Skip to content

nhsconnect/nhsapp-fido-client-android

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
.github/workflows
.github/workflows
 
 
fidoclient
fidoclient
 
 
gradle/wrapper
gradle/wrapper
 
 
.gitignore
.gitignore
 
 
CODE-OF-CONDUCT.md
CODE-OF-CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradle.properties
gradle.properties
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

FIDO UAF (Universal Authentication Framework) client for Android

You can use the FIDO UAF client to authenticate logging in to Android apps without a password.

Use it to:

  • register biometric details, such as fingerprint
  • authorise against registered biometric details

Releases

Maven central

Requirements

  • Android Marshmallow or above
  • Minimum SDK 21, target SDK 27 and above

Installation

To use the client in your own application, you need to add a Maven reference to your build configuration.

Releases can be found on Maven Central, or see the instructions below for making changes and generating your own artifacts locally.

Generating Maven artifacts

To generate a new set of Maven artifacts once you have made a code change:

  1. Update the build version in fidoclient/build.gradle

    ext.build_version = '1.0.3-SNAPSHOT'

    Ensure to remove the -SNAPSHOT suffix for publishing to the releases repository.

  2. Build and publish the artifacts to the local Maven repository:

    $ ./gradlew clean build publishAllPublicationsToLocalMavenRepository

  3. There are separate local repositories configured for snapshot and release builds. Reference the local snapshot Maven repository in your Android project.

    allprojects {
  repositories {
    maven {
      "file:./path/to/nhsapp-fido-client-android/fidoclient/build/maven/snapshots"
    }
  }
}

dependencies {
  implementation 'io.github.nhsconnect:fido-uaf-client-android:1.0.3-SNAPSHOT'
}

Error handling

The client throws the following errors:

FidoAssertionException
FidoInvalidSignatureException
GenericFidoException

Contribute

We appreciate contributions and there are several ways you can help. For more information, see our contributing guidelines.

Get in touch

The FIDO UAF (Universal Authentication Framework) client for Android is maintained by NHS Digital. Email us or open a GitHub issue.

Reporting vulnerabilities

If you believe you've found a vulnerability or security concern in the client, please report it to us:

  1. Submit a vulnerability report through HackerOne's form.

  2. Put "FAO NHS Digital's NHS App team" in the first line of the description.

License

The codebase is released under the MIT License, unless stated otherwise. This covers both the codebase and any sample code in the documentation.

The FIDO UAF (Universal Authentication Framework) client for Android is based on an open source implementation created by eBay. eBay's project has an Apache 2.0 license, which permits commercial use and modifications.

We use a subset of eBay's implementation. We converted those files we used from Java to Kotlin and we heavily modified most of them. The original copyright notices on each converted file are retained.

About

NHS App Fido Client for Android

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

12 stars

Watchers

12 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 3

  •  
  •  
  •  

Languages