Closed radvansky-tomas closed 2 years ago
Thank you for comments, will check it tonight. With regards to keychain sharing, that was somewhere mentioned that is required...but will recheck it on physical device.
So update, I spent hours yesterday trying to make this work...
However something had change since last time I played with it. To give more overview you can read through this https://developer.apple.com/documentation/localauthentication/accessing_keychain_items_with_face_id_or_touch_id#see-also
Basically to use touchIDAuthenticationAllowableReuseDuration
we have to reuse LAContext
which I've done. However since last version, behaviour has changed completely.
Before, without reused LAContext, Face/TouchID has been used for every access of keychain, no matter of grace period set. With my reusing of LAContext it worked as expect, but now - it asks for Face/TouchID ONCE ONLY, and then any sub-sequential request is allowed. (like infinite touchIDAuthenticationAllowableReuseDuration period
)
I already filed report to apple, as same behaviour can be replicated using their example project on native app. I would like to kindly ask anyone who can to try that example project and let me know if they have similar experience...you can use their app how it is...and then even try to reuse LAContext (by placing in on top and then add this line to queries):
kSecUseAuthenticationContext as String: context,
Anyhow, till this is resolved I am suggested NOT TO MERGE it.
If this is expected behaviour and I will get confirmation from APPLE that this is new and better way :D then I will implement timer and invalidate context in selected time period (which is really stupid)
Any news regarding this?
I'd be appreciative of the authenticationValidityDurationSeconds
enhancement (e370c71).
Any update on this?
@MatteoGheza I will revisit this again probably this weekend and see if new iOS updates fixed anything, or if there is more official documentation about usage of it. If not I will probably contact apple directly, as it bit weird how it was working last time
i'm going to close this PR, because it's probably un-mergeable at this point due to a lot of changes. If anyone is in interested in the authenticationValidityDurationSeconds
implementation, please create a new PR with only that change. thanks!
My changes with latest null-safety branch