Skip to content

Commit 35bf7b9

Browse files
fix: address lint issues in keychain checks
1 parent b13f4c8 commit 35bf7b9

3 files changed

Lines changed: 14 additions & 11 deletions

File tree

internal/cmd/auth.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -266,8 +266,8 @@ func (c *AuthTokensImportCmd) Run(ctx context.Context) error {
266266
}
267267

268268
// Pre-flight: ensure keychain is accessible before storing token
269-
if err := ensureKeychainAccess(); err != nil {
270-
return fmt.Errorf("keychain access: %w", err)
269+
if keychainErr := ensureKeychainAccess(); keychainErr != nil {
270+
return fmt.Errorf("keychain access: %w", keychainErr)
271271
}
272272

273273
store, err := openSecretsStore()
@@ -334,8 +334,8 @@ func (c *AuthAddCmd) Run(ctx context.Context) error {
334334
}
335335

336336
// Pre-flight: ensure keychain is accessible before starting OAuth
337-
if err := ensureKeychainAccess(); err != nil {
338-
return fmt.Errorf("keychain access: %w", err)
337+
if keychainErr := ensureKeychainAccess(); keychainErr != nil {
338+
return fmt.Errorf("keychain access: %w", keychainErr)
339339
}
340340

341341
refreshToken, err := authorizeGoogle(ctx, googleauth.AuthorizeOptions{

internal/googleauth/accounts_server.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -294,7 +294,7 @@ func (ms *ManageServer) handleOAuthCallback(w http.ResponseWriter, r *http.Reque
294294
}
295295

296296
// Pre-flight: ensure keychain is accessible before storing token
297-
if err := secrets.EnsureKeychainAccess(); err != nil {
297+
if err := secrets.EnsureKeychainAccess(); err != nil { //nolint:contextcheck // keychain ops don't use context
298298
w.WriteHeader(http.StatusInternalServerError)
299299
renderErrorPage(w, "Keychain is locked: "+err.Error())
300300

internal/secrets/store.go

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -37,13 +37,16 @@ type Token struct {
3737
RefreshToken string `json:"-"`
3838
}
3939

40-
const keyringPasswordEnv = "GOG_KEYRING_PASSWORD" //nolint:gosec // env var name, not a credential
41-
const keyringBackendEnv = "GOG_KEYRING_BACKEND" //nolint:gosec // env var name, not a credential
40+
const (
41+
keyringPasswordEnv = "GOG_KEYRING_PASSWORD" //nolint:gosec // env var name, not a credential
42+
keyringBackendEnv = "GOG_KEYRING_BACKEND" //nolint:gosec // env var name, not a credential
43+
)
4244

4345
var (
44-
errMissingEmail = errors.New("missing email")
45-
errMissingRefreshToken = errors.New("missing refresh token")
46-
errNoTTY = errors.New("no TTY available for keyring file backend password prompt")
46+
errMissingEmail = errors.New("missing email")
47+
errMissingRefreshToken = errors.New("missing refresh token")
48+
errNoTTY = errors.New("no TTY available for keyring file backend password prompt")
49+
errInvalidKeyringBackend = errors.New("invalid keyring backend")
4750
)
4851

4952
func allowedBackendsFromEnv() ([]keyring.BackendType, error) {
@@ -55,7 +58,7 @@ func allowedBackendsFromEnv() ([]keyring.BackendType, error) {
5558
case "file":
5659
return []keyring.BackendType{keyring.FileBackend}, nil
5760
default:
58-
return nil, fmt.Errorf("invalid %s (expected auto, keychain, or file)", keyringBackendEnv)
61+
return nil, fmt.Errorf("%w: %s (expected auto, keychain, or file)", errInvalidKeyringBackend, keyringBackendEnv)
5962
}
6063
}
6164

0 commit comments

Comments
 (0)