Implement auto-login

[kenmanheimer]

The mobile client needs an option for automatic login, so that, if the user elects for this behavior, the app is automatically logged in while the user is logged in to the device

Auto-login will require device secure storage, which will depend on hybrid provisions.

[kenmanheimer]

There is a PhoneGap keychain plugin that provides iPhone keychain access. (There is another version of this plugin that is current and maintained - see below.) We need it for secure credential storage (for auto-login and other purposes), and we need the API that it provides implemented for Android, as well.

This API description is just extracted from the top-level artifacts of the old PhoneGap keychain plugin.

• Javascript-level API:
  • Routines:
    • getForKey(str: key, str: servicename, func: onSuccess, func: onFail)
    • setForKey(str: key, str: value, str: servicename, func: onSuccess, func: onFail)
    • removeForKey(str: key, str: servicename, func: onSuccess, func: onFail)
  • The callbacks:
    • onSuccess(str: key, str: servicename, str: value)
    • onFail(str: key, str: servicename, str: error)
• current iOS level implementation
  • - (void) getForKey:(NSMutableArray*)arguments withDict:(NSMutableDictionary*)options
  • - (void) setForKey:(NSMutableArray*)arguments withDict:(NSMutableDictionary*)options
  • - (void) removeForKey:(NSMutableArray*)arguments withDict:(NSMutableDictionary*)options
  • + (SecKeychainItemRef) getKeychainItemReferenceForUsername: (NSString *) username andServiceName: (NSString *) serviceName error: (NSError **) error
  • + (void) storeUsername: (NSString *) username andPassword: (NSString *) password forServiceName: (NSString *) serviceName updateExisting: (BOOL) updateExisting error: (NSError **) error
  • + (void) deleteItemForUsername: (NSString *) username andServiceName: (NSString *) serviceName error: (NSError **) error
  • + (SecKeychainItemRef) getKeychainItemReferenceForUsername: (NSString ) username andServiceName: (NSString *) serviceName error: (NSError **) error
  • + (NSString *) getPasswordForUsername: (NSString *) username andServiceName: (NSString *) serviceName error: (NSError **) error
  • + (BOOL) storeUsername: (NSString *) username andPassword: (NSString *) password forServiceName: (NSString *) serviceName updateExisting: (BOOL) updateExisting error: (NSError **) error
  • + (BOOL) deleteItemForUsername: (NSString *) username andServiceName: (NSString *) serviceName error: (NSError **) error

[merickson]

This will also need implementation for Android. Is there anything like that there, or is this someplace we can kick off a project?

[kenmanheimer]

I haven't seen anything of that sort, which is why I suggested having the API that it provides implemented for Android, as well. (I gather it would be for the Android Account Manager.)

To amplify, creating an Android emulation of the javascript-level API presented by the PhoneGap keychain plugin is probably the most substantial native coding task we're facing, for this issue and others that require secure key/value storage (eg, #8).

I'm not sure how much work there will be in getting the keychain Plugin working on iOS under Cordova 2.2 - it may be near - but getting the interface implemented on Android will mean starting with just the iOS keychain plugin interface example.

[kenmanheimer]

Shazron, the main PhoneGap guy, is maintaining an up-to-date PhoneGap Keychain Plugin! The version is numbered with the current Cordova release, and is likely to work as is. We need that same API implemented to use the underlying Android Account Manager.