Titanium JIRA Archive
Appcelerator Modules (MOD)

[MOD-2382] Android Touch ID Module bugs/ Queries

GitHub Issuen/a
TypeBug
PriorityCritical
StatusClosed
ResolutionFixed
Resolution Date2018-02-28T22:13:55.000+0000
Affected Version/sn/a
Fix Version/sRelease 7.1.0
ComponentsTouchID
Labelsn/a
ReporterVictor Vazquez Montero
AssigneeGary Mathews
Created2017-12-15T20:32:10.000+0000
Updated2018-03-14T20:51:29.000+0000

Description

Issue: Customer has uncovered some bugs

1. TouchID.invalidate() results in the crash. Please let me know if I am using it incorrectly or is it an actual bug. The idea is to stop Android device from listening for fingerprint as there is no modal dialogue being presented by Android OS unlike iOS where user is presented with a dialogue and has a way of cancelling out of it. 2. Consider following TouchID item declaration supplied by Eric Merriman: var TouchID = require('ti.touchid'); keychainItem = TouchID.createKeychainItem({ identifier: 'MeridianTest10', accessibilityMode: TouchID.ACCESSIBLE_WHEN_PASSCODE_SET_THIS_DEVICE_ONLY }); This code should allow us to save/read keychain values without having to provide fingerprint given that there is pin/gesture/passcode setup on the device. There are 3 separate issues here: a) When trying to read keychain value back I always get empty value. This also happens if I call update on the keychain item and try to read it back. b) Once passcode/pin/gesture are removed I am still able to do save/read/update operations. In my opinion keychain item should be invalidated if it happens. c) There is no way to check whether passcode/pin/gesture are setup on device. TouchID.authenticationPolicy = TouchID.AUTHENTICATION_POLICY_PASSCODE; var res = TouchID.deviceCanAuthenticate(); On iOS this code will return TouchID.ERROR_PASSCODE_NOT_SET constant, on Android it returns "No fingerprints found" message. 4) When accessControlModeis set to TouchID.ACCESS_CONTROL_TOUCH_ID_CURRENT_SET and I remove a fingerprint, I am still able to authenticate keychain item. On iOS keychain item is invalidated when user adds or removes a fingerprint. Is this OS limitation? 5) noticed when accessControlMode is set to TouchID.ACCESS_CONTROL_TOUCH_ID_CURRENT_SET and users adds a fingerprint I get error code ERROR_KEY_PERMANENTLY_INVALIDATED. After a quick google search I noticed this happens when there is a change to lock screen settings. Is there a full list of action that would result in this error available anywhere? 6)After 5 unsuccessful fingerprint authentication attempts it is possible to try again after about 15 seconds. On iOS it is possible to do it right away given you put phone to sleep, awake it and type passcode. Is it possible to achieve same functionality? If no, is it possible to control 15 second time frame?

Attachments

FileDateSize
AndroidTouchID.zip2017-12-15T20:34:02.000+00009373468
saveAndRead.gif2018-01-11T22:22:13.000+00001221867

Comments

  1. Victor Vazquez Montero 2017-12-15

    For the first Issue we were able to reproduce but for second we dont have device with Fingerprint reader
  2. Victor Vazquez Montero 2017-12-18

    [~gmathews] Nikita from Meridian said she was working with you on this. Would you be able to look into this?
  3. Victor Vazquez Montero 2017-12-19

    [~gmathews] Nikita raised an additional concern: {quote}I have one additional concern I wanted to raise. Currently ERROR_KEY_PERMANENTLY_INVALIDATED is only being thrown when user attempts to read/save/update keychain item. Both deviceCanAuthenticate and fetchExistence methods return true if the key is invalidated. This allows for a situation when I have to ask user to provide fingerprint just to find out whether key is still valid. This is a very bad UX and we will need that fixed asap. Two possible solutions I see here is to either have either deviceCanAuthenticate/fetchExistence return that error or to implement a new method to check if the key is invalidated. {quote}
  4. Gary Mathews 2018-01-05

    ti.touchid: https://github.com/appcelerator-modules/ti.touchid/pull/39 ti.identity: https://github.com/appcelerator-modules/titanium-identity/pull/7
  5. Gary Mathews 2018-02-28

    master: https://github.com/appcelerator/titanium_mobile/pull/9891 7_1_X: https://github.com/appcelerator/titanium_mobile/pull/9892
  6. Lokesh Choudhary 2018-02-28

    FR Passed.
  7. Lokesh Choudhary 2018-02-28

    PR's merged.
  8. Lokesh Choudhary 2018-03-14

    Verified the fix in SDK 7.1.0.v20180308150545 & 7.2.0.v20180314132221. Closing. Studio Ver: 5.0.0.201712081732 OS Ver: 10.13.2 Xcode Ver: Xcode 9.2 Appc NPM: 4.2.12 Appc CLI: 7.0.2 Daemon Ver: 1.0.1 Ti CLI Ver: 5.0.14 Alloy Ver: 1.11.0 Node Ver: 8.9.1 NPM Ver: 5.5.1 Java Ver: 1.8.0_101 Devices: ⇨ google Nexus 6P --- Android 8.0.0 ⇨ google Nexus 5 --- Android 6.0.1

JSON Source