use secretStorage to store oauth tokens

Author: burmudar

cmd/src/login.go

@@ -11,7 +11,6 @@ import (
 
 	"github.com/sourcegraph/src-cli/internal/api"
 	"github.com/sourcegraph/src-cli/internal/cmderrors"
-	"github.com/sourcegraph/src-cli/internal/keyring"
 	"github.com/sourcegraph/src-cli/internal/oauthdevice"
 )
 
@@ -126,11 +125,6 @@ func loginCmd(ctx context.Context, p loginParams) error {
 	noToken := cfg.AccessToken == ""
 	endpointConflict := endpointArg != cfg.Endpoint
 
-	secretStore, err := keyring.Open()
-	if err != nil {
-		printProblem(fmt.Sprintf("could not open keyring for secret storage: %s", err))
-	}
-
 	cfg.Endpoint = endpointArg
 
 	if p.useDeviceFlow {
@@ -141,7 +135,7 @@ func loginCmd(ctx context.Context, p loginParams) error {
 			return cmderrors.ExitCode1
 		}
 
-		if err := oauthdevice.StoreToken(secretStore, token); err != nil {
+		if err := oauthdevice.StoreToken(token); err != nil {
 			printProblem(fmt.Sprintf("Failed to store token in keyring store: %s", err))
 			return cmderrors.ExitCode1
 		}

cmd/src/main.go

@@ -15,7 +15,6 @@ import (
 	"github.com/sourcegraph/sourcegraph/lib/errors"
 
 	"github.com/sourcegraph/src-cli/internal/api"
-	"github.com/sourcegraph/src-cli/internal/keyring"
 	"github.com/sourcegraph/src-cli/internal/oauthdevice"
 )
 
@@ -133,13 +132,12 @@ func (c *config) apiClient(flags *api.Flags, out io.Writer) api.Client {
 		ProxyURL:          c.ProxyURL,
 		ProxyPath:         c.ProxyPath,
 	}
-	store, err := keyring.Open()
-	if err != nil {
-		panic("HALP")
-	}
 
-	if t, err := oauthdevice.LoadToken(store, c.Endpoint); err == nil {
-		opts.OAuthToken = t
+	// Only use OAuth if we do not have SRC_ACCESS_TOKEN set
+	if c.AccessToken == "" {
+		if t, err := oauthdevice.LoadToken(c.Endpoint); err == nil {
+			opts.OAuthToken = t
+		}
 	}
 
 	return api.NewClient(opts)

internal/oauthdevice/device_flow.go

@@ -13,7 +13,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/sourcegraph/src-cli/internal/keyring"
+	"github.com/sourcegraph/src-cli/internal/secrets"
 
 	"github.com/sourcegraph/sourcegraph/lib/errors"
 )
@@ -389,7 +389,11 @@ func (t *Token) ExpiringIn(d time.Duration) bool {
 	return future.After(t.ExpiresAt)
 }
 
-func StoreToken(store *keyring.Store, token *Token) error {
+func StoreToken(token *Token) error {
+	store, err := secrets.Store()
+	if err != nil {
+		return err
+	}
 	data, err := json.Marshal(token)
 	if err != nil {
 		return errors.Wrap(err, "failed to marshal token")
@@ -399,18 +403,23 @@ func StoreToken(store *keyring.Store, token *Token) error {
 		return errors.New("token endpoint cannot be empty when storing the token")
 	}
 
-	key := fmt.Sprintf("%s <%s>", KeyOAuth, token.Endpoint)
-	return store.Set(key, data)
+	key := fmt.Sprintf("oauth[%s]", token.Endpoint)
+	return store.Put(key, data)
 }
 
-func LoadToken(store *keyring.Store, endpoint string) (*Token, error) {
-	key := fmt.Sprintf("%s <%s>", KeyOAuth, endpoint)
-	var t Token
+func LoadToken(endpoint string) (*Token, error) {
+	store, err := secrets.Store()
+	if err != nil {
+		return nil, err
+	}
+
+	key := fmt.Sprintf("oauth[%s]", endpoint)
 	data, err := store.Get(key)
 	if err != nil {
-		return nil, errors.Wrap(err, "failed to get token from store")
+		return nil, err
 	}
 
+	var t Token
 	if err := json.Unmarshal(data, &t); err != nil {
 		return nil, errors.Wrap(err, "failed to unmarshall token")
 	}