✨ :: [#84] JwtStore / 키체인 AccessGroup으로 인앱과 extension의 키체인 공유

Team-Ampersand · Aug 7, 2023 · 67ba5f7 · 67ba5f7
1 parent f009a23
commit 67ba5f7
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 3 deletions.
diff --git a/Projects/App/Support/Dotori.entitlements b/Projects/App/Support/Dotori.entitlements
@@ -6,5 +6,9 @@
 	<array>
 		<string>group.msg.dotori</string>
 	</array>
+	<key>keychain-access-groups</key>
+	<array>
+		<string>$(AppIdentifierPrefix)com.msg.Dotori.keychain-group</string>
+	</array>
 </dict>
 </plist>
diff --git a/Projects/Core/JwtStore/Sources/KeychainJwtStore.swift b/Projects/Core/JwtStore/Sources/KeychainJwtStore.swift
@@ -2,11 +2,17 @@ import Foundation
 import JwtStoreInterface
 
 final class KeychainJwtStore: JwtStore {
+    private let appIdentifierPrefix = Bundle.main.infoDictionary!["AppIdentifierPrefix"] as? String ?? ""
+    private var accessGroup: String {
+        "\(appIdentifierPrefix)com.msg.Dotori.keychain-group"
+    }
+
     func save(property: JwtStoreProperties, value: String) {
         let query: NSDictionary = [
             kSecClass: kSecClassGenericPassword,
             kSecAttrAccount: property.rawValue,
-            kSecValueData: value.data(using: .utf8, allowLossyConversion: false) ?? .init()
+            kSecValueData: value.data(using: .utf8, allowLossyConversion: false) ?? .init(),
+            kSecAttrAccessGroup: accessGroup
         ]
         SecItemDelete(query)
         SecItemAdd(query, nil)
@@ -17,7 +23,8 @@ final class KeychainJwtStore: JwtStore {
             kSecClass: kSecClassGenericPassword,
             kSecAttrAccount: property.rawValue,
             kSecReturnData: kCFBooleanTrue!,
-            kSecMatchLimit: kSecMatchLimitOne
+            kSecMatchLimit: kSecMatchLimitOne,
+            kSecAttrAccessGroup: accessGroup
         ]
         var dataTypeRef: AnyObject?
         let status = SecItemCopyMatching(query as CFDictionary, &dataTypeRef)
@@ -31,7 +38,8 @@ final class KeychainJwtStore: JwtStore {
     func delete(property: JwtStoreProperties) {
         let query: NSDictionary = [
             kSecClass: kSecClassGenericPassword,
-            kSecAttrAccount: property.rawValue
+            kSecAttrAccount: property.rawValue,
+            kSecAttrAccessGroup: accessGroup
         ]
         SecItemDelete(query)
     }