Allow additional options for authorize and support custom LAPolicy (#526

) * Update auth0-provider.js Fix issue passing Other configuration options to authorize call * Update auth0-provider.js Fix issue passing Other configuration options to authorize call * no message * no message * Code review changes and rename LAPolicy to Security Level * Removed unsupported policies from conversion * Fixed compilation error * Update ios/CredentialsManagerBridge.swift Co-authored-by: Rita Zerrizuela <zeta@widcket.com> * Update ios/CredentialsManagerBridge.swift Co-authored-by: Rita Zerrizuela <zeta@widcket.com> * Update ios/CredentialsManagerBridge.swift Co-authored-by: Rita Zerrizuela <zeta@widcket.com> * Update ios/CredentialsManagerBridge.swift Co-authored-by: Rita Zerrizuela <zeta@widcket.com> * Refactor name to LAPolicy * Use NSInteger * Defaults to deviceOwnerWithBiometrics * Start enum from 0 * Revert "Start enum from 0" This reverts commit 0364a67. * Refactor SecurityLevel to LAPolicy * Refactor LAPolicy to LocalAuthenticationStrategy * Update src/credentials-manager/index.js Co-authored-by: Rita Zerrizuela <zeta@widcket.com> * Update src/credentials-manager/index.js Co-authored-by: Rita Zerrizuela <zeta@widcket.com> * Trigger Build * Fix broken tests --------- Co-authored-by: Poovamraj T T <poovamraj@gmail.com> Co-authored-by: Rita Zerrizuela <zeta@widcket.com>
auth0 · Jan 31, 2023 · da04cb0 · da04cb0
1 parent 5de06c1
commit da04cb0
Show file tree

Hide file tree

Showing 6 changed files with 31 additions and 6 deletions.
diff --git a/index.js b/index.js
@@ -1,6 +1,7 @@
 export {TimeoutError} from './src/utils/fetchWithTimeout';
 export {default as useAuth0} from './src/hooks/use-auth0';
 export {default as Auth0Provider} from './src/hooks/auth0-provider';
+export {default as LocalAuthenticationStrategy} from './src/credentials-manager/localAuthenticationStrategy';
 
 import Auth0 from './src/auth0';
 export default Auth0;
diff --git a/ios/A0Auth0.m b/ios/A0Auth0.m
@@ -68,8 +68,8 @@ - (dispatch_queue_t)methodQueue
     [self.credentialsManagerBridge clearCredentialsWithResolve:resolve reject:reject];
 }
 
-RCT_EXPORT_METHOD(enableLocalAuthentication:(NSString *)title cancelTitle:(NSString *)cancelTitle fallbackTitle:(NSString *)fallbackTitle) {
-    [self.credentialsManagerBridge enableLocalAuthenticationWithTitle:title cancelTitle:title fallbackTitle:title];
+RCT_EXPORT_METHOD(enableLocalAuthentication:(NSString *)title cancelTitle:(NSString *)cancelTitle fallbackTitle:(NSString *)fallbackTitle evaluationPolicy:(NSInteger)evaluationPolicy) {
+    [self.credentialsManagerBridge enableLocalAuthenticationWithTitle:title cancelTitle:cancelTitle fallbackTitle:fallbackTitle evaluationPolicy: evaluationPolicy];
 }
 
 RCT_EXPORT_METHOD(showUrl:(NSString *)urlString

diff --git a/ios/CredentialsManagerBridge.swift b/ios/CredentialsManagerBridge.swift
@@ -7,6 +7,7 @@
 
 import Auth0
 import Foundation
+import LocalAuthentication
 
 @objc
 public class CredentialsManagerBridge: NSObject {
@@ -82,9 +83,17 @@ public class CredentialsManagerBridge: NSObject {
         resolve(credentialsManager.clear())
     }
 
-    @objc public func enableLocalAuthentication(title: String?, cancelTitle: String?, fallbackTitle: String?) {
+    @objc public func enableLocalAuthentication(title: String?, cancelTitle: String?, fallbackTitle: String?, evaluationPolicy: Int) {
         let titleValue = title ?? "Please authenticate to continue"
-        self.credentialsManager.enableBiometrics(withTitle: titleValue, cancelTitle: cancelTitle, fallbackTitle: fallbackTitle)
+        let policyValue = self.convert(policyInt: evaluationPolicy)
+        self.credentialsManager.enableBiometrics(withTitle: titleValue, cancelTitle: cancelTitle, fallbackTitle: fallbackTitle, evaluationPolicy: policyValue)
+    }
+
+    func convert(policyInt: Int) -> LAPolicy {
+        if (policyInt == 2) {
+            return LAPolicy.deviceOwnerAuthentication
+        }    
+        return LAPolicy.deviceOwnerAuthenticationWithBiometrics
     }
 }
 

diff --git a/src/credentials-manager/index.js b/src/credentials-manager/index.js
@@ -1,5 +1,6 @@
 import {Platform, NativeModules} from 'react-native';
 import CredentialsManagerError from './credentialsManagerError';
+import LocalAuthenticationStrategy from './localAuthenticationStrategy';
 
 class CredentialsManager {
   /**
@@ -83,13 +84,15 @@ class CredentialsManager {
    * @param {String} description Android Only - optional - the text to use as description in the authentication screen. On some Android versions it might not be shown. Passing null will result in using the OS's default value.
    * @param {String} cancelTitle iOS Only - optional - the cancel message to display on the local authentication prompt.
    * @param {String} fallbackTitle iOS Only - optional - the fallback message to display on the local authentication prompt after a failed match.
+   * @param {String} strategy iOS Only - optional - the evaluation policy to use when accessing the credentials. Defaults to LocalAuthenticationStrategy.deviceOwnerWithBiometrics.
    * @returns {Promise}
    */
   async requireLocalAuthentication(
     title,
     description,
     cancelTitle,
     fallbackTitle,
+    strategy = LocalAuthenticationStrategy.deviceOwnerWithBiometrics,
   ) {
     try {
       await this._ensureCredentialManagerIsInitialized();
@@ -98,6 +101,7 @@ class CredentialsManager {
           title,
           cancelTitle,
           fallbackTitle,
+          strategy
         );
       } else {
         await this.Auth0Module.enableLocalAuthentication(title, description);

diff --git a/src/credentials-manager/localAuthenticationStrategy.js b/src/credentials-manager/localAuthenticationStrategy.js
@@ -0,0 +1,6 @@
+const LocalAuthenticationStrategy = {
+  deviceOwnerWithBiometrics: 1,
+  deviceOwner: 2,
+}
+
+export default LocalAuthenticationStrategy;
diff --git a/src/hooks/__tests__/use-auth0.spec.js b/src/hooks/__tests__/use-auth0.spec.js
@@ -5,6 +5,7 @@ import * as React from 'react';
 import {renderHook} from '@testing-library/react-hooks';
 import Auth0Provider from '../auth0-provider';
 import useAuth0 from '../use-auth0';
+import LocalAuthenticationStrategy from '../../credentials-manager/localAuthenticationStrategy';
 import {act} from 'react-dom/test-utils';
 
 function makeJwt(claims) {
@@ -168,6 +169,8 @@ describe('The useAuth0 hook', () => {
       scope: 'custom-scope',
       audience: 'http://my-api',
       customParam: '1234',
+    }, {
+      ephemeralSession: true
     });
 
     await waitForNextUpdate();
@@ -177,8 +180,9 @@ describe('The useAuth0 hook', () => {
         scope: 'custom-scope openid profile email',
         audience: 'http://my-api',
         customParam: '1234',
+      }, {
+        ephemeralSession: true
       },
-      {},
     );
   });
 
@@ -449,11 +453,12 @@ describe('The useAuth0 hook', () => {
       'description',
       'cancel',
       'fallback',
+      LocalAuthenticationStrategy.deviceOwner
     );
 
     expect(
       mockAuth0.credentialsManager.requireLocalAuthentication,
-    ).toHaveBeenCalledWith('title', 'description', 'cancel', 'fallback');
+    ).toHaveBeenCalledWith('title', 'description', 'cancel', 'fallback', LocalAuthenticationStrategy.deviceOwner);
   });
 
   it('dispatches an error when requireLocalAuthentication fails', async () => {