Last active
May 9, 2022 22:44
-
-
Save dtarnawsky/08e2bdfc45e5a2236640abb392992cea to your computer and use it in GitHub Desktop.
Custom Token Storage Provider for IV
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import { Injectable } from '@angular/core'; | |
import { TokenStorageProvider } from '@ionic-enterprise/auth'; | |
import { VaultService } from './vault.service'; | |
@Injectable({ | |
providedIn: 'root' | |
}) | |
export class TokenProviderService implements TokenStorageProvider { | |
constructor(private vaultService: VaultService) { | |
} | |
async getAccessToken(tokenName?: string): Promise<string> { | |
console.log('tokenProviderService.getAccessToken'); | |
return await this.vaultService.get(`accessToken.${tokenName}`); | |
} | |
async setAccessToken(accessToken: string, tokenName?: string): Promise<void> { | |
await this.vaultService.set(`accessToken.${tokenName}`, accessToken); | |
} | |
async getRefreshToken(): Promise<string | undefined> { | |
console.log('tokenProviderService.getRefreshToken'); | |
return await this.vaultService.get(`refreshToken`); | |
} | |
async setRefreshToken(refreshToken: string): Promise<void> { | |
await this.vaultService.set(`refreshToken`, refreshToken); | |
} | |
async getIdToken(): Promise<string> { | |
console.log('tokenProviderService.getIdToken'); | |
return await this.vaultService.get('idToken'); | |
} | |
async setIdToken(idToken: string): Promise<void> { | |
await this.vaultService.set('idToken', idToken); | |
} | |
async getAuthResponse(): Promise<any> { | |
return await this.vaultService.get('authResponse'); | |
} | |
async setAuthResponse(response: any): Promise<void> { | |
await this.vaultService.set('authResponse', response); | |
} | |
async clear(): Promise<void> { | |
await this.vaultService.clear(); | |
} | |
onLock(callback: () => void): void { | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import { Injectable } from '@angular/core'; | |
import { Capacitor } from '@capacitor/core'; | |
import { | |
BiometricSecurityStrength, | |
BrowserVault, Device, DeviceSecurityType, | |
IdentityVaultConfig, Vault, VaultError, VaultType | |
} from '@ionic-enterprise/identity-vault'; | |
@Injectable({ | |
providedIn: 'root' | |
}) | |
export class VaultService { | |
config: IdentityVaultConfig = { | |
key: 'io.ionic.conferences.cs.auth', | |
type: VaultType.DeviceSecurity, | |
deviceSecurityType: DeviceSecurityType.Biometrics, | |
lockAfterBackgrounded: 2000, | |
shouldClearVaultAfterTooManyFailedAttempts: false, | |
customPasscodeInvalidUnlockAttempts: 10, | |
unlockVaultOnLoad: false, | |
}; | |
vault: Vault | BrowserVault; | |
constructor() { | |
} | |
public async init() { | |
if (Capacitor.getPlatform() === 'web') { | |
this.vault = new BrowserVault(this.config); | |
} else { | |
if (!await this.hasBiometrics()) { | |
this.config = { | |
...this.config, | |
key: 'io.ionic.conferences.cs.auth.alternate', | |
type: VaultType.SecureStorage, | |
deviceSecurityType: DeviceSecurityType.None | |
}; | |
} | |
this.vault = new Vault(this.config); | |
} | |
this.vault.onConfigChanged(() => { | |
console.log('Vault configuration was changed', this.config); | |
}); | |
this.vault.onLock(() => { | |
console.log('Vault was locked'); | |
}); | |
this.vault.onUnlock(() => { | |
console.log('Vault was unlocked'); | |
}); | |
this.vault.onError((error: VaultError) => { | |
console.error('this.vault.onError', error); | |
}); | |
// If you would like the privacy screen set to true | |
await Device.setHideScreenOnBackground(false); | |
} | |
public async clear() { | |
await this.vault.clear(); | |
} | |
public async set(key: string, value: any) { | |
await this.vault.setValue(key, value); | |
} | |
public async get(key: string): Promise<any> { | |
return await this.vault.getValue(key); | |
} | |
private async hasBiometrics(): Promise<boolean> { | |
// For this app we only want to use biometrics if the device is capable of strong encryption | |
return await Device.isBiometricsEnabled() && | |
(await Device.getBiometricStrengthLevel() === BiometricSecurityStrength.Strong); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment