我是Objective C和OS X开发的新手,所以如果有任何错误,请原谅。我在登录时使用授权插件包将令牌作为通用密码(即kSecClassGenericPassword存储在钥匙串中),并且我的授权机制在{db1}机制之后运行在AuthorizationDB XML中,并且我授予对可可应用程序的访问权限来访问该令牌登录后的令牌。稍后,我尝试使用我提供访问权限的那个可可应用程序来检索它,并尝试防止钥匙串密码提示。
为了防止出现密码提示,我在授权插件包中使用了以下代码
<string>loginwindow:done</string>然后我在可可应用程序应用程序中使用了SAM钥匙链包装器const char *userKeychainPath = "/Users/**username**/Library/Keychains/login.keychain-db";
const char *password = "**********";
const char *serviceName = "***.*****Token";
const char *accountName = "***.****";
SecKeychainItemRef item = nil;
SecKeychainRef userKeychain;
OSStatus err;
NSArray *trustedApplications=nil;
SecAccessRef access = nil;
SecTrustedApplicationRef myself, someOther;
NSString *desc = @"okta accesstoken";
OSStatus statusOne = SecKeychainOpen(userKeychainPath,&userKeychain);
OSStatus statusTwo = SecKeychainUnlock(userKeychain,(UInt32)strlen(password),password, true);
OSStatus statusThree = SecKeychainUnlock(userKeychain,(UInt32)strlen(password),password, true);
SecKeychainAttribute attrs[] = {
{ kSecAccountItemAttr,(UInt32)strlen(accountName), (char *)accountName },
{ kSecServiceItemAttr, (UInt32)strlen(serviceName), (char *)serviceName }
};
SecKeychainAttributeList attributes = { sizeof(attrs) / sizeof(attrs[0]),
attrs };
SecAccessRef access=nil;
NSArray *trustedApplications=nil;
SecTrustedApplicationRef myself, someOther;
err = SecTrustedApplicationCreateFromPath(NULL, &myself);
err = SecTrustedApplicationCreateFromPath("/Applications/ReadKeychainSample.app",
&someOther);
trustedApplications = [NSArray arrayWithObjects: (__bridge id)myself, (__bridge id)someOther, nil];
err = SecAccessCreate((CFStringRef)accessLabel,
(CFArrayRef)trustedApplications, &access);
err = SecKeychainItemCreateFromContent(
kSecGenericPasswordItemClass,
&attributes,
(UInt32)strlen(password),
password,
userKeychain, // use the default keychain
access,
&item);
加载了方法。 SAM钥匙串代码为here
如果我插入令牌并在钥匙串中手动提供对可可应用程序的访问,则能够防止钥匙串密码提示。但是,如果我使用授权包存储令牌,则无法阻止提示。
那么,如何防止系统提示输入密码?