Project

General

Profile

Developer Notes

How the service account key is handled

The app used to support a service account key which was stored in the file-system but it no longer allows user to put the key in the file-system. Instead, it now forces users to upload the key to secure storage. The app will also move the key into secure storage if the app is being upgraded from an old version in which the key was stored on the file-system.

Here are some notes:

  • Modular input code see get_secure_password(): which gets the password from secure storage (this call is within the run() function)
  • Setup screen: see handleKeyMigration() which force the migration to secure storage if upgrading from an old version of the app which includes a file-system based key
  • REST handler: see uploadServiceAccountKeyJSON() which puts the key in secure storage