vscode: Extensions SecretStorage issue: Input is not valid base64-encoded data.

Does this issue occur when all extensions are disabled?: No

  • VS Code Version: 1.66.1, 1.66.2
  • OS Version: Ubuntu 20.04.4

So the issue I’m having is as an extension developer (ckolkman.vscode-postgres).

I’ve had users report an issue that I have tracked back down to vscode - I can confirm the issue on the above versions, but don’t know the full extent on other os versions. (https://github.com/Borvik/vscode-postgres/issues/196)

The error being received is: “Input is not valid base64-encoded data.”

I’ve tracked this down to getting the secret from secret storage (https://code.visualstudio.com/api/references/vscode-api#SecretStorage).

I use the SecretStorage api to securely store credentials used by my extension. The api docs don’t seem to indicate a change - but something appears to have changed (whether by design and the docs need to change, or by introducing a bug).

The issue does not appear to affect vscode 1.66.0 - reverting to that version allows it to work.

I do not know whether it affects whether it affects storing secrets - but can confirm on getting secrets.

Steps to Reproduce (with referenced extension - so far):

  1. In vscode 1.66.0 - with extension, create a db connection with pwd to store creds (without pwd won’t use store creds so it won’t use the SecretStorage)
  2. Upgrade vscode
  3. Try to view the connection explorer and it will error when attempting to pull the secret from storage.

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Reactions: 2
  • Comments: 20 (13 by maintainers)

Most upvoted comments

I have a fix^^ out for this. It will be included in 1.67 which should be released early next month. If you want to workaround this, first catch the SecretStorage Error and do one of two things:

  • Ask the user for the thing you stored in SecretStorage again. Easiest to implement… inconvenient for the user.
  • Temporarily (just for 1.66) include node-keytar in your project and read the secret directly using getPassword(...) the service will be: vscodeckolkman.vscode-postgres (exactly) and then the account is whatever your key is. Once you get that secret value, store it back using the SecretStorage API to prevent future errors. Very inconvenient for you, but the user doesn’t have to do anything.

Personally, I recommend the first one, because the second one can be very tricky… and you probably generally wanna be robust if getting the secret fails (like if the user locks their keyring for some reason… keyrings are very tricky).

+2
TylerLeonhardt on Apr 20, 2022
Read more comments on GitHub
← vscode: Extensions not loaded the first time a remote workspace is trusted (when Azure ML ext is installed)
vscode: Extensions stop working after some time: MaxListenersExceededWarning →