Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

cordova-plugin-android-safetynet-decodejws

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cordova-plugin-android-safetynet-decodejws

A wrapper plugin for safetynet API on Play Enabled devices. This plugin extends attestation and app verification methods.

  • 1.0.2
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
0
Maintainers
1
Weekly downloads
 
Created
Source

Cordova SafetyNet

A wrapper plugin for safetynet API on Play Enabled devices. This plugin extends attestation and app verification methods. Google Play Service are required on device. At the time of writing , I am targeting Play Service 15.0.1 in gradle.

Installation

Cordova:

cordova plugin add cordova-plugin-android-safetynet

Ionic:

ionic cordova plugin add cordova-plugin-android-safetynet

TBA

Steps for Attestation

  • Obtain API key from Google Developer Console. The name of the API is Android Device Verification. Get the API_KEY from Credentials Section.
  • Generate a nonce server side: This a unique token which should be generated server side. Google recommends atleast 16 byte long token.
  • Invoke the cordova method
  • Get the result from success callback. Send it to the server
  • Send trhe sesult to android check to verify the payload server side.
  • After extract the result. Compare the values and base your logic from the result.

Syntax for Attestation

You will need API key from Google APIs Console for initiating attestation.

A nonce security token from server side, is also required.

window.safetynet.attest(nonce ,API_Key ,successCallback ,errorCallback);
Success Callbacks

A JWS string is sent back as success. This is the same data obtained from getJwsResult(). This data should be again cross verified with google.

Syntax for Verify Apps API

Three methods are available for the SafetyNet Verify Apps API.

Check Verify App is Enabled

This method allows a check for Verify App(Play Protect). The result is a boolean in successcallback.

window.safetynet.checkAppVerification(successCallback, errorCallback)
Enable App Verification

This method allows you to enable App Verfication. A dialog is invoked to If the verification is already enabled , the successCallback returns true. successCallback is a boolean. It represnts the state of App verification.

window.safetynet.enableAppVerification(successCallback, errorCallback);
List Harmful Apps

This method lists harmful apps installed in a device. App verification/Play Protect is required to be enabled to process the request. The result is an array of objects in successCallback.

window.safetynet.listHarmfulApps(successCallback, errorCallback);

Issues

Post the issues related to this library here . Do provide the device details as below.

  • Device name & manufacturer
  • Android version
  • Custom OS version (Lineage , MIUI , Exodus, DU)

Keywords

FAQs

Package last updated on 21 Feb 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc