Skip to content

feat: add configurable biometric authentication policies for SecureCredentialsManager #867

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Nov 17, 2025
Merged

feat: add configurable biometric authentication policies for SecureCredentialsManager #867

merged 13 commits into from
Nov 17, 2025
+444 −5

Conversation

@subhankarmaiti
Copy link
Contributor

@subhankarmaiti subhankarmaiti commented Sep 8, 2025
edited
Loading

Changes

This PR introduces configurable biometric authentication policies for SecureCredentialsManager, allowing developers to control when biometric prompts are shown when accessing stored credentials. This enhancement improves user experience by reducing authentication friction while maintaining security.

References

auth0/react-native-auth0#687 (comment)

Testing

  1. Run the included unit tests: ./gradlew :auth0:testDebugUnitTest --tests "*BiometricPolicyTest"
  2. Use the sample app to test different policies:
    • Always Policy: Biometric prompt appears every time
    • Session Policy (5 min): Prompt appears once, then cached for 5 minutes
    • AppLifecycle Policy: Prompt appears once until app restart or manual clear
  • This change adds unit test coverage
  • This change adds integration test coverage
  • This change has been tested on the latest version of the platform/language or why not

Checklist

@subhankarmaiti subhankarmaiti requested a review from a team as a code owner September 8, 2025 06:43
@pmathew92 pmathew92 requested a review from Copilot September 9, 2025 07:46
Copilot AI reviewed Sep 9, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds configurable biometric authentication policies to SecureCredentialsManager, allowing developers to control when biometric prompts are shown based on different authentication strategies (Always, Session-based, or App Lifecycle-based).

Key changes:

  • Introduction of BiometricPolicy sealed class with three policy types
  • Enhanced LocalAuthenticationOptions to include policy configuration
  • Session management functionality in SecureCredentialsManager

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
BiometricPolicy.kt New sealed class defining three biometric authentication policies
LocalAuthenticationOptions.kt Added policy parameter and builder method for biometric policy configuration
SecureCredentialsManager.kt Integrated session validation logic and biometric session management
SecureCredentialsManagerBiometricPolicyTest.kt Comprehensive test coverage for new biometric policy functionality
EXAMPLES.md Updated documentation with examples and explanations of BiometricPolicy usage

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@pmathew92 pmathew92 requested a review from Copilot September 30, 2025 06:04
Copilot AI reviewed Sep 30, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.

@subhankarmaiti subhankarmaiti mentioned this pull request Nov 16, 2025
Open
7 tasks
@subhankarmaiti subhankarmaiti merged commit e937921 into main Nov 17, 2025
13 checks passed
@subhankarmaiti subhankarmaiti deleted the SDK-6524-biometric-policy branch November 17, 2025 09:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@pmathew92 pmathew92 pmathew92 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@subhankarmaiti @pmathew92