Closed ber4444 closed 2 years ago
Hi, thanks for the report. We've got a big internal project we're working on to better integrate all of our SDKs. You're right in that they don't play nicely together. And we're definitely working to fix that.
Could you tell me more about your use case?
I have converted the classic engine's sample to use androidx.biometric.BiometricManager
now trying to use it in your okta-idx-android sample. The only missing import is com.okta.oidc.storage.security.EncryptionManager
so I have come here to report the need for a "lite" version.
Just so that I make sure I'm understanding you correctly, are you trying to store the tokens minted from the idx-sdk? And have a way to securely store/retrieve them?
yes. So basically the user will use biometrics to login, rather than typing a password every time.
So you have another layer (in your app) that unlocks the Okta tokens before the user can use them?
Isn't the SmartLockHelper
I linked to above which does that via BiometricPrompt
and https://github.com/okta/okta-oidc-android#guardedencryptionmanager?
I see, thanks. Right now token storage is out of scope for the IDX SDKs.
We are working to remedy this though!
If you want to implement your own, feel free to use a combination of the oidc SDK, as well as the jetpack security SDKs as inspiration. https://developer.android.com/jetpack/androidx/releases/security
Which is what I'm working towards for a future release.
Thanks for the pointer, I'm going to see if https://github.com/android/security-samples/tree/master/BiometricLoginKotlin can be integrated with the IDX sample. I am not allowed to publish on Github but if you can push an "official" integration up, it will benefit the community.
I appreciate the feedback!
When using Okta IDX, this library is not used at all, see https://github.com/okta/okta-idx-android
But in trying to implement biometrics with IDX, we can still copy https://github.com/okta/samples-android/blob/b245f729d46d94d8a101bfe2e6256b2b2c07a2ea/custom-sign-in/app/src/main/java/com/okta/android/samples/custom_sign_in/util/SmartLockHelper.java which would need the Storage part of Okta Oidc.