Module keyring::credential
source · Expand description
Defines the credential model for each supported platform.
This crate has a very simple model of a keyring: it has any number of entries, each of which is identified by a <username, service> pair, has no other metadata, and has a UTF-8 string as its “password”. Furthermore, there is only one keyring.
This crate runs on several different platforms, each of which has its own secure storage system with its own model for what constitutes a “generic” secure credential: where it is stored, how it is identified, what metadata it has, and what kind of “password” it allows. These platform credentials provide the persistence for keyring entries.
In order to bridge the gap between the keyring entry model and each platform’s credential model, this crate uses a “credential mapper”: a function which maps from keyring entries to platform credentials. The inputs to a credential mapper are the platform, optional target specification, service, and username of the keyring entry; its output is a platform-specific “recipe” for identifying and annotating the platform credential which the crate will use for this entry.
This module provides a credential model for each supported platform, and a credential mapper which the crate uses by default. The default credential mapper can be “advised” by providing a suggested “target” when creating an entry: on Linux and Mac this target is interpreted as the collection/keychain to put the credential in; on Windows this target is taken literally as the “target name” of the credential.
Clients who want to use a different algorithm for mapping service/username pairs to platform credentials can also provide the specific credential spec they want to use when creating the entry.
See the top-level library documentation for more information about the platform-specific credential mapping. Or read the code here :).
Structs
Enums
Platform.