From a65984883d2a9f46b6990d790e798e3ff8978ed6 Mon Sep 17 00:00:00 2001 From: Harsh <6162866+harsh62@users.noreply.github.com> Date: Thu, 9 Nov 2023 20:10:34 -0500 Subject: [PATCH] fix: refactor keychain errors (#3354) * fix: refactor keychain errors * fix: debug dictionary not properly formatted. * making keychain store error as Auth convertible * Update AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/RefreshSessionState+Debug.swift Co-authored-by: Ian Saultz <52051793+atierian@users.noreply.github.com> * worked on review comment * worked on comments to narrow the keychain status list --------- Co-authored-by: Ian Saultz <52051793+atierian@users.noreply.github.com> --- .../States/DebugInfo/AuthState+Debug.swift | 3 +- .../DebugInfo/AuthenticationState+Debug.swift | 2 +- .../DebugInfo/AuthorizationState+Debug.swift | 2 +- .../CredentialStoreState+Debug.swift | 46 +++++++++------- .../DebugInfo/CustomSignInState+Debug.swift | 4 +- .../DebugInfo/DeleteUserState+Debug.swift | 2 +- .../DebugInfo/DeviceSRPState+Debug.swift | 4 +- .../FetchAuthSessionState+Debug.swift | 4 +- .../DebugInfo/HostedUISignInState+Debug.swift | 2 +- .../DebugInfo/MigrateSignInState+Debug.swift | 4 +- .../DebugInfo/RefreshSessionState+Debug.swift | 4 +- .../DebugInfo/SRPSignInState+Debug.swift | 4 +- .../SignInChallengeState+Debug.swift | 11 ++-- .../States/DebugInfo/SignInState+Debug.swift | 14 +++-- .../SignInTOTPSetupState+Debug.swift | 14 ++--- .../States/DebugInfo/SignOutState+Debug.swift | 4 +- .../KeychainStoreError+AuthConvertible.swift | 30 +++++++++++ .../Keychain/KeychainStatus.swift | 54 +++++++++++++++++++ .../Keychain/KeychainStoreError.swift | 23 +++++++- 19 files changed, 174 insertions(+), 57 deletions(-) create mode 100644 AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/ErrorMapping/KeychainStoreError+AuthConvertible.swift create mode 100644 AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStatus.swift diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthState+Debug.swift index 0bb1789d82..56a8c92f92 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthState+Debug.swift @@ -11,7 +11,7 @@ extension AuthState: CustomDebugStringConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .notConfigured: @@ -36,6 +36,5 @@ extension AuthState: CustomDebugStringConvertible { var debugDescription: String { return (debugDictionary as AnyObject).description - } } diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthenticationState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthenticationState+Debug.swift index 9e72588f35..451f8e36b5 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthenticationState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthenticationState+Debug.swift @@ -8,7 +8,7 @@ extension AuthenticationState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .notConfigured: additionalMetadataDictionary = [:] diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthorizationState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthorizationState+Debug.swift index 3b93ef7e89..d66207a120 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthorizationState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/AuthorizationState+Debug.swift @@ -9,7 +9,7 @@ import Foundation extension AuthorizationState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .notConfigured, diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/CredentialStoreState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/CredentialStoreState+Debug.swift index 8554aa4106..b12c8ec64f 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/CredentialStoreState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/CredentialStoreState+Debug.swift @@ -7,31 +7,37 @@ import Foundation -extension CredentialStoreState { +extension CredentialStoreState: CustomDebugStringConvertible { var debugDictionary: [String: Any] { - let stateTypeDictionary: [String: Any] = ["CredentialStoreState": type] - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { - case .notConfigured: - additionalMetadataDictionary = [:] - case .migratingLegacyStore: - additionalMetadataDictionary = [:] - case .loadingStoredCredentials: - additionalMetadataDictionary = [:] - case .clearingCredentials: + case .notConfigured, + .migratingLegacyStore, + .loadingStoredCredentials, + .storingCredentials, + .clearingCredentials, + .idle: additionalMetadataDictionary = [:] case .clearedCredential(let dataType): - additionalMetadataDictionary = ["StoreDataType": dataType] - case .storingCredentials: - additionalMetadataDictionary = [:] - case .success: - additionalMetadataDictionary = [:] - case .error: - additionalMetadataDictionary = [:] - case .idle: - additionalMetadataDictionary = [:] + additionalMetadataDictionary = [ + "clearedDataType": dataType + ] + case .success(let data): + additionalMetadataDictionary = [ + "savedData": data + ] + case .error(let error): + additionalMetadataDictionary = [ + "errorType": error + ] } - return stateTypeDictionary.merging(additionalMetadataDictionary, uniquingKeysWith: { $1 }) + return [type: additionalMetadataDictionary] } + + + var debugDescription: String { + return (debugDictionary as AnyObject).description + } + } diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/CustomSignInState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/CustomSignInState+Debug.swift index dc86bab26a..316bf2daa2 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/CustomSignInState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/CustomSignInState+Debug.swift @@ -7,11 +7,11 @@ import Foundation -extension CustomSignInState { +extension CustomSignInState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .notStarted: additionalMetadataDictionary = [:] diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/DeleteUserState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/DeleteUserState+Debug.swift index f5c7ad7af8..f2a0c1dc88 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/DeleteUserState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/DeleteUserState+Debug.swift @@ -8,7 +8,7 @@ extension DeleteUserState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .notStarted: additionalMetadataDictionary = [:] diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/DeviceSRPState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/DeviceSRPState+Debug.swift index eeb8699110..3b0e80913d 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/DeviceSRPState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/DeviceSRPState+Debug.swift @@ -7,11 +7,11 @@ import Foundation -extension DeviceSRPState { +extension DeviceSRPState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .notStarted: additionalMetadataDictionary = [:] diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/FetchAuthSessionState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/FetchAuthSessionState+Debug.swift index af0f0c1ccc..57c7f9646a 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/FetchAuthSessionState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/FetchAuthSessionState+Debug.swift @@ -7,10 +7,10 @@ import Foundation -extension FetchAuthSessionState { +extension FetchAuthSessionState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .notStarted: additionalMetadataDictionary = [:] diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/HostedUISignInState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/HostedUISignInState+Debug.swift index b06aa7cde7..82b14798f7 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/HostedUISignInState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/HostedUISignInState+Debug.swift @@ -8,7 +8,7 @@ extension HostedUISignInState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .notStarted: additionalMetadataDictionary = [:] diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/MigrateSignInState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/MigrateSignInState+Debug.swift index 24e058e53e..0b7571271b 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/MigrateSignInState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/MigrateSignInState+Debug.swift @@ -7,11 +7,11 @@ import Foundation -extension MigrateSignInState { +extension MigrateSignInState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/RefreshSessionState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/RefreshSessionState+Debug.swift index 6535b4e507..fedc330c46 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/RefreshSessionState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/RefreshSessionState+Debug.swift @@ -7,10 +7,10 @@ import Foundation -extension RefreshSessionState { +extension RefreshSessionState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .fetchingAuthSessionWithUserPool(let state, _): additionalMetadataDictionary = ["fetchingSession": state.debugDictionary] diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SRPSignInState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SRPSignInState+Debug.swift index 4824450a94..f61b26644b 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SRPSignInState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SRPSignInState+Debug.swift @@ -7,11 +7,11 @@ import Foundation -extension SRPSignInState { +extension SRPSignInState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .notStarted: additionalMetadataDictionary = [:] diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInChallengeState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInChallengeState+Debug.swift index 287bea12e0..7ded00a585 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInChallengeState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInChallengeState+Debug.swift @@ -7,18 +7,21 @@ import Foundation -extension SignInChallengeState { +extension SignInChallengeState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .waitingForAnswer(let respondAuthChallenge, _), .verifying(let respondAuthChallenge, _, _): additionalMetadataDictionary = respondAuthChallenge.debugDictionary case .error(let respondAuthChallenge, _, let error): - additionalMetadataDictionary = respondAuthChallenge.debugDictionary - additionalMetadataDictionary["error"] = error + additionalMetadataDictionary = respondAuthChallenge.debugDictionary.merging( + [ + "error": error + ], + uniquingKeysWith: {$1}) default: additionalMetadataDictionary = [:] } return [type: additionalMetadataDictionary] diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInState+Debug.swift index 63e91680db..51d86499fe 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInState+Debug.swift @@ -7,11 +7,11 @@ import Foundation -extension SignInState { +extension SignInState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { @@ -22,9 +22,13 @@ extension SignInState { case .signingInWithHostedUI(let substate): additionalMetadataDictionary = substate.debugDictionary case .resolvingChallenge(let challengeState, let challengeType, let signInMethod): - additionalMetadataDictionary = challengeState.debugDictionary - additionalMetadataDictionary["challengeType"] = challengeType - additionalMetadataDictionary["signInMethod"] = signInMethod + + additionalMetadataDictionary = challengeState.debugDictionary.merging( + [ + "challengeType": challengeType, + "signInMethod": signInMethod + ], + uniquingKeysWith: {$1}) case .notStarted: additionalMetadataDictionary = [:] diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInTOTPSetupState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInTOTPSetupState+Debug.swift index e071f9a646..53b796378f 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInTOTPSetupState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignInTOTPSetupState+Debug.swift @@ -7,20 +7,22 @@ import Foundation -extension SignInTOTPSetupState { +extension SignInTOTPSetupState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .waitingForAnswer(let signInTOTPSetupData): additionalMetadataDictionary = signInTOTPSetupData.debugDictionary case .verifying(let signInSetupData, let confirmSignInEventData): - additionalMetadataDictionary = confirmSignInEventData.debugDictionary - additionalMetadataDictionary = additionalMetadataDictionary.merging( + additionalMetadataDictionary = confirmSignInEventData.debugDictionary.merging( signInSetupData.debugDictionary, uniquingKeysWith: {$1}) - case .error(let error): - additionalMetadataDictionary["error"] = error + case .error(let data, let error): + additionalMetadataDictionary = [ + "totpSetupData": data ?? "Nil", + "error": error + ] default: additionalMetadataDictionary = [:] } return [type: additionalMetadataDictionary] diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignOutState+Debug.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignOutState+Debug.swift index e97301f625..f8805e88c5 100644 --- a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignOutState+Debug.swift +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/CodeGen/States/DebugInfo/SignOutState+Debug.swift @@ -7,11 +7,11 @@ import Foundation -extension SignOutState { +extension SignOutState: CustomDebugDictionaryConvertible { var debugDictionary: [String: Any] { - var additionalMetadataDictionary: [String: Any] = [:] + let additionalMetadataDictionary: [String: Any] switch self { case .error(let error): diff --git a/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/ErrorMapping/KeychainStoreError+AuthConvertible.swift b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/ErrorMapping/KeychainStoreError+AuthConvertible.swift new file mode 100644 index 0000000000..1a37569191 --- /dev/null +++ b/AmplifyPlugins/Auth/Sources/AWSCognitoAuthPlugin/StateMachine/ErrorMapping/KeychainStoreError+AuthConvertible.swift @@ -0,0 +1,30 @@ +// +// Copyright Amazon.com Inc. or its affiliates. +// All Rights Reserved. +// +// SPDX-License-Identifier: Apache-2.0 +// + +import Foundation +import AWSPluginsCore +import Amplify + +extension KeychainStoreError: AuthErrorConvertible { + + var authError: AuthError { + switch self { + case .configuration(let message): + return .configuration(message, self.recoverySuggestion) + case .unknown(let errorDescription, let error): + return .unknown(errorDescription, error) + case .conversionError(let errorDescription, let error): + return .configuration(errorDescription, self.recoverySuggestion, error) + case .codingError(let errorDescription, let error): + return .configuration(errorDescription, self.recoverySuggestion, error) + case .itemNotFound: + return .service(self.errorDescription, self.recoverySuggestion) + case .securityError: + return .service(self.errorDescription, self.recoverySuggestion) + } + } +} diff --git a/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStatus.swift b/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStatus.swift new file mode 100644 index 0000000000..ee6c00b1e0 --- /dev/null +++ b/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStatus.swift @@ -0,0 +1,54 @@ +// +// Copyright Amazon.com Inc. or its affiliates. +// All Rights Reserved. +// +// SPDX-License-Identifier: Apache-2.0 +// + +import Foundation + +enum KeychainStatus { + case success + case userCanceled + case duplicateItem + case itemNotFound + case missingEntitlement + case unexpectedError(OSStatus) +} + +extension KeychainStatus: CustomStringConvertible { + + init(status: OSStatus) { + switch status { + case 0: + self = .success + case -128: + self = .userCanceled + case -25299: + self = .duplicateItem + case -25300: + self = .itemNotFound + case -34018: + self = .missingEntitlement + default: + self = .unexpectedError(status) + } + } + + var description: String { + switch self { + case .success: + return "No error." + case .userCanceled: + return "User canceled the operation." + case .duplicateItem: + return "The specified item already exists in the keychain." + case .itemNotFound: + return "The specified item could not be found in the keychain." + case .missingEntitlement: + return "Internal error when a required entitlement isn't present, client has neither application-identifier nor keychain-access-groups entitlements." + case .unexpectedError(let status): + return "Unexpected error has occurred with status: \(status)." + } + } +} diff --git a/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift b/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift index 12ab43a1d7..c288ec0b38 100644 --- a/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift +++ b/AmplifyPlugins/Core/AWSPluginsCore/Keychain/KeychainStoreError.swift @@ -52,7 +52,8 @@ extension KeychainStoreError: AmplifyError { case .conversionError(let errorDescription, _), .codingError(let errorDescription, _): return errorDescription case .securityError(let status): - return "Keychain error occurred with status: \(status)" + let keychainStatus = KeychainStatus(status: status) + return keychainStatus.description case .unknown(let errorDescription, _): return "Unexpected error occurred with message: \(errorDescription)" case .itemNotFound: @@ -65,7 +66,25 @@ extension KeychainStoreError: AmplifyError { /// Recovery Suggestion public var recoverySuggestion: RecoverySuggestion { switch self { - case .unknown, .conversionError, .securityError, .itemNotFound, .codingError, .configuration: + case .itemNotFound: + // If a keychain item is not found, there is no recovery suggestion to suggest + return "" + case .securityError(let status): + let keychainStatus = KeychainStatus(status: status) +#if os(macOS) + // If its Missing entitlement error on macOS + guard case .missingEntitlement = keychainStatus else { + return AmplifyErrorMessages.shouldNotHappenReportBugToAWS() + } + return """ + To use Auth in a macOS project, you'll need to enable the Keychain Sharing capability. + This capability is required because Auth uses the Data Protection Keychain on macOS as a platform best practice. See TN3137: macOS keychain APIs and implementations for more information on how Keychain works on macOS and the Keychain Sharing entitlement. + For more information on adding capabilities to your application, see Xcode Capabilities. + """ +#else + return AmplifyErrorMessages.shouldNotHappenReportBugToAWS() +#endif + case .unknown, .conversionError, .codingError, .configuration: return AmplifyErrorMessages.shouldNotHappenReportBugToAWS() } }