Reputation: 37
Keyring Crate returning success but not storing the credentials in the MACOS 15.0 keychain
Problem Description: I'm developing a database client in Rust and using the keyring crate to store credentials in the Apple Keychain. My code returns a success message when storing the credentials, but I can't find them in the Keychain.
Here's the relevant code:
use crate::structure::database::StoredConnectionParams;
use keyring::Entry;
use serde::{Deserialize, Serialize}; // Import the StoredConnectionParams struct
#[derive(Debug, Serialize, Deserialize)]
pub struct CredentialStorageResult {
pub success: bool,
pub message: String,
}
pub fn store_database_credentials(
params: StoredConnectionParams,
) -> Result<CredentialStorageResult, String> {
let connection_id = params.connection_id.to_string();
let keyring_service = format!("datamizu-db-{}", connection_id);
let entry = Entry::new(&keyring_service, &connection_id)
.map_err(|e| format!("Failed to create keyring entry: {}", e))?;
let credentials = serde_json::to_string(¶ms.credentials)
.map_err(|e| e.to_string())?;
match entry.set_password(&credentials) {
Ok(_) => Ok(CredentialStorageResult {
success: true,
message: format!(
"Credentials for {} connection {} stored successfully",
params.data_source_type, connection_id
),
}),
Err(e) => Err(format!(
"Failed to store credentials for {} connection {}: {}",
params.data_source_type, connection_id, e
)),
}
}
pub fn fetch_database_credentials(
connection_id: String,
) -> Result<StoredConnectionParams, String> {
let keyring_service = format!("datamizu-db-{}", connection_id);
let entry = Entry::new(&keyring_service, &connection_id)
.map_err(|e| format!("Failed to create keyring entry: {}", e))?;
match entry.get_password() {
Ok(credentials) => serde_json::from_str(&credentials)
.map_err(|e| format!("Failed to parse stored credentials: {}", e)),
Err(e) => Err(format!("Failed to retrieve credentials: {}", e)),
}
}
Steps Taken: I've checked the macOS Keychain manually via Keychain Access, but no entry with the format datamizu-db-<connection_id> is found. I used the security find-generic-password command in the terminal, but no password entries for my service are listed. The code returns success with no errors during execution.
Question: Why might the credentials not be appearing in the macOS Keychain, even though the keyring crate is returning success? Could it be related to app permissions or sandboxing on macOS?
Additional Details: macOS version: 15.0 Rust version: cargo 1.81.0 Keyring crate version: 3.3.0
Thank you
Upvotes: 1
Views: 70
Answers (1)
Reputation: 11
The keyring crate requires that you specify the platforms you want to support.
If you wanted support MacOS and Windows, you'd specify in your Cargo.toml like this:
keyring = { version = "3", features = ["apple-native", "windows-native"] }
Upvotes: 1
Related Questions
- How to use the latest Clang compiler on GitHub macOS runner?
- Deserializing mixed data types with Rust's serde_json
- Using serde for two (de)serialization formats
- Deserializing an enum using a combination of #[serde(untagged)] and #[serde(with)]
- MacOS not storing proxy settings in keychain
- Swift Keychain - Storing OAuth Credentials: "The specified item already exists in the keychain"
- How do I stop keychain storing git credentials, permanently and globally?
- Storing credentials in keychain encrypted not only password