See: https://github.com/appcelerator-modules/titanium-identity/blob/master/ios/Classes/TiIdentityModule.m#L65

I seem to have to wait a bit to authenticate at boot otherwise even if I called invalidate multiple times the authentication just fires success. Anyone seeing this issue?

if (isiOS) {
            // In order to check the biometry type, you have to check if biometrics are supported in general
            var supported =  TiIdentity.isSupported();
            console.log('supported '+supported);
            if (TiIdentity.biometryType == TiIdentity.BIOMETRY_TYPE_FACE_ID) {
                authPhrase = 'Face ID';
            } else if (TiIdentity.biometryType == TiIdentity.BIOMETRY_TYPE_TOUCH_ID) {
                authPhrase = 'Touch ID';
            } else {
                authPhrase = '(None available)';
            }
        
            if (!supported) {
                alert('Authentication is not supported. Available biometrics: ' + authPhrase);
            }
        
            // Using this constant, iOS will automatically offer to authenticate with Face ID or Touch ID
            // when calling "authenticate" below.
            TiIdentity.setAuthenticationPolicy(TiIdentity.AUTHENTICATION_POLICY_BIOMETRICS); // or: AUTHENTICATION_POLICY_PASSCODE
        }

this returns always false (none available) for TiIdentity.isSupported() if device is ipad even if it has touchid

Anybody with this issue?

I am getting the following error when calling Identity.createKeychainItem().
The error occurs on Android 5.1 but not Android 9.0.
What is the minimum supported Android version for this module?

[ERROR] TiExceptionHandler: (main) [332,2346] ti.identity/bootstrap.js:39
[ERROR] TiExceptionHandler: return new module"KeychainItem";
[ERROR] TiExceptionHandler: ^
[ERROR] TiExceptionHandler: Error: No virtual method getSystemService(Ljava/lang/Class;)Ljava/lang/Object; in class Landroid/content/Context; or its super classes (declaration of 'android.content.Context' appears in /system/framework/framework.jar)
[ERROR] TiExceptionHandler: at Identity.module.constructor.createKeychainItem (ti.identity/bootstrap.js:39:8)
[ERROR] TiExceptionHandler: at ModuleWrapper.invoker [as createKeychainItem] (ti:/invoker.js:101:19)
[ERROR] TiExceptionHandler: at /serverUtils.js:31:44
[ERROR] TiExceptionHandler: at Module._runScript (ti:/module.js:613:9)
[ERROR] TiExceptionHandler: at Module.load (ti:/module.js:105:7)
[ERROR] TiExceptionHandler: at Module.loadJavascriptText (ti:/module.js:457:9)
[ERROR] TiExceptionHandler: at Module.loadAsFile (ti:/module.js:512:15)
[ERROR] TiExceptionHandler: at Module.loadAsFileOrDirectory (ti:/module.js:429:20)
[ERROR] TiExceptionHandler: at Module.require (ti:/module.js:296:17)
[ERROR] TiExceptionHandler: at require (ti:/module.js:570:15)
[ERROR] TiExceptionHandler:
[ERROR] TiExceptionHandler: ti.identity.KeychainItemProxy.(KeychainItemProxy.java:114)
[ERROR] TiExceptionHandler: java.lang.reflect.Constructor.newInstance(Native Method)
[ERROR] TiExceptionHandler: java.lang.Class.newInstance(Class.java:1606)
[ERROR] TiExceptionHandler: org.appcelerator.kroll.KrollProxy.createProxy(KrollProxy.java:138)
[ERROR] TiExceptionHandler: org.appcelerator.kroll.runtime.v8.V8Runtime.nativeRunModule(Native Method)
[ERROR] TiExceptionHandler: org.appcelerator.kroll.runtime.v8.V8Runtime.doRunModule(V8Runtime.java:183)
[ERROR] TiExceptionHandler: org.appcelerator.kroll.KrollRuntime.handleMessage(KrollRuntime.java:325)
[ERROR] TiExceptionHandler: android.os.Handler.dispatchMessage(Handler.java:98)
[ERROR] TiExceptionHandler: android.os.Looper.loop(Looper.java:135)
[ERROR] TiExceptionHandler: org.appcelerator.kroll.KrollRuntime$KrollRuntimeThread.run(KrollRuntime.java:117)
[ERROR] V8Exception: Exception occurred at ti.identity/bootstrap.js:39: Uncaught Error: No virtual method getSystemService(Ljava/lang/Class;)Ljava/lang/Object; in class Landroid/content/Context; or its super classes (declaration of 'android.content.Context' appears in /system/framework/framework.jar)

Able to save but read is unsuccessful if length of string is 64 characters or greater.

FingerprintHeper#initCipher() fails. Log shows:

E/KeyStore: generateKeyInternal failed on response 2
E/FingerPrintHelper: (KrollRuntimeThread) [16,15974] Unable to initialize cipher

This happened to me with Pixel 2 (google walleye) on Android 10 (API 29)

Probably needs to migrate to BiometricPrompt and BiometricManager.

TouchID never needed a plist key setting, but it appears to use FaceID, this is required. Docs should be updated to state that users need to add this to the iOS plist:

<key>NSFaceIDUsageDescription</key> <string>any usage description</string>

Config :

• Android : 6.0
• Device : https://www.gsmarena.com/wiko_u_feel_lite-8204.php
• Titanium SDK : 7.0.1
• Module Version : 2.0.0 & 2.0.1

Hi,
I've tried the module on a simple android app, just to see how it works.
After an authentification attempt with a fingerprint, i get this error message every time

{"error":"Failed to encrypt the data with the generated key.","success":false}

The fingerprint is correctly configured and it can be used to unlock the device, but does not work on the app. Is there anything i'm missing or it's a module issue ?

testTouchId.zip

Thank you.

Hello,
Im wondering why there is no error code in the callback ?

When user adds new fingerprint or removes any existing fingerprint and then return to the view with authentication method the application throws Failed to encrypt the data with the generated key.
Maybe is related to the bad code handling mentioned on the appcelerator api docs

Hi,

i get many crash logs like this in Firebase Crashlytics, but can't reproduce while debugging.

The most affected manufacturer is Samsung Galaxy.

Someone else get this error?

Non-fatal Exception: java.lang.Throwable at /alloy/controllers/login.js.Uncaught Error: CryptoObject cannot be null.(TiIdentity.authenticate({:553) at androidx.biometric.BiometricPrompt.authenticate(BiometricPrompt.java:939) at ti.identity.FingerPrintHelper.startListening(FingerPrintHelper.java:153) at ti.identity.TitaniumIdentityModule.authenticate(TitaniumIdentityModule.java:165) at org.appcelerator.kroll.runtime.v8.V8Object.nativeFireEvent(Native Method) at org.appcelerator.kroll.runtime.v8.V8Object.fireEvent(V8Object.java:63) at org.appcelerator.kroll.KrollProxy.doFireEvent(KrollProxy.java:985) at org.appcelerator.kroll.KrollProxy.handleMessage(KrollProxy.java:1219) at org.appcelerator.titanium.proxy.TiViewProxy.handleMessage(TiViewProxy.java:260) at android.os.Handler.dispatchMessage(Handler.java:102) at android.os.Looper.loop(Looper.java:246) at at Label.autenticar (login.js:553) at at Label.value (kroll.js:1604) at at Label.value (kroll.js:1656)

My code:

  var TiIdentity = require('ti.identity');
  var keychainItem = TiIdentity.createKeychainItem({
	identifier: '******',
	cancelTitle: "Cancelar",
	fallbackTitle: "Utilizar Senha",
});

  TiIdentity.authenticate({
	reason: 'Use sua impressão digital para logar',
	fallbackTitle: 'Usar senha',
	cancelTitle: 'Cancelar', 
	callback: function (e) {
		Ti.API.info('authenticate e: ' + JSON.stringify(e));
		if (e.success) {
			keychainItem.read();
		} else {
			TiIdentity.invalidate();
		}
	}
});

• from ios folder, I do appc ti build -p ios --build-only

This is what I get. Using Xcode Version 9.3 (9E145)

Appcelerator Command-Line Interface, version 7.0.3
Copyright (c) 2014-2018, Appcelerator, Inc.  All Rights Reserved.

2018-5-4 09:52:41

Operating System
  Name                        = Mac OS X
  Version                     = 10.13.4
  Architecture                = 64bit
  # CPUs                      = 8
  Memory                      = 17179869184

Node.js
  Node.js Version             = 8.9.1
  npm Version                 = 5.7.1

Titanium CLI
  CLI Version                 = 5.1.0

Titanium SDK
  SDK Version                 = 7.1.0.GA
  SDK Path                    = /Users/dfreniche/Library/Application Support/Titanium/mobilesdk/osx/7.1.0.GA
  Target Platform             = iphone

Command
  /usr/local/bin/node /Users/dfreniche/.appcelerator/install/7.0.3/package/node_modules/titanium/lib/titanium.js build -p ios --build-only --config-file /var/folders/5t/jfq69hm15rj90mbq6hyyk1040000gp/T/build-1525420354526.json --log-level info --no-banner --project-dir /Users/dfreniche/Teamwork/appcelerator-stuff/titanium-identity/ios

[INFO]  Project directory: /Users/dfreniche/Teamwork/appcelerator-stuff/titanium-identity/ios
[INFO]  Module ID: ti.identity
[ERROR] [xcode-dist] ** BUILD FAILED **
[ERROR] [xcode-dist] The following build commands failed:
[ERROR] [xcode-dist] 	CompileC build/titanium-identity.build/Release-iphoneos/titanium-identity.build/Objects-normal/arm64/TiIdentityModule.o Classes/TiIdentityModule.m normal arm64 objective-c com.apple.compilers.llvm.clang.1_0.compiler
[ERROR] [xcode-dist] 	CompileC build/titanium-identity.build/Release-iphoneos/titanium-identity.build/Objects-normal/armv7/TiIdentityModule.o Classes/TiIdentityModule.m normal armv7 objective-c com.apple.compilers.llvm.clang.1_0.compiler
[ERROR] [xcode-dist] 	CompileC build/titanium-identity.build/Release-iphoneos/titanium-identity.build/Objects-normal/armv7/TiIdentityKeychainItemProxy.o Classes/TiIdentityKeychainItemProxy.m normal armv7 objective-c com.apple.compilers.llvm.clang.1_0.compiler
[ERROR] [xcode-dist] 	CompileC build/titanium-identity.build/Release-iphoneos/titanium-identity.build/Objects-normal/arm64/TiIdentityKeychainItemProxy.o Classes/TiIdentityKeychainItemProxy.m normal arm64 objective-c com.apple.compilers.llvm.clang.1_0.compiler
[ERROR] [xcode-dist] (4 failures)

Any ideas? Thanks!

There seems to be a stability issue with the module on iOS. We are testing this for one of Axway's enterprise clients, and about 20% of the time it crashes the entire app after processing a user's Face ID.

We are on the latest everything...AppC 7.0, etc...

Here are some details of the crashes:

Exception Type: EXC_BAD_ACCESS (SIGSEGV)

Thread 13 Crashed:
0 libobjc.A.dylib 0x00000001807a81a0 objc_retain + 16
1 Jason's Deli 0x0000000102a24568 0x102544000 + 5113192
2 libdispatch.dylib 0x0000000180ec1088 _dispatch_call_block_and_release + 24
3 libdispatch.dylib 0x0000000180ec1048 _dispatch_client_callout + 16
4 libdispatch.dylib 0x0000000180efc4e0 _dispatch_queue_override_invoke$VARIANT$armv81 + 700
5 libdispatch.dylib 0x0000000180f02418 _dispatch_root_queue_drain + 564
6 libdispatch.dylib 0x0000000180f02180 _dispatch_worker_thread3 + 112
7 libsystem_pthread.dylib 0x0000000181167120 _pthread_wqthread + 1268
8 libsystem_pthread.dylib 0x0000000181166c20 start_wqthread + 4

Exception Type: EXC_BAD_ACCESS (SIGSEGV)

Thread 12 Crashed:
0 JavaScriptCore 0x0000000187f0cf98 JSC::speculationFromStructure+ 659352 (JSC::Structure*) + 0
1 JavaScriptCore 0x0000000188114d4c JSC::CodeBlock::updateAllPredictionsAndCountLiveness+ 2788684 (unsigned int&, unsigned int&) + 352
2 JavaScriptCore 0x0000000188111678 JSC::CodeBlock::UnconditionalFinalizer::finalizeUnconditionally+ 2774648 () + 36
3 JavaScriptCore 0x00000001883e5d4c JSC::Heap::runEndPhase+ 5741900 (JSC::GCConductor) + 1584
4 JavaScriptCore 0x00000001883e4368 JSC::Heap::runCurrentPhase+ 5735272 (JSC::GCConductor, JSC::CurrentThreadState*) + 220
5 JavaScriptCore 0x00000001883e944c JSC::Heap::Thread::work+ 5755980 () + 32
6 JavaScriptCore 0x0000000188784c38 WTF::Function<void ()>::CallableWrapper<WTF::AutomaticThread::start(WTF::AbstractLocker const&)::$_0>::call+ 9538616 () + 360
7 JavaScriptCore 0x0000000187e75660 WTF::threadEntryPoint+ 38496 (void*) + 120
8 JavaScriptCore 0x0000000187e755a0 WTF::wtfThreadEntryPoint+ 38304 (void*) + 84
9 libsystem_pthread.dylib 0x000000018116831c _pthread_body + 308
10 libsystem_pthread.dylib 0x00000001811681e8 _pthread_body + 0
11 libsystem_pthread.dylib 0x0000000181166c28 thread_start + 4

Hi,

First, thanks for this module it works great and it is easy to use.

I'm using this module in a project, I want to save the user's credentials (email & password) in a keychain then use Touch ID or Face ID to login on the app.

I am now using a keychain to save the user's password, but how would you suggest saving the email used for login ? Is it possible to save both email & password in the same keychain ?

Best regards
Kilyan

If an user gives several consecutive wrong fingerprints, the module stops reading the fingerprint and the read method gives you straight a success = false.
It looks like the fingerprint breaks system-wide, if you lock your phone and try to unlock it, iOS asks you to insert the code in order to re-enable the Touch ID.

Am I the first one to face this problem?

Platform: iOS (simulator)

I get an error every time I try to read the password from keychain.

const Identity = require('ti.identity');
const keychainItem = Identity.createKeychainItem({ identifier: 'password'  });
keychainItem.save('mypassword');
const password = keychainItem.read();

[ERROR] Error reading the keychain: The keychain item could not be found (Code: -25300)

I also tried adding the read call to the save event but it didn't make a difference.

I'm doing tests with this module and, congratulations, it's great.

I have a doubt. I want to use it to access my digital signature, installed on an iPhone, to later use it to sign documents. Can I do this with the current module?

I'm reading Apple doc and I've found some methods like this: SecItemCopyMatching.

Thanks.

On iOS, when i use TiIdentity.authenticate, i can pass the "keepAlive" property like a parameter (https://docs.appcelerator.com/platform/latest/#!/api/IdentityAuthenticationType).

I tried use this but don't work.

On callback of authenticate method i call KeyChainItem.read(), but it fires the authenticate popup again.

var TiIdentity = require('ti.identity');
var keychainItem = TiIdentity.createKeychainItem({
	identifier: 'loginData',
	accessGroup: "XXXXX" + '.' + Ti.App.getId(),
	accessibilityMode: TiIdentity.ACCESSIBLE_WHEN_UNLOCKED_THIS_DEVICE_ONLY,
	accessControlMode: TiIdentity.ACCESS_CONTROL_TOUCH_ID_ANY,
});

keychainItem.addEventListener('save', function saveKeychain(e) {
    if (!e.success) {
	Ti.API.info('Error saving the keychain: ' + e.error);
        return;
    } else {
        TiIdentity.authenticate({
		reason: 'Touch sensor to authenticate',
		keepAlive: true,
		callback: function(e) {
			if (!e.success) {
				Ti.API.info('Error! Message: ' + e.error + '\nCode: ' + e.code);
			} else {
				keychainItem.read("loginData");
				TiIdentity.invalidate();
			}
		}
	});
    }
});

keychainItem.save("TEST");

keychainItem.addEventListener('read', function readKeychain(e) {
    if (!e.success) {
        Ti.API.info('Error reading the keychain: ' + e.error);
        return;
    }
});

I see you can call addEventListener for save and load. Is there an equivalent removeEventListener function?

Would be good to get some instructions either here or on the official Axway Appcelerator documentation around how to install the native module.

It wasn't very clear this was not part of the SDK and I had to download and install manually the release from there.

This is the complete error:

Undefined symbols for architecture x86_64:
  "___isOSVersionAtLeast", referenced from:
      -[TiIdentityModule biometryType] in libti.identity.a(TiIdentityModule.o)
ld: symbol(s) not found for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)

Can't compile it with Xcode 8.2.1 on an iOS 10, with Titanium SDK 6.3.0.
It works on Xcode 9.2 and iOS 11, same SDK.

Hi,

In my Google Play Console vitals, I keep seeing a crash with the following backtrace. It's being reported on

Android 10, 9, 8

Galaxy S10+ (beyond2q) | 2 | 40.0%
Galaxy S10 (beyond1q) | 1 | 20.0%
LG Stylo 5 (cv7as) | 1 | 20.0%
moto e5 plus (hannah)

I am not seeing anything in the Appc Dashboard crash logs, and I cannot reproduce it on my Galaxy S10.

Any thoughts?

Thanks!

backtrace:
#00 pc 0000000000008a6c /data/app/com.polkadoc.ocp-pODT8Fz4Gi2TtPx6gf0ZuA==/lib/arm64/libti.identity.so (ti::identity::TitaniumIdentityModule::deviceCanAuthenticate(v8::FunctionCallbackInfov8::Value const&)+200)
#1 pc 000000000075c074 /data/app/com.polkadoc.ocp-pODT8Fz4Gi2TtPx6gf0ZuA==/lib/arm64/libkroll-v8.so (v8::internal::FunctionCallbackArguments::Call(v8::internal::CallHandlerInfo)+588)
#2 pc 000000000075b65c /data/app/com.polkadoc.ocp-pODT8Fz4Gi2TtPx6gf0ZuA==/lib/arm64/libkroll-v8.so
#3 pc 000000000075ae1c /data/app/com.polkadoc.ocp-pODT8Fz4Gi2TtPx6gf0ZuA==/lib/arm64/libkroll-v8.so
#4 pc 0000000000000f60

There is a small mistake in a property binding which makes it impossible to catch the case that the end user triggers the user fallback button.

Error:
MAKE_SYSTEM_PROP(ERROR_USER_FALLBACK, LAErrorAuthenticationFailed);

Should be:
MAKE_SYSTEM_PROP(ERROR_USER_FALLBACK, LAErrorUserFallback);

Using Android I can "authenticate" and it works the first time. If you then log out of the app but don't close it and then try to log right back into the app the authenticate method will then keep returning "{"error":"Failed to encrypt the data with the generated key.","success":false}".

It seems once you log in the first time all calls to authenticate just end up calling tryEncrypt. I tried to call invalidate in hopes that it would clear the fingerprint session but it doesn't.

Any idea on an approach to this that will allow the user to re-login if the already have the fingerprint session already authenticated.

The popup doesn't seem to be showing in iOS 13
When calling authenticate on TiIdentity the popup doesn't show.
The module still reacts to fingerprints and recognises them and also sends the success callback, so the functionality is still given.
The popup is shown shortly after the fingerprint is given but is not visible beforehand.

iPad (6th generation)
I have tried on iOS 13.1 and on iOS 13.1.2
Using ti.identity version 1.0.6

I'm getting a hard crash on calling authenticate() for iphone x or face id. Works find on touch id.
Titanium 7.4.1 ios 12