Match key to note

2025-11-04 09:20:56 +00:00 · 2021-11-07 17:19:24 -08:00 · 2021-11-07 17:19:24 -08:00 · e54b55c8bd
commit e54b55c8bd
parent 055fadd459
3 changed files with 39 additions and 10 deletions
--- a/SecretAgent/Notifier.swift
+++ b/SecretAgent/Notifier.swift
@ -15,10 +15,11 @@ class Notifier {
        let updateCategory = UNNotificationCategory(identifier: Constants.updateCategoryIdentitifier, actions: [updateAction, ignoreAction], intentIdentifiers: [], options: [])
        let criticalUpdateCategory = UNNotificationCategory(identifier: Constants.criticalUpdateCategoryIdentitifier, actions: [updateAction], intentIdentifiers: [], options: [])

-        let rawDurations = [Measurement(value: 1, unit: UnitDuration.minutes),
-                            Measurement(value: 5, unit: UnitDuration.minutes),
-                            Measurement(value: 1, unit: UnitDuration.hours),
-                            Measurement(value: 24, unit: UnitDuration.hours)
+        let rawDurations = [
+            Measurement(value: 1, unit: UnitDuration.minutes),
+            Measurement(value: 5, unit: UnitDuration.minutes),
+            Measurement(value: 1, unit: UnitDuration.hours),
+            Measurement(value: 24, unit: UnitDuration.hours)
        ]

        let doNotPersistAction = UNNotificationAction(identifier: Constants.doNotPersistActionIdentitifier, title: "Do Not Unlock", options: [])
@ -43,6 +44,12 @@ class Notifier {
        }
        UNUserNotificationCenter.current().setNotificationCategories([updateCategory, criticalUpdateCategory, persistAuthenticationCategory])
        UNUserNotificationCenter.current().delegate = notificationDelegate
+
+        notificationDelegate.persistAuthentication = { secret, store, duration in
+            guard let duration = duration else { return }
+            try? store.persistAuthentication(secret: secret, forDuration: duration)
+        }
+
    }

    func prompt() {
@ -51,14 +58,14 @@ class Notifier {
    }

    func notify(accessTo secret: AnySecret, from store: AnySecretStore, by provenance: SigningRequestProvenance, requiredAuthentication: Bool) {
-        notificationDelegate.persistAuthentication = { duration in
-            guard let duration = duration else { return }
-            try? store.persistAuthentication(secret: secret, forDuration: duration)
-        }
+        notificationDelegate.pendingPersistableSecrets[secret.id.description] = secret
+        notificationDelegate.pendingPersistableStores[store.id.description] = store
        let notificationCenter = UNUserNotificationCenter.current()
        let notificationContent = UNMutableNotificationContent()
        notificationContent.title = "Signed Request from \(provenance.origin.displayName)"
        notificationContent.subtitle = "Using secret \"\(secret.name)\""
+        notificationContent.userInfo[Constants.persistSecretIDKey] = secret.id.description
+        notificationContent.userInfo[Constants.persistStoreIDKey] = store.id.description
        if #available(macOS 12.0, *) {
            notificationContent.interruptionLevel = .timeSensitive
        }
@ -119,6 +126,9 @@ extension Notifier {
        static let persistAuthenticationCategoryIdentitifier  = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication"
        static let doNotPersistActionIdentitifier  = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.donotpersist"
        static let persistForActionIdentitifierPrefix  = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.persist."
+
+        static let persistSecretIDKey  = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.secretidkey"
+        static let persistStoreIDKey  = "com.maxgoedjen.Secretive.SecretAgent.persistauthentication.storeidkey"
    }

 }
@ -127,8 +137,10 @@ class NotificationDelegate: NSObject, UNUserNotificationCenterDelegate {

    fileprivate var release: Release?
    fileprivate var ignore: ((Release) -> Void)?
-    fileprivate var persistAuthentication: ((TimeInterval?) -> Void)?
+    fileprivate var persistAuthentication: ((AnySecret, AnySecretStore, TimeInterval?) -> Void)?
    fileprivate var persistOptions: [String: TimeInterval] = [:]
+    fileprivate var pendingPersistableStores: [String: AnySecretStore] = [:]
+    fileprivate var pendingPersistableSecrets: [String: AnySecret] = [:]

    func userNotificationCenter(_ center: UNUserNotificationCenter, openSettingsFor notification: UNNotification?) {

@ -161,7 +173,11 @@ class NotificationDelegate: NSObject, UNUserNotificationCenterDelegate {
    }

    func handlePersistAuthenticationResponse(response: UNNotificationResponse) {
-        persistAuthentication?(persistOptions[response.actionIdentifier])
+        guard let secretID = response.notification.request.content.userInfo[Notifier.Constants.persistSecretIDKey] as? String, let secret = pendingPersistableSecrets[secretID],
+              let storeID = response.notification.request.content.userInfo[Notifier.Constants.persistStoreIDKey] as? String, let store = pendingPersistableStores[storeID]
+        else { return }
+        pendingPersistableSecrets[secretID] = nil
+        persistAuthentication?(secret, store, persistOptions[response.actionIdentifier])
    }

    func userNotificationCenter(_ center: UNUserNotificationCenter, willPresent notification: UNNotification, withCompletionHandler completionHandler: @escaping (UNNotificationPresentationOptions) -> Void) {
--- a/SecretKit/Common/Types/AuthenticationContextPersistenceStore.swift
+++ b/SecretKit/Common/Types/AuthenticationContextPersistenceStore.swift
@ -0,0 +1,9 @@
+//
+//  AuthenticationContextPersistenceStore.swift
+//  SecretKit
+//
+//  Created by Max Goedjen on 11/7/21.
+//  Copyright © 2021 Max Goedjen. All rights reserved.
+//
+
+import Foundation
--- a/Secretive.xcodeproj/project.pbxproj
+++ b/Secretive.xcodeproj/project.pbxproj
@ -14,6 +14,7 @@
 		5018F54F24064786002EB505 /* Notifier.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5018F54E24064786002EB505 /* Notifier.swift */; };
 		501B7AE1251C56F700776EC7 /* SigningRequestProvenance.swift in Sources */ = {isa = PBXBuildFile; fileRef = 507CE4F32420A8C10029F750 /* SigningRequestProvenance.swift */; };
 		5035FF6E2737A2F4006FE1F6 /* SignedData.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5035FF6D2737A2F4006FE1F6 /* SignedData.swift */; };
+		5035FF742738AEA1006FE1F6 /* AuthenticationContextPersistenceStore.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5035FF732738AEA1006FE1F6 /* AuthenticationContextPersistenceStore.swift */; };
 		50524B442420969E008DBD97 /* OpenSSHWriterTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50524B432420969D008DBD97 /* OpenSSHWriterTests.swift */; };
 		50571E0324393C2600F76F6C /* JustUpdatedChecker.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50571E0224393C2600F76F6C /* JustUpdatedChecker.swift */; };
 		50571E0524393D1500F76F6C /* LaunchAgentController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 50571E0424393D1500F76F6C /* LaunchAgentController.swift */; };
@ -230,6 +231,7 @@
 		50153E21250DECA300525160 /* SecretListItemView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SecretListItemView.swift; sourceTree = "<group>"; };
 		5018F54E24064786002EB505 /* Notifier.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Notifier.swift; sourceTree = "<group>"; };
 		5035FF6D2737A2F4006FE1F6 /* SignedData.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SignedData.swift; sourceTree = "<group>"; };
+		5035FF732738AEA1006FE1F6 /* AuthenticationContextPersistenceStore.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AuthenticationContextPersistenceStore.swift; sourceTree = "<group>"; };
 		50524B432420969D008DBD97 /* OpenSSHWriterTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OpenSSHWriterTests.swift; sourceTree = "<group>"; };
 		50571E0224393C2600F76F6C /* JustUpdatedChecker.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = JustUpdatedChecker.swift; sourceTree = "<group>"; };
 		50571E0424393D1500F76F6C /* LaunchAgentController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LaunchAgentController.swift; sourceTree = "<group>"; };
@ -397,6 +399,7 @@
 				50617DCA23FCECA10099B055 /* Secret.swift */,
 				50617DC623FCE4EA0099B055 /* SecretStore.swift */,
 				5035FF6D2737A2F4006FE1F6 /* SignedData.swift */,
+				5035FF732738AEA1006FE1F6 /* AuthenticationContextPersistenceStore.swift */,
 			);
 			path = Types;
 			sourceTree = "<group>";
@ -1057,6 +1060,7 @@
 				506838A32415EA5D00F55094 /* AnySecretStore.swift in Sources */,
 				50617DCE23FCECFA0099B055 /* SecureEnclaveSecret.swift in Sources */,
 				50617DD023FCED2C0099B055 /* SecureEnclave.swift in Sources */,
+				5035FF742738AEA1006FE1F6 /* AuthenticationContextPersistenceStore.swift in Sources */,
 				5068389E241471CD00F55094 /* SecretStoreList.swift in Sources */,
 				506838A12415EA5600F55094 /* AnySecret.swift in Sources */,
 				5099A02923FE35240062B6F2 /* SmartCardStore.swift in Sources */,