{ "id": "171614", "key": "MOD-2420", "fields": { "issuetype": { "id": "1", "description": "A problem which impairs or prevents the functions of the product.", "name": "Bug", "subtask": false }, "project": { "id": "10034", "key": "MOD", "name": "Appcelerator Modules", "projectCategory": { "id": "10100", "description": "Titanium and related SDKs used in application development", "name": "Client" } }, "fixVersions": [ { "id": "20181", "name": "Ti.Identity iOS 1.0.5", "archived": false, "released": false } ], "resolution": { "id": "1", "description": "A fix for this issue is checked into the tree and tested.", "name": "Fixed" }, "resolutiondate": "2018-05-11T10:19:07.000+0000", "created": "2018-05-04T14:09:29.000+0000", "priority": { "name": "Critical", "id": "1" }, "labels": [ "extension", "keychain-access" ], "versions": [], "issuelinks": [], "assignee": { "name": "hknoechel", "key": "hansknoechel", "displayName": "Hans Knöchel", "active": true, "timeZone": "Europe/Berlin" }, "updated": "2018-05-11T10:19:56.000+0000", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "components": [ { "id": "14565", "name": "TouchID" } ], "description": "I want to store a string in the Keychain (using Ti.Identity) and read it back in an iOS Share Extension.\r\n\r\nThis is simple to do while using a 100% native project. I've tried it using APSKeychainWrapper class (included in Ti.Identity) just to check that it works, and indeed it work. The problem is that using an Appcelerator app with an iOS extension, it doesn't work.\r\n\r\nLooking at the source code I've seen that you hardcoded the Keychain Service inside Ti.Identity here: https://github.com/appcelerator-modules/titanium-identity/blob/7683fe3045cd3f006d22f4127df16bbd1b890255/ios/Classes/TiIdentityKeychainItemProxy.m#L33\r\n\r\nMaybe that's the problem. But I've tried even to generate the iOS project from Studio, then open it in Xcode and save something in the keychain, then reading from the extension and doesn't work.\r\n\r\nMore details here: https://stackoverflow.com/questions/50137192/appcelerator-ios-app-how-to-read-keychain-value-from-share-extension/50140736#50140736\r\n\r\nAnd there's a preconfigured, project sample to test this here: https://github.com/dfreniche/TestKeychain\r\n\r\nWe need to read the keychain from an App Extension, and this is a big problem. Can't see why is not working: entitlements look fine, etc. etc. Can you create a sample of putting something inside keychain then reading back from an App Extension?\r\n\r\nThanks!", "attachment": [], "flagged": false, "summary": "iOS: Ti.Identity - Can't access Keychain item from App Extension", "creator": { "name": "dfreniche", "key": "dfreniche", "displayName": "Diego Freniche", "active": true, "timeZone": "Africa/Ceuta" }, "subtasks": [], "reporter": { "name": "dfreniche", "key": "dfreniche", "displayName": "Diego Freniche", "active": true, "timeZone": "Africa/Ceuta" }, "environment": "Operating System\r\n Name = Mac OS X\r\n Version = 10.13.4\r\n Architecture = 64bit\r\n # CPUs = 8\r\n Memory = 17179869184\r\n\r\nNode.js\r\n Node.js Version = 8.9.1\r\n npm Version = 5.7.1\r\n\r\nTitanium CLI\r\n CLI Version = 5.1.0\r\n\r\nTitanium SDK\r\n SDK Version = 7.1.1.GA\r\n", "comment": { "comments": [ { "id": "437375", "author": { "name": "hknoechel", "key": "hansknoechel", "displayName": "Hans Knöchel", "active": true, "timeZone": "Europe/Berlin" }, "body": "Sorry, I don't think this is a Titanium issue. Your sample app is missing a few things that you could start with:\r\n- Missing {{}} in the {{}} section of the tiapp.xml\r\n- Your \"accessGroup\" property contains {{'group.test.projects'}}, so it may misses the team-id-prefix\r\n\r\nIn addition, you could validate it by opening the generated project and check for possible warnings there. And one side note: I see that you are logging the value with \"print\". I think there is a known Titanium bug that is about logs from extensions that do not show up in the Titanium console. So to debug, you could set a label with the contents to check if it may gets received properly already.", "updateAuthor": { "name": "hknoechel", "key": "hansknoechel", "displayName": "Hans Knöchel", "active": true, "timeZone": "Europe/Berlin" }, "created": "2018-05-04T15:04:49.000+0000", "updated": "2018-05-04T15:04:49.000+0000" }, { "id": "437388", "author": { "name": "ahutton", "key": "ahutton", "displayName": "Alan Hutton", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Fixed issue with error message on resolve.\r\n", "updateAuthor": { "name": "ahutton", "key": "ahutton", "displayName": "Alan Hutton", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2018-05-04T20:33:31.000+0000", "updated": "2018-05-04T20:33:31.000+0000" }, { "id": "437430", "author": { "name": "dfreniche", "key": "dfreniche", "displayName": "Diego Freniche", "active": true, "timeZone": "Africa/Ceuta" }, "body": "Hi,\r\n\r\n- didn't know about the tag. Looks like an undocumented tag? Can't find any info about it here: https://wiki.appcelerator.org/display/guides2/tiapp.xml+and+timodule.xml+Reference\r\n- using the team-id-prefix with the keychain service solves the problem, BUT I needed to modify Ti.Identity module also (see below)\r\n- no problem with print statements. This is a known limitation of App Extensions (they don't print to the console). So I was attaching a debugger directly to the app extension and inspecting the vars.\r\n\r\nh2. Problem with Ti.Identity:\r\n\r\nI think the problem is in this line: https://github.com/appcelerator-modules/titanium-identity/blob/7683fe3045cd3f006d22f4127df16bbd1b890255/ios/Classes/TiIdentityKeychainItemProxy.m#L33\r\n\r\nKeychain service is hardcoded to service:@\"ti.touchid\". Once I change it to my app-prefix.my-app all works.\r\n\r\nIs it possible to change that value in Ti.Identity from JS? \r\n\r\nThanks!", "updateAuthor": { "name": "dfreniche", "key": "dfreniche", "displayName": "Diego Freniche", "active": true, "timeZone": "Africa/Ceuta" }, "created": "2018-05-07T14:42:08.000+0000", "updated": "2018-05-07T14:42:08.000+0000" }, { "id": "437431", "author": { "name": "hknoechel", "key": "hansknoechel", "displayName": "Hans Knöchel", "active": true, "timeZone": "Europe/Berlin" }, "body": "Thanks for the feedback! It is available since 5.0.0. I have added it to the [tiapp.xml docs|https://wiki.appcelerator.org/display/guides2/tiapp.xml+and+timodule.xml+Reference#tiapp.xmlandtimodule.xmlReference-team-id] and [extensions guide|https://wiki.appcelerator.org/display/DA/Integrate+a+Native+iOS+App+Extension+or+WatchKit+App] for reference. Regarding the service: We can make it available as a property and default to the old value, does that sound like a plan? I can extend the module over the week.", "updateAuthor": { "name": "hknoechel", "key": "hansknoechel", "displayName": "Hans Knöchel", "active": true, "timeZone": "Europe/Berlin" }, "created": "2018-05-07T14:52:23.000+0000", "updated": "2018-05-07T14:52:23.000+0000" }, { "id": "437432", "author": { "name": "dfreniche", "key": "dfreniche", "displayName": "Diego Freniche", "active": true, "timeZone": "Africa/Ceuta" }, "body": "Oh, that would perfect! If I can pass that keychain service I'll be happy!\r\n\r\nSorry for not doing a PR, but I'm not proficient in the Appc side, just native dev trying to learn...", "updateAuthor": { "name": "dfreniche", "key": "dfreniche", "displayName": "Diego Freniche", "active": true, "timeZone": "Africa/Ceuta" }, "created": "2018-05-07T15:10:19.000+0000", "updated": "2018-05-07T15:10:19.000+0000" }, { "id": "437463", "author": { "name": "hknoechel", "key": "hansknoechel", "displayName": "Hans Knöchel", "active": true, "timeZone": "Europe/Berlin" }, "body": "PR: https://github.com/appcelerator-modules/titanium-identity/pull/16\r\n\r\nIt contains a new property \"service\" that can be set during keychain-item creation. It defaults to \"ti.touchid\" for full backwards compatibility with existing use-cases. The new version is also drafted [here|https://github.com/appcelerator-modules/titanium-identity/releases/tag/ios-1.0.5] and can be tried out. [~dfreniche] Please try the 1.0.5 version and let me know if that works for you.", "updateAuthor": { "name": "hknoechel", "key": "hansknoechel", "displayName": "Hans Knöchel", "active": true, "timeZone": "Europe/Berlin" }, "created": "2018-05-08T12:37:38.000+0000", "updated": "2018-05-08T12:37:38.000+0000" }, { "id": "437580", "author": { "name": "dfreniche", "key": "dfreniche", "displayName": "Diego Freniche", "active": true, "timeZone": "Africa/Ceuta" }, "body": "I've been trying this change and it works! Both simulator + real device!\r\n\r\nThanks a lot, finally got it working Hans!", "updateAuthor": { "name": "dfreniche", "key": "dfreniche", "displayName": "Diego Freniche", "active": true, "timeZone": "Africa/Ceuta" }, "created": "2018-05-11T09:56:42.000+0000", "updated": "2018-05-11T09:56:42.000+0000" } ], "maxResults": 7, "total": 7, "startAt": 0 } } }