oyyq99999 / react-native-secure-storage Goto Github PK

A secure AsyncStorage implementation

License: MIT License

Ruby 1.45% Java 49.11% JavaScript 9.94% Python 3.10% Objective-C 36.40%

react-native-secure-storage's Introduction

react-native-secure-storage

This package is based on react-native-keychain and implemented a secure storage engine. It is compatiable with redux-persist-sensitive-storage

Getting started

$ npm install react-native-secure-storage --save

$ yarn add react-native-secure-storage

Mostly automatic installation

$ react-native link react-native-secure-storage

Manual installation

iOS

In XCode, in the project navigator, right click Libraries ➜ Add Files to [your project's name]
Go to node_modules ➜ react-native-secure-storage and add RNSecureStorage.xcodeproj
In XCode, in the project navigator, select your project. Add libRNSecureStorage.a to your project's Build Phases ➜ Link Binary With Libraries
Run your project (Cmd+R)<

Android

Open up android/app/src/main/java/[...]/MainApplication.java

Add import li.yunqi.rnsecurestorage.RNSecureStoragePackage; to the imports at the top of the file
Add new RNSecureStoragePackage() to the list returned by the getPackages() method

Append the following lines to android/settings.gradle:

include ':react-native-secure-storage'
project(':react-native-secure-storage').projectDir = new File(rootProject.projectDir, 	'../node_modules/react-native-secure-storage/android')

Insert the following lines inside the dependencies block in android/app/build.gradle:
```
  implementation project(':react-native-secure-storage')
```

Usage

import SecureStorage, { ACCESS_CONTROL, ACCESSIBLE, AUTHENTICATION_TYPE } from 'react-native-secure-storage'

async() => {
  const config = {
    accessControl: ACCESS_CONTROL.BIOMETRY_ANY_OR_DEVICE_PASSCODE,
    accessible: ACCESSIBLE.WHEN_UNLOCKED,
    authenticationPrompt: 'auth with yourself',
    service: 'example',
    authenticateType: AUTHENTICATION_TYPE.BIOMETRICS,
  }
  const key = 'someKey'
  await SecureStorage.setItem(key, 'some value', config)
  const got = await SecureStorage.getItem(key, config)
  console.log(got)
}

Methods

This library has now implemented getItem, setItem, removeItem and getAllKeys methods of AsyncStorage from React Native. It doesn't support callback and replaced the callback param with an option param.

In addition, this library has a getSupportedBiometryType() method which Returns one of BIOMETRY_TYPE indicating which biometry type the device supports, and a canCheckAuthentication([{ authenticationType }]) method which checks whether the specified authenticationType is available.

Options

Key	Platform	Description	Default
`accessControl`	iOS only	This dictates how a keychain item may be used, see possible values in `SecureStorage.ACCESS_CONTROL`.	None
`accessible`	iOS only	This dictates when a keychain item is accessible, see possible values in `SecureStorage.ACCESSIBLE`.	`SecureStorage.ACCESSIBLE.WHEN_UNLOCKED`
`accessGroup`	iOS only	In which App Group to share the keychain. Requires additional setup with entitlements.	None
`authenticationPrompt`	iOS only	What to prompt the user when unlocking the keychain with biometry or device password.	`Authenticate to retrieve secret data`
`authenticationType`	iOS only	Policies specifying which forms of authentication are acceptable.	`SecureStorage.AUTHENTICATION_TYPE.DEVICE_PASSCODE_OR_BIOMETRICS`
`service`	All	Qualifier for the service.	App bundle ID

`SecureStorage.ACCESS_CONTROL` enum

Key	Description
`USER_PRESENCE`	Constraint to access an item with either Touch ID or passcode.
`BIOMETRY_ANY`	Constraint to access an item with Touch ID for any enrolled fingers.
`BIOMETRY_CURRENT_SET`	Constraint to access an item with Touch ID for currently enrolled fingers.
`DEVICE_PASSCODE`	Constraint to access an item with a passcode.
`APPLICATION_PASSWORD`	Constraint to use an application-provided password for data encryption key generation.
`BIOMETRY_ANY_OR_DEVICE_PASSCODE`	Constraint to access an item with Touch ID for any enrolled fingers or passcode.
`BIOMETRY_CURRENT_SET_OR_DEVICE_PASSCODE`	Constraint to access an item with Touch ID for currently enrolled fingers or passcode.

`SecureStorage.ACCESSIBLE` enum

Key	Description
`WHEN_UNLOCKED`	The data in the keychain item can be accessed only while the device is unlocked by the user.
`AFTER_FIRST_UNLOCK`	The data in the keychain item cannot be accessed after a restart until the device has been unlocked once by the user.
`ALWAYS`	The data in the keychain item can always be accessed regardless of whether the device is locked.
`WHEN_PASSCODE_SET_THIS_DEVICE_ONLY`	The data in the keychain can only be accessed when the device is unlocked. Only available if a passcode is set on the device. Items with this attribute never migrate to a new device.
`WHEN_UNLOCKED_THIS_DEVICE_ONLY`	The data in the keychain item can be accessed only while the device is unlocked by the user. Items with this attribute do not migrate to a new device.
`AFTER_FIRST_UNLOCK_THIS_DEVICE_ONLY`	The data in the keychain item cannot be accessed after a restart until the device has been unlocked once by the user. Items with this attribute never migrate to a new device.
`ALWAYS_THIS_DEVICE_ONLY`	The data in the keychain item can always be accessed regardless of whether the device is locked. Items with this attribute never migrate to a new device.

`SecureStorage.AUTHENTICATION_TYPE` enum

Key	Description
`DEVICE_PASSCODE_OR_BIOMETRICS`	Device owner is going to be authenticated by biometry or device passcode.
`BIOMETRICS`	Device owner is going to be authenticated using a biometric method (Touch ID or Face ID).

`SecureStorage.BIOMETRY_TYPE` enum

Key	Description
`TOUCH_ID`	Device supports authentication with Touch ID.
`FACE_ID`	Device supports authentication with Face ID.
`FINGERPRINT`	Device supports authentication with Android Fingerprint.

react-native-secure-storage's People

Contributors

Stargazers

Watchers

react-native-secure-storage's Issues

Datastorage on uninstalling the app

Hi ,
I am working with android. Does this api store data after the app in uninstalled. So that I can use the data when the app is installed next time?

Thanks!!

Not working in iOS simulator

I was not able to get this to work in iOS simulator. I'm finding that all code execution stops at...

await SecureStorage.setItem(key, str, config)

To install, I used...

npm install react-native-secure-storage --save
react-native link react-native-secure-storage

A problem occurred evaluating project ':react-native-secure-storage'. > Plugin with id 'maven' not found.

this error occured due to upgrade project from 0.66.3 to 0.67.1

Is it normal that getAllItems does not prompt user to scan biometrics?

I did write the code which is

async function doSomething() {
const protectedData = await SInfo.getAllItems({
sharedPreferencesName: 'onSharedPrefs',
keychainService: 'onKeychain',
touchID: true,
showModal: true, //required (Android) - Will prompt user's fingerprint on Android
strings: {
// optional (Android) - You can personalize your prompt
description: 'Unlock your privatekey ',
header: 'Need Your Biometry Permission',
},
// required (iOS) - A fallback string for iOS
kSecUseOperationPrompt:
'We need your permission to retrieve encrypted data',
});
console.log('Value', protectedData);
}

but I also retrieved all key/value from getAllKeys without proving any biometrics on Android Device.

Gradle Error: Could not find com.android.tools.build:gradle:4.1.0.

I am getting a new error (after a few months away from my project) that seems to point to react-native-secure-storage and a Gradle dependency. Here is the full error text:

Could not find com.android.tools.build:gradle:4.1.0.
Searched in the following locations:

https://jcenter.bintray.com/com/android/tools/build/gradle/4.1.0/gradle-4.1.0.pom
If the artifact you are trying to retrieve can be found in the repository but without metadata in 'Maven POM' format, you need to adjust the 'metadataSources { ... }' of the repository declaration.
Required by:
project :react-native-secure-storage
Add google Maven repository and sync project
Open File

The location it's searching in is not there, but I don't know where else to change it. I haven't had any luck with Android Studio updates helping, so I thought I would check here, as it seems to be this project that has that requirement.

Could not find com.android.tools:common:25.3.3.

Seeing the following error trying to run an android build.

A problem occurred configuring project ':react-native-secure-storage'.

Could not resolve all files for configuration ':react-native-secure-storage:classpath'.

Could not find com.android.tools:common:25.3.3.

 Searched in the following locations:

     https://jcenter.bintray.com/com/android/tools/common/25.3.3/common-25.3.3.pom

     https://jcenter.bintray.com/com/android/tools/common/25.3.3/common-25.3.3.jar

 Required by:

     project :react-native-secure-storage > com.android.tools.build:gradle:2.3.3 > com.android.tools.build:gradle-core:2.3.3 > com.android.tools.build:builder:2.3.3

     project :react-native-secure-storage > com.android.tools.build:gradle:2.3.3 > com.android.tools.build:gradle-core:2.3.3 > com.android.tools.build:builder:2.3.3 > com.android.tools.build:manifest-merger:25.3.3

     project :react-native-secure-storage > com.android.tools.build:gradle:2.3.3 > com.android.tools.build:gradle-core:2.3.3 > com.android.tools.build:builder:2.3.3 > com.android.tools.ddms:ddmlib:25.3.3

     project :react-native-secure-storage > com.android.tools.build:gradle:2.3.3 > com.android.tools.build:gradle-core:2.3.3 > com.android.tools.build:builder:2.3.3 > com.android.tools.analytics-library:shared:25.3.3

     project :react-native-secure-storage > com.android.tools.build:gradle:2.3.3 > com.android.tools.build:gradle-core:2.3.3 > com.android.tools.build:builder:2.3.3 > com.android.tools.analytics-library:tracker:25.3.3

     project :react-native-secure-storage > com.android.tools.build:gradle:2.3.3 > com.android.tools.build:gradle-core:2.3.3 > com.android.tools.build:builder:2.3.3 > com.android.tools:sdklib:25.3.3 > com.android.tools.layoutlib:layoutlib-api:25.3.3

     project :react-native-secure-storage > com.android.tools.build:gradle:2.3.3 > com.android.tools.build:gradle-core:2.3.3 > com.android.tools.build:builder:2.3.3 > com.android.tools:sdklib:25.3.3 > com.android.tools:dvlib:25.3.3

     project :react-native-secure-storage > com.android.tools.build:gradle:2.3.3 > com.android.tools.build:gradle-core:2.3.3 > com.android.tools.build:builder:2.3.3 > com.android.tools:sdklib:25.3.3 > com.android.tools:repository:25.3.3

Repeated touch ID prompts when accessing storage

I'm using your library in my project and it's fantastic! I've noticed a quirk however and I can't figure out why it's occurring. Whenever I write to the storage, touch authentication is always requested. We use touch to unlock our app and then we write to storage, so we get 2 touch id requests one after the other.

We're using it in our password manager that has an iOS extension for password autofill, and you can see the configs here and here (2 different uses of the storage).

We've tried seeing accessControl to null is in #6, but it still prompts us. The authenticationPrompt property seems to have no affect on what's displayed.

Have you seen this issue before? It's really bewildering us.

Problem on real devices

I am currently trying react-native-secure-storage and run into the following issue. On my local system everything runs fine but when running on a real device the call to setItem fails with the error message The user name or passphrase you entered is not correct.

My config:

const authSecureConfig = {
    accessControl: ACCESS_CONTROL.BIOMETRY_ANY_OR_DEVICE_PASSCODE,
    accessible: ACCESSIBLE.WHEN_UNLOCKED,
    authenticationPrompt: 'continue using qroll',
    service: 'qroll',
    authenticateType: AUTHENTICATION_TYPE.DEVICE_PASSCODE_OR_BIOMETRICS,
};

My code that throws the error:

await SecureStorage.setItem('auth0-refresh-token', credentials.refreshToken, authSecureConfig);

I do not get any popups or any other form of dialog to enter anything. Any ideas what this could be caused by? The iPad I am testing on has no TouchId but is secured with a passcode.

WARNING: API 'variant.getJavaCompile()' is obsolete and has been replaced with 'variant.getJavaCompileProvider()'. It will be removed at the end of 2019.

WARNING: API 'variant.getJavaCompile()' is obsolete and has been replaced with 'variant.getJavaCompileProvider()'.
It will be removed at the end of 2019.
For more information, see https://d.android.com/r/tools/task-configuration-avoidance.
REASON: Called from: ~/project/node_modules/react-native-secure-storage/android/build.gradle:97
WARNING: Debugging obsolete API calls can take time during configuration. It's recommended to not keep it on at all times.
Affected Modules: react-native-secure-storage

IOS devices always request Face Id to access SecureStorage ?

Hi,

In ios devices, when I get an item from SecureStorage, it always requests Face Id to continue. I tried all config but has no difference. Does it have an option to turn off BIOMETRY?

8 duplicate symbols for architecture x86_64

Hi.

It seems like this module is not compatible with react-native-keychain. As soon as I install and link this module in RN > 0.60, I see this error while building for iOS:

duplicate symbol '_authPolicy' in:
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNKeychain/libRNKeychain.a(RNKeychainManager.o)
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNSecureStorage/libRNSecureStorage.a(RNSecureStorage.o)
duplicate symbol '_messageForError' in:
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNKeychain/libRNKeychain.a(RNKeychainManager.o)
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNSecureStorage/libRNSecureStorage.a(RNSecureStorage.o)
duplicate symbol '_codeForError' in:
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNKeychain/libRNKeychain.a(RNKeychainManager.o)
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNSecureStorage/libRNSecureStorage.a(RNSecureStorage.o)
duplicate symbol '_rejectWithError' in:
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNKeychain/libRNKeychain.a(RNKeychainManager.o)
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNSecureStorage/libRNSecureStorage.a(RNSecureStorage.o)
duplicate symbol '_accessGroupValue' in:
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNKeychain/libRNKeychain.a(RNKeychainManager.o)
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNSecureStorage/libRNSecureStorage.a(RNSecureStorage.o)
duplicate symbol '_accessControlValue' in:
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNKeychain/libRNKeychain.a(RNKeychainManager.o)
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNSecureStorage/libRNSecureStorage.a(RNSecureStorage.o)
duplicate symbol '_accessibleValue' in:
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNKeychain/libRNKeychain.a(RNKeychainManager.o)
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNSecureStorage/libRNSecureStorage.a(RNSecureStorage.o)
duplicate symbol '_serviceValue' in:
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNKeychain/libRNKeychain.a(RNKeychainManager.o)
    /Users/sallar/Library/Developer/Xcode/DerivedData/Buttercup-aewhavlbvgapuwgsvqodosvrulab/Build/Products/Debug-iphonesimulator/RNSecureStorage/libRNSecureStorage.a(RNSecureStorage.o)
ld: 8 duplicate symbols for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)

Thank you.

I can't clear the storage!

I am now using this component to save the user credentials after login.
In the development, I want to remove the storage and like I did with Storage component of react native, I simply removed the app from the phone and installed it again.
But it's still having the credentials in the storage.
Is there anyway to clear that ?

Just doesn't work

Everytime I set a key, when I try to retrieve it, it shows undefined. Tried several times, many different ways. no luck.

Typescript Support

I'm getting the following error when trying to import the module.
Could not find a declaration file for module 'react-native-secure-storage'. '/Users/christopherreeves/MyKasuMobileV3/node_modules/react-native-secure-storage/index.js' implicitly has an 'any' type. Try npm i --save-dev @types/react-native-secure-storage if it exists or add a new declaration (.d.ts) file containing declare module 'react-native-secure-storage';

Will this module have Typescript support?

Crash on Android 5 - Proguard

While using this app on Android L (5) devices, our app crashes:

No pending exception expected: java.lang.NoSuchFieldError: no "J" field "mCtxPtr" in class "Lcom/facebook/crypto/cipher/NativeGCMCipher;" or its superclasses

I could mitigate this crash by adding this proguard rule:
-keep class com.facebook.crypto.** { *; }

I wonder, what are the correct proguard rules as it appears they are not shipped with the library?

Update ReadMe

Update ReadMe for Android

import li.yunqi.RNSecureStoragePackage; -> import li.yunqi.rnsecurestorage.RNSecureStoragePackage;

Is it possible to support requiring USER_PRESENCE on android?

The documentation states that accessible option is only for iOS. What is the default behavior for android? Is there any possibility of being able to configure this? It's fairly critical behavior.
Android documentation says it is possible. Any chance of using this? https://developer.android.com/training/articles/keystore#UserAuthentication

MultiGet support ?

Hi!
Can you provide the method MultiGet like 'react-native/AsyncStorage' ?