New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[expo-local-authentication] Refactor is/has/supported-functions #7032
Comments
Sounds good to me, would you like to work on this? |
Yes!
Sounds good 👍 Any ideas on naming? My first suggestion is below, but let's discuss it!
The reason I think it's good to return integers is that we can do the checks as below easily:
|
Somewhat related - https://developer.android.com/preview/features#biometric-auth |
@LinusU |
…l of device (#11780) # Why <!-- Please describe the motivation for this PR, and link to relevant GitHub issues, forums posts, or feature requests. --> Some apps wants to know local authentication security level on a device. Providing this information may be helpful for those - who wants to advise a device owner to use more secure authentication - who wants to check if any local authentication is been set (who does not care if it is biometric auth or whatever) # How <!-- How did you build this feature or fix this bug and why? --> ## API design I basically followed to @LinusU's API proposal at #7032 (comment). `getEnrolledLevelAsync` returns enum representing security level `NONE`, `SECRET` and `BIOMETRIC`, which seems very reasonsable. Big up to @LinusU 🎉 ## iOS I used [`LAPolicyDeviceOwnerAuthentication`](https://developer.apple.com/documentation/localauthentication/lapolicy/lapolicydeviceownerauthentication?language=objc) to know if any authentication is available. And [`LAPolicyDeviceOwnerAuthenticationWithBiometrics`](https://developer.apple.com/documentation/localauthentication/lapolicy/lapolicydeviceownerauthenticationwithbiometrics?language=objc) for biometrics. ## Android ### for SDK_VERSION >= M - To detect if device has an enrolled authentication, I used [`KeyguardDeviceManager#isDeviceSecure()`](https://developer.android.com/reference/android/app/KeyguardManager#isDeviceSecure()), which is the very method recommended in [BiometricPrompt documentation](https://developer.android.com/reference/androidx/biometric/BiometricPrompt.PromptInfo.Builder#setDeviceCredentialAllowed(boolean)). - To detect if device has an enrolled biometric authentication, I used [`BiometricManager#canAuthenticate()`](https://developer.android.com/reference/androidx/biometric/BiometricManager#canAuthenticate()). It is same on prior to M. ### for SDK_VERSION < M Sadly, `KeyguardDeviceManager#isDeviceSecure()` is not supported on devices prior to Android M. The most similar API I found was [`isKeyguardSecure()`](https://developer.android.com/reference/android/app/KeyguardManager#isKeyguardSecure()), but it counts in SIM lock state, which is not very ideal. Because SIM lock is not where [`BiometricPrompt`](https://developer.android.com/reference/androidx/biometric/BiometricPrompt) authentication falls back to.
Absolutely not, I'm happy it got implemented! ❤️ |
Stemming from discussions here: #6962 (comment)
My proposal is something like:
This would thus replace
hasHardwareAsync
,supportedAuthenticationTypesAsync
andisEnrolledAsync
with two new functions.I'd be happy to submit the PR once/if we decide on an appropriate API☺️
The text was updated successfully, but these errors were encountered: