Authenticate with secure storage service (#402)

* Split secure key into use case

Allows us to push authentication for key access as late as possible.

* Do not reload if biometric locked

* Linter fixes

* Fix key upgrade scenario

* Fix boolean value message parsing

* Handle systems which don't support biometrics

* Do not fail key retrieval on secret upgrade

* Ensure old key is removed regardless of upgrade success

* Log errors

electron/src/services/electronRendererSecureStorage.service.ts

@@ -1,29 +1,41 @@
 import { ipcRenderer } from 'electron';
 
-import { StorageService } from 'jslib-common/abstractions/storage.service';
+import { StorageService, StorageServiceOptions } from 'jslib-common/abstractions/storage.service';
 
 export class ElectronRendererSecureStorageService implements StorageService {
-    async get<T>(key: string): Promise<T> {
+    async get<T>(key: string, options?: StorageServiceOptions): Promise<T> {
         const val = ipcRenderer.sendSync('keytar', {
             action: 'getPassword',
             key: key,
+            keySuffix: options?.keySuffix ?? '',
         });
         return Promise.resolve(val != null ? JSON.parse(val) as T : null);
     }
 
-    async save(key: string, obj: any): Promise<any> {
+    async has(key: string, options?: StorageServiceOptions): Promise<boolean> {
+        const val = ipcRenderer.sendSync('keytar', {
+            action: 'hasPassword',
+            key: key,
+            keySuffix: options?.keySuffix ?? '',
+        });
+        return Promise.resolve(!!val);
+    }
+
+    async save(key: string, obj: any, options?: StorageServiceOptions): Promise<any> {
         ipcRenderer.sendSync('keytar', {
             action: 'setPassword',
             key: key,
+            keySuffix: options?.keySuffix ?? '',
             value: JSON.stringify(obj),
         });
         return Promise.resolve();
     }
 
-    async remove(key: string): Promise<any> {
+    async remove(key: string, options?: StorageServiceOptions): Promise<any> {
         ipcRenderer.sendSync('keytar', {
             action: 'deletePassword',
             key: key,
+            keySuffix: options?.keySuffix ?? '',
         });
         return Promise.resolve();
     }

electron/src/services/electronRendererStorage.service.ts

@@ -10,6 +10,13 @@ export class ElectronRendererStorageService implements StorageService {
         });
     }
 
+    has(key: string): Promise<boolean> {
+        return ipcRenderer.invoke('storageService', {
+            action: 'has',
+            key: key,
+        });
+    }
+
     save(key: string, obj: any): Promise<any> {
         return ipcRenderer.invoke('storageService', {
             action: 'save',

electron/src/services/electronStorage.service.ts

@@ -25,6 +25,8 @@ export class ElectronStorageService implements StorageService {
             switch (options.action) {
                 case 'get':
                     return this.get(options.key);
+                case 'has':
+                    return this.has(options.key);
                 case 'save':
                     return this.save(options.key, options.obj);
                 case 'remove':
@@ -38,6 +40,11 @@ export class ElectronStorageService implements StorageService {
         return Promise.resolve(val != null ? val : null);
     }
 
+    has(key: string): Promise<boolean> {
+        const val = this.store.get(key);
+        return Promise.resolve(val != null);
+    }
+
     save(key: string, obj: any): Promise<any> {
         if (obj instanceof Set) {
             obj = Array.from(obj);