Hello,
as the initial scripting framework “Keychain Scripting” to manage keychains has gone since Lion and the far better implementation of “Usable Keychain Scripting” doesn’t support write operations to keychains, the only way to add items is using the Security(1) framework.
Invoking it on command line works perfect so far (apart from the fact that it took me ages to find out that the proper value for the option -t [authenticationType] should written reversible as “mrof” instead “form” as stated in Apple’s Developer Documentation.
Watch out: Just adding internet-passwords to keychain without the parameter authenticationType “mrof” has a major disadvantage: When opening the relevant website and selecting the login field, Safari shows the appropriate credentials and proceeds with the login after choosing it. Perfect at first sight. But under the hood, the previously generated entry gets cloned in the keychain. Furthermore, all further logins fall back on the cloned entry.
Only if the internet password has been created with the parameter ‘-t “mrof”’, Safari will fall back on the entry in the keychain without creating a clone of it.
Example:
As usernames are more and more frequently already in use, I would like easily choose alternatives among some default usernames using the following AppleScript:
set _creator to "apsr" -- Abbrevation for AppleScript
set _keychain to "Internet"
set _app_security to "/usr/bin/security"
set _app_safari to "/Applications/Safari.app"
set _app_keychain to "/Applications/Utilities/Keychain Access.app"
set _app_usable_keychain to "/Users/ritter/Library/ScriptingAdditions/Usable Keychain Scripting.app"
set _url to the text returned of (display dialog ("URL to be opened: ") default answer "[url=http://www.foo.com]www.foo.com[/url]")
set _loginuser to choose from list {"Braeburn", "Alice", "Bob", "Mike"} with title "Login Name" default items "Braeburn"
set _label to the text returned of (display dialog "Display (Search)name in Keychain.app: " with title "User" default answer _url & " (" & _loginuser & ")")
set _accnt to the text returned of (display dialog "Account" with title "Account" default answer _loginuser)
set _srvr to the text returned of (display dialog "WebSite" with title "Site" default answer _url as string)
set _passwd to choose from list {"MyPassword", "MySecret", "SecretPassword!"} with title "Choose Password" default items "MyPassword"
set _proto to the text returned of (display dialog "Protocol" with title "Site" default answer "http" as string)
set _email to choose from list {"Braeburn@gmail.com", "Alice@gmail.com", "Bob@gmail.com", "Mike@gmail.com"} with title "Notification address" default items "Braeburn@gmail.com"
set _comment to the text returned of (display dialog "Comment" with title "Comment" default answer "email-address: " & _email as string)
set _atype to "mrof" as string
do shell script ¬
"/usr/bin/security add-internet-password " & ¬
" -a " & _accnt & ¬
" -l " & quoted form of _label & ¬
" -c " & _creator & ¬
" -s " & _srvr & ¬
" -r " & _proto & ¬
" -w " & _passwd & ¬
" -T " & _app_safari & " " & ¬
" -T " & _app_security & " " & ¬
" -T " & quoted form of _app_keychain & " " & ¬
" -T " & quoted form of _app_usable_keychain & ¬
" -j " & quoted form of _comment & ¬
"-t " & _atype & ¬
_keychain
tell application "Usable Keychain Scripting"
get properties of first keychain item of current keychain whose name is _label
end tell
The problem here is, no matter how the parameter -t & _atype has been defined (already tried "-t " & quoted form of _atype or "-t " & “mrof” as string, Security(1) seems to be invoked without the appropriate option "-t ‘mrof’).
So, how should the parameter "-t " & _atype properly invoked by AppleScript?
Thanks in advance for any advice.
Cheers,
B.
Model: MacBook Air
Browser: Safari 537.85.10
Operating System: Mac OS X (10.8.5)