toto
commented
9 years ago Hi @sirnacnud looks very good. I always wanted to add this feature, but never found the time to do it. Now with extensions being so prevalent this seems like a good time
Closed sirnacnud closed 9 years ago
toto
commented
9 years ago Hi @sirnacnud looks very good. I always wanted to add this feature, but never found the time to do it. Now with extensions being so prevalent this seems like a good time
I added support to specify a keychain access group to the account store. This allows the accounts to be stored in the default keychain with a specified access group. I also added support to specify the service name for the accounts item in account store. With both these modifications, it allows an application extension to access the accounts from the default keychain that was stored by the application.
I also made the account store propagate the keychain access group to the oauth2client so the access token will be saved with the same keychain access group.
Keep in mind only the iOS keychain methods actually set the keychain access group. The OS X version of the methods have been updated to take the keychain access group parameter, but don't do anything with it. This is because the OS X versions are using an older keychain API that don't allow you to specify a keychain access group. I'm not for sure why they are using the older API, as I believe the API used in the iOS methods is supported on OS X.
Also something else to note, there was a parameter added to the oauth2client and as a configuration for the account store called keychaingroup a while back. This is actually the service name to use for the access token when stored by the oauth2client. The name is confusing, but I chose to leave it be for now.