Android support, and rebranding to nativescript-fingerprint-auth because of it

Author: EddyVerbruggen

README.md

@@ -1,30 +1,29 @@
-# NativeScript Touch ID Plugin
-
-Use the iOS fingerprint scanner in your {N} app.
+# NativeScript Fingerprint authentication Plugin
+Formerly known as `nativescript-fingerprint-auth`
 
 <img src="images/fingerprint.png" />
 
 ### Use when
 * You want to know if the device runing your app has enrolled for [Touch ID](https://support.apple.com/en-us/HT201371),
-* You want to leverage the TouchID sensor in your {N} app.
+* You want to leverage a fingerprint scanner in your {N} app.
 
 ## Installation
 From the command prompt go to your app's root folder and execute:
 ```
-tns plugin add nativescript-touchid
+tns plugin add nativescript-fingerprint-auth
 ```
 
 ## Usage
 
-If you want a quickstart, [clone our demo app](https://github.com/EddyVerbruggen/nativescript-touchid-demo).
+If you want a quickstart, [clone our demo app](https://github.com/EddyVerbruggen/nativescript-fingerprint-auth-demo).
 
 Want a nicer guide than these raw code samples? Read [Nic Raboy's blog post about this plugin](https://www.thepolyglotdeveloper.com/2016/03/add-touch-id-authentication-support-to-your-nativescript-app/).
 
 ### function: available
 ```js
-  var touchid = require("nativescript-touchid");
+  var fingerprintAuth = require("nativescript-fingerprint-auth");
 
-  touchid.available().then(
+  fingerprintAuth.available().then(
       function(avail) {
         console.log("Available? " + avail);
       }
@@ -34,9 +33,10 @@ Want a nicer guide than these raw code samples? Read [Nic Raboy's blog post abou
 ### function: verifyFingerprint
 
 ```js
-  touchid.verifyFingerprint({
-    message: 'Scan yer finger', // optional, shown in the fingerprint dialog (default on ios: 'Scan your finger', default on android: 'We are doing this for your own security.').
-    title: 'Android title' // optional title for android,(default: 'Please confirm your credentials.')
+  fingerprintAuth.verifyFingerprint({
+    title: 'Android title', // optional title (used only on Android)
+    message: 'Scan yer finger', // optional (used on both platforms)
+    authenticationValidityDuration: 10 // optional (used on Android, default 0)
   }).then(
       function() {
         console.log("Fingerprint was OK");
@@ -52,7 +52,7 @@ Want a nicer guide than these raw code samples? Read [Nic Raboy's blog post abou
 #### Note: not implemented in android yet
 
 ```js
-  touchid.verifyFingerprintWithCustomFallback({
+  fingerprintAuth.verifyFingerprintWithCustomFallback({
     message: 'Scan yer finger', // optional, shown in the fingerprint dialog (default: 'Scan your finger').
     fallbackMessage: 'Enter PIN' // optional, the button label when scanning fails (default: 'Enter password').
   }).then(
@@ -77,10 +77,10 @@ before accepting valid fingerprints again.
 #### Note: not implemented in android yet
 
 ```js
-touchid.available().then(
+fingerprintAuth.available().then(
     function(avail) {
       if (avail) {
-        touchid.didFingerprintDatabaseChange().then(
+        fingerprintAuth.didFingerprintDatabaseChange().then(
             function(changed) {
               if (changed) {
                 // re-auth the user by asking for his credentials before allowing a fingerprint scan again
@@ -95,6 +95,7 @@ touchid.available().then(
 ```
 
 ## Changelog
+- 3.0.0  Android support added. Renamed `nativescript-touchid` to `nativescript-fingerprint-auth` (sorry for any inconvenience!)
 - 2.1.1  Xcode 8 compatibility - requires NativeScript 2.3.0+.
 - 2.1.0  Added `didFingerprintDatabaseChange` for enhanced security.
 - 2.0.0  Added `verifyFingerprintWithCustomFallback`, `verifyFingerprint` now falls back to the passcode.

touchid.android.js renamed to fingerprint-auth.android.js

@@ -1,60 +1,45 @@
-
 var app = require('application');
 var utils = require('utils/utils');
 
-var KeyguardManager = android.app.KeyguardManager;
-var ActivityCompat = android.support.v4.app.ActivityCompat;
-var Manifest = android.Manifest;
-var PackageManager = android.content.pm.PackageManager;
 var KeyStore = java.security.KeyStore;
 var Cipher = javax.crypto.Cipher;
 var KeyGenerator = javax.crypto.KeyGenerator;
 var KeyProperties = android.security.keystore.KeyProperties;
-var SecretKey = javax.crypto.SecretKey;
 var KeyGenParameterSpec = android.security.keystore.KeyGenParameterSpec;
 
-
-//var FingerprintManager;
-
-//var KEYGUARD_SYSTEM_SERVICE = "keyguard";
-var KEY_NAME = 'fingerprintscanner';
+var KEY_NAME = 'fingerprintauth';
 var SECRET_BYTE_ARRAY = Array.create('byte', 16);
 var REQUEST_CODE_CONFIRM_DEVICE_CREDENTIALS = 1;
-var AUTHENTICATION_DURATION = 15; // in seconds
 
 var activity = null;
-
 var keyguardManager = null;
 
-var title = null;
-var message = null;
-
 var available = function () {
   return new Promise(function (resolve, reject) {
 
     keyguardManager = utils.ad.getApplicationContext().getSystemService("keyguard");
 
-    if (!keyguardManager.isKeyguardSecure()) { 
-        resolve(false);
-        return;
+    if (!keyguardManager.isKeyguardSecure()) {
+      resolve(false);
+      return;
     }
 
-     if (android.os.Build.VERSION.SDK_INT >= 23) { //23 == android.os.BUILD.M
-          //Fingerprint API only available on from Android 6.0 (M)
-          var fingerprintManager = utils.ad.getApplicationContext().getSystemService("fingerprint");
-          if (!fingerprintManager.isHardwareDetected()) { 
-              // Device doesn't support fingerprint authentication
-              reject('Device doesn\'t support fingerprint authentication');     
-          } else if (!fingerprintManager.hasEnrolledFingerprints()) { 
-              // User hasn't enrolled any fingerprints to authenticate with 
-              reject('User hasn\'t enrolled any fingerprints to authenticate with');    
-          } else { 
-              resolve(true);
-          }
-      }else{
-          reject('Your api version don\'t support fingerprint auth');
+    if (android.os.Build.VERSION.SDK_INT >= 23) { //23 == android.os.BUILD.M
+      //Fingerprint API only available on from Android 6.0 (M)
+      var fingerprintManager = utils.ad.getApplicationContext().getSystemService("fingerprint");
+      if (!fingerprintManager.isHardwareDetected()) {
+        // Device doesn't support fingerprint authentication
+        reject('Device doesn\'t support fingerprint authentication');
+      } else if (!fingerprintManager.hasEnrolledFingerprints()) {
+        // User hasn't enrolled any fingerprints to authenticate with
+        reject('User hasn\'t enrolled any fingerprints to authenticate with');
+      } else {
+        resolve(true);
       }
-    
+    }else{
+      reject('Your api version don\'t support fingerprint auth');
+    }
+
     resolve(true);
   });
 };
@@ -67,10 +52,6 @@ var didFingerprintDatabaseChange = function () {
 
 
 var verifyFingerprint = function (arg) {
-  if(arg){
-    if(arg.title) title = arg.title;
-    if(arg.message) message = arg.message;
-  }
   return new Promise(function (resolve, reject) {
     activity = app.android.foregroundActivity;
     try {
@@ -86,16 +67,19 @@ var verifyFingerprint = function (arg) {
         }
       };
 
-      if (keyguardManager == null) {
+      if (keyguardManager === null) {
         reject('Sorry, your device does not support keyguardManager.');
       }
       if (keyguardManager && !keyguardManager.isKeyguardSecure()) {
         reject('Secure lock screen hasn\'t been set up.\n Go to "Settings -> Security -> Screenlock" to set up a lock screen.');
       }
 
-      createKey();
-      tryEncrypt(); 
-      
+      createKey(arg);
+
+      if (tryEncrypt(arg)) {
+        resolve(true);
+      }
+
     } catch (ex) {
       console.log("Error in verifyFingerprint: " + ex);
       reject(ex);
@@ -119,77 +103,71 @@ var verifyFingerprintWithCustomFallback = function (arg) {
  * Creates a symmetric key in the Android Key Store which can only be used after the user has
  * authenticated with device credentials within the last X seconds.
  */
-function createKey() {
+function createKey(arg) {
   try {
     var keyStore = KeyStore.getInstance('AndroidKeyStore');
     keyStore.load(null);
     var keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, 'AndroidKeyStore');
 
     keyGenerator.init(
-      new KeyGenParameterSpec.Builder(KEY_NAME, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
-        .setBlockModes([KeyProperties.BLOCK_MODE_CBC])
-        .setUserAuthenticationRequired(true)
-        .setUserAuthenticationValidityDurationSeconds(AUTHENTICATION_DURATION)
-        .setEncryptionPaddings([KeyProperties.ENCRYPTION_PADDING_PKCS7])
-        .build()
+        new KeyGenParameterSpec.Builder(KEY_NAME, KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
+            .setBlockModes([KeyProperties.BLOCK_MODE_CBC])
+            .setUserAuthenticationRequired(true)
+            .setUserAuthenticationValidityDurationSeconds(arg && arg.authenticationValidityDuration ? arg.authenticationValidityDuration : 0)
+            .setEncryptionPaddings([KeyProperties.ENCRYPTION_PADDING_PKCS7])
+            .build()
     );
     keyGenerator.generateKey();
   } catch (error) {
     // checks if the AES algorithm is implemented by the AndroidKeyStore
     if ((error.nativeException + '').indexOf('java.security.NoSuchAlgorithmException:') > -1) {
-     //You need a device with API level >= 23 in order to detect if the user has already been authenticated in the last x seconds.
+      //You need a device with API level >= 23 in order to detect if the user has already been authenticated in the last x seconds.
     }
   }
 }
 
-
-function tryEncrypt() {
+function tryEncrypt(arg) {
   try {
     var keyStore = KeyStore.getInstance('AndroidKeyStore');
     keyStore.load(null);
     var secretKey = keyStore.getKey(KEY_NAME, null);
 
     var cipher = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/" +
-                                    KeyProperties.BLOCK_MODE_CBC + "/" +
-                                    KeyProperties.ENCRYPTION_PADDING_PKCS7);
+        KeyProperties.BLOCK_MODE_CBC + "/" +
+        KeyProperties.ENCRYPTION_PADDING_PKCS7);
 
     cipher.init(Cipher.ENCRYPT_MODE, secretKey);
     cipher.doFinal(SECRET_BYTE_ARRAY);
-    
+
     return true;
   } catch (error) {
     if ((error.nativeException + '').indexOf('android.security.keystore.UserNotAuthenticatedException') > -1) {
       // the user must provide their credentials in order to proceed
-      showAuthenticationScreen();
+      showAuthenticationScreen(arg);
     } else if((error.nativeException + '').indexOf('android.security.keystore.KeyPermanentlyInvalidatedException') > -1){
       //Invalid fingerprint
       console.log(error);
     } else {
       console.log(error);
     }
-
     return false;
   }
 }
 
 /**
  * Starts the built-in Android ConfirmDeviceCredential activity.
  */
-function showAuthenticationScreen() {
-  // title and description are optional, if you want the defaults,
-  // you must pass nulls to the factory function
-
-  if(title === null) title = 'Please confirm your credentials.';
-  if(message === null) message = 'We are doing this for your own security.';
-  var intent = keyguardManager.createConfirmDeviceCredentialIntent(title, message);
-
-  if (intent != null) {
+function showAuthenticationScreen(arg) {
+  var intent = keyguardManager.createConfirmDeviceCredentialIntent(
+      arg && arg.title ? arg.title : null,
+      arg && arg.message ? arg.message : null
+  );
+  if (intent !== null) {
     activity.startActivityForResult(intent, REQUEST_CODE_CONFIRM_DEVICE_CREDENTIALS);
   }
 }
 
 
-
 exports.available = available;
 exports.didFingerprintDatabaseChange = didFingerprintDatabaseChange;
 exports.verifyFingerprint = verifyFingerprint;

touchid.d.ts renamed to fingerprint-auth.d.ts

@@ -1,18 +1,17 @@
-declare module "nativescript-touchid" {
+declare module "nativescript-fingerprint-auth" {
 
   export interface VerifyFingerprintOptions {
     /**
-     * The optional message in the fingerprint dialog on ios and page description on android.
-     * Default: 'Scan your finger'.
+     * The optional title in the fingerprint page for android.
+     * Default: whatever the device default is ('Confirm your password' is likely)
      */
-    message?: string;
+    title?: string;
 
     /**
-     * The optional title in the fingerprint page for android.
-     * Default: 'We are doing this for your own security'.
+     * The optional message in the fingerprint dialog on ios and page description on android.
+     * Default: 'Scan your finger' on iOS and the device default on Android (which is likely 'Enter your device password to continue').
      */
-
-    title?: string;
+    message?: string;
   }
 
   export interface verifyFingerprintWithCustomFallbackOptions {

touchid.ios.js renamed to fingerprint-auth.ios.js

@@ -10,7 +10,7 @@ var available = function () {
           LAContext.new().canEvaluatePolicyError(
               LAPolicyDeviceOwnerAuthenticationWithBiometrics, null));
     } catch (ex) {
-      console.log("Error in touchid.available: " + ex);
+      console.log("Error in fingerprint-auth.available: " + ex);
       resolve(false);
     }
   });
@@ -51,7 +51,7 @@ var didFingerprintDatabaseChange = function () {
         resolve(changed);
       }
     } catch (ex) {
-      console.log("Error in touchid.didFingerprintDatabaseChange: " + ex);
+      console.log("Error in fingerprint-auth.didFingerprintDatabaseChange: " + ex);
       resolve(false);
     }
   });
@@ -90,7 +90,7 @@ var verifyFingerprint = function (arg) {
       }
 
     } catch (ex) {
-      console.log("Error in touchid.verifyFingerprint: " + ex);
+      console.log("Error in fingerprint-auth.verifyFingerprint: " + ex);
       reject(ex);
     }
   });
@@ -124,7 +124,7 @@ var verifyFingerprintWithCustomFallback = function (arg) {
           }
       );
     } catch (ex) {
-      console.log("Error in touchid.verifyFingerprint: " + ex);
+      console.log("Error in fingerprint-auth.verifyFingerprint: " + ex);
       reject(ex);
     }
   });

package.json

@@ -1,8 +1,8 @@
 {
-  "name": "nativescript-touchid",
-  "version": "2.1.1",
-  "description": "A TouchID (fingerprint scanner) module for use in NativeScript apps",
-  "main": "touchid.js",
+  "name": "nativescript-fingerprint-auth",
+  "version": "3.0.0",
+  "description": "A fingerprint authentication plugin for use in NativeScript apps",
+  "main": "fingerprint-auth.js",
   "nativescript": {
     "platforms": {
       "android": "2.3.0",
@@ -11,11 +11,13 @@
   },
   "repository": {
     "type": "git",
-    "url": "https://github.com/eddyverbruggen/nativescript-touchid.git"
+    "url": "https://github.com/eddyverbruggen/nativescript-fingerprint-auth.git"
   },
   "keywords": [
     "NativeScript",
     "ecosystem:nativescript",
+    "iOS",
+    "Android",
     "TouchID",
     "Touch ID",
     "Fingerprint",
@@ -28,10 +30,10 @@
   },
   "license": {
     "type": "MIT",
-    "url": "https://github.com/eddyverbruggen/nativescript-touchid/blob/master/LICENSE"
+    "url": "https://github.com/eddyverbruggen/nativescript-fingerprint-auth/blob/master/LICENSE"
   },
   "bugs": {
-    "url": "https://github.com/eddyverbruggen/nativescript-touchid/issues"
+    "url": "https://github.com/eddyverbruggen/nativescript-fingerprint-auth/issues"
   },
-  "homepage": "https://github.com/eddyverbruggen/nativescript-touchid"
+  "homepage": "https://github.com/eddyverbruggen/nativescript-fingerprint-auth"
 }