search

jrendel / SwiftKeychainWrapper

A simple wrapper for the iOS Keychain to allow you to use it in a similar fashion to User Defaults. Written in Swift.
MIT License
1.59k stars 340 forks source link

Shared keychain doesn't work in 1.0.11 #56

Closed peterprokop closed 8 years ago

peterprokop commented 8 years ago

Also, it's very inconvenient that accessGroup is a class property - what if you need to access several keychains (for several access groups)?

When used:

KeychainWrapper.accessGroup = "..."
let c1 = KeychainWrapper.dataForKey("CustomerToken")

nil is stored in c1

But when I use

    func getFromKeychain(itemKey: String) -> NSData? {
        let keychainAccessGroupName = "..."

        let queryLoad: [String: AnyObject] = [
            kSecClass as String: kSecClassGenericPassword,
            kSecAttrAccount as String: itemKey,
            kSecReturnData as String: kCFBooleanTrue,
            kSecMatchLimit as String: kSecMatchLimitOne,
            kSecAttrAccessGroup as String: keychainAccessGroupName
        ]

        var result: AnyObject?

        let resultCodeLoad = withUnsafeMutablePointer(&result) {
            SecItemCopyMatching(queryLoad, UnsafeMutablePointer($0))
        }

        if resultCodeLoad == noErr {
            if let result = result as? NSData {                
                return result
            }
        } else {
            print("Error loading from Keychain: \(resultCodeLoad)")
        }

        return nil
    }

Correct data is returned from method.

jrendel commented 8 years ago

Also, it's very inconvenient that accessGroup is a class property - what if you need to access several keychains (for several access groups)?

This has been addressed in the 2.0 version of the library (the latest on cocapods). I am moving away from the wrapper being fully static and instead paralleling how NSUserDefaults works: providing a shared instance for basic usage and the ability to create your own instance of the wrapper for additional customization. When you create an instance of the wrapper, you are able to give that instance its own access group. This will allow you to access several keychains or access groups as you've said.

As for the error of the access group not actually even working properly when set, I'll double check that in the current code and see if there is still an issue.

peterprokop commented 8 years ago

@jrendel Jason, I've checked v2.0.0 and it looks like keychain groups work properly in that version. Thank you for your time.