wultra / mtoken-sdk-android Goto Github PK
View Code? Open in Web Editor NEWPowerAuth based Mobile Token SDK for Android
License: Apache License 2.0
PowerAuth based Mobile Token SDK for Android
License: Apache License 2.0
We should parse the inbox message here
https://github.com/wultra/mtoken-sdk-android/blob/develop/library/src/main/java/com/wultra/android/mtokensdk/push/PushParser.kt#L41
as we do for operations.
the map that comes from the push:
{messageType=mtoken.inboxMessage.new, inboxId=4c734361-a764-48f2-840d-405de2f8fa2a}
To follow the same pattern across the company libraries.
Same as wultra/mtoken-sdk-ios#26
Add section, where we explain that the QR operations are 2FA only and the biometry is allowed based on the property in flags
.
Similar to the iOS version: wultra/mtoken-sdk-ios#31
According a wultra/enrollment-server#493
Specifically the section around the original e
exception - add some example of what this exception can usually be
Based on the backend implementation
Upgrade project to support PowerAuth mobile SDK 1.7.x
Otherwise, the SDK crashes during the deserialization of the backend.
The following page contains a dead link to ApiError
class on Github:
https://developers.wultra.com/components/mtoken-sdk-android/1.3.x/documentation/Error-Handling
Update format of the documentation to follow Developer Portal "basics".
For example like documentation for https://github.com/wultra/react-native-powerauth-mobile-sdk
We should provide a helper method for verifying that a push message is a "mtoken" one.
This is redundant. Improve and use QROperationParser.parse
.
To be consistent with iOS
Right now, we support only possession_knowledge
and possession_biometry
as signature factors. For 1FA, possession is "automatic".
We should add (to at least allow to parse and throw away) the possession
factor because it's in a lot of places in our documentation for backends
Operation
class and classes around it (like attributes etc.) should be documented much better.
Right now, the polling starts after the given polling time.
LocalOperation
The kotlin-doc and also markdown documentation should mention that using noValidation
can lead to use of unsafe HostnameVerifier and X509TrustManager. See our documentation in PowerAuth mobile SDK.
Poweruth exception can occur (synchronously). This should be handled in an async way.
As in our product.
In Api.kt:59
onResponse
call, the try/catch should be around the whole method to prevent a crash in malformed or unexpected response.
IPushService
and IOperationsService
are using listener interfaces for the asynchronous operation completion. We should rewrite both services to use callbacks with kotlin's Result<T>
object. The only caveat is that we have to introduce a ApiErrorException
because the legacy ApiError
doesn't inherit from Throwable
and therefore is not compatible with Result<T>
.
The SDK uses the /operation/authorize/offline
value, but this is not mentioned anywhere in the docs. Therefore, the developers who build the server-side part themselves have hard time figuring out how the set the server-side constant and usually make a wrong guess. We should:
Do not edit this section. We use it to link the issue to the appropriate document. โ
This library suppose to be licensed under Apache 2.0, but a lot of source codes still use a commercial Wultra license. This is due to fact that the library was created from our internal closed source project. This should be fixed to do not raise questions about the licensing.
Based on the backend implementation
Get rid of the 2 methods for offline signing and use PowerAuthAuthentication object instead.
The same approach is in iOS counterpart.
Operation
objectQROperation
objectgetOperations
API that the result is based on acceptLanguage
valueWe are using ThreeTen Android Backport
, but its development is being stopped, we should move away from it.
As stated on their github: https://github.com/JakeWharton/ThreeTenABP
Attention: Development on this library is winding down. Please consider switching to Android Gradle plugin 4.0, java.time.*, and its core library desugaring feature in the coming months.
and run on github CI
reflect changes from wultra/enrollment-server#747
It looks like there's discrepancy between declared minimum supported SDK in documentation and actual value set in build scripts:
Extract id
and data
properties into an interface.
Implement LocalOperation
class that implements this interface.
Make UserOperation
to implement this interface.
Make approve
and reject
endpoints to consume this interface instead of UserOperation
.
The enrollment server will return the current timestamp in the new API enhancement (wultra/enrollment-server#667).
We should provide SDK API for obtaining the current server time.
iOS implementation: wultra/mtoken-sdk-ios#112
To fully support PowerAuth mobile SDK 1.7.x, we have to upgrade dependency on PowerAuth Networking to version 1.1.0 once is released.
Related to #69
Related to wultra/networking-android#19
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.