voo_secrets 1.0.0

voo_secrets: ^1.0.0 copied to clipboard

Added #

• Initial Release: Secure runtime secrets management for Flutter

Domain #

• Secret: Entity representing a single secret with metadata
• SecretsConfig: Configuration for secrets endpoint and authentication
• SecretsResponse: Response model from secrets API
• SecretStatus: Enum for tracking secrets state (uninitialized, loading, loaded, expired, error, cleared)

Storage #

• SecretsStorage: Abstract interface for secrets storage
• SecureSecretsStorage: Implementation using flutter_secure_storage
  • Uses platform Keychain (iOS) and Keystore (Android)
  • Encrypted at rest
• MemorySecretsStorage: In-memory implementation for testing

Services #

• SecretsService: Abstract interface for fetching secrets
• HttpSecretsService: HTTP implementation using Dio
  • Bearer token authentication
  • Configurable timeout and custom headers
  • Proper error handling with SecretsException
• MockSecretsService: Mock implementation for testing
  • Factory constructors for common scenarios
  • withSecrets(), authError(), networkError()

Client #

• VooSecrets: Main singleton client
  • initialize() - Set up with config and storage
  • fetchSecrets() - Fetch from backend
  • get<T>() / require<T>() - Access secrets
  • has() - Check if secret exists
  • clear() - Clear on logout
  • Auto-refresh before expiry
  • Scoped access support

Reference Backends #

• Firebase Functions: TypeScript implementation with role-based access
• Supabase Edge Functions: Deno implementation with Supabase auth
• Cloudflare Workers: Edge computing implementation with JWT verification
• Node.js/Express: Traditional server implementation

Security Features #

• Secrets never embedded in app binary
• Authentication required for access
• Platform secure storage (Keychain/Keystore)
• Expiry and auto-refresh support
• Server-side revocation without app update
• Scoped access (different users get different secrets)
• Audit-ready logging on backend