Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

setItem triggers Fingerprint on Android #264

Open
artola opened this issue Feb 10, 2021 · 6 comments
Open

setItem triggers Fingerprint on Android #264

artola opened this issue Feb 10, 2021 · 6 comments
Labels
android enhancement help wanted iOS 📌 pinned

Comments

@artola
Copy link

artola commented Feb 10, 2021
edited
Loading

The following code (from the docs) triggers the fingerprint auth in Android while in iOs does not triggers (correctly) the Face ID.

Using v6 @next

I did expect a validation to retrieve the data, but not to store it for first time. Is it right? what is the expectation?

import SInfo from 'react-native-sensitive-info';

const savingFirstData = await SInfo.setItem('key1', 'value1', {
    sharedPreferencesName: 'mySharedPrefs',
    keychainService: 'myKeychain',
    touchID: true, //add this key
    showModal: true, //add this key
    kSecAccessControl: 'kSecAccessControlBiometryAny' // optional - Add support for FaceID
});
@artola
Copy link
Author

artola commented Feb 14, 2021
edited
Loading

@mCodex This issue was reported before: #226

Nevertheless, while on iOs everything runs smooth, Android user experience is not that good (like require 2 times the fingerprint because of 1 get and a successive set).
Playing with the options (adding them in get or set) produces very different effects depending in the platform.
For example, iOs ignores the options (see example above) during the set, while Android honors them.

To be honest, due these limitations I am thinking about using other packages, 1 for encrypted storage (as using this one without options, valid too) plus 1 for biometric validation that also supports fallback to code and perform the 2 steps logic where required.

@warrioru
Copy link

@artola it would be great if we could save into the keystore without having to use the fingerprint. Then the problem of seeing the fingerprint modal two times would be solved.

Thanks for your work!

@artola
Copy link
Author

artola commented Feb 21, 2021

@mCodex If the library is somehow upgraded for Api level 30 supporting setUserAuthenticationParameters it would allow us to pass the timeout and auth type required, with a timeout of several seconds will allow to set/get without invoking again and again the auth.

https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.Builder#setUserAuthenticationParameters(int,%20int)

Just after setting the requirement for auth, add the extra options herein:

react-native-sensitive-info/android/src/main/java/br/com/classapp/RNSensitiveInfo/RNSensitiveInfoModule.java

Line 367 in 1575f89

.setUserAuthenticationRequired(true);

@mCodex
Copy link
Owner

mCodex commented Feb 28, 2021
edited
Loading

Thanks for pointing this out. I totally agree with you thinking about UX is not good.

I'd like to fix this, because I'm very concerned about UX stuff.

Feel free to open a PR to address this issue in v6

@stale
Copy link

stale bot commented Mar 30, 2021

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the 🚧 stale label Mar 30, 2021
@fedeerbes
Copy link

fedeerbes commented May 12, 2021
edited
Loading

hi @mCodex and @artola do you have plans to work on this?

@fedeerbes fedeerbes mentioned this issue May 12, 2021
Open
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
android enhancement help wanted iOS 📌 pinned
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mCodex @warrioru @artola @fedeerbes