Module: Secret

Defined in:
lib/libsecret/loader.rb,
lib/libsecret.rb,
lib/libsecret/schema.rb

Overview

Copyright (C) 2022 Ruby-GNOME Project Team

This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.

This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

Defined Under Namespace

Modules: Backend, BackendFlags, CollectionCreateFlags, CollectionFlags, Error, ItemCreateFlags, ItemFlags, Retrievable, SchemaAttributeType, SchemaFlags, SchemaType, SearchFlags, ServiceFlags Classes: Collection, Item, Loader, Prompt, Schema, Service

Constant Summary collapse

BACKEND_EXTENSION_POINT_NAME =

Extension point for the secret backend.

secret-backend
COLLECTION_DEFAULT =

An alias to the default collection.

This can be passed to [funcpassword_store] [funcCollection.for_alias].

default
COLLECTION_SESSION =

An alias to the session collection, which will be cleared when the user ends the session.

This can be passed to [funcpassword_store], [funcCollection.for_alias] or similar functions.

session
MAJOR_VERSION =

The major version of libsecret.

0
MICRO_VERSION =

The micro version of libsecret.

4
MINOR_VERSION =

The minor version of libsecret.

21
LOG_DOMAIN = 
"Secret"

Instance Method Summary collapse

Instance Method Details

#attributes_build(schema, array) ⇒ GLib::HashTable<String>

Build up a hash table of attribute values.

The variable argument list should contain pairs of a) The attribute name as a null-terminated string, followed by b) attribute value, either a character string, an int number, or a gboolean value, as defined in the password schema. The list of attributes should be terminated with a nil.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (GLib::HashTable<String>)

    a new table of attributes, to be released with [funcGLib.HashTable.unref]

#attributes_buildv(schema, va) ⇒ GLib::HashTable<String>

Build up a hash table of attribute values.

The variable argument list should contain pairs of a) The attribute name as a null-terminated string, followed by b) attribute value, either a character string, an int number, or a gboolean value, as defined in the password schema. The list of attributes should be terminated with a nil.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • va (Secret::va_list)

    the attribute keys and values, terminated with nil

Returns:

  • (GLib::HashTable<String>)

    a new table of attributes, to be released with [funcGLib.HashTable.unref]

#attributes_validate(schema, attributes) ⇒ Boolean

Check if attributes are valid according to the provided schema.

Verifies schema name if available, attribute names and parsing of attribute values.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • attributes (GLib::HashTable<GObject>)

    the attributes to be validated

Returns:

  • (Boolean)

    whether or not the given attributes table is valid

#backend_get(flags, cancellable, callback, user_data) ⇒ nil

Get a Secret::Backend instance.

If such a backend already exists, then the same backend is returned.

If flags contains any flags of which parts of the secret backend to ensure are initialized, then those will be initialized before completing.

This method will return immediately and complete asynchronously.

Parameters:

  • flags (Secret::BackendFlags)

    flags for which service functionality to ensure is initialized

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • callback (Gio::AsyncReadyCallback)

    called when the operation completes

  • user_data (GObject)

    data to be passed to the callback

Returns:

  • (nil)

#backend_get_finish(result) ⇒ Secret::Backend

Complete an asynchronous operation to get a Secret::Backend.

Parameters:

  • result (Gio::AsyncResult)

    the asynchronous result passed to the callback

Returns:

  • (Secret::Backend)

    a new reference to a Secret::Backend proxy, which should be released with [methodGObject.Object.unref].

#error_get_quarkGLib::Quark

Get the error quark.

Returns:

  • (GLib::Quark)

    the quark

#get_schema(type) ⇒ Secret::Schema

Get a secret storage schema of the given type.

C code may access the schemas (such as %SECRET_SCHEMA_NOTE) directly, but language bindings cannot, and must use this accessor.

Parameters:

Returns:

#password_clear(schema, cancellable, callback, user_data, array) ⇒ nil

Clear unlocked matching passwords from the secret service.

The variable argument list should contain pairs of a) The attribute name as a null-terminated string, followed by b) attribute value, either a character string, an int number, or a gboolean value, as defined in the password schema. The list of attributes should be terminated with a nil.

All unlocked items that match the attributes will be deleted.

This method will return immediately and complete asynchronously.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • callback (Gio::AsyncReadyCallback)

    called when the operation completes

  • user_data (GObject)

    data to be passed to the callback

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (nil)

#password_clear_finish(result) ⇒ Boolean

Finish an asynchronous operation to remove passwords from the secret service.

Parameters:

  • result (Gio::AsyncResult)

    the asynchronous result passed to the callback

Returns:

  • (Boolean)

    whether any passwords were removed

#password_clear_sync(schema, cancellable, error, array) ⇒ Boolean

Remove unlocked matching passwords from the secret service.

The variable argument list should contain pairs of a) The attribute name as a null-terminated string, followed by b) attribute value, either a character string, an int number, or a gboolean value, as defined in the password schema. The list of attributes should be terminated with a nil.

All unlocked items that match the attributes will be deleted.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • error (GLib::Error)

    location to place an error on failure

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (Boolean)

    whether the any passwords were removed

#password_clearv(schema, attributes, cancellable, callback, user_data) ⇒ nil

Remove unlocked matching passwords from the secret service.

The attributes should be a set of key and value string pairs.

All unlocked items that match the attributes will be deleted.

This method will return immediately and complete asynchronously.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • callback (Gio::AsyncReadyCallback)

    called when the operation completes

  • user_data (GObject)

    data to be passed to the callback

Returns:

  • (nil)

#password_clearv_sync(schema, attributes, cancellable) ⇒ Boolean

Remove unlocked matching passwords from the secret service.

The attributes should be a set of key and value string pairs.

All unlocked items that match the attributes will be deleted.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • cancellable (Gio::Cancellable)

    optional cancellation object

Returns:

  • (Boolean)

    whether any passwords were removed

#password_free(password) ⇒ nil

Clear the memory used by a password, and then free it.

This function must be used to free nonpageable memory returned by [funcpassword_lookup_nonpageable_finish], [funcpassword_lookup_nonpageable_sync] or [funcpassword_lookupv_nonpageable_sync].

Parameters:

  • password (String)

    password to free

Returns:

  • (nil)

#password_lookup(schema, cancellable, callback, user_data, array) ⇒ nil

Lookup a password in the secret service.

The variable argument list should contain pairs of a) The attribute name as a null-terminated string, followed by b) attribute value, either a character string, an int number, or a gboolean value, as defined in the password schema. The list of attributes should be terminated with a nil.

If no secret is found then nil is returned.

This method will return immediately and complete asynchronously.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • callback (Gio::AsyncReadyCallback)

    called when the operation completes

  • user_data (GObject)

    data to be passed to the callback

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (nil)

#password_lookup_binary_finish(result) ⇒ Secret::Value

Finish an asynchronous operation to lookup a password in the secret service.

Parameters:

  • result (Gio::AsyncResult)

    the asynchronous result passed to the callback

Returns:

  • (Secret::Value)

    a newly allocated [structValue], which should be released with [methodValue.unref], or nil if no secret found

#password_lookup_binary_sync(schema, cancellable, error, array) ⇒ Secret::Value

Lookup a password in the secret service.

This is similar to [funcpassword_lookup_sync], but returns a [structValue] instead of a null-terminated password.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • error (GLib::Error)

    location to place an error on failure

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (Secret::Value)

    a newly allocated [structValue], which should be released with [methodValue.unref], or nil if no secret found

#password_lookup_finish(result) ⇒ String

Finish an asynchronous operation to lookup a password in the secret service.

Parameters:

  • result (Gio::AsyncResult)

    the asynchronous result passed to the callback

Returns:

  • (String)

    a new password string which should be freed with [funcpassword_free] or may be freed with [funcGLib.free] when done

#password_lookup_nonpageable_finish(result) ⇒ String

Finish an asynchronous operation to lookup a password in the secret service.

Parameters:

  • result (Gio::AsyncResult)

    the asynchronous result passed to the callback

Returns:

  • (String)

    a new password string stored in nonpageable memory which must be freed with [funcpassword_free] when done

#password_lookup_nonpageable_sync(schema, cancellable, error, array) ⇒ String

Lookup a password in the secret service.

The variable argument list should contain pairs of a) The attribute name as a null-terminated string, followed by b) attribute value, either a character string, an int number, or a gboolean value, as defined in the password schema. The list of attributes should be terminated with a nil.

If no secret is found then nil is returned.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • error (GLib::Error)

    location to place an error on failure

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (String)

    a new password string stored in nonpageable memory which must be freed with [funcpassword_free] when done

#password_lookup_sync(schema, cancellable, error, array) ⇒ String

Lookup a password in the secret service.

The variable argument list should contain pairs of a) The attribute name as a null-terminated string, followed by b) attribute value, either a character string, an int number, or a gboolean value, as defined in the password schema. The list of attributes should be terminated with a nil.

If no secret is found then nil is returned.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • error (GLib::Error)

    location to place an error on failure

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (String)

    a new password string which should be freed with [funcpassword_free] or may be freed with [funcGLib.free] when done

#password_lookupv(schema, attributes, cancellable, callback, user_data) ⇒ nil

Lookup a password in the secret service.

The attributes should be a set of key and value string pairs.

If no secret is found then nil is returned.

This method will return immediately and complete asynchronously.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • callback (Gio::AsyncReadyCallback)

    called when the operation completes

  • user_data (GObject)

    data to be passed to the callback

Returns:

  • (nil)

#password_lookupv_binary_sync(schema, attributes, cancellable) ⇒ Secret::Value

Lookup a password in the secret service.

This is similar to [funcpassword_lookupv_sync], but returns a [structValue] instead of a null-terminated password.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • cancellable (Gio::Cancellable)

    optional cancellation object

Returns:

  • (Secret::Value)

    a newly allocated [structValue], which should be released with [methodValue.unref], or nil if no secret found

#password_lookupv_nonpageable_sync(schema, attributes, cancellable) ⇒ String

Lookup a password in the secret service.

The attributes should be a set of key and value string pairs.

If no secret is found then nil is returned.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • cancellable (Gio::Cancellable)

    optional cancellation object

Returns:

  • (String)

    a new password string stored in non pageable memory which should be freed with [funcpassword_free] when done

#password_lookupv_sync(schema, attributes, cancellable) ⇒ String

Lookup a password in the secret service.

The attributes should be a set of key and value string pairs.

If no secret is found then nil is returned.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • cancellable (Gio::Cancellable)

    optional cancellation object

Returns:

  • (String)

    a new password string which should be freed with [funcpassword_free] or may be freed with [funcGLib.free] when done

#password_search(schema, flags, cancellable, callback, user_data, array) ⇒ nil

Search for items in the secret service.

The variable argument list should contain pairs of a) The attribute name as a null-terminated string, followed by b) attribute value, either a character string, an int number, or a gboolean value, as defined in the password schema. The list of attributes should be terminated with a nil.

This method will return immediately and complete asynchronously.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • flags (Secret::SearchFlags)

    search option flags

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • callback (Gio::AsyncReadyCallback)

    called when the operation completes

  • user_data (GObject)

    data to be passed to the callback

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (nil)

#password_search_finish(result) ⇒ GLib::List<Secret::Retrievable>

Finish an asynchronous operation to search for items in the secret service.

Parameters:

  • result (Gio::AsyncResult)

    the asynchronous result passed to the callback

Returns:

  • (GLib::List<Secret::Retrievable>)

    a list of [ifaceRetrievable] containing attributes of the matched items

#password_search_sync(schema, flags, cancellable, error, array) ⇒ GLib::List<Secret::Retrievable>

Search for items in the secret service.

The variable argument list should contain pairs of a) The attribute name as a null-terminated string, followed by b) attribute value, either a character string, an int number, or a gboolean value, as defined in the password schema. The list of attributes should be terminated with a nil.

If no secret is found then nil is returned.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for the attributes

  • flags (Secret::SearchFlags)

    search option flags

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • error (GLib::Error)

    location to place an error on failure

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (GLib::List<Secret::Retrievable>)

    a list of [ifaceRetrievable] containing attributes of the matched items

#password_searchv(schema, attributes, flags, cancellable, callback, user_data) ⇒ nil

Search for items in the secret service.

The attributes should be a set of key and value string pairs.

This method will return immediately and complete asynchronously.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • flags (Secret::SearchFlags)

    search option flags

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • callback (Gio::AsyncReadyCallback)

    called when the operation completes

  • user_data (GObject)

    data to be passed to the callback

Returns:

  • (nil)

#password_searchv_sync(schema, attributes, flags, cancellable) ⇒ GLib::List<Secret::Retrievable>

Search for items in the secret service.

The attributes should be a set of key and value string pairs.

If no secret is found then nil is returned.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • flags (Secret::SearchFlags)

    search option flags

  • cancellable (Gio::Cancellable)

    optional cancellation object

Returns:

  • (GLib::List<Secret::Retrievable>)

    a list of [ifaceRetrievable] containing attributes of the matched items

#password_store(schema, collection, label, password, cancellable, callback, user_data, array) ⇒ nil

Store a password in the secret service.

The variable argument list should contain pairs of a) The attribute name as a null-terminated string, followed by b) attribute value, either a character string, an int number, or a gboolean value, as defined in the schema. The list of attributes should be terminated with a nil.

If the attributes match a secret item already stored in the collection, then the item will be updated with these new values.

If collection is nil, then the default collection will be used. Use [constCOLLECTION_SESSION] to store the password in the session collection, which doesn't get stored across login sessions.

This method will return immediately and complete asynchronously.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • collection (String)

    a collection alias, or D-Bus object path of the collection where to store the secret

  • label (String)

    label for the secret

  • password (String)

    the null-terminated password to store

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • callback (Gio::AsyncReadyCallback)

    called when the operation completes

  • user_data (GObject)

    data to be passed to the callback

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (nil)

#password_store_binary(schema, collection, label, value, cancellable, callback, user_data, array) ⇒ nil

Store a password in the secret service.

This is similar to [funcpassword_store], but takes a [structValue] as the argument instead of a null-terminated password.

This method will return immediately and complete asynchronously.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • collection (String)

    a collection alias, or D-Bus object path of the collection where to store the secret

  • label (String)

    label for the secret

  • value (Secret::Value)

    a [structValue]

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • callback (Gio::AsyncReadyCallback)

    called when the operation completes

  • user_data (GObject)

    data to be passed to the callback

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (nil)

#password_store_binary_sync(schema, collection, label, value, cancellable, error, array) ⇒ Boolean

Store a password in the secret service.

This is similar to [funcpassword_store_sync], but takes a [structValue] as the argument instead of a null terminated password.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • collection (String)

    a collection alias, or D-Bus object path of the collection where to store the secret

  • label (String)

    label for the secret

  • value (Secret::Value)

    a [structValue]

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • error (GLib::Error)

    location to place an error on failure

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (Boolean)

    whether the storage was successful or not

#password_store_finish(result) ⇒ Boolean

Finish asynchronous operation to store a password in the secret service.

Parameters:

  • result (Gio::AsyncResult)

    the asynchronous result passed to the callback

Returns:

  • (Boolean)

    whether the storage was successful or not

#password_store_sync(schema, collection, label, password, cancellable, error, array) ⇒ Boolean

Store a password in the secret service.

The variable argument list should contain pairs of a) The attribute name as a null-terminated string, followed by b) attribute value, either a character string, an int number, or a gboolean value, as defined in the schema. The list of attributes should be terminated with a nil.

If the attributes match a secret item already stored in the collection, then the item will be updated with these new values.

If collection is nil, then the default collection will be used. Use [constCOLLECTION_SESSION] to store the password in the session collection, which doesn't get stored across login sessions.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • collection (String)

    a collection alias, or D-Bus object path of the collection where to store the secret

  • label (String)

    label for the secret

  • password (String)

    the null-terminated password to store

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • error (GLib::Error)

    location to place an error on failure

  • array (Array)

    the attribute keys and values, terminated with nil

Returns:

  • (Boolean)

    whether the storage was successful or not

#password_storev(schema, attributes, collection, label, password, cancellable, callback, user_data) ⇒ nil

Store a password in the secret service.

The attributes should be a set of key and value string pairs.

If the attributes match a secret item already stored in the collection, then the item will be updated with these new values.

If collection is nil, then the default collection will be used. Use [constCOLLECTION_SESSION] to store the password in the session collection, which doesn't get stored across login sessions.

This method will return immediately and complete asynchronously.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • collection (String)

    a collection alias, or D-Bus object path of the collection where to store the secret

  • label (String)

    label for the secret

  • password (String)

    the null-terminated password to store

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • callback (Gio::AsyncReadyCallback)

    called when the operation completes

  • user_data (GObject)

    data to be passed to the callback

Returns:

  • (nil)

#password_storev_binary(schema, attributes, collection, label, value, cancellable, callback, user_data) ⇒ nil

Store a password in the secret service.

This is similar to [funcpassword_storev], but takes a [structValue] as the argument instead of a null-terminated password.

This method will return immediately and complete asynchronously.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • collection (String)

    a collection alias, or D-Bus object path of the collection where to store the secret

  • label (String)

    label for the secret

  • value (Secret::Value)

    a [structValue]

  • cancellable (Gio::Cancellable)

    optional cancellation object

  • callback (Gio::AsyncReadyCallback)

    called when the operation completes

  • user_data (GObject)

    data to be passed to the callback

Returns:

  • (nil)

#password_storev_binary_sync(schema, attributes, collection, label, value, cancellable) ⇒ Boolean

Store a password in the secret service.

This is similar to [funcpassword_storev_sync], but takes a [structValue] as the argument instead of a null-terminated passwords.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • collection (String)

    a collection alias, or D-Bus object path of the collection where to store the secret

  • label (String)

    label for the secret

  • value (Secret::Value)

    a [structValue]

  • cancellable (Gio::Cancellable)

    optional cancellation object

Returns:

  • (Boolean)

    whether the storage was successful or not

#password_storev_sync(schema, attributes, collection, label, password, cancellable) ⇒ Boolean

Store a password in the secret service.

The attributes should be a set of key and value string pairs.

If the attributes match a secret item already stored in the collection, then the item will be updated with these new values.

If collection is nil, then the default collection will be used. Use [constCOLLECTION_SESSION] to store the password in the session collection, which doesn't get stored across login sessions.

This method may block indefinitely and should not be used in user interface threads.

Parameters:

  • schema (Secret::Schema)

    the schema for attributes

  • attributes (GLib::HashTable<String>)

    the attribute keys and values

  • collection (String)

    a collection alias, or D-Bus object path of the collection where to store the secret

  • label (String)

    label for the secret

  • password (String)

    the null-terminated password to store

  • cancellable (Gio::Cancellable)

    optional cancellation object

Returns:

  • (Boolean)

    whether the storage was successful or not

#password_wipe(password) ⇒ nil

Clear the memory used by a password.

Parameters:

  • password (String)

    password to clear

Returns:

  • (nil)