Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@pinwheel/react-native-pinwheel
Advanced tools
Pinwheel SDK for React Native
$ npm install --save @pinwheel/react-native-pinwheel
Some platform integrations may require camera access for verification purposes. Ensure the necessary permissions are configured in your project:
Android: Add the following permission to your AndroidManifest.xml
:
<uses-permission android:name="android.permission.CAMERA" />
iOS: Add the following key and description to your Info.plist
:
<key>NSCameraUsageDescription</key>
<string>We need access to your camera for verification purposes.</string>
To initialize Link Modal, a short-lived link token will need to be generated first. Your server can generate the link token by sending a POST request to the /v1/link_tokens endpoint. DO NOT ever send this request from the client side and publicly expose your api_secret.
The link token returned is valid for one hour, after which it expires and can no longer be used to initialize Link. The expiration time is returned as a unix timestamp.
The PinwheelLink component is a view that you can integrate into your app's flow like so:
import PinwheelLink from "@pinwheel/react-native-pinwheel";
<PinwheelLink
linkToken={response.data.token}
onLogin={result => { /* ... */ }}
onError={error => { /* ... */ }}
onSuccess={result => { /* ... */ }}
onExit={error => { /* ... */ }}
onEvent={(eventName, payload) => { /* ... */ }}
/>;
With the PinwheelLink component, end-users can select their employer, authenticate with their payroll platform login credentials, and authorize the direct deposit change. Throughout the authorization process, events will be emitted to the onEvent
callback and any errors (both user errors such as invalid parameters and any system errors which arise) will be emitted to the onError
callback. Upon a successful login, onLogin
will be called and once the full flow is complete the onSuccess
callback will be called. onExit
will be called when the Pinwheel modal is closed, and you should remove the PinwheelLink component from your view hierarchy.
linkToken
The link token retrieved using the create link token endpoint.
Type | Required |
---|---|
string | Yes |
onLogin
Callback when a user successfully signs in to their payroll account.
Type | Required |
---|---|
function | No |
onError
Callback whenever an error occurs during the modal flow. This does not necessarily mean that the flow cannot still complete successfully. These include such retryable events as the user inputting an incorrect password or MFA code and needs to reattempt it. Error codes can be seen here.
Type | Required |
---|---|
function | No |
onSuccess
Callback whenever a user completes a modal flow successfully. Note: This is simply a front end callback only. If a user begins a job, closes the app, and the job completes successfully this callback will not be called.
Type | Required |
---|---|
function | No |
onExit
Callback whenever a user exits the modal either explicitly or if an error occurred that crashed the modal. Error codes can be seen here. Will pass back an error result if the modal either crashed due to an error or if the user exited while in an error state (e.g. invalid credentials).
Type | Required |
---|---|
function | No |
onEvent
Callback for all significant events that happen during the modal flow. See all possible event types.
Type | Required |
---|---|
function | No |
You may want to run the example app locally to get started.
node -v
and upgrade versions using nvm
if needed)pod
version 1.11.3 (check with pod --version
)example/env.js
(create this file) with export default "<YOUR PINWHEEL SECRET>"
.npm run dev
For this or other errors related to command line developer tools:
FAQs
Pinwheel React Native SDK
The npm package @pinwheel/react-native-pinwheel receives a total of 1,099 weekly downloads. As such, @pinwheel/react-native-pinwheel popularity was classified as popular.
We found that @pinwheel/react-native-pinwheel demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.