: Server, initData: ISharedProcessInitData, configurat
 		services.set(IDiagnosticsService, new SyncDescriptor(DiagnosticsService));
 		services.set(IExtensionTipsService, new SyncDescriptor(ExtensionTipsService));

-		services.set(ICredentialsService, new SyncDescriptor(KeytarCredentialsService));
 		services.set(IUserDataSyncAccountService, new SyncDescriptor(UserDataSyncAccountService));
 		services.set(IUserDataSyncLogService, new SyncDescriptor(UserDataSyncLogService));
 		services.set(IUserDataSyncUtilService, new UserDataSyncUtilServiceClient(server.getChannel('userDataSyncUtil', client => client.ctx !== 'main')));

--- a/src/vs/platform/credentials/node/credentialsService.ts
+++ b/src/vs/platform/credentials/node/credentialsService.ts
-/*---------------------------------------------------------------------------------------------
- *  Copyright (c) Microsoft Corporation. All rights reserved.
- *  Licensed under the MIT License. See License.txt in the project root for license information.
- *--------------------------------------------------------------------------------------------*/
-
-import type * as keytar from 'keytar';
-import { ICredentialsService } from 'vs/platform/credentials/common/credentials';
-import { IdleValue } from 'vs/base/common/async';
-
-export class KeytarCredentialsService implements ICredentialsService {
-
-	declare readonly _serviceBrand: undefined;
-
-	private readonly _keytar = new IdleValue<Promise<typeof keytar>>(() => import('keytar'));
-
-	async getPassword(service: string, account: string): Promise<string | null> {
-		const keytar = await this._keytar.value;
-		return keytar.getPassword(service, account);
-	}
-
-	async setPassword(service: string, account: string, password: string): Promise<void> {
-		const keytar = await this._keytar.value;
-		return keytar.setPassword(service, account, password);
-	}
-
-	async deletePassword(service: string, account: string): Promise<boolean> {
-		const keytar = await this._keytar.value;
-		return keytar.deletePassword(service, account);
-	}
-
-	async findPassword(service: string): Promise<string | null> {
-		const keytar = await this._keytar.value;
-		return keytar.findPassword(service);
-	}
-
-	async findCredentials(service: string): Promise<Array<{ account: string, password: string }>> {
-		const keytar = await this._keytar.value;
-		return keytar.findCredentials(service);
-	}
-}
--- a/src/vs/platform/native/common/native.ts
+++ b/src/vs/platform/native/common/native.ts
@@ -141,4 +141,11 @@ export interface ICommonNativeHostService {

 	// Registry (windows only)
 	windowsGetStringRegKey(hive: 'HKEY_CURRENT_USER' | 'HKEY_LOCAL_MACHINE' | 'HKEY_CLASSES_ROOT' | 'HKEY_USERS' | 'HKEY_CURRENT_CONFIG', path: string, name: string): Promise<string | undefined>;
+
+	// Credentials
+	getPassword(service: string, account: string): Promise<string | null>;
+	setPassword(service: string, account: string, password: string): Promise<void>;
+	deletePassword(service: string, account: string): Promise<boolean>;
+	findPassword(service: string): Promise<string | null>;
+	findCredentials(service: string): Promise<Array<{ account: string, password: string }>>
 }
--- a/src/vs/platform/native/electron-main/nativeHostMainService.ts
+++ b/src/vs/platform/native/electron-main/nativeHostMainService.ts
@@ -610,6 +610,42 @@ export class NativeHostMainService implements INativeHostMainService {
 		}
 	}

+	//#endregion
+
+	//#region Credentials
+
+	async getPassword(windowId: number | undefined, service: string, account: string): Promise<string | null> {
+		const keytar = await import('keytar');
+
+		return keytar.getPassword(service, account);
+	}
+
+	async setPassword(windowId: number | undefined, service: string, account: string, password: string): Promise<void> {
+		const keytar = await import('keytar');
+
+		return keytar.setPassword(service, account, password);
+	}
+
+	async deletePassword(windowId: number | undefined, service: string, account: string): Promise<boolean> {
+		const keytar = await import('keytar');
+
+		return keytar.deletePassword(service, account);
+	}
+
+	async findPassword(windowId: number | undefined, service: string): Promise<string | null> {
+		const keytar = await import('keytar');
+
+		return keytar.findPassword(service);
+	}
+
+	async findCredentials(windowId: number | undefined, service: string): Promise<Array<{ account: string, password: string }>> {
+		const keytar = await import('keytar');
+
+		return keytar.findCredentials(service);
+	}
+
+	//#endregion
+
 	private windowById(windowId: number | undefined): ICodeWindow | undefined {
 		if (typeof windowId !== 'number') {
 			return undefined;

--- a/src/vs/workbench/api/browser/mainThreadKeytar.ts
+++ b/src/vs/workbench/api/browser/mainThreadKeytar.ts
@@ -5,7 +5,7 @@

 import { extHostNamedCustomer } from 'vs/workbench/api/common/extHostCustomers';
 import { MainContext, MainThreadKeytarShape, IExtHostContext } from 'vs/workbench/api/common/extHost.protocol';
-import { ICredentialsService } from 'vs/platform/credentials/common/credentials';
+import { ICredentialsService } from 'vs/workbench/services/credentials/common/credentials';

 @extHostNamedCustomer(MainContext.MainThreadKeytar)
 export class MainThreadKeytar implements MainThreadKeytarShape {

--- a/src/vs/workbench/services/credentials/browser/credentialsService.ts
+++ b/src/vs/workbench/services/credentials/browser/credentialsService.ts
@@ -3,7 +3,7 @@
 *  Licensed under the MIT License. See License.txt in the project root for license information.
 *--------------------------------------------------------------------------------------------*/

-import { ICredentialsProvider, ICredentialsService } from 'vs/platform/credentials/common/credentials';
+import { ICredentialsService, ICredentialsProvider } from 'vs/workbench/services/credentials/common/credentials';
 import { registerSingleton } from 'vs/platform/instantiation/common/extensions';
 import { IWorkbenchEnvironmentService } from 'vs/workbench/services/environment/common/environmentService';


--- a/src/vs/workbench/services/credentials/common/credentials.ts
+++ b/src/vs/workbench/services/credentials/common/credentials.ts
@@ -5,15 +5,16 @@

 import { createDecorator } from 'vs/platform/instantiation/common/instantiation';

-export const ICredentialsService = createDecorator<ICredentialsService>('ICredentialsService');
-
-export interface ICredentialsService {
-
-	readonly _serviceBrand: undefined;
+export const ICredentialsService = createDecorator<ICredentialsService>('credentialsService');

+export interface ICredentialsProvider {
 	getPassword(service: string, account: string): Promise<string | null>;
 	setPassword(service: string, account: string, password: string): Promise<void>;
 	deletePassword(service: string, account: string): Promise<boolean>;
 	findPassword(service: string): Promise<string | null>;
 	findCredentials(service: string): Promise<Array<{ account: string, password: string }>>;
 }
+
+export interface ICredentialsService extends ICredentialsProvider {
+	readonly _serviceBrand: undefined;
+}
--- a/src/vs/platform/credentials/common/credentials.ts
+++ b/src/vs/platform/credentials/common/credentials.ts
@@ -3,18 +3,35 @@
 *  Licensed under the MIT License. See License.txt in the project root for license information.
 *--------------------------------------------------------------------------------------------*/

-import { createDecorator } from 'vs/platform/instantiation/common/instantiation';
-
-export interface ICredentialsProvider {
-	getPassword(service: string, account: string): Promise<string | null>;
-	setPassword(service: string, account: string, password: string): Promise<void>;
-	deletePassword(service: string, account: string): Promise<boolean>;
-	findPassword(service: string): Promise<string | null>;
-	findCredentials(service: string): Promise<Array<{ account: string, password: string }>>;
-}
+import { ICredentialsService } from 'vs/workbench/services/credentials/common/credentials';
+import { INativeHostService } from 'vs/platform/native/electron-sandbox/native';
+import { registerSingleton } from 'vs/platform/instantiation/common/extensions';
+
+export class KeytarCredentialsService implements ICredentialsService {
+
+	declare readonly _serviceBrand: undefined;
+
+	constructor(@INativeHostService private readonly nativeHostService: INativeHostService) { }

-export const ICredentialsService = createDecorator<ICredentialsService>('ICredentialsService');
+	getPassword(service: string, account: string): Promise<string | null> {
+		return this.nativeHostService.getPassword(service, account);
+	}

-export interface ICredentialsService extends ICredentialsProvider {
-	readonly _serviceBrand: undefined;
+	setPassword(service: string, account: string, password: string): Promise<void> {
+		return this.nativeHostService.setPassword(service, account, password);
+	}
+
+	deletePassword(service: string, account: string): Promise<boolean> {
+		return this.nativeHostService.deletePassword(service, account);
+	}
+
+	findPassword(service: string): Promise<string | null> {
+		return this.nativeHostService.findPassword(service);
+	}
+
+	findCredentials(service: string): Promise<Array<{ account: string, password: string }>> {
+		return this.nativeHostService.findCredentials(service);
+	}
 }
+
+registerSingleton(ICredentialsService, KeytarCredentialsService, true);
--- a/src/vs/workbench/test/electron-browser/workbenchTestServices.ts
+++ b/src/vs/workbench/test/electron-browser/workbenchTestServices.ts
@@ -232,6 +232,11 @@ export class TestNativeHostService implements INativeHostService {
 	async hasClipboard(format: string, type?: 'selection' | 'clipboard' | undefined): Promise<boolean> { return false; }
 	async sendInputEvent(event: MouseInputEvent): Promise<void> { }
 	async windowsGetStringRegKey(hive: 'HKEY_CURRENT_USER' | 'HKEY_LOCAL_MACHINE' | 'HKEY_CLASSES_ROOT' | 'HKEY_USERS' | 'HKEY_CURRENT_CONFIG', path: string, name: string): Promise<string | undefined> { return undefined; }
+	async getPassword(service: string, account: string): Promise<string | null> { return null; }
+	async setPassword(service: string, account: string, password: string): Promise<void> { }
+	async deletePassword(service: string, account: string): Promise<boolean> { return false; }
+	async findPassword(service: string): Promise<string | null> { return null; }
+	async findCredentials(service: string): Promise<{ account: string; password: string; }[]> { return []; }
 }

 export function workbenchInstantiationService(): ITestInstantiationService {

--- a/src/vs/workbench/workbench.desktop.main.ts
+++ b/src/vs/workbench/workbench.desktop.main.ts
@@ -97,12 +97,9 @@ import 'vs/workbench/services/diagnostics/electron-browser/diagnosticsService';


 import { registerSingleton } from 'vs/platform/instantiation/common/extensions';
-import { ICredentialsService } from 'vs/platform/credentials/common/credentials';
-import { KeytarCredentialsService } from 'vs/platform/credentials/node/credentialsService';
 import { ITunnelService } from 'vs/platform/remote/common/tunnel';
 import { TunnelService } from 'vs/platform/remote/node/tunnelService';

-registerSingleton(ICredentialsService, KeytarCredentialsService, true);
 registerSingleton(ITunnelService, TunnelService);

 //#endregion

--- a/src/vs/workbench/workbench.sandbox.main.ts
+++ b/src/vs/workbench/workbench.sandbox.main.ts
@@ -41,6 +41,7 @@ import 'vs/workbench/services/accessibility/electron-sandbox/accessibilityServic
 import 'vs/workbench/services/path/electron-sandbox/pathService';
 import 'vs/workbench/services/themes/electron-sandbox/nativeHostColorSchemeService';
 import 'vs/workbench/services/extensionManagement/electron-sandbox/extensionManagementService';
+import 'vs/workbench/services/credentials/electron-sandbox/credentialsService';

 import { registerSingleton } from 'vs/platform/instantiation/common/extensions';
 import { ITimerService } from 'vs/workbench/services/timer/browser/timerService';

--- a/src/vs/workbench/workbench.web.api.ts
+++ b/src/vs/workbench/workbench.web.api.ts
@@ -18,7 +18,7 @@ import { IWorkspaceProvider, IWorkspace } from 'vs/workbench/services/host/brows
 import { CommandsRegistry } from 'vs/platform/commands/common/commands';
 import { IProductConfiguration } from 'vs/platform/product/common/productService';
 import { mark } from 'vs/base/common/performance';
-import { ICredentialsProvider } from 'vs/platform/credentials/common/credentials';
+import { ICredentialsProvider } from 'vs/workbench/services/credentials/common/credentials';

 interface IResourceUriProvider {
 	(uri: URI): URI;