@capawesome/capacitor-passkeys 0.0.1 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -1,4 +1,4 @@
1
- # @capawesome/capacitor-passkeys
1
+ # Capacitor Passkeys Plugin
2
2
 
3
3
  Capacitor plugin to create and authenticate with [passkeys](https://fidoalliance.org/passkeys/) based on the [WebAuthn](https://www.w3.org/TR/webauthn-2/) standard.
4
4
 
@@ -10,22 +10,27 @@ Capacitor plugin to create and authenticate with [passkeys](https://fidoalliance
10
10
 
11
11
  ## Features
12
12
 
13
- We are proud to offer one of the most complete and feature-rich Capacitor plugins for passkeys. Here are some of the key features:
13
+ The Capacitor Passkeys plugin is one of the most complete passkey authentication solutions for Capacitor apps. Here are some of the key features:
14
14
 
15
15
  - 🔐 **Passkey creation**: Register new passkeys with the platform authenticator.
16
16
  - 🔑 **Passkey authentication**: Authenticate users with their existing passkeys.
17
17
  - 🌐 **WebAuthn standard**: Uses the WebAuthn JSON serialization so any WebAuthn server library works unchanged.
18
18
  - 📱 **Availability check**: Check if passkeys are available on the device.
19
19
  - 🖥️ **Web support**: Full web support via the native WebAuthn browser API.
20
- - 🔗 **Compatibility**: Works alongside the [Biometrics](https://capawesome.io/plugins/biometrics/) and [OAuth](https://capawesome.io/plugins/oauth/) plugins.
20
+ - 🤝 **Compatibility**: Works alongside the [Biometrics](https://capawesome.io/docs/sdks/capacitor/biometrics/) and [OAuth](https://capawesome.io/docs/sdks/capacitor/oauth/) plugins.
21
21
  - 📦 **CocoaPods & SPM**: Supports CocoaPods and Swift Package Manager for iOS.
22
22
  - 🔁 **Up-to-date**: Always supports the latest Capacitor version.
23
23
 
24
24
  Missing a feature? Just [open an issue](https://github.com/capawesome-team/capacitor-plugins/issues) and we'll take a look!
25
25
 
26
- ## Newsletter
26
+ ## Use Cases
27
27
 
28
- Stay up to date with the latest news and updates about the Capawesome, Capacitor, and Ionic ecosystem by subscribing to our [Capawesome Newsletter](https://cloud.capawesome.io/newsletter/).
28
+ The Passkeys plugin is typically used to modernize the authentication of an app, for example:
29
+
30
+ - **Passwordless sign-in**: Let users authenticate with a passkey instead of typing a password.
31
+ - **Passkey enrollment**: Let existing users register a passkey for their account after they signed in with their current credentials.
32
+ - **Progressive enhancement**: Check with `isAvailable()` whether passkeys are supported on the device and offer them as an alternative to your existing login.
33
+ - **Server integration**: Pass the options and results of any WebAuthn server library through unchanged, thanks to the WebAuthn JSON serialization.
29
34
 
30
35
  ## Compatibility
31
36
 
@@ -122,6 +127,12 @@ No configuration required for this plugin.
122
127
 
123
128
  ## Usage
124
129
 
130
+ The following examples show how to create a new passkey, authenticate with an existing passkey, and check whether passkeys are available on the device.
131
+
132
+ ### Create a new passkey
133
+
134
+ Register a new passkey for a user account. In a real app, the options must be provided by your WebAuthn server, and the result must be passed back to it for verification:
135
+
125
136
  ```typescript
126
137
  import { Passkeys } from '@capawesome/capacitor-passkeys';
127
138
 
@@ -150,6 +161,14 @@ const createPasskey = async () => {
150
161
  // e.g. via `verifyRegistrationResponse()` from SimpleWebAuthn.
151
162
  return result;
152
163
  };
164
+ ```
165
+
166
+ ### Authenticate with an existing passkey
167
+
168
+ Sign a user in with a passkey that was previously created for your relying party. Again, the options come from your WebAuthn server and the result is verified by it:
169
+
170
+ ```typescript
171
+ import { Passkeys } from '@capawesome/capacitor-passkeys';
153
172
 
154
173
  const getPasskey = async () => {
155
174
  // In a real app, the options must be provided by your WebAuthn server,
@@ -163,6 +182,14 @@ const getPasskey = async () => {
163
182
  // e.g. via `verifyAuthenticationResponse()` from SimpleWebAuthn.
164
183
  return result;
165
184
  };
185
+ ```
186
+
187
+ ### Check if passkeys are available
188
+
189
+ Check whether passkeys are available on the device before offering them in your login UI. On Android, this returns `true` if the device runs Android 9 (API level 28) or higher. On iOS, this always returns `true`. On Web, this returns `true` if the browser supports WebAuthn and a user-verifying platform authenticator is available:
190
+
191
+ ```typescript
192
+ import { Passkeys } from '@capawesome/capacitor-passkeys';
166
193
 
167
194
  const isAvailable = async () => {
168
195
  const { available } = await Passkeys.isAvailable();
@@ -463,6 +490,47 @@ Keep the following in mind when testing your passkey integration:
463
490
 
464
491
  Conditional UI (passkey autofill) is not supported by this plugin. The operating system autofill integrations target native text fields, not HTML inputs in a web view.
465
492
 
493
+ ## FAQ
494
+
495
+ ### How is this plugin different from other similar plugins?
496
+
497
+ It implements the full WebAuthn standard using the JSON serialization, so the options and results from any WebAuthn server library pass through unchanged on Android, iOS, and the Web. Passkey creation, authentication, and an `isAvailable()` capability check are all covered through a fully typed, actively maintained API. If you only need a local face or fingerprint check, a simpler biometric setup is enough; if you want to replace passwords with server-verified passkeys across every platform, this plugin is designed for exactly that.
498
+
499
+ ### Why do the plugin methods reject with the `DOMAIN_NOT_ASSOCIATED` error code?
500
+
501
+ This error means that your app is not associated with the domain of the relying party (`rp.id` / `rpId`). On Android, you must host a Digital Asset Links file at `https://<your-domain>/.well-known/assetlinks.json` that delegates the `common.get_login_creds` permission to your app. On iOS, you must add the Associated Domains capability with the `webcredentials` service type and host a matching `apple-app-site-association` file. See the [Installation](#installation) section for the details. Also keep in mind that changes to these files can take some time to propagate, as they are cached by Apple and Google.
502
+
503
+ ### Do I need my own WebAuthn server to use this plugin?
504
+
505
+ Yes. The challenges shown in the examples are only placeholders. In production, the options for `createPasskey(...)` and `getPasskey(...)` must be generated by a WebAuthn server, and the results must be verified by it, for example with a library such as [SimpleWebAuthn](https://simplewebauthn.dev/). Since the plugin uses the WebAuthn JSON serialization, any WebAuthn server library works unchanged.
506
+
507
+ ### Which devices support passkeys?
508
+
509
+ On Android, passkeys are supported on Android 9 (API level 28) and higher with an available credential provider such as Google Password Manager. On iOS, passkeys are supported on iOS 15 and higher. On the web, passkeys are supported in browsers that implement WebAuthn with a user-verifying platform authenticator. Use the `isAvailable()` method to check the availability at runtime.
510
+
511
+ ### Does this plugin support passkey autofill (Conditional UI)?
512
+
513
+ No, Conditional UI is not supported. The operating system autofill integrations target native text fields, not HTML inputs in a web view. See the [Limitations](#limitations) section for more details.
514
+
515
+ ### What is the difference between this plugin and the Biometrics plugin?
516
+
517
+ The [Biometrics](https://capawesome.io/docs/sdks/capacitor/biometrics/) plugin performs a local biometric check (e.g. face or fingerprint recognition) on the device, for example to protect a screen inside your app. The Passkeys plugin implements the WebAuthn standard, where the authentication is cryptographically verified by your server, making it suitable to replace password-based sign-in entirely.
518
+
519
+ ### Can I use this plugin with Ionic, React, Vue or Angular?
520
+
521
+ Yes, the plugin is framework-agnostic. It works in any Capacitor app regardless of the web framework, including Ionic with Angular, React, or Vue, as well as plain JavaScript projects.
522
+
523
+ ## Related Plugins
524
+
525
+ - [Biometrics](https://capawesome.io/docs/sdks/capacitor/biometrics/): Request biometric authentication, such as face or fingerprint recognition.
526
+ - [OAuth](https://capawesome.io/docs/sdks/capacitor/oauth/): Communicate with OAuth 2.0 and OpenID Connect providers.
527
+ - [Secure Preferences](https://capawesome.io/docs/sdks/capacitor/secure-preferences/): Securely store key/value pairs such as passwords or tokens.
528
+ - [Password Autofill](https://capawesome.io/docs/sdks/capacitor/password-autofill/): Save passwords to the platform credential store.
529
+
530
+ ## Newsletter
531
+
532
+ Stay up to date with the latest news and updates about the Capawesome, Capacitor, and Ionic ecosystem by subscribing to our [Capawesome Newsletter](https://cloud.capawesome.io/newsletter/).
533
+
466
534
  ## Changelog
467
535
 
468
536
  See [CHANGELOG.md](https://github.com/capawesome-team/capacitor-plugins/blob/main/packages/passkeys/CHANGELOG.md).
@@ -31,7 +31,7 @@ android {
31
31
  buildTypes {
32
32
  release {
33
33
  minifyEnabled false
34
- proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
34
+ proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
35
35
  }
36
36
  }
37
37
  lintOptions {
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@capawesome/capacitor-passkeys",
3
- "version": "0.0.1",
4
- "description": "Capacitor plugin to create and authenticate with passkeys (WebAuthn).",
3
+ "version": "0.1.1",
4
+ "description": "Capacitor plugin to create and authenticate with passkeys (WebAuthn) on Android, iOS, and Web.",
5
5
  "main": "dist/plugin.cjs.js",
6
6
  "module": "dist/esm/index.js",
7
7
  "types": "dist/esm/index.d.ts",
@@ -33,11 +33,19 @@
33
33
  "url": "https://opencollective.com/capawesome"
34
34
  }
35
35
  ],
36
- "homepage": "https://capawesome.io/docs/plugins/passkeys/",
36
+ "homepage": "https://capawesome.io/docs/sdks/capacitor/passkeys/",
37
37
  "keywords": [
38
38
  "capacitor",
39
39
  "plugin",
40
- "native"
40
+ "native",
41
+ "capacitor-plugin",
42
+ "passkeys",
43
+ "passkey",
44
+ "webauthn",
45
+ "fido2",
46
+ "passwordless",
47
+ "authentication",
48
+ "credential manager"
41
49
  ],
42
50
  "scripts": {
43
51
  "verify": "npm run verify:ios && npm run verify:android && npm run verify:web",