mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 10:18:54 +00:00
64876fffa3
The Keychain on Apple platforms, while secure, is not always available. It can be unavailable if the user has changed its permissions accidentally, the keychain database is corrupt, there is an issue with the secure enclave, or any number of other system-related or Apple account-related reasons. There are only two things we use the Keychain for: - Storing the `firezone-id`. This is actually not a secret. - Persisting the `token` upon sign in so that: - the iOS system can keep the tunnel alive without the GUI running - the macOS app can relaunch after `Disconnect & Quit` without having to sign in again For the first case, we move back to persisting this to a file (see #7464). For the second case, we simply don't care too much if the Keychain can't be saved to. We simply move on with activating the tunnel and logging the error so we know how often these edge cases occur.