fix(auth): make DeleteAPIKey resilient to keyring errors

DeleteAPIKey now ignores primary keyring errors (e.g., dbus unavailable) and always cleans up the fallback store
2026-02-21 21:19:46 -05:00 · 2026-02-21 21:19:46 -05:00 · 1b0781dc68
commit 1b0781dc68
parent ec568b4c85
1 changed files with 5 additions and 5 deletions
--- a/internal/auth/keychain.go
+++ b/internal/auth/keychain.go
@ -92,11 +92,11 @@ func (km *KeychainManager) GetAPIKey(service, account string) (string, error) {
 // DeleteAPIKey removes a key from both stores.
 func (km *KeychainManager) DeleteAPIKey(service, account string) error {
-	if err := km.primary.Delete(service, account); err != nil &&
+	// Try to delete from primary keyring, but don't fail on keyring errors
-		!errors.Is(err, keyring.ErrNotFound) &&
+	// (e.g., dbus unavailable, permission denied) - just clean up fallback
-		!errors.Is(err, keyring.ErrUnsupportedPlatform) {
+	_ = km.primary.Delete(service, account)
-		return fmt.Errorf("failed to delete API key: %w", err)
+	
-	}
+	// Always clean up fallback
 	if err := km.fallback.delete(service, account); err != nil && !errors.Is(err, os.ErrNotExist) {
 		return err
 	}