Documentation
¶
Index ¶
Constants ¶
const ServiceName = "lore"
ServiceName is the keychain service label prefix for Lore credentials.
Variables ¶
var ErrKeychainNotAvailable = errors.New("credential: system keychain not available")
ErrKeychainNotAvailable signals that no system keychain is available.
var ErrNotFound = errors.New("credential: key not found")
ErrNotFound signals that the requested credential does not exist.
var KnownProviders = []string{"anthropic", "openai", "ollama"}
KnownProviders is the single source of truth for supported AI providers.
var ValidateProviderRe = regexp.MustCompile(`^[a-zA-Z0-9_-]+$`)
ValidateProviderRe matches valid provider name characters.
Functions ¶
func IsKnownProvider ¶
IsKnownProvider reports whether p is in the KnownProviders list.
func ValidateProvider ¶
ValidateProvider rejects provider names with special characters. Prevents injection into exec.Command arguments and keychain service names.
Types ¶
type CredentialStore ¶
type CredentialStore interface {
Set(provider string, secret []byte) error
Get(provider string) ([]byte, error)
Delete(provider string) error
List() ([]string, error)
}
CredentialStore abstracts OS-level credential storage.
func NewStore ¶
func NewStore() CredentialStore
NewStore returns a platform-appropriate CredentialStore. On macOS: uses security CLI (Keychain). On Linux: uses secret-tool CLI (secret-service/libsecret). On other platforms: returns a fallback that always returns ErrKeychainNotAvailable.
Source Files