From c30330a4447a0c5ff888d073f8b397a1680a3b77 Mon Sep 17 00:00:00 2001
From: James Magahern <james@magahern.com>
Date: Mon, 25 Aug 2025 00:56:03 -0700
Subject: [PATCH] auth: try switching to platform agnostic auth store

---
 Cargo.lock                           | 58 +++++++++++++++++++++-------
 kordophoned/Cargo.toml               |  2 +-
 kordophoned/src/daemon/auth_store.rs | 25 ++++--------
 3 files changed, 54 insertions(+), 31 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 1bd2904..e748ba9 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -200,9 +200,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
 
 [[package]]
 name = "bitflags"
-version = "2.5.0"
+version = "2.9.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1"
+checksum = "34efbcccd345379ca2868b2b2c9d3782e9cc58ba87bc7d79d5b53d9c9ae6f25d"
 
 [[package]]
 name = "block"
@@ -349,6 +349,16 @@ dependencies = [
  "libc",
 ]
 
+[[package]]
+name = "core-foundation"
+version = "0.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b2a6cd9ae233e7f62ba4e9353e81a88df7fc8a5987b8d445b4d90c879bd156f6"
+dependencies = [
+ "core-foundation-sys",
+ "libc",
+]
+
 [[package]]
 name = "core-foundation-sys"
 version = "0.8.6"
@@ -1101,12 +1111,15 @@ dependencies = [
 
 [[package]]
 name = "keyring"
-version = "3.6.2"
+version = "3.6.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1961983669d57bdfe6c0f3ef8e4c229b5ef751afcc7d87e4271d2f71f6ccfa8b"
+checksum = "eebcc3aff044e5944a8fbaf69eb277d11986064cba30c468730e8b9909fb551c"
 dependencies = [
  "dbus-secret-service",
  "log",
+ "security-framework 2.10.0",
+ "security-framework 3.3.0",
+ "zeroize",
 ]
 
 [[package]]
@@ -1247,7 +1260,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "07033963ba89ebaf1584d767badaa2e8fcec21aedea6b8c0346d487d49c28667"
 dependencies = [
  "cfg-if",
- "windows-targets 0.48.5",
+ "windows-targets 0.52.6",
 ]
 
 [[package]]
@@ -1256,7 +1269,7 @@ version = "0.1.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c0ff37bd590ca25063e35af745c343cb7a0271906fb7b37e4813e8f79f00268d"
 dependencies = [
- "bitflags 2.5.0",
+ "bitflags 2.9.3",
  "libc",
 ]
 
@@ -1353,7 +1366,7 @@ dependencies = [
  "openssl-probe",
  "openssl-sys",
  "schannel",
- "security-framework",
+ "security-framework 2.10.0",
  "security-framework-sys",
  "tempfile",
 ]
@@ -1468,7 +1481,7 @@ version = "0.10.64"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "95a0481286a310808298130d22dd1fef0fa571e05a8f44ec801801e84b216b1f"
 dependencies = [
- "bitflags 2.5.0",
+ "bitflags 2.9.3",
  "cfg-if",
  "foreign-types",
  "libc",
@@ -1773,7 +1786,7 @@ version = "0.38.34"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f"
 dependencies = [
- "bitflags 2.5.0",
+ "bitflags 2.9.3",
  "errno",
  "libc",
  "linux-raw-sys",
@@ -1814,7 +1827,20 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "770452e37cad93e0a50d5abc3990d2bc351c36d0328f86cefec2f2fb206eaef6"
 dependencies = [
  "bitflags 1.3.2",
- "core-foundation",
+ "core-foundation 0.9.4",
+ "core-foundation-sys",
+ "libc",
+ "security-framework-sys",
+]
+
+[[package]]
+name = "security-framework"
+version = "3.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "80fb1d92c5028aa318b4b8bd7302a5bfcf48be96a37fc6fc790f806b0004ee0c"
+dependencies = [
+ "bitflags 2.9.3",
+ "core-foundation 0.10.1",
  "core-foundation-sys",
  "libc",
  "security-framework-sys",
@@ -1822,9 +1848,9 @@ dependencies = [
 
 [[package]]
 name = "security-framework-sys"
-version = "2.10.0"
+version = "2.14.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "41f3cc463c0ef97e11c3461a9d3787412d30e8e7eb907c79180c4a57bf7c04ef"
+checksum = "49db231d56a190491cb4aeda9527f1ad45345af50b0851622a7adb8c03b01c32"
 dependencies = [
  "core-foundation-sys",
  "libc",
@@ -2585,7 +2611,7 @@ version = "0.39.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6f42320e61fe2cfd34354ecb597f86f413484a798ba44a8ca1165c58d42da6c1"
 dependencies = [
- "bitflags 2.5.0",
+ "bitflags 2.9.3",
 ]
 
 [[package]]
@@ -2611,3 +2637,9 @@ source = "git+https://github.com/dfrankland/xpc-connection-rs.git?rev=cd4fb3d#cd
 dependencies = [
  "bindgen",
 ]
+
+[[package]]
+name = "zeroize"
+version = "1.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde"
diff --git a/kordophoned/Cargo.toml b/kordophoned/Cargo.toml
index dedfe31..94d0dfb 100644
--- a/kordophoned/Cargo.toml
+++ b/kordophoned/Cargo.toml
@@ -10,7 +10,7 @@ chrono = "0.4.38"
 directories = "6.0.0"
 env_logger = "0.11.6"
 futures-util = "0.3.31"
-keyring = { version = "3.6.2", features = ["sync-secret-service"] }
+keyring = { version = "3.6.3", features = ["apple-native", "sync-secret-service"] }
 kordophone = { path = "../kordophone" }
 kordophone-db = { path = "../kordophone-db" }
 log = "0.4.25"
diff --git a/kordophoned/src/daemon/auth_store.rs b/kordophoned/src/daemon/auth_store.rs
index 077e502..3f7c21b 100644
--- a/kordophoned/src/daemon/auth_store.rs
+++ b/kordophoned/src/daemon/auth_store.rs
@@ -21,10 +21,7 @@ impl DatabaseAuthenticationStore {
 
 #[async_trait]
 impl AuthenticationStore for DatabaseAuthenticationStore {
-    #[cfg(target_os = "linux")]
     async fn get_credentials(&mut self) -> Option<Credentials> {
-        use keyring::secret_service::SsCredential;
-
         self.database
             .lock()
             .await
@@ -38,15 +35,14 @@ impl AuthenticationStore for DatabaseAuthenticationStore {
 
                 match username {
                     Some(username) => {
-                        let credential = SsCredential::new_with_target(
-                            None,
-                            "net.buzzert.kordophonecd",
-                            &username,
-                        )
-                        .unwrap();
-
-                        let password: Result<String> =
-                            Entry::new_with_credential(Box::new(credential)).get_password();
+                        let credential_res = Entry::new("net.buzzert.kordophonecd", &username);
+                        let password: Result<String> = match credential_res {
+                            Ok(credential) => credential.get_password(),
+                            Err(e) => {
+                                log::error!("error creating keyring credential: {}", e);
+                                return None;
+                            }
+                        };
 
                         match password {
                             Ok(password) => Some(Credentials { username, password }),
@@ -62,11 +58,6 @@ impl AuthenticationStore for DatabaseAuthenticationStore {
             .await
     }
 
-    #[cfg(not(target_os = "linux"))]
-    async fn get_credentials(&mut self) -> Option<Credentials> {
-        None
-    }
-
     async fn get_token(&mut self) -> Option<String> {
         self.database
             .lock()