@besermenji/react-native-safetynet
v1.1.5
Published
## About SafetyNet
Downloads
11
Maintainers
Readme
Google SafetyNet Attestation for React Native
About SafetyNet
Google provides an API to verify device integrity and detect harmful apps. See the SafetyNet documentation for more information.
Getting Started
$ npm install @besermenji/react-native-safetynet
or
$ yarn add @besermenji/react-native-safetynet
Mostly Automatic Installation
$ react-native link @besermenji/react-native-safetynet
Manual installation
Android
- Open up
android/app/src/main/java/[...]/MainActivity.java
- Add
import com.besermenji.safetynet.RNSafetyNetPackage;
to the imports at the top of the file - Add
new RNSafetyNetPackage()
to the list returned by thegetPackages()
method
- Append the following lines to
android/settings.gradle
:include ':@besermenji/react-native-safetynet' project(':@besermenji/react-native-safetynet').projectDir = new File(rootProject.projectDir, '../node_modules/@besermenji/react-native-safetynet/android')
- Insert the following lines inside the dependencies block in
android/app/build.gradle
:implementation project(':@besermenji/react-native-safetynet')
Usage
import RNSafetyNetClient from '@besermenji/react-native-safetynet';
// STEP 1: Send nonce request to server with device unique id
const deviceId =
'You can use the "react-native-device-info" module to get the unique id of device';
const nonceResult = await RNSafetyNetClient.requestNonce({
endPointUrl: 'https://your-server/nonce-creator-endpoint',
additionalData: deviceId,
});
if (!nonceResult.nonce || nonceResult.error) {
console.log(nonceResult.error);
return;
}
// STEP 2: Send attestation request to Google Play
const attestationResult = await RNSafetyNetClient.sendAttestationRequest(
nonceResult.nonce,
'YOUR API KEY'
);
if (!attestationResult.jws || attestationResult.error) {
console.log('Attestation request failed.');
return;
}
// STEP 3: Pass the JSW to your server for verification.
const verification = await RNSafetyNetClient.verifyAttestationResult({
endPointUrl: 'https://your-server/verification-endpoint',
attestationJws: attestationResult.jws,
});