Android Fingerprint

.gitignore

@@ -2,6 +2,13 @@
 logs
 *.log
 
+#Android
+android/.gradle/
+android/.idea/
+android/android.iml
+android/local.properties
+android/react-native-keychain.iml
+
 # Runtime data
 pids
 *.pid

README.md

@@ -4,7 +4,7 @@
 
 [![Travis](https://img.shields.io/travis/oblador/react-native-keychain.svg)](https://travis-ci.org/oblador/react-native-keychain) [![npm](https://img.shields.io/npm/v/react-native-keychain.svg)](https://npmjs.com/package/react-native-keychain) [![npm](https://img.shields.io/npm/dm/react-native-keychain.svg)](https://npmjs.com/package/react-native-keychain)
 
-Keychain/Keystore Access for React Native. 
+Keychain/Keystore Access for React Native.
 
 ## Installation
 
@@ -89,9 +89,9 @@ Inquire if the type of local authentication policy is supported on this device w
 
 Get what type of hardware biometry support the device has. Resolves to a `Keychain.BIOMETRY_TYPE` value when supported, otherwise `null`.
 
-### `getSecurityLevel()` (Android only)
+### `getSecurityLevel({ accessControl })` (Android only)
 
-Get security level that is supported on the current device with the current OS.
+Get security level that is supported on the current device with the current OS for the `accessControl` option.
 
 ### Security Levels (Android only)
 
@@ -105,11 +105,11 @@ If set, `securityLevel` parameter specifies minimum security level that the encr
 
 | Key | Platform | Description | Default |
 |---|---|---|---|
-|**`accessControl`**|iOS only|This dictates how a keychain item may be used, see possible values in `Keychain.ACCESS_CONTROL`. |*None*|
+|**`accessControl`**|All|This dictates how a keychain item may be used, see possible values in `Keychain.ACCESS_CONTROL`. |*None*|
 |**`accessible`**|iOS only|This dictates when a keychain item is accessible, see possible values in `Keychain.ACCESSIBLE`. |*`Keychain.ACCESSIBLE.WHEN_UNLOCKED`*|
 |**`accessGroup`**|iOS only|In which App Group to share the keychain. Requires additional setup with entitlements. |*None*|
 |**`authenticationPrompt`**|iOS only|What to prompt the user when unlocking the keychain with biometry or device password. |`Authenticate to retrieve secret`|
-|**`authenticationType`**|iOS only|Policies specifying which forms of authentication are acceptable. |`Keychain.AUTHENTICATION_TYPE.DEVICE_PASSCODE_OR_BIOMETRICS`|
+|**`authenticationType`**|All|Policies specifying which forms of authentication are acceptable. |`Keychain.AUTHENTICATION_TYPE.DEVICE_PASSCODE_OR_BIOMETRICS`|
 |**`service`**|All|Reverse domain name qualifier for the service associated with password. |*App bundle ID*|
 
 #### `Keychain.ACCESS_CONTROL` enum
@@ -198,7 +198,7 @@ include ':app'
 + project(':react-native-keychain').projectDir = new File(rootProject.projectDir, '../node_modules/react-native-keychain/android')
 ```
 
-* Edit `android/app/build.gradle` (note: **app** folder) to look like this: 
+* Edit `android/app/build.gradle` (note: **app** folder) to look like this:
 
 ```diff
 apply plugin: 'com.android.application'
@@ -236,7 +236,7 @@ public class MainActivity extends extends ReactActivity {
   ...
 }
 ```
-  
+
 #### Proguard Rules
 
 On Android builds that use proguard (like release), you may see the following error:
@@ -256,7 +256,7 @@ If so, add a proguard rule in `proguard-rules.pro`:
 
 ## Notes
 
-### Android 
+### Android
 
 The module will automatically use the appropriate CipherStorage implementation based on API level:
 

RNKeychainManager/RNKeychainManager.m

@@ -285,7 +285,7 @@ - (OSStatus)deleteCredentialsForServer:(NSString *)server
 }
 #endif
 
-RCT_EXPORT_METHOD(setGenericPasswordForOptions:(NSDictionary *)options withUsername:(NSString *)username withPassword:(NSString *)password withSecurityLevel:(__unused NSString *)level resolver:(RCTPromiseResolveBlock)resolve rejecter:(RCTPromiseRejectBlock)reject)
+RCT_EXPORT_METHOD(setGenericPasswordForOptions:(NSDictionary *)options withUsername:(NSString *)username withPassword:(NSString *)password withSecurityLevel:(__unused NSString *)level withAccessControl:(__unused NSString *)accessControl resolver:(RCTPromiseResolveBlock)resolve rejecter:(RCTPromiseRejectBlock)reject)
 {
   NSString *service = serviceValue(options);
   NSDictionary *attributes = attributes = @{
@@ -359,7 +359,7 @@ - (OSStatus)deleteCredentialsForServer:(NSString *)server
   return resolve(@(YES));
 }
 
-RCT_EXPORT_METHOD(setInternetCredentialsForServer:(NSString *)server withUsername:(NSString*)username withPassword:(NSString*)password withSecurityLevel:(__unused NSString *)level withOptions:(NSDictionary *)options resolver:(RCTPromiseResolveBlock)resolve rejecter:(RCTPromiseRejectBlock)reject)
+RCT_EXPORT_METHOD(setInternetCredentialsForServer:(NSString *)server withUsername:(NSString*)username withPassword:(NSString*)password withSecurityLevel:(__unused NSString *)level withAccessControl:(__unused NSString *)accessControl withOptions:(NSDictionary *)options resolver:(RCTPromiseResolveBlock)resolve rejecter:(RCTPromiseRejectBlock)reject)
 {
   [self deleteCredentialsForServer:server];
 

android/build.gradle

@@ -1,10 +1,14 @@
 buildscript {
   repositories {
     jcenter()
+    maven {
+      url 'https://maven.google.com/'
+      name 'Google'
+    }
   }
 
   dependencies {
-    classpath 'com.android.tools.build:gradle:1.1.3'
+    classpath 'com.android.tools.build:gradle:3.2.1'
   }
 }
 
@@ -15,12 +19,12 @@ def safeExtGet(prop, fallback) {
 }
 
 android {
-    compileSdkVersion safeExtGet('compileSdkVersion', 28)
-    buildToolsVersion safeExtGet('buildToolsVersion', '26.0.3')
+  compileSdkVersion safeExtGet('compileSdkVersion', 28)
+  buildToolsVersion safeExtGet('buildToolsVersion', '28.0.3')
 
   defaultConfig {
+      targetSdkVersion safeExtGet('targetSdkVersion', 28)
     minSdkVersion safeExtGet('minSdkVersion', 16)
-    targetSdkVersion safeExtGet('targetSdkVersion', 26)
     versionCode 1
     versionName "1.0"
   }
@@ -31,9 +35,16 @@ android {
 
 repositories {
   mavenCentral()
+  maven {
+    url 'https://maven.google.com/'
+    name 'Google'
+  }
 }
 
 dependencies {
-  implementation 'com.facebook.react:react-native:+'
-  implementation 'com.facebook.conceal:conceal:1.1.3@aar'
+    implementation 'com.android.support:support-v4:27.0.2'
+    implementation 'com.facebook.react:react-native:+'
+    implementation 'com.facebook.conceal:conceal:1.1.3@aar'
+    implementation 'android.arch.lifecycle:runtime:1.1.0'
+    annotationProcessor 'android.arch.lifecycle:compiler:1.1.0'
 }

android/gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
-#Wed Oct 21 11:34:03 PDT 2015
+#Sun Oct 21 15:04:55 BST 2018
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-2.8-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-4.6-all.zip

android/src/main/AndroidManifest.xml

@@ -1,4 +1,6 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
     package="com.oblador.keychain">
-  <uses-permission  android:name="android.permission.USE_FINGERPRINT" />
+
+    <uses-permission android:name="android.permission.USE_BIOMETRIC" />
+    <uses-permission android:name="android.permission.USE_FINGERPRINT" />
 </manifest>

android/src/main/java/com/oblador/keychain/DeviceAvailability.java

@@ -1,5 +1,7 @@
 package com.oblador.keychain;
 
+import android.Manifest;
+import android.content.pm.PackageManager;
 import android.os.Build;
 import android.content.Context;
 import android.app.KeyguardManager;
@@ -10,7 +12,9 @@ public static boolean isFingerprintAuthAvailable(Context context) {
         if (android.os.Build.VERSION.SDK_INT >= 23) {
             FingerprintManager fingerprintManager =
                 (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
-            return fingerprintManager != null && fingerprintManager.isHardwareDetected() &&
+            return fingerprintManager != null &&
+                context.checkSelfPermission(Manifest.permission.USE_FINGERPRINT) == PackageManager.PERMISSION_GRANTED &&
+                fingerprintManager.isHardwareDetected() &&
                 fingerprintManager.hasEnrolledFingerprints();
         }
         return false;