React Native
The latest source code of the Keyri React-Native SDK can be found here: https://github.com/Keyri-Co/react-native-keyri
- Android API level 23 or higher
- AndroidX compatibility
- iOS 14+
- Swift 5+
- Apple A7 chip or newer (The A7 shipped with the iPhone 5s)
npm or yarn is a dependency manager for react-native projects. For usage and installation instructions, visit their website. To integrate the Keyri project, run this command in terminal in root of the project directory:
The SDK can then be imported into any js or ts file as follows:
To handle Universal Links (e.g., for QR login straight from the user's built-in camera app), you need to add the Associated Domains Entitlement to your App.entitlements file. To set up the entitlement in your app, open the target’s Signing & Capabilities tab in Xcode and add the Associated Domains capability, or if you already have entitlements you can modify your App.entitlements file to match this example:
// TODO add code needed for AppDelegate file
This will handle all links with the following scheme: https://{yourCompany}.onekey.to?sessionId={sessionId}
Note: Keyri will set up the required /.well-known/apple-app-site-association JSON at your https://{yourSubdomain}.onekey.to page as required by Apple to handle Universal Link handling. Details on this mechanism are described here: https://developer.apple.com/documentation/Xcode/supporting-associated-domains
To handle Android App Links (e.g., for QR login straight from the user's built-in camera app) you need to define the following intent-filter block in your AndroidManifest.xml:
// TODO add code needed for MainActivity file
This will handle all links with the following scheme: https://{yourCompany}.onekey.to?sessionId={sessionId}
Note: Keyri will set up the required /.well-known/assetlinks.json JSON at your https://{yourSubdomain}.onekey.to page as required by Android App Links handling. Details on this mechanism are described here: https://developer.android.com/training/app-links/verify-site-associations
Follow this guide for Universal Links handling in react-native. And add this code in the processing step of your handleDeepLink function.
Note: Keyri will create your https://{yourCompany}.onekey.to page automatically once you configure it in the dashboard
Use authWithScanner built-in functionality to delegate authentication to SDK. Call a method for authWithScanner and pass App Key, optional public user ID, and payload:
Or define custom scanner UI/UX. You can use Firebase ML Kit, ZXing, your own scanner, or any other equivalent. All you need to do is convert to URI, and then you're free to process the response the same way we did above (notice the process(uri) function is exactly the same in both cases)
The following methods are available to interact with the Keyri SDK API, which can be used to craft your own custom flows and leverage the SDK in different ways:
- initiateQrSession: (options: InitiateQrSessionOptions)- call it after obtaining the sessionId from QR code or deep link. Returns Session object with Risk attributes (needed to show confirmation screen) or Exception
- initializeDefaultScreen: (sessionId: string, payload: string) - to show Confirmation with default UI. Returns Boolean result. Also, you can implement your custom Confirmation Screen, just inherit from BaseConfirmationDialog.kt
- confirmSession: (sessionId: string, payload: string) - call this function if user confirmed the dialog. Returns Boolean authentication result
- denySession: (sessionId: string, payload: string) - call if the user denied the dialog. Returns Boolean authentication result
- generateAssociationKey: (publicUserId: string) - creates a persistent ECDSA keypair for the given public user ID (example: email address) and returns public key
- getUserSignature: (publicUserId?: string, customSignedData?: string) - returns an ECDSA signature of the timestamp and optional customSignedData with the publicUserId's privateKey (or, if not provided, anonymous privateKey), customSignedData can be anything
- listAssociationKey: () - returns a list of names (publicUserIds) of "association keys" (public keys)
- getAssociationKey: (publicUserId?: string) - returns Base64 public key for the specified publicUserId
The session object is returned on successful initiateQrSession calls, and is used to handle presenting the situation to the end user and getting their confirmation to complete authentication. Below are some of the key properties and methods that can be triggered. If you are utilizing the built-in views, you are only responsible for calling the confirm/deny methods above
- IPAddressMobile/Widget - The IP Address of both mobile device and web browser
- RiskAnalytics - if applicable
- RiskStatus - clear, warn or deny
- RiskFlagString - if RiskStatus is warn or deny, this string alerts the user to what is triggering the risk situation
- GeoData - Location data for both mobile and widget
- Mobile
- city
- country_code
- Browser
- city
- country_code
- confirmSession() and denySession() - see descriptions in Interacting with the API.
We care deeply about the quality of our product and rigorously test every piece of functionality we offer. That said, every integration is different. Every app on the App Store has a different permutation of build settings, compiler flags, processor requirements, compatibility issues etc and it's impossible for us to cover all of those bases, so we strongly recommend thorough testing of your integration before shipping to production. Please feel free to file a bug or issue if you notice anything that seems wrong or strange on GitHub 🙂