inbo · SanderDevisscher · Apr 4, 2024 · Mar 28, 2024 · Mar 29, 2024 · Mar 29, 2024
diff --git a/DESCRIPTION b/DESCRIPTION
@@ -1,6 +1,6 @@
 Package: iassetR
 Title: Use the iAsset API in R
-Version: 0.0.0.9000
+Version: 0.0.1.9000
 Authors@R: c(
     person("Pieter", "Huybrechts", , "[email protected]", role = "aut",
            comment = c(ORCID = "0000-0002-6658-6062")),
@@ -19,6 +19,7 @@ Imports:
     glue,
     httr2,
     janitor,
+    keyring,
     magrittr,
     openssl,
     purrr,

diff --git a/NAMESPACE b/NAMESPACE
@@ -4,5 +4,6 @@ export("%>%")
 export(get_access_token)
 export(get_fields)
 export(get_records)
+import(keyring)
 importFrom(magrittr,"%>%")
 importFrom(rlang,.data)
diff --git a/R/get_access_token.R b/R/get_access_token.R
@@ -6,21 +6,43 @@
 #' @return Invisibily, an access token upon succes
 #' @export
 #'
-#' @examples \dontrun{get_access_token("my_username")}
+#' @details
+#' This function uses keyring to retrieve the password. If no password has been
+#' set using keyring you'll be prompted to enter your password using askpass.
+#' Setting the password using keyring should best be done interactively
+#' (in the console) using
+#' `keyring::key_set("iasset_password", username = "my_username")`.
+#' Keyring uses secret environment variables on GitHub Actions.
+#'
+#' @import keyring
+#' @examples \dontrun{
+#' get_access_token("my_username")
+#' }
 get_access_token <-
   function(username, quiet = FALSE) {
     # check input params
     assertthat::assert_that(assertthat::is.string(username))
     assertthat::assert_that(assertthat::is.flag(quiet))
+    # check for keyring support
+    assertthat::assert_that(keyring::has_keyring_support())
+    # check that only one keyring is set
+    number_of_keyrings <- nrow(keyring::key_list(service = "iasset_password"))
+    assertthat::assert_that(number_of_keyrings <= 1,
+      msg = paste(
+        "iassetR currently only supports storing one iAsset account at a time.",
+        "Delete any other accounts using",
+        'keyring::key_delete(service = "iasset_password",',
+        'username = "username_to_delete")'
+      )
+    )
     # build a request and perform it
     login_request <-
       httr2::request(base_url = "https://api.iasset.nl/login/")
-    hash <- askpass::askpass() %>%
-      openssl::md5()
+
     login_response <- login_request %>%
       httr2::req_body_form(
         username = username,
-        password = hash,
+        password = openssl::md5(keyring::key_get("iasset_password")),
         domain = "riparias",
         version = "9.7"
       ) %>%

diff --git a/man/get_access_token.Rd b/man/get_access_token.Rd