Created
October 18, 2020 09:21
-
-
Save NoobSolver/93b793e93e758b7dcc3830679a20d0fc to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
override fun onResume() { | |
super.onResume() | |
if (ciphertextWrapper != null) { | |
if (SampleAppUser.fakeToken == null) { | |
showBiometricPromptForDecryption() | |
} else { | |
// The user has already logged in, so proceed to the rest of the app | |
// this is a todo for you, the developer | |
updateApp(getString(R.string.already_signedin)) | |
} | |
} | |
} | |
.... | |
private fun showBiometricPromptForDecryption() { | |
ciphertextWrapper?.let { textWrapper -> | |
val canAuthenticate = BiometricManager.from(applicationContext).canAuthenticate() | |
if (canAuthenticate == BiometricManager.BIOMETRIC_SUCCESS) { | |
val secretKeyName = getString(R.string.secret_key_name) | |
val cipher = cryptographyManager.getInitializedCipherForDecryption( | |
secretKeyName, textWrapper.initializationVector | |
) | |
biometricPrompt = | |
BiometricPromptUtils.createBiometricPrompt( | |
this, | |
::decryptServerTokenFromStorage | |
) | |
val promptInfo = BiometricPromptUtils.createPromptInfo(this) | |
biometricPrompt.authenticate(promptInfo, BiometricPrompt.CryptoObject(cipher)) | |
} | |
} | |
} | |
private fun decryptServerTokenFromStorage(authResult: BiometricPrompt.AuthenticationResult) { | |
ciphertextWrapper?.let { textWrapper -> | |
authResult.cryptoObject?.cipher?.let { | |
val plaintext = | |
cryptographyManager.decryptData(textWrapper.ciphertext, it) | |
SampleAppUser.fakeToken = plaintext | |
// Now that you have the token, you can query server for everything else | |
// the only reason we call this fakeToken is because we didn't really get it from | |
// the server. In your case, you will have gotten it from the server the first time | |
// and therefore, it's a real token. | |
updateApp(getString(R.string.already_signedin)) | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment