react-native-keychain
Advanced tools
Comparing version 5.0.1 to 6.0.0
78
index.js
@@ -70,7 +70,13 @@ // @flow | ||
export type Options = { | ||
export type AuthenticationPrompt = { | ||
title?: string, | ||
subtitle?: string, | ||
description?: string, | ||
cancel?: string, | ||
}; | ||
type BaseOptions = { | ||
accessControl?: SecAccessControl, | ||
accessGroup?: string, | ||
accessible?: SecAccessible, | ||
authenticationPrompt?: string, | ||
authenticationType?: LAPolicy, | ||
@@ -83,2 +89,12 @@ service?: string, | ||
type NormalizedOptions = { | ||
authenticationPrompt?: AuthenticationPrompt, | ||
...BaseOptions, | ||
}; | ||
export type Options = { | ||
authenticationPrompt?: string | AuthenticationPrompt, | ||
...BaseOptions, | ||
}; | ||
export type Result = {| | ||
@@ -100,8 +116,49 @@ +service: string, | ||
function normalizeOptions(serviceOrOptions?: string | Options): ?Options { | ||
return typeof serviceOrOptions === 'string' | ||
? { service: serviceOrOptions } | ||
: serviceOrOptions; | ||
const AUTH_PROMPT_DEFAULTS = { | ||
title: 'Authenticate to retrieve secret', | ||
cancel: 'Cancel', | ||
}; | ||
function normalizeServiceOption(serviceOrOptions?: string | Options): Options { | ||
if (typeof serviceOrOptions === 'string') { | ||
console.warn( | ||
`You passed a service string as an argument to one of the react-native-keychain functions. | ||
This way of passing service is deprecated and will be removed in a future major. | ||
Please update your code to use { service: ${JSON.stringify( | ||
serviceOrOptions | ||
)} }` | ||
); | ||
return { service: serviceOrOptions }; | ||
} | ||
return serviceOrOptions || {}; | ||
} | ||
function normalizeOptions( | ||
serviceOrOptions?: string | Options | ||
): NormalizedOptions { | ||
let options = { ...normalizeServiceOption(serviceOrOptions) }; | ||
const { authenticationPrompt } = options; | ||
if (typeof authenticationPrompt === 'string') { | ||
console.warn( | ||
`You passed a authenticationPrompt string as an argument to one of the react-native-keychain functions. | ||
This way of passing authenticationPrompt is deprecated and will be removed in a future major. | ||
Please update your code to use { authenticationPrompt: { title: ${JSON.stringify( | ||
authenticationPrompt | ||
)} }` | ||
); | ||
options.authenticationPrompt = { | ||
...AUTH_PROMPT_DEFAULTS, | ||
title: authenticationPrompt, | ||
}; | ||
} else { | ||
options.authenticationPrompt = { | ||
...AUTH_PROMPT_DEFAULTS, | ||
...authenticationPrompt, | ||
}; | ||
} | ||
return options; | ||
} | ||
//* EXPORTS */ | ||
@@ -156,8 +213,6 @@ | ||
* @param {string} server URL to server. | ||
* @param {object} options A keychain options object. | ||
* @return {Promise} Resolves to `{service, storage}` when successful | ||
*/ | ||
export function hasInternetCredentials( | ||
server: string, | ||
options?: Options | ||
server: string | ||
): Promise<false | Result> { | ||
@@ -199,3 +254,6 @@ return RNKeychainManager.hasInternetCredentialsForServer(server); | ||
): Promise<false | UserCredentials> { | ||
return RNKeychainManager.getInternetCredentialsForServer(server, options); | ||
return RNKeychainManager.getInternetCredentialsForServer( | ||
server, | ||
normalizeOptions(options) | ||
); | ||
} | ||
@@ -202,0 +260,0 @@ |
{ | ||
"name": "react-native-keychain", | ||
"version": "5.0.1", | ||
"version": "6.0.0", | ||
"description": "Keychain Access for React Native", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -21,9 +21,9 @@ <h1 align="center">react-native-keychain</h1> | ||
- [`setInternetCredentials(server, username, password, [{ accessControl, accessible, accessGroup, securityLevel }])`](#setinternetcredentialsserver-username-password--accesscontrol-accessible-accessgroup-securitylevel-) | ||
- [`hasInternetCredentials(server, [{ authenticationPrompt }])`](#hasinternetcredentialsserver--authenticationprompt-) | ||
- [`hasInternetCredentials(server)`](#hasinternetcredentialsserver) | ||
- [`getInternetCredentials(server, [{ authenticationPrompt }])`](#getinternetcredentialsserver--authenticationprompt-) | ||
- [`resetInternetCredentials(server, [{}])`](#resetinternetcredentialsserver-) | ||
- [`resetInternetCredentials(server)`](#resetinternetcredentialsserver) | ||
- [`requestSharedWebCredentials()` (iOS only)](#requestsharedwebcredentials-ios-only) | ||
- [`setSharedWebCredentials(server, username, password)` (iOS only)](#setsharedwebcredentialsserver-username-password-ios-only) | ||
- [`canImplyAuthentication([{ authenticationType }])` (iOS only)](#canimplyauthentication-authenticationtype--ios-only) | ||
- [`getSupportedBiometryType([{}])`](#getsupportedbiometrytype) | ||
- [`getSupportedBiometryType()`](#getsupportedbiometrytype) | ||
- [`getSecurityLevel([{ accessControl }])` (Android only)](#getsecuritylevel-accesscontrol--android-only) | ||
@@ -43,3 +43,3 @@ - [Options](#options) | ||
- [iOS](#ios) | ||
- [Option: Manually](#option-manually) | ||
- [Option: Manually](#option--manually-) | ||
- [Option: With CocoaPods](#option-with-cocoapods) | ||
@@ -51,3 +51,3 @@ - [Enable `Keychain Sharing` entitlement for iOS 10+](#enable-keychain-sharing-entitlement-for-ios-10) | ||
- [Unit Testing with Jest](#unit-testing-with-jest) | ||
- [Using a Jest `__mocks__` Directory](#using-a-jest-mocks-directory) | ||
- [Using a Jest `__mocks__` Directory](#using-a-jest-__mocks__-directory) | ||
- [Using a Jest Setup File](#using-a-jest-setup-file) | ||
@@ -67,3 +67,4 @@ - [Notes](#notes) | ||
1 a. **Only for React Native <= 0.59**: `$ react-native link react-native-keychain` and check `MainApplication.java` to verify the package was added. See manual installation below if you have issues with `react-native link`. | ||
1 a. **Only for React Native <= 0.59**: `$ react-native link react-native-keychain` and check `MainApplication.java` to verify the package was added. See manual installation below if you have issues with `react-native link`. | ||
2. Run `pod install` in `ios/` directory to install iOS dependencies. | ||
@@ -89,3 +90,5 @@ 3. If you want to support FaceID, add a `NSFaceIDUsageDescription` entry in your `Info.plist`. | ||
if (credentials) { | ||
console.log('Credentials successfully loaded for user ' + credentials.username); | ||
console.log( | ||
'Credentials successfully loaded for user ' + credentials.username | ||
); | ||
} else { | ||
@@ -95,6 +98,6 @@ console.log('No credentials stored'); | ||
} catch (error) { | ||
console.log('Keychain couldn\'t be accessed!', error); | ||
console.log("Keychain couldn't be accessed!", error); | ||
} | ||
await Keychain.resetGenericPassword(); | ||
} | ||
}; | ||
``` | ||
@@ -124,3 +127,3 @@ | ||
### `hasInternetCredentials(server, [{ authenticationPrompt }])` | ||
### `hasInternetCredentials(server)` | ||
@@ -135,3 +138,3 @@ Will check if the username/password combination for server is available in the secure storage. Resolves to `true` if an entry exists or `false` if it doesn't. | ||
Will remove the server/username/password combination from the secure storage. | ||
Will remove the server/username/password combination from the secure storage. | ||
@@ -152,3 +155,3 @@ ### `requestSharedWebCredentials()` (iOS only) | ||
Get what type of hardware biometry support the device has. Resolves to a `Keychain.BIOMETRY_TYPE` value when supported, otherwise `null`. | ||
Get what type of hardware biometry support the device has. Resolves to a `Keychain.BIOMETRY_TYPE` value when supported, otherwise `null`. | ||
@@ -165,13 +168,22 @@ > This method returns `null`, if the device haven't enrolled into fingerprint/FaceId. Even though it has hardware for it. | ||
| Key | Platform | Description | Default | | ||
| -------------------------- | ------------ | ------------------------------------------------------------------------------------------------ | ------------------------------------------------------------ | | ||
| **`accessControl`** | All | This dictates how a keychain item may be used, see possible values in `Keychain.ACCESS_CONTROL`. | *None* (iOS), `BIOMETRY_ANY` default for Android. | | ||
| **`accessible`** | iOS only | This dictates when a keychain item is accessible, see possible values in `Keychain.ACCESSIBLE`. | *`Keychain.ACCESSIBLE.WHEN_UNLOCKED`* | | ||
| **`accessGroup`** | iOS only | In which App Group to share the keychain. Requires additional setup with entitlements. | *None* | | ||
| **`authenticationPrompt`** | iOS only | What to prompt the user when unlocking the keychain with biometry or device password. | `Authenticate to retrieve secret` | | ||
| **`authenticationType`** | iOS only | Policies specifying which forms of authentication are acceptable. | `Keychain.AUTHENTICATION_TYPE.DEVICE_PASSCODE_OR_BIOMETRICS` | | ||
| **`service`** | All | Reverse domain name qualifier for the service associated with password. | *App bundle ID* | | ||
| **`storage`** | Android only | Force specific cipher storage usage during saving the password | Select best available storage | | ||
| **`rules`** | Android only | Force following to a specific security rules | Default: `Keychain.RULES.AUTOMATIC_UPGRADE` | | ||
| Key | Platform | Description | Default | | ||
| -------------------------- | ------------ | ------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------- | | ||
| **`accessControl`** | All | This dictates how a keychain item may be used, see possible values in `Keychain.ACCESS_CONTROL`. | _None_ | | ||
| **`accessible`** | iOS only | This dictates when a keychain item is accessible, see possible values in `Keychain.ACCESSIBLE`. | _`Keychain.ACCESSIBLE.WHEN_UNLOCKED`_ | | ||
| **`accessGroup`** | iOS only | In which App Group to share the keychain. Requires additional setup with entitlements. | _None_ | | ||
| **`authenticationPrompt`** | iOS only | What to prompt the user when unlocking the keychain with biometry or device password. | See [`authenticationPrompt` Properties](#authenticationprompt-properties) | | ||
| **`authenticationType`** | iOS only | Policies specifying which forms of authentication are acceptable. | `Keychain.AUTHENTICATION_TYPE.DEVICE_PASSCODE_OR_BIOMETRICS` | | ||
| **`service`** | All | Reverse domain name qualifier for the service associated with password. | _App bundle ID_ | | ||
| **`storage`** | Android only | Force specific cipher storage usage during saving the password | Select best available storage | | ||
| **`rules`** | Android only | Force following to a specific security rules | `Keychain.RULES.AUTOMATIC_UPGRADE` | | ||
##### `authenticationPrompt` Properties | ||
| Key | Platform | Description | Default | | ||
| ----------------- | ------------ | ------------------------------------------------------------------------------------------ | --------------------------------- | | ||
| **`title`** | All | Title of the authentication prompt when requesting a stored secret. | `Authenticate to retrieve secret` | | ||
| **`subtitle`** | Android only | Subtitle of the Android authentication prompt when requesting a stored secret. | None. Optional | | ||
| **`description`** | Android only | Description of the Android authentication prompt when requesting a stored secret. | None. Optional | | ||
| **`cancel`** | Android only | Negative button text of the Android authentication prompt when requesting a stored secret. | `Cancel` | | ||
#### `Keychain.ACCESS_CONTROL` enum | ||
@@ -191,3 +203,3 @@ | ||
> | ||
> Note #2: For Android we support only two states: `Default` (use the best available secured storage) and `Fingerprint` (use only biometric protected storage); | ||
> Note #2: For Android we support only two states: `None` (default) and `Fingerprint` (use only biometric protected storage); | ||
@@ -274,2 +286,3 @@ Refs: | ||
--- | ||
Q: What will happens if user disable/drop biometrics usage? | ||
@@ -280,2 +293,3 @@ | ||
--- | ||
Q: Is it possible any automatic downgrading? | ||
@@ -287,2 +301,3 @@ | ||
--- | ||
Q: How to disable automatic upgrade? | ||
@@ -293,2 +308,3 @@ | ||
--- | ||
Q: How to force a specific level of encryption during saving the secret? | ||
@@ -306,5 +322,5 @@ | ||
* Right click on Libraries, select **Add files to "…"** and select `node_modules/react-native-keychain/RNKeychain.xcodeproj` | ||
* Select your project and under **Build Phases** -> **Link Binary With Libraries**, press the + and select `libRNKeychain.a`. | ||
* make sure `pod 'RNKeychain'` is not in your `Podfile` | ||
- Right click on Libraries, select **Add files to "…"** and select `node_modules/react-native-keychain/RNKeychain.xcodeproj` | ||
- Select your project and under **Build Phases** -> **Link Binary With Libraries**, press the + and select `libRNKeychain.a`. | ||
- make sure `pod 'RNKeychain'` is not in your `Podfile` | ||
@@ -337,3 +353,3 @@ #### Option: With [CocoaPods](https://cocoapods.org/) | ||
* Edit `android/settings.gradle` to look like this (without the +): | ||
- Edit `android/settings.gradle` to look like this (without the +): | ||
@@ -349,3 +365,3 @@ ```diff | ||
* Edit `android/app/build.gradle` (note: **app** folder) to look like this: | ||
- Edit `android/app/build.gradle` (note: **app** folder) to look like this: | ||
@@ -367,3 +383,3 @@ ```diff | ||
* Edit your `MainApplication.java` (deep in `android/app/src/main/java/...`) to look like this (note **two** places to edit): | ||
- Edit your `MainApplication.java` (deep in `android/app/src/main/java/...`) to look like this (note **two** places to edit): | ||
@@ -389,3 +405,3 @@ ```diff | ||
``` | ||
#### Proguard Rules | ||
@@ -443,3 +459,3 @@ | ||
```javascript | ||
jest.mock("react-native-keychain", () => keychainMock); | ||
jest.mock('react-native-keychain', () => keychainMock); | ||
``` | ||
@@ -455,4 +471,4 @@ | ||
* API level 16-22 will en/de crypt using Facebook Conceal | ||
* API level 23+ will en/de crypt using Android Keystore | ||
- API level 16-22 will en/de crypt using Facebook Conceal | ||
- API level 23+ will en/de crypt using Android Keystore | ||
@@ -482,5 +498,5 @@ Encrypted data is stored in SharedPreferences. | ||
* [Android authentication](https://source.android.com/security/authentication) | ||
* [Android Cipher](https://developer.android.com/guide/topics/security/cryptography) | ||
* [Android Protected Confirmation](https://developer.android.com/training/articles/security-android-protected-confirmation) | ||
- [Android authentication](https://source.android.com/security/authentication) | ||
- [Android Cipher](https://developer.android.com/guide/topics/security/cryptography) | ||
- [Android Protected Confirmation](https://developer.android.com/training/articles/security-android-protected-confirmation) | ||
@@ -487,0 +503,0 @@ ## Maintainers |
@@ -65,2 +65,9 @@ declare module 'react-native-keychain' { | ||
export interface AuthenticationPrompt { | ||
title?: string; | ||
subtitle?: string; | ||
description?: string; | ||
cancel?: string; | ||
} | ||
export interface Options { | ||
@@ -70,3 +77,3 @@ accessControl?: ACCESS_CONTROL; | ||
accessible?: ACCESSIBLE; | ||
authenticationPrompt?: string; | ||
authenticationPrompt?: string | AuthenticationPrompt; | ||
authenticationType?: AUTHENTICATION_TYPE; | ||
@@ -77,2 +84,3 @@ service?: string; | ||
rules?: SECURITY_RULES; | ||
promptInfoOptions?: PromptInfoOptions; | ||
} | ||
@@ -92,6 +100,3 @@ | ||
function hasInternetCredentials( | ||
server: string, | ||
options?: Options | ||
): Promise<false | Result>; | ||
function hasInternetCredentials(server: string): Promise<false | Result>; | ||
@@ -126,3 +131,3 @@ function setInternetCredentials( | ||
username: string, | ||
password?: string, | ||
password?: string | ||
): Promise<void>; | ||
@@ -129,0 +134,0 @@ |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
210895
444
532