New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[expo-local-authentication] Give proper error when device is unsecured #6962
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,6 +3,7 @@ | |
package expo.modules.localauthentication; | ||
|
||
import android.app.Activity; | ||
import android.app.KeyguardManager; | ||
import android.content.Context; | ||
import android.os.Build; | ||
import android.os.Bundle; | ||
|
@@ -101,6 +102,15 @@ public void authenticateAsync(final Promise promise) { | |
return; | ||
} | ||
|
||
if (getKeyguardManager().isDeviceSecure() == false) { | ||
Bundle errorResult = new Bundle(); | ||
errorResult.putBoolean("success", false); | ||
errorResult.putString("error", "not_enrolled"); | ||
errorResult.putString("message", "KeyguardManager#isDeviceSecure() returned false"); | ||
promise.resolve(errorResult); | ||
return; | ||
} | ||
|
||
// BiometricPrompt callbacks are invoked on the main thread so also run this there to avoid | ||
// having to do locking. | ||
mUIManager.runOnUiQueueThread(new Runnable() { | ||
|
@@ -181,6 +191,10 @@ private static String convertErrorCode(int code) { | |
} | ||
} | ||
|
||
private KeyguardManager getKeyguardManager() { | ||
return (KeyguardManager) getCurrentActivity().getApplicationContext().getSystemService(Context.KEYGUARD_SERVICE); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Just wanted to mention that we should check whether There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I can submit a follow up PR that checks There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. here we go 👉 #6971 |
||
} | ||
|
||
private Activity getCurrentActivity() { | ||
ActivityProvider activityProvider = mModuleRegistry.getModule(ActivityProvider.class); | ||
return activityProvider != null ? activityProvider.getCurrentActivity() : null; | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought we could use the same implementation as in
isEnrolledAsync
but this is fine too as it probably covers more cases 😉There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I think that "isEnrolled" means "does the user have biometric data enrolled", but maybe that's just my take 🤔
Maybe we should improve the documentation around this to be more clear on this...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay, looking on the documentation for
isEnrolledAsync
:getKeyguardManager().isDeviceSecure()
returns true if there is any form of security, e.g. passcode, pattern, password, fingerprint, etc. So we should probably not use that inisEnrolledAsync
🤔Maybe we should refactor to something like:
That way the programmer can easy decide which level is acceptable for their app☺️
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
was this discussion followed up anywhere? I'm very interested in the multiple levels thing @LinusU talks about 👀
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This wasn't followed up, but I've been keeping this tab open for eight days now to remind myself to do that 😄
I'll open up a dedicated issue now 👌
here 👉 #7032
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wonderful, thanks for your work on this @LinusU! ❤️