react-native-keychain/index.js

283 lines
8.7 KiB
JavaScript

import { NativeModules, Platform } from 'react-native';
const { RNKeychainManager } = NativeModules;
export const ACCESSIBLE = {
WHEN_UNLOCKED: 'AccessibleWhenUnlocked',
AFTER_FIRST_UNLOCK: 'AccessibleAfterFirstUnlock',
ALWAYS: 'AccessibleAlways',
WHEN_PASSCODE_SET_THIS_DEVICE_ONLY: 'AccessibleWhenPasscodeSetThisDeviceOnly',
WHEN_UNLOCKED_THIS_DEVICE_ONLY: 'AccessibleWhenUnlockedThisDeviceOnly',
AFTER_FIRST_UNLOCK_THIS_DEVICE_ONLY:
'AccessibleAfterFirstUnlockThisDeviceOnly',
ALWAYS_THIS_DEVICE_ONLY: 'AccessibleAlwaysThisDeviceOnly',
};
export const ACCESS_CONTROL = {
USER_PRESENCE: 'UserPresence',
BIOMETRY_ANY: 'BiometryAny',
BIOMETRY_CURRENT_SET: 'BiometryCurrentSet',
DEVICE_PASSCODE: 'DevicePasscode',
BIOMETRY_ANY_OR_DEVICE_PASSCODE: 'BiometryAnyOrDevicePasscode',
BIOMETRY_CURRENT_SET_OR_DEVICE_PASSCODE: 'BiometryCurrentSetOrDevicePasscode',
};
export const AUTHENTICATION_TYPE = {
DEVICE_PASSCODE_OR_BIOMETRICS: 'AuthenticationWithBiometricsDevicePasscode',
BIOMETRICS: 'AuthenticationWithBiometrics',
};
export const BIOMETRY_TYPE = {
TOUCH_ID: 'TouchID',
FACE_ID: 'FaceID',
};
type SecAccessible =
| 'AccessibleWhenUnlocked'
| 'AccessibleAfterFirstUnlock'
| 'AccessibleAlways'
| 'AccessibleWhenPasscodeSetThisDeviceOnly'
| 'AccessibleWhenUnlockedThisDeviceOnly'
| 'AccessibleAfterFirstUnlockThisDeviceOnly'
| 'AccessibleAlwaysThisDeviceOnly';
type Options = {
accessGroup?: string,
accessible?: SecAccessible,
service?: string,
};
type SecAccessControl =
| 'UserPresence'
| 'BiometryAny'
| 'BiometryCurrentSet'
| 'DevicePasscode'
| 'BiometryAnyOrDevicePasscode'
| 'BiometryCurrentSetOrDevicePasscode';
type LAPolicy = 'Authentication' | 'AuthenticationWithBiometrics';
type SecureOptions = {
accessControl?: SecAccessControl,
accessGroup?: string,
authenticationPrompt?: string,
authenticationType?: LAPolicy,
service?: string,
};
/**
* Inquire if the type of local authentication policy (LAPolicy) is supported
* on this device with the device settings the user chose.
* @param {object} options LAPolicy option, iOS only
* @return {Promise} Resolves to `true` when supported, otherwise `false`
*/
export function canImplyAuthentication(options?: SecureOptions): Promise {
if (RNKeychainManager.canCheckAuthentication) {
return Promise.reject(
new Error(`canImplyAuthentication() is not supported on this platform`)
);
}
return RNKeychainManager.canCheckAuthentication(options);
}
/**
* Get what type of local authentication policy (LAPolicy) is supported
* on this device with the device settings the user chose.
* @return {Promise} Resolves to a `BIOMETRY_TYPE` when supported, otherwise `null`
*/
export function getSupportedBiometryType(): Promise {
if (!RNKeychainManager.getSupportedBiometryType) {
return Promise.resolve(null);
}
return RNKeychainManager.getSupportedBiometryType();
}
/**
* Saves the `username` and `password` combination securely - needs authentication to retrieve it.
* @param {string} username Associated username or e-mail to be saved.
* @param {string} password Associated password to be saved.
* @param {object} options Keychain options, iOS only
* @return {Promise} Resolves to `true` when successful
*/
export function setPasswordWithAuthentication(
username: string,
password: string,
options?: SecureOptions
): Promise {
if (Platform.OS !== 'ios') {
return Promise.reject(
new Error(
`setPasswordWithAuthentication() is not supported on ${Platform.OS} yet`
)
);
}
return RNKeychainManager.setPasswordWithAuthentication(
options,
username,
password
);
}
/**
* Fetches login combination for `service` - demands for authentication if necessary.
* @param {string|object} serviceOrOptions Reverse domain name qualifier for the service, defaults to `bundleId` or an options object.
* @return {Promise} Resolves to `{ service, username, password }` when successful
*/
export function getPasswordWithAuthentication(
options?: SecureOptions
): Promise {
if (Platform.OS !== 'ios') {
return Promise.reject(
new Error(
`getPasswordWithAuthentication() is not supported on ${Platform.OS} yet`
)
);
}
return RNKeychainManager.getPasswordWithAuthentication(options);
}
/**
* Saves the `username` and `password` combination for `server`.
* @param {string} server URL to server.
* @param {string} username Associated username or e-mail to be saved.
* @param {string} password Associated password to be saved.
* @param {object} options Keychain options, iOS only
* @return {Promise} Resolves to `true` when successful
*/
export function setInternetCredentials(
server: string,
username: string,
password: string,
options?: Options
): Promise {
return RNKeychainManager.setInternetCredentialsForServer(
server,
username,
password,
options
);
}
/**
* Fetches login combination for `server`.
* @param {string} server URL to server.
* @param {object} options Keychain options, iOS only
* @return {Promise} Resolves to `{ server, username, password }` when successful
*/
export function getInternetCredentials(
server: string,
options?: Options
): Promise {
return RNKeychainManager.getInternetCredentialsForServer(server, options);
}
/**
* Deletes all internet password keychain entries for `server`.
* @param {string} server URL to server.
* @param {object} options Keychain options, iOS only
* @return {Promise} Resolves to `true` when successful
*/
export function resetInternetCredentials(
server: string,
options?: Options
): Promise {
return RNKeychainManager.resetInternetCredentialsForServer(server, options);
}
function getOptionsArgument(serviceOrOptions?: string | KeychainOptions) {
if (Platform.OS !== 'ios') {
return typeof serviceOrOptions === 'object'
? serviceOrOptions.service
: serviceOrOptions;
}
return typeof serviceOrOptions === 'string'
? { service: serviceOrOptions }
: serviceOrOptions;
}
/**
* Saves the `username` and `password` combination for `service`.
* @param {string} username Associated username or e-mail to be saved.
* @param {string} password Associated password to be saved.
* @param {string|object} serviceOrOptions Reverse domain name qualifier for the service, defaults to `bundleId` or an options object.
* @return {Promise} Resolves to `true` when successful
*/
export function setGenericPassword(
username: string,
password: string,
serviceOrOptions?: string | KeychainOptions
): Promise {
return RNKeychainManager.setGenericPasswordForOptions(
getOptionsArgument(serviceOrOptions),
username,
password
);
}
/**
* Fetches login combination for `service`.
* @param {string|object} serviceOrOptions Reverse domain name qualifier for the service, defaults to `bundleId` or an options object.
* @return {Promise} Resolves to `{ service, username, password }` when successful
*/
export function getGenericPassword(
serviceOrOptions?: string | KeychainOptions
): Promise {
return RNKeychainManager.getGenericPasswordForOptions(
getOptionsArgument(serviceOrOptions)
);
}
/**
* Deletes all generic password keychain entries for `service`.
* @param {string|object} serviceOrOptions Reverse domain name qualifier for the service, defaults to `bundleId` or an options object.
* @return {Promise} Resolves to `true` when successful
*/
export function resetGenericPassword(
serviceOrOptions?: string | KeychainOptions
): Promise {
return RNKeychainManager.resetGenericPasswordForOptions(
getOptionsArgument(serviceOrOptions)
);
}
/**
* Asks the user for a shared web credential.
* @return {Promise} Resolves to `{ server, username, password }` if approved and
* `false` if denied and throws an error if not supported on platform or there's no shared credentials
*/
export function requestSharedWebCredentials(): Promise {
if (Platform.OS !== 'ios') {
return Promise.reject(
new Error(
`requestSharedWebCredentials() is not supported on ${Platform.OS} yet`
)
);
}
return RNKeychainManager.requestSharedWebCredentials();
}
/**
* Sets a shared web credential.
* @param {string} server URL to server.
* @param {string} username Associated username or e-mail to be saved.
* @param {string} password Associated password to be saved.
* @return {Promise} Resolves to `true` when successful
*/
export function setSharedWebCredentials(
server: string,
username: string,
password: string
): Promise {
if (Platform.OS !== 'ios') {
return Promise.reject(
new Error(
`setSharedWebCredentials() is not supported on ${Platform.OS} yet`
)
);
}
return RNKeychainManager.setSharedWebCredentialsForServer(
server,
username,
password
);
}