Add getPassword, setPassword, and deletePassword APIs, #95475

Co-authored-by: SteVen Batten <sbatten@microsoft.com>
2026-04-25 19:18:59 +01:00 · 2020-10-06 14:57:16 -07:00
parent 1a9e0af641
commit dafce599a6
19 changed files with 279 additions and 40 deletions
--- a/src/vs/workbench/api/browser/mainThreadAuthentication.ts
+++ b/src/vs/workbench/api/browser/mainThreadAuthentication.ts
@@ -19,6 +19,9 @@ import { IRemoteAgentService } from 'vs/workbench/services/remote/common/remoteA
 import { fromNow } from 'vs/base/common/date';
 import { ActivationKind, IExtensionService } from 'vs/workbench/services/extensions/common/extensions';
 import { isWeb } from 'vs/base/common/platform';
+import { IEncryptionService } from 'vs/workbench/services/encryption/common/encryptionService';
+import { IProductService } from 'vs/platform/product/common/productService';
+import { ICredentialsService } from 'vs/workbench/services/credentials/common/credentials';

 const VSO_ALLOWED_EXTENSIONS = ['github.vscode-pull-request-github', 'github.vscode-pull-request-github-insiders', 'vscode.git', 'ms-vsonline.vsonline', 'vscode.github-browser', 'ms-vscode.github-browser'];

@@ -220,7 +223,10 @@ export class MainThreadAuthentication extends Disposable implements MainThreadAu
 		@IStorageKeysSyncRegistryService private readonly storageKeysSyncRegistryService: IStorageKeysSyncRegistryService,
 		@IRemoteAgentService private readonly remoteAgentService: IRemoteAgentService,
 		@IQuickInputService private readonly quickInputService: IQuickInputService,
-		@IExtensionService private readonly extensionService: IExtensionService
+		@IExtensionService private readonly extensionService: IExtensionService,
+		@ICredentialsService private readonly credentialsService: ICredentialsService,
+		@IEncryptionService private readonly encryptionService: IEncryptionService,
+		@IProductService private readonly productService: IProductService
 	) {
 		super();
 		this._proxy = extHostContext.getProxy(ExtHostContext.ExtHostAuthentication);
@@ -453,4 +459,46 @@ export class MainThreadAuthentication extends Disposable implements MainThreadAu

 		this.storageService.store(`${extensionName}-${providerId}`, sessionId, StorageScope.GLOBAL);
 	}
+
+	private getFullKey(extensionId: string): string {
+		return `${this.productService.urlProtocol}${extensionId}`;
+	}
+
+	async $getPassword(extensionId: string, key: string): Promise<string | undefined> {
+		const fullKey = this.getFullKey(extensionId);
+		const password = await this.credentialsService.getPassword(fullKey, key);
+		const decrypted = password && await this.encryptionService.decrypt(password);
+
+		if (decrypted) {
+			try {
+				const value = JSON.parse(decrypted);
+				if (value.extensionId === extensionId) {
+					return value.content;
+				}
+			} catch (_) {
+				throw new Error('Cannot get password');
+			}
+		}
+
+		return undefined;
+	}
+
+	async $setPassword(extensionId: string, key: string, value: string): Promise<void> {
+		const fullKey = this.getFullKey(extensionId);
+		const toEncrypt = JSON.stringify({
+			extensionId,
+			content: value
+		});
+		const encrypted = await this.encryptionService.encrypt(toEncrypt);
+		return this.credentialsService.setPassword(fullKey, key, encrypted);
+	}
+
+	async $deletePassword(extensionId: string, key: string): Promise<void> {
+		try {
+			const fullKey = this.getFullKey(extensionId);
+			await this.credentialsService.deletePassword(fullKey, key);
+		} catch (_) {
+			throw new Error('Cannot delete password');
+		}
+	}
 }