react-native-keychain - npm Package Compare versions

Comparing version 3.0.0 to 3.1.0

index.js

@@ -0,5 +1,12 @@
+// @flow
 import { NativeModules, Platform } from 'react-native';
 const { RNKeychainManager } = NativeModules;
 
-export const ACCESSIBLE = {
+export const SECURITY_LEVEL = Object.freeze({
+  ANY: RNKeychainManager.SECURITY_LEVEL_ANY,
+  SECURE_SOFTWARE: RNKeychainManager.SECURITY_LEVEL_SECURE_SOFTWARE,
+  SECURE_HARDWARE: RNKeychainManager.SECURITY_LEVEL_SECURE_HARDWARE,
+});
+
+export const ACCESSIBLE = Object.freeze({
   WHEN_UNLOCKED: 'AccessibleWhenUnlocked',
@@ -13,5 +20,5 @@ AFTER_FIRST_UNLOCK: 'AccessibleAfterFirstUnlock',
   ALWAYS_THIS_DEVICE_ONLY: 'AccessibleAlwaysThisDeviceOnly',
-};
+});
 
-export const ACCESS_CONTROL = {
+export const ACCESS_CONTROL = Object.freeze({
   USER_PRESENCE: 'UserPresence',
@@ -24,36 +31,24 @@ BIOMETRY_ANY: 'BiometryAny',
   BIOMETRY_CURRENT_SET_OR_DEVICE_PASSCODE: 'BiometryCurrentSetOrDevicePasscode',
-};
+});
 
-export const AUTHENTICATION_TYPE = {
+export const AUTHENTICATION_TYPE = Object.freeze({
   DEVICE_PASSCODE_OR_BIOMETRICS: 'AuthenticationWithBiometricsDevicePasscode',
   BIOMETRICS: 'AuthenticationWithBiometrics',
-};
+});
 
-export const BIOMETRY_TYPE = {
+export const BIOMETRY_TYPE = Object.freeze({
   TOUCH_ID: 'TouchID',
   FACE_ID: 'FaceID',
   FINGERPRINT: 'Fingerprint',
-};
+});
 
-type SecAccessible =
-  | 'AccessibleWhenUnlocked'
-  | 'AccessibleAfterFirstUnlock'
-  | 'AccessibleAlways'
-  | 'AccessibleWhenPasscodeSetThisDeviceOnly'
-  | 'AccessibleWhenUnlockedThisDeviceOnly'
-  | 'AccessibleAfterFirstUnlockThisDeviceOnly'
-  | 'AccessibleAlwaysThisDeviceOnly';
+export type SecAccessible = $Values<typeof ACCESSIBLE>;
 
-type SecAccessControl =
-  | 'UserPresence'
-  | 'BiometryAny'
-  | 'BiometryCurrentSet'
-  | 'DevicePasscode'
-  | 'ApplicationPassword'
-  | 'BiometryAnyOrDevicePasscode'
-  | 'BiometryCurrentSetOrDevicePasscode';
+export type SecAccessControl = $Values<typeof ACCESS_CONTROL>;
 
-type LAPolicy = 'Authentication' | 'AuthenticationWithBiometrics';
+export type LAPolicy = $Values<typeof AUTHENTICATION_TYPE>;
 
-type Options = {
+export type SecMinimumLevel = $Values<typeof SECURITY_LEVEL>;
+
+export type Options = {
   accessControl?: SecAccessControl,
@@ -65,5 +60,18 @@ accessGroup?: string,
   service?: string,
+  securityLevel?: SecMinimumLevel,
 };
 
 /**
+ * (Android only) Returns guaranteed security level supported by this library
+ * on the current device.
+ * @return {Promise} Resolves to `SECURITY_LEVEL` when supported, otherwise `null`.
+ */
+export function getSecurityLevel(): Promise<?($Values<typeof SECURITY_LEVEL>)> {
+    if (!RNKeychainManager.getSecurityLevel){
+        return Promise.resolve(null);
+    }
+    return RNKeychainManager.getSecurityLevel();
+}
+
+/**
  * Inquire if the type of local authentication policy (LAPolicy) is supported
@@ -74,3 +82,3 @@ * on this device with the device settings the user chose.
  */
-export function canImplyAuthentication(options?: Options): Promise {
+export function canImplyAuthentication(options?: Options): Promise<boolean> {
   if (!RNKeychainManager.canCheckAuthentication) {
@@ -86,3 +94,3 @@ return Promise.resolve(false);
  */
-export function getSupportedBiometryType(): Promise {
+export function getSupportedBiometryType(): Promise<?($Values<typeof BIOMETRY_TYPE>)> {
   if (!RNKeychainManager.getSupportedBiometryType) {
@@ -107,3 +115,3 @@ return Promise.resolve(null);
   options?: Options
-): Promise {
+): Promise<void> {
   return RNKeychainManager.setInternetCredentialsForServer(
@@ -113,2 +121,3 @@ server,
     password,
+    getMinimumSecurityLevel(options),
     options
@@ -119,2 +128,16 @@ );
 /**
+ * Checks if we have a login combination for `server`.
+ * @param {string} server URL to server.
+ * @return {Promise} Resolves to `true` when successful
+ */
+export function hasInternetCredentials(server: string): Promise<boolean> {
+  return RNKeychainManager.hasInternetCredentialsForServer(server);
+}
+
+export type UserCredentials = {|
+  +username: string,
+  +password: string,
+|};
+
+/**
  * Fetches login combination for `server`.
@@ -128,3 +151,3 @@ * @param {string} server URL to server.
   options?: Options
-): Promise {
+): Promise<UserCredentials> {
   return RNKeychainManager.getInternetCredentialsForServer(server, options);
@@ -142,3 +165,3 @@ }
   options?: Options
-): Promise {
+): Promise<void> {
   return RNKeychainManager.resetInternetCredentialsForServer(server, options);
@@ -158,2 +181,12 @@ }
 
+function getMinimumSecurityLevel(serviceOrOptions?: string | Options) {
+  var specifiedLevel = undefined;
+
+  if (typeof serviceOrOptions === 'object') {
+    specifiedLevel = serviceOrOptions.securityLevel;
+  }
+
+  return specifiedLevel || SECURITY_LEVEL.ANY;
+}
+
 /**
@@ -170,10 +203,17 @@ * Saves the `username` and `password` combination for `service`.
   serviceOrOptions?: string | Options
-): Promise {
+): Promise<boolean> {
   return RNKeychainManager.setGenericPasswordForOptions(
     getOptionsArgument(serviceOrOptions),
     username,
-    password
+    password,
+    getMinimumSecurityLevel(serviceOrOptions)
   );
 }
 
+export type SharedWebCredentials = {|
+  +server: string,
+  +username: string,
+  +password: string,
+|};
+
 /**
@@ -186,3 +226,3 @@ * Fetches login combination for `service`.
   serviceOrOptions?: string | Options
-): Promise {
+): Promise<boolean | SharedWebCredentials> {
   return RNKeychainManager.getGenericPasswordForOptions(
@@ -200,3 +240,3 @@ getOptionsArgument(serviceOrOptions)
   serviceOrOptions?: string | Options
-): Promise {
+): Promise<boolean> {
   return RNKeychainManager.resetGenericPasswordForOptions(
@@ -212,3 +252,3 @@ getOptionsArgument(serviceOrOptions)
  */
-export function requestSharedWebCredentials(): Promise {
+export function requestSharedWebCredentials(): Promise<SharedWebCredentials> {
   if (Platform.OS !== 'ios') {
@@ -235,3 +275,3 @@ return Promise.reject(
   password: string
-): Promise {
+): Promise<void> {
   if (Platform.OS !== 'ios') {
@@ -238,0 +278,0 @@ return Promise.reject(

package.json

 {
   "name": "react-native-keychain",
-  "version": "3.0.0",
+  "version": "3.1.0",
   "description": "Keychain Access for React Native",
@@ -37,4 +37,5 @@ "main": "index.js",
   "devDependencies": {
-    "flow-bin": "0.61.0"
+    "flow-bin": "0.78",
+    "react-native": "^0.57.4"
   }
 }

README.md

@@ -48,3 +48,3 @@ <p align="center"><img src="https://user-images.githubusercontent.com/378279/36642269-6195b10c-1a3d-11e8-9e1b-37a3d1bcf7b3.png" align="center" width="150" height="201" alt="" /></p>
 
-### `setGenericPassword(username, password, [{ accessControl, accessible, accessGroup, service }])`
+### `setGenericPassword(username, password, [{ accessControl, accessible, accessGroup, service, securityLevel }])`
 
@@ -61,6 +61,10 @@ Will store the username/password combination in the secure storage. Resolves to `true` or rejects in case of an error.
 
-### `setInternetCredentials(server, username, password, [{ accessControl, accessible, accessGroup }])`
+### `setInternetCredentials(server, username, password, [{ accessControl, accessible, accessGroup, securityLevel }])`
 
 Will store the server/username/password combination in the secure storage.
 
+### `hasInternetCredentials(server, [{ authenticationPrompt }])`
+
+Will check if the username/password combination for server is available in the secure storage. Resolves to `true` if an entry exists or `false` if it doesn't.
+
 ### `getInternetCredentials(server, [{ authenticationPrompt }])`
@@ -90,2 +94,14 @@
 
+### `getSecurityLevel()` (Android only)
+
+Get security level that is supported on the current device with the current OS.
+
+### Security Levels (Android only)
+
+If set, `securityLevel` parameter specifies minimum security level that the encryption key storage should guarantee for storing credentials to succeed.
+
+* `ANY` - no security guarantees needed (default value); Credentials can be stored in FB Secure Storage;
+* `SECURE_SOFTWARE` - requires for the key to be stored in the Android Keystore, separate from the encrypted data;
+* `SECURE_HARDWARE` - requires for the key to be stored on a secure hardware (Trusted Execution Environment or Secure Environment). Read [this article](https://developer.android.com/training/articles/keystore#ExtractionPrevention) for more information.
+
 ### Options
@@ -149,2 +165,3 @@
 * Select your project and under **Build Phases** -> **Link Binary With Libraries**, press the + and select `libRNKeychain.a`.
+* make sure `pod 'RNKeychain'` is not in your `Podfile`
 
@@ -151,0 +168,0 @@ #### Option: With [CocoaPods](https://cocoapods.org/)

typings/react-native-keychain.d.ts

@@ -14,3 +14,3 @@ declare module 'react-native-keychain' {
 
-    export enum SecAccessible {
+    export enum ACCESSIBLE   {
         WHEN_UNLOCKED = "AccessibleWhenUnlocked",
@@ -25,3 +25,3 @@ AFTER_FIRST_UNLOCK = "AccessibleAfterFirstUnlock",
 
-    export enum SecAccessControl {
+    export enum ACCESS_CONTROL {
         USER_PRESENCE = "UserPresence",
@@ -42,5 +42,5 @@ BIOMETRY_ANY = "BiometryAny",
     export interface Options {
-        accessControl?: SecAccessControl;
+        accessControl?: ACCESS_CONTROL;
         accessGroup?: string;
-        accessible?: SecAccessible;
+        accessible?: ACCESSIBLE;
         authenticationPrompt?: string;
@@ -69,2 +69,6 @@ authenticationType?: LAPolicy;
 
+    function hasInternetCredentials(
+        server: string
+    ): Promise<boolean>;
+
     function resetInternetCredentials(
@@ -71,0 +75,0 @@ server: string

No alert changes

Improved metrics

Total package byte prevSize

367249

increased by141.89%

Number of package files

30

increased by3.45%

Lines of code

324

increased by11.72%

Number of lines in readme file

313

increased by5.74%

Worsened metrics

Dev dependency count

2

increased by100%

No dependency changes