ALPHA SOFTWARE -- NOT SECURITY VALIDATED
This project is in an alpha stage of development. It has not undergone a formal security audit or validation. Use it at your own risk and do not rely on it for production workloads or sensitive data without performing your own thorough security review. APIs, behavior, and storage mechanisms may change without notice.
Kiro Mobile is a cross-platform Flutter application that authenticates users through the Kiro web sign-in flow. After sign-in, the app captures authentication credentials from a WebView, persists them securely using platform-native storage, and renders authenticated Kiro UI content within the app.
- Web-based sign-in -- Authenticates users via the Kiro sign-in page displayed in a WebView.
- Secure credential storage -- Persists credentials per platform (iOS Keychain, Android Keystore, encrypted localStorage on Web).
- Authenticated content rendering -- Displays Kiro UI content inside the app after successful authentication.
- Network connectivity monitoring -- Detects and responds to changes in network state.
- State management with Provider -- Uses the Provider package for reactive, clean state management.
| Platform | Status |
|---|---|
| iOS | Supported |
| Android | Supported |
| Web | Supported |
The app follows a service-oriented architecture with clear separation of concerns:
- AppShell -- Root widget that renders the appropriate view based on authentication state.
- AuthManager -- Manages the full authentication lifecycle (sign-in, session, sign-out).
- CredentialStore -- Abstracts platform-specific secure storage behind a unified interface.
- SignInView -- Displays the Kiro sign-in page in a WebView and captures credentials.
- ContentView -- Renders authenticated Kiro UI content.
- ConnectivityMonitor -- Monitors network connectivity and surfaces state changes. A cross-platform Flutter mobile application providing authentication and session management for the Kiro platform.
Alpha Version -- This project is currently in an alpha stage of development. Features may be incomplete, APIs may change without notice, and the application has not undergone any security validation or audit. Do not use this application in production environments or with sensitive credentials until a formal security review has been completed.
kiro_flutter_auth is built with Flutter and targets Android, iOS, and Web platforms. It provides:
- Authentication flow -- Sign-in views with WebView-based authentication
- Secure credential storage -- Platform-specific credential storage (using
flutter_secure_storageon mobile, web-based storage on the web) - Session management -- View and manage active sessions
- Connectivity monitoring -- Detect and respond to network state changes
- Task management -- View task details within the app
lib/
main.dart # App entry point
models/ # Data models
services/ # Auth, credential storage, connectivity services
views/ # UI screens (SignInView, ContentView, AppShell)
test/ # Unit and widget tests
assets/ # Static assets
android/ # Android platform project
ios/ # iOS platform project
web/ # Web platform project
main.dart # Application entry point
models/
auth_credentials.dart # Authentication credential models
auth_state.dart # Authentication state model
services/
auth_manager.dart # Core authentication logic
connectivity_monitor.dart# Network connectivity monitoring
credential_store.dart # Credential storage interface
credential_store_factory.dart
credential_store_factory_stub.dart
credential_store_factory_web.dart
secure_credential_store.dart # Mobile secure storage implementation
web_credential_store.dart # Web storage implementation
debug_log.dart # Debug logging utility
kiro_api.dart # Kiro backend API client
views/
app_shell.dart # Main app shell / scaffold
home_view.dart # Home screen
sign_in_view.dart # Mobile sign-in view
sign_in_view_web.dart # Web sign-in view
content_view.dart # Content display (mobile)
content_view_web.dart # Content display (web)
session_detail_view.dart # Session details screen
task_detail_view.dart # Task details screen
error_view.dart # Error display
- Flutter SDK (Dart SDK ^3.11.1)
- For iOS: Xcode and CocoaPods
- For Android: Android Studio and the Android SDK
- For Web: A modern browser (Chrome recommended)
- Android Studio or Xcode (for mobile builds)
- A web browser (for web builds)
-
Clone the repository
git clone https://github.com/Lock128/kiro-mobile.git cd kiro-mobile -
Install dependencies
flutter pub get
-
Run the app
# Web flutter run -d chrome # iOS (macOS only) flutter run -d ios # Android flutter run -d android
-
Run the application
# Android / iOS flutter run # Web flutter run -d chrome
| Package | Purpose |
|---|---|
webview_flutter |
WebView integration for authentication flows |
flutter_secure_storage |
Encrypted credential storage on mobile |
connectivity_plus |
Network connectivity detection |
provider |
State management |
http |
HTTP networking for API calls |
flutter test| Package | Purpose |
|---|---|
| webview_flutter | WebView for sign-in and content rendering |
| webview_flutter_web | WebView support on the web platform |
| flutter_secure_storage | Secure credential storage |
| connectivity_plus | Network connectivity monitoring |
| provider | State management |
| http | HTTP requests |
This project is licensed under the Apache License 2.0. See the LICENSE file for details.
The project uses flutter_test and glados (property-based testing).
This software is provided as-is in an alpha state. It has not been security validated, penetration tested, or audited. Use it at your own risk. The authors make no guarantees regarding the safety or reliability of authentication flows, credential storage, or data handling within this application.