npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

app-integrity-android-standard

v1.50.0

Published

The title says it all. Check [Android official documentation on Play Integrity standard requests](https://developer.android.com/google/play/integrity/standard) to understand how this API works and what it does.

Downloads

692

Readme

React Native library for generating standard requests of Android's Play Integrity API

The title says it all. Check Android official documentation on Play Integrity standard requests to understand how this API works and what it does.

Pre-requisites

You will need to use the bare workflow of Expo, because this library uses native Android APIs.

Technical notes

We have used https://github.com/MrToph/react-native-android-library-boilerplate as a template for constructing libraries.

We suggest you to read jeffDevelops intro on attestation in Android platforms, to get familiar with the topic.

If you need a library to generate attestation/assertion tokens on the client side (the app running on the users' devices), for other kinds of APIs or systems, then check this out: Android's Play Integrity Classic requests: https://github.com/jeffDevelops/expo-app-integrity Apple iOS DeviceCkeck attestation and assertion tokens: https://github.com/jeffDevelops/expo-app-integrity

If you need a library to check attestations/assertions from the server side, then check this out: iOS: https://github.com/srinivas1729/appattest-checker-node Android: https://github.com/sam-maverick/server-side-app-integrity-check

SIDE NOTE: Unfortunately, standard requests do not seem to be supported in Kotlin (oddly enough, the Android official documentation does not give code snippets for Kotlin, and we have checked empirically that the Kotlin compiler does not accept the classes required for the standard requests of the API), so we have written a separate library with Java code. We also found difficulties in adapting jeffDevelops library to merge with Java, so we ended up writing a new library.

Installation

npm install app-integrity-android-standard

Usage

You need to call and await the DoWarmup function before calling the GetToken function for standard requests; otherwise you will get a promise rejection.

DoWarmup()

Does the warmup to prepare the device to issue standard requests. This requires network connection to the Google servers via internet.

import * as AppIntegrityAndroidStandard from 'app-integrity-android-standard';

await AppIntegrityAndroidStandard.DoWarmup(
  GoogleCloudProjectNumber  // in String format
);

GetToken()

Generates an attestation object for a standard request, from the hash of the operation you want to attest (or from the nonce that the user obtained from your app server). You will need to pass this object to your app server to verify its validity (I suggest this library).

import * as AppIntegrityAndroidStandard from 'app-integrity-android-standard';

let attestationTokenObject = await AppIntegrityAndroidStandard.GetToken(
  clientHash,  // Hash of the operation or nonce
  GoogleCloudProjectNumber  // in String format
);

How to debug

Change the logLevel to something appropriate for you, in your node_modules/app-integrity-android-standard/android/src/main/java/pt/lasige/appintegrityandroidstandard/Module.java

Make sure your device is connected to your computer and that it is recognized when issuing adb devices. Also make sure that no Android emulators are running.

Run adb logcat -s "AppIntegrityAndroidStandard" on the command line.

Execute your bare workflow to build and run the app.

Acknowledgements

The project that gave rise to these results received the support of a fellowship from ”la Caixa” Foundation (ID 100010434). The fellowship code is LCF/BQ/DI22/11940036. This work was also supported by FCT through the LASIGE Research Unit (UIDB/00408/2020 and UIDP/00408/2020).

License

This work is licensed under the MIT license. See LICENSE for details.