A couple of months ago we introduced password related APIs that are currently being used by the built-in auth provider extensions. These APIs expose a first-class way for extensions to store sensitive information, instead of having to use a library like keytar themselves. The API currently looks like:
/**
* Retrieve a password that was stored with key. Returns undefined if there
* is no password matching that key.
* @param key The key the password was stored under.
*/
export function getPassword(key: string): Thenable<string | undefined>;
/**
* Store a password under a given key.
* @param key The key to store the password under
* @param value The password
*/
export function setPassword(key: string, value: string): Thenable<void>;
/**
* Remove a password from storage.
* @param key The key the password was stored under.
*/
export function deletePassword(key: string): Thenable<void>;
/**
* Fires when a password is set or deleted.
*/
export const onDidChangePassword: Event<void>;
Some suggestions that I plan to adopt are
- move to the extension context instead of the authentication namespace, as what's being stored is not necessarily auth info, and these APIs are similar to the storage APIs on context
- rename to secret instead of password, also to make it more generic
A couple of months ago we introduced password related APIs that are currently being used by the built-in auth provider extensions. These APIs expose a first-class way for extensions to store sensitive information, instead of having to use a library like
keytarthemselves. The API currently looks like:Some suggestions that I plan to adopt are