UNPKG

capacitor-biometric-authentication

Version:

Framework-agnostic biometric authentication library. Works with React, Vue, Angular, or vanilla JS. No providers required!

github.com/aoneahsan/capacitor-biometric-authentication

aoneahsan/capacitor-biometric-authentication

221 lines (206 loc) 6.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
/** * Options for biometric authentication */ export interface BiometricAuthOptions { /** Title to display in the biometric prompt */ title?: string; /** Subtitle to display in the biometric prompt */ subtitle?: string; /** Description/reason to display in the biometric prompt */ description?: string; /** Reason for authentication (alias for description) */ reason?: string; /** Text for the fallback button */ fallbackButtonTitle?: string; /** Alias for fallbackButtonTitle */ fallbackTitle?: string; /** Text for the cancel button */ cancelButtonTitle?: string; /** Alias for cancelButtonTitle */ cancelTitle?: string; /** Whether to disable the fallback button */ disableFallback?: boolean; /** Alias for disableFallback */ disableDeviceCredential?: boolean; /** Maximum number of failed attempts before fallback */ maxAttempts?: number; /** Session timeout in milliseconds */ sessionTimeout?: number; /** Whether to require explicit confirmation after biometric */ requireConfirmation?: boolean; /** Whether to save credentials for future use */ saveCredentials?: boolean; /** WebAuthn specific options for web platform */ webAuthnOptions?: WebAuthnOptions; /** Android specific options */ androidOptions?: AndroidBiometricOptions; /** Platform-specific options (alternative structure) */ platform?: { web?: WebAuthPlatformOptions; android?: AndroidAuthPlatformOptions; ios?: IOSAuthPlatformOptions; }; } /** * WebAuthn options container */ export interface WebAuthnOptions { /** Options for credential creation (registration) */ create?: WebAuthnCreateOptions; /** Options for credential request (authentication) */ get?: WebAuthnGetOptions; } /** * WebAuthn credential creation options */ export interface WebAuthnCreateOptions { /** Challenge from the relying party's server */ challenge?: ArrayBuffer | Uint8Array | string; /** Relying party information */ rp?: { id?: string; name?: string; }; /** User account information */ user?: { id?: ArrayBuffer | Uint8Array | string; name?: string; displayName?: string; }; /** List of supported public key credential parameters */ pubKeyCredParams?: Array<{ alg: number; type: 'public-key'; }>; /** Authenticator selection criteria */ authenticatorSelection?: AuthenticatorSelectionCriteria; /** Timeout for the operation in milliseconds */ timeout?: number; /** Attestation preference */ attestation?: AttestationConveyancePreference; /** Attestation statement formats */ attestationFormats?: string[]; /** Credentials to exclude from creation */ excludeCredentials?: PublicKeyCredentialDescriptor[]; /** Extension inputs */ extensions?: Record<string, unknown>; /** Hints for user agent UI */ hints?: Array<'security-key' | 'client-device' | 'hybrid'>; } /** * WebAuthn credential request options */ export interface WebAuthnGetOptions { /** Challenge from the relying party's server */ challenge?: ArrayBuffer | Uint8Array | string; /** Relying party identifier */ rpId?: string; /** List of allowed credentials */ allowCredentials?: PublicKeyCredentialDescriptor[]; /** User verification requirement */ userVerification?: UserVerificationRequirement; /** Timeout for the operation in milliseconds */ timeout?: number; /** Extension inputs */ extensions?: Record<string, unknown>; /** Hints for user agent UI */ hints?: Array<'security-key' | 'client-device' | 'hybrid'>; /** Stored credential ID for mobile authentication */ storedCredentialId?: string; /** Stored credential raw ID for mobile authentication */ storedCredentialRawId?: string; /** Stored user ID for mobile authentication */ storedUserId?: string; } /** * Public key credential descriptor */ export interface PublicKeyCredentialDescriptor { id: ArrayBuffer | Uint8Array | string; type: 'public-key'; transports?: AuthenticatorTransport[]; } /** * Authenticator selection criteria */ export interface AuthenticatorSelectionCriteria { authenticatorAttachment?: AuthenticatorAttachment; requireResidentKey?: boolean; residentKey?: ResidentKeyRequirement; userVerification?: UserVerificationRequirement; } /** * Authenticator attachment type */ export type AuthenticatorAttachment = 'platform' | 'cross-platform'; /** * Resident key requirement */ export type ResidentKeyRequirement = 'discouraged' | 'preferred' | 'required'; /** * User verification requirement */ export type UserVerificationRequirement = 'discouraged' | 'preferred' | 'required'; /** * Attestation conveyance preference */ export type AttestationConveyancePreference = 'none' | 'indirect' | 'direct' | 'enterprise'; /** * Authenticator transport */ export type AuthenticatorTransport = 'ble' | 'hybrid' | 'internal' | 'nfc' | 'usb'; /** * Android-specific biometric options */ export interface AndroidBiometricOptions { /** Challenge for cryptographic operations */ challenge?: string | ArrayBuffer; /** Type of cryptographic operation to perform */ cryptoType?: 'signature' | 'cipher' | 'mac'; /** Key validity duration in seconds (-1 for auth required every time) */ authenticationValidityDuration?: number; /** Whether the key should be invalidated on new biometric enrollment */ invalidateOnEnrollment?: boolean; /** Require strong biometric (Class 3) */ requireStrongBiometric?: boolean; /** Key alias to use for cryptographic operations */ keyAlias?: string; /** Algorithm to use for signature operations */ signatureAlgorithm?: 'SHA256withRSA' | 'SHA256withECDSA' | 'SHA512withRSA' | 'SHA512withECDSA'; /** Key size for key generation */ keySize?: number; } /** * Web platform options (alternative structure) */ export interface WebAuthPlatformOptions { rpId?: string; rpName?: string; challenge?: ArrayBuffer; userVerification?: UserVerificationRequirement; timeout?: number; attestation?: AttestationConveyancePreference; authenticatorSelection?: AuthenticatorSelectionCriteria; } /** * Android platform options (alternative structure) */ export interface AndroidAuthPlatformOptions { title?: string; subtitle?: string; description?: string; negativeButtonText?: string; confirmationRequired?: boolean; deviceCredentialAllowed?: boolean; strongBiometricOnly?: boolean; } /** * iOS platform options */ export interface IOSAuthPlatformOptions { localizedReason?: string; localizedCancelTitle?: string; localizedFallbackTitle?: string; biometryType?: 'touchId' | 'faceId'; evaluatePolicy?: 'deviceOwnerAuthentication' | 'deviceOwnerAuthenticationWithBiometrics'; }