Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CP-9607: update android passkey implementation #2192

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

CP-9607: update android passkey implementation #2192

wants to merge 6 commits into from

Conversation

ruijialin-avalabs
Copy link
Contributor

@ruijialin-avalabs ruijialin-avalabs commented Jan 16, 2025
edited
Loading

Description

Changes done outside of mobile repo

  • PR to update assetlink.json in core-identity-frontend
  • Seedless org policy has been updated to include the Android apk-key-hash as origins under identity.core.app (this can be queried with cubesigner cli via cs org get (you will need to authenticate first) *we will need to make sure these org policy update is deploy from gamma to production prior to releasing this update

Ticket: CP-9607

  • use native Android passkey implementation
  • remove passkeyService.android.ts
  • add Passkey/Yubikey screen for k2-alpine
  • upgrade react-native-passkey
  • update passkeyService implementation to correctly convert buffer<->base64, and in case the base64 data is missing, fallback to use empty string to avoid conversion error

Screenshots/Videos

onboarding with android passkey and verifying android passkey

az_recorder_20250117_102851.mp4

Checklist

Please check all that apply (if applicable)

  • I have performed a self-review of my code
  • I have verified the code works
  • I have added/updated necessary unit tests
  • I have updated the documentation

ruijialin-avalabs
ruijialin-avalabs commented Jan 16, 2025
View reviewed changes
packages/core-mobile/app/seedless/hooks/useSeedlessRegister.ts
@@ -182,7 +182,7 @@ export const useSeedlessRegister = (): ReturnType => {
await SeedlessService.sessionManager.approveFido(
oidcAuth.oidcToken,
oidcAuth.mfaId,
false
true
Copy link
Contributor Author

@ruijialin-avalabs ruijialin-avalabs Jan 16, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should be true instead, if we don't know it is yubikey/passkey, we want to prompt both options to them.

ruijialin-avalabs
ruijialin-avalabs commented Jan 16, 2025
View reviewed changes
packages/core-mobile/app/seedless/utils/startRefreshSeedlessTokenFlow.ts
await sessionManager.approveFido(
oidcToken,
mfaId,
false //FIXME: this parameter is not needed, should refactor approveFido to remove it,
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should be true instead, if we don't know it is yubikey/passkey, we want to prompt both options to them.

ruijialin-avalabs
ruijialin-avalabs commented Jan 16, 2025
View reviewed changes
packages/core-mobile/app/services/passkey/PasskeyService.ts
? decodedResult.response.signature
: ''
) as Buffer,
userHandle: base64UrlToBuffer(
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

userHandle is null when authenticating with yubikey, so we check userhandle is in the reponse, if not, simply use empty string to convert to empty buffer.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@neven-s neven-s Awaiting requested review from neven-s neven-s is a code owner

@atn4z7 atn4z7 Awaiting requested review from atn4z7 atn4z7 is a code owner

@onghwan onghwan Awaiting requested review from onghwan onghwan is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ruijialin-avalabs