search

authpass / biometric_storage

Flutter plugin to store data behind biometric authentication (ie. fingerprint)
https://pub.dev/packages/biometric_storage
MIT License
177 stars 103 forks source link

[android] Crash for failed fingerprint authentication #2

Closed rdev-software closed 4 years ago

rdev-software commented 4 years ago

This plugin crash any app, as it sends multiple replies. Main BiometricPrompt dialog is control via Android, and each reply from this dialog is forwarded to plugin, which then cause app crash!

Steps to reproduce (in your example)

  1. init
  2. write
  3. use other finger than usual
  4. press cancel or correct finger

APP CRASH, as in 3.step, your plugin send result.error (but dialog is not dismissed)

To fix it you either have to dismiss dialog on any outcome and call it again, to keep architecture request-response. (which might be problem, as you want to support AndroidX API23, which does not have cancellation request I think)

OR

Use streams, and listen to every reply

hpoul commented 4 years ago

I guess the dart side shouldn't care about invalid fingerprints, as long as the biometric authentication dialog is still open.. so I've just removed the error callback trigger. this should solve the problem. https://github.com/authpass/biometric_storage/commit/a1d5e89e70221c581a03e08c408c1fe4f80d4e22#diff-eb45d3757d0adef57da090a3618a9a22L213