Add Distinguishing Data in Secret Attributes
Use cases
Using version 43.0, if a password is successfully added, a secret is created that has a label which shows in the UI, but its attribute key/value pairs have no real distinguishable information. This causes a problem if we are trying to lookup a secret's password with libsecret
, because, to my knowledge, its API only exposes the ability to lookup secrets with attributes.
Even though it is possible to iterate through all the secrets (as Retrievables), and check each one, this is cumbersome, and could possibly be avoided.
Desired behavior
Right now, the attribute pairs in D-Bus show as this:
{
'xdg:schema': 'org.gnome.keyring.Note'
}
Can we add the label/description in there as well, so it becomes this?
{
'xdg:schema': 'org.gnome.keyring.Note',
'description': 'My Password'
}
Hell it would be even nicer if some unique identifier could be generated on-the-fly, in case we have multiple secrets with the same label name.
{
'xdg:schema': 'org.gnome.keyring.Note',
'description': 'My Password',
'id: '7b997d3c-01d3-4b27-85d9-dc24fa16ef40'
}
Benefits of the solution
The should allow libsecret
consumers to identify a secret created with GNOME Passwords and Secrets without having to iterate through all secrets with a similar schema.
Possible drawbacks
It makes the attributes more verbose. Implementing this here misses the opportunity to encourage libsecret
to implement more robust lookups.