Skip to content

Instantly share code, notes, and snippets.

@dtarnawsky

dtarnawsky/token-provider.ts

Last active May 9, 2022 22:44
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save dtarnawsky/08e2bdfc45e5a2236640abb392992cea to your computer and use it in GitHub Desktop.
Save dtarnawsky/08e2bdfc45e5a2236640abb392992cea to your computer and use it in GitHub Desktop.
Download ZIP
Custom Token Storage Provider for IV
Raw
token-provider.ts
import { Injectable } from '@angular/core';
import { TokenStorageProvider } from '@ionic-enterprise/auth';
import { VaultService } from './vault.service';
@Injectable({
providedIn: 'root'
})
export class TokenProviderService implements TokenStorageProvider {
constructor(private vaultService: VaultService) {
}
async getAccessToken(tokenName?: string): Promise<string> {
console.log('tokenProviderService.getAccessToken');
return await this.vaultService.get(`accessToken.${tokenName}`);
}
async setAccessToken(accessToken: string, tokenName?: string): Promise<void> {
await this.vaultService.set(`accessToken.${tokenName}`, accessToken);
}
async getRefreshToken(): Promise<string | undefined> {
console.log('tokenProviderService.getRefreshToken');
return await this.vaultService.get(`refreshToken`);
}
async setRefreshToken(refreshToken: string): Promise<void> {
await this.vaultService.set(`refreshToken`, refreshToken);
}
async getIdToken(): Promise<string> {
console.log('tokenProviderService.getIdToken');
return await this.vaultService.get('idToken');
}
async setIdToken(idToken: string): Promise<void> {
await this.vaultService.set('idToken', idToken);
}
async getAuthResponse(): Promise<any> {
return await this.vaultService.get('authResponse');
}
async setAuthResponse(response: any): Promise<void> {
await this.vaultService.set('authResponse', response);
}
async clear(): Promise<void> {
await this.vaultService.clear();
}
onLock(callback: () => void): void {
}
}
Raw
vault.service.ts
import { Injectable } from '@angular/core';
import { Capacitor } from '@capacitor/core';
import {
BiometricSecurityStrength,
BrowserVault, Device, DeviceSecurityType,
IdentityVaultConfig, Vault, VaultError, VaultType
} from '@ionic-enterprise/identity-vault';
@Injectable({
providedIn: 'root'
})
export class VaultService {
config: IdentityVaultConfig = {
key: 'io.ionic.conferences.cs.auth',
type: VaultType.DeviceSecurity,
deviceSecurityType: DeviceSecurityType.Biometrics,
lockAfterBackgrounded: 2000,
shouldClearVaultAfterTooManyFailedAttempts: false,
customPasscodeInvalidUnlockAttempts: 10,
unlockVaultOnLoad: false,
};
vault: Vault | BrowserVault;
constructor() {
}
public async init() {
if (Capacitor.getPlatform() === 'web') {
this.vault = new BrowserVault(this.config);
} else {
if (!await this.hasBiometrics()) {
this.config = {
...this.config,
key: 'io.ionic.conferences.cs.auth.alternate',
type: VaultType.SecureStorage,
deviceSecurityType: DeviceSecurityType.None
};
}
this.vault = new Vault(this.config);
}
this.vault.onConfigChanged(() => {
console.log('Vault configuration was changed', this.config);
});
this.vault.onLock(() => {
console.log('Vault was locked');
});
this.vault.onUnlock(() => {
console.log('Vault was unlocked');
});
this.vault.onError((error: VaultError) => {
console.error('this.vault.onError', error);
});
// If you would like the privacy screen set to true
await Device.setHideScreenOnBackground(false);
}
public async clear() {
await this.vault.clear();
}
public async set(key: string, value: any) {
await this.vault.setValue(key, value);
}
public async get(key: string): Promise<any> {
return await this.vault.getValue(key);
}
private async hasBiometrics(): Promise<boolean> {
// For this app we only want to use biometrics if the device is capable of strong encryption
return await Device.isBiometricsEnabled() &&
(await Device.getBiometricStrengthLevel() === BiometricSecurityStrength.Strong);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment