capacitor-freerasp 1.0.0 → 1.2.0

package/README.md

@@ -1,6 +1,6 @@
 ![FreeRasp](https://raw.githubusercontent.com/talsec/Free-RASP-Community/master/visuals/freeRASP.png)
 
-![GitHub Repo stars](https://img.shields.io/github/stars/talsec/Free-RASP-Community?color=green) ![GitHub](https://img.shields.io/github/license/talsec/Free-RASP-Community) ![GitHub](https://img.shields.io/github/last-commit/talsec/Free-RASP-Community) ![Publisher](https://img.shields.io/pub/publisher/freerasp)
+![GitHub Repo stars](https://img.shields.io/github/stars/talsec/Free-RASP-Community?color=green) ![GitHub](https://img.shields.io/github/license/talsec/Free-RASP-Community) ![GitHub](https://img.shields.io/github/last-commit/talsec/Free-RASP-Community) ![Publisher](https://img.shields.io/pub/publisher/freerasp) [![42matters](https://42matters.com/badges/sdk-installations/freerasp)](https://42matters.com/sdks/android/freerasp)
 
 # freeRASP for Capacitor
 
@@ -73,7 +73,7 @@ We will guide you step-by-step, but you can always check the expected result in
 
 ### Android
 
-freeRASP for Android requires a minimum **SDK** level of **23**. Capacitor projects, by default, support even lower levels of minimum SDK. This creates an inconsistency we must solve by updating the minimum SDK level of the application:
+freeRASP for Android requires a **minSdkVersion** level of **>=23** and a **targetSdkVersion** level of **>=33**. Some Capacitor projects, by default, support even lower levels of minimum and target SDKs. This creates an inconsistency we must solve by updating the SDK levels of the application:
 
 1. From the root of your project, go to **android > variables.gradle** (or equivalent).
 1. In **ext**, update **minSdkVersion** to at least **23** (Android 6.0) or higher and **compileSdkVersion** to **33** (Android 13).
@@ -106,7 +106,7 @@ const config = {
   androidConfig: {
     packageName: 'com.capacitor.example',
     certificateHashes: ['yourSigningCertificateHashBase64'],
-    supportedAlternativeStores: ['storeOne', 'storeTwo'],
+    supportedAlternativeStores: ['com.sec.android.app.samsungapps'],
   },
   iosConfig: {
     appBundleId: 'com.capacitor.example',
@@ -123,7 +123,7 @@ const config = {
 
    - `packageName` _: string_ - package name of your app you chose when you created it
    - `certificateHashes` _: string[]_ - hash of the certificate of the key which was used to sign the application. **Hash which is passed here must be encoded in Base64 form.** If you are not sure how to get your certificate hash, you can check out the guide on our [Github wiki](https://github.com/talsec/Free-RASP-Community/wiki/Getting-your-signing-certificate-hash-of-app). Multiple hashes are supported, e.g. if you are using a different one for the Huawei App Gallery.
-   - `supportedAlternativeStores` _: string[] | undefined_ - If you publish on the Google Play Store and/or Huawei AppGallery, you **don't have to assign anything** there as those are supported out of the box.
+   - `supportedAlternativeStores` _: string[] | undefined_ - Google Play Store and Huawei AppGallery are supported out of the box, you **don't have to assign anything**. You can add other stores like the Samsung Galaxy Store in the example code (`com.sec.android.app.samsungapps`). For more information, visit the [Detecting Unofficial Installation](https://github.com/talsec/Free-RASP-Community/wiki/Threat-detection#detecting-unofficial-installation) wiki page.
 
 1. `iosConfig` _: object | undefined_ - required for iOS devices, has following keys:
    - `appBundleId` _: string_ - Bundle ID of your app

package/android/build.gradle

@@ -71,5 +71,5 @@ dependencies {
     androidTestImplementation "androidx.test.ext:junit:$androidxJunitVersion"
     androidTestImplementation "androidx.test.espresso:espresso-core:$androidxEspressoCoreVersion"
     
-    implementation 'com.aheaditec.talsec.security:TalsecSecurity-Community-Capacitor:8.2.0'
+    implementation 'com.aheaditec.talsec.security:TalsecSecurity-Community-Capacitor:9.0.0'
 }

package/android/src/main/java/com/aheaditec/freerasp/FreeraspPlugin.kt

@@ -8,16 +8,17 @@ import com.getcapacitor.Plugin
 import com.getcapacitor.PluginCall
 import com.getcapacitor.PluginMethod
 import com.getcapacitor.annotation.CapacitorPlugin
+import org.json.JSONArray
 import java.lang.Exception
 
 @CapacitorPlugin(name = "Freerasp")
-class FreeraspPlugin : Plugin(), ThreatListener.DeviceState, ThreatListener.ThreatDetected {
+class FreeraspPlugin : Plugin() {
 
-    private val listener = ThreatListener(this, this)
+    private val threatHandler = TalsecThreatHandler(this)
+    private val listener = ThreatListener(threatHandler, threatHandler)
     private var registered = true
-    private val emptyData = JSObject()
 
-    @PluginMethod()
+    @PluginMethod
     fun talsecStart(call: PluginCall) {
         val config = call.getObject("config")
         if (config == null) {
@@ -48,46 +49,41 @@ class FreeraspPlugin : Plugin(), ThreatListener.DeviceState, ThreatListener.Thre
         }
     }
 
-    override fun onRootDetected() {
-        notifyListeners("privilegedAccess", emptyData, true)
+    /**
+     * Method to get the random identifiers of callbacks
+     */
+    @PluginMethod
+    fun getThreatIdentifiers(call: PluginCall) {
+        call.resolve(JSObject().put("ids", Threat.getThreatValues()))
     }
 
-    override fun onDebuggerDetected() {
-        notifyListeners("debug", emptyData, true)
-    }
-
-    override fun onEmulatorDetected() {
-        notifyListeners("simulator", emptyData, true)
-    }
-
-    override fun onTamperDetected() {
-        notifyListeners("appIntegrity", emptyData, true)
-    }
-
-    override fun onUntrustedInstallationSourceDetected() {
-        notifyListeners("unofficialStore", emptyData, true)
-    }
-
-    override fun onHookDetected() {
-        notifyListeners("hooks", emptyData, true)
-    }
-
-    override fun onDeviceBindingDetected() {
-        notifyListeners("deviceBinding", emptyData, true)
+    /**
+     * Method to setup the message passing between native and React Native
+     * @return list of [THREAT_CHANNEL_NAME, THREAT_CHANNEL_KEY]
+     */
+    @PluginMethod
+    fun getThreatChannelData(call: PluginCall) {
+        val channelData = JSONArray(
+            (listOf(
+                THREAT_CHANNEL_NAME, THREAT_CHANNEL_KEY
+            ))
+        )
+        call.resolve(JSObject().put("ids", channelData))
     }
 
-    override fun onUnlockedDeviceDetected() {
-        notifyListeners("passcode", emptyData, true)
+    /**
+     * We never send an invalid callback over our channel.
+     * Therefore, if this happens, we want to kill the app.
+     */
+    @PluginMethod
+    fun onInvalidCallback() {
+        android.os.Process.killProcess(android.os.Process.myPid())
     }
 
-    override fun onHardwareBackedKeystoreNotAvailableDetected() {
-        notifyListeners("secureHardwareNotAvailable", emptyData, true)
+    internal fun notifyListeners(threat: Threat) {
+        notifyListeners(THREAT_CHANNEL_NAME, JSObject().put(THREAT_CHANNEL_KEY, threat.value), true)
     }
 
-   override fun onObfuscationIssuesDetected() {
-       notifyListeners("obfuscationIssues", emptyData, true)
-   }
-
     private fun parseTalsecConfigThrowing(configJson: JSObject): TalsecConfig {
         val androidConfig = configJson.getJSONObject("androidConfig")
         val packageName = androidConfig.getString("packageName")
@@ -117,4 +113,11 @@ class FreeraspPlugin : Plugin(), ThreatListener.DeviceState, ThreatListener.Thre
             isProd
         )
     }
+
+    companion object {
+        private val THREAT_CHANNEL_NAME = (10000..999999999).random()
+            .toString() // name of the channel over which threat callbacks are sent
+        private val THREAT_CHANNEL_KEY = (10000..999999999).random()
+            .toString() // key of the argument map under which threats are expected
+    }
 }

package/android/src/main/java/com/aheaditec/freerasp/Threat.kt

@@ -0,0 +1,44 @@
+package com.aheaditec.freerasp
+
+import org.json.JSONArray
+
+/**
+ * Sealed class to represent the error codes.
+ *
+ * Sealed classes are used because of obfuscation - enums classes are not obfuscated well enough.
+ *
+ * @property value integer value of the error code.
+ */
+internal sealed class Threat(val value: Int) {
+    object AppIntegrity : Threat((10000..999999999).random())
+    object PrivilegedAccess : Threat((10000..999999999).random())
+    object Debug : Threat((10000..999999999).random())
+    object Hooks : Threat((10000..999999999).random())
+    object Passcode : Threat((10000..999999999).random())
+    object Simulator : Threat((10000..999999999).random())
+    object SecureHardwareNotAvailable : Threat((10000..999999999).random())
+    object DeviceBinding : Threat((10000..999999999).random())
+    object UnofficialStore : Threat((10000..999999999).random())
+    object Overlay : Threat((10000..999999999).random())
+    object ObfuscationIssues : Threat((10000..999999999).random())
+
+    companion object {
+        internal fun getThreatValues(): JSONArray {
+            return JSONArray(
+                (listOf(
+                    AppIntegrity.value,
+                    PrivilegedAccess.value,
+                    Debug.value,
+                    Hooks.value,
+                    Passcode.value,
+                    Simulator.value,
+                    SecureHardwareNotAvailable.value,
+                    DeviceBinding.value,
+                    UnofficialStore.value,
+                    Overlay.value,
+                    ObfuscationIssues.value
+                ))
+            )
+        }
+    }
+}

package/android/src/main/java/com/aheaditec/freerasp/ThreatHandler.kt

@@ -0,0 +1,47 @@
+package com.aheaditec.freerasp
+
+import com.aheaditec.talsec_security.security.api.ThreatListener
+
+internal class TalsecThreatHandler(private val instance: FreeraspPlugin) :
+    ThreatListener.ThreatDetected, ThreatListener.DeviceState {
+
+    override fun onRootDetected() {
+        instance.notifyListeners(Threat.PrivilegedAccess)
+    }
+
+    override fun onDebuggerDetected() {
+        instance.notifyListeners(Threat.Debug)
+    }
+
+    override fun onEmulatorDetected() {
+        instance.notifyListeners(Threat.Simulator)
+    }
+
+    override fun onTamperDetected() {
+        instance.notifyListeners(Threat.AppIntegrity)
+    }
+
+    override fun onUntrustedInstallationSourceDetected() {
+        instance.notifyListeners(Threat.UnofficialStore)
+    }
+
+    override fun onHookDetected() {
+        instance.notifyListeners(Threat.Hooks)
+    }
+
+    override fun onDeviceBindingDetected() {
+        instance.notifyListeners(Threat.DeviceBinding)
+    }
+
+    override fun onObfuscationIssuesDetected() {
+        instance.notifyListeners(Threat.ObfuscationIssues)
+    }
+
+    override fun onUnlockedDeviceDetected() {
+        instance.notifyListeners(Threat.Passcode)
+    }
+
+    override fun onHardwareBackedKeystoreNotAvailableDetected() {
+        instance.notifyListeners(Threat.SecureHardwareNotAvailable)
+    }
+}

package/dist/esm/definitions.d.ts

@@ -1,10 +1,17 @@
 export interface FreeraspPlugin {
-    addListener(listener: string, callback: () => any): any;
+    addListener(listener: string, callback: (event: any) => void): any;
     talsecStart(options: {
         config: FreeraspConfig;
     }): Promise<{
         started: boolean;
     }>;
+    onInvalidCallback(): void;
+    getThreatIdentifiers(): Promise<{
+        ids: number[];
+    }>;
+    getThreatChannelData(): Promise<{
+        ids: [string, string];
+    }>;
 }
 export declare type FreeraspConfig = {
     androidConfig?: AndroidConfig;
@@ -34,3 +41,20 @@ export declare type NativeEventEmitterActions = {
     secureHardwareNotAvailable?: () => any;
     obfuscationIssues?: () => any;
 };
+export declare class Threat {
+    value: number;
+    static AppIntegrity: Threat;
+    static PrivilegedAccess: Threat;
+    static Debug: Threat;
+    static Hooks: Threat;
+    static Passcode: Threat;
+    static Simulator: Threat;
+    static SecureHardwareNotAvailable: Threat;
+    static DeviceBinding: Threat;
+    static DeviceID: Threat;
+    static UnofficialStore: Threat;
+    static Overlay: Threat;
+    static ObfuscationIssues: Threat;
+    constructor(value: number);
+    static getValues(): Threat[];
+}

package/dist/esm/definitions.js

@@ -1,2 +1,47 @@
-export {};
+import { Capacitor } from "@capacitor/core";
+export class Threat {
+    constructor(value) {
+        this.value = value;
+    }
+    static getValues() {
+        return Capacitor.getPlatform() === 'android'
+            ? [
+                this.AppIntegrity,
+                this.PrivilegedAccess,
+                this.Debug,
+                this.Hooks,
+                this.Passcode,
+                this.Simulator,
+                this.SecureHardwareNotAvailable,
+                this.DeviceBinding,
+                this.UnofficialStore,
+                this.Overlay,
+                this.ObfuscationIssues,
+            ]
+            : [
+                this.AppIntegrity,
+                this.PrivilegedAccess,
+                this.Debug,
+                this.Hooks,
+                this.Passcode,
+                this.Simulator,
+                this.SecureHardwareNotAvailable,
+                this.DeviceBinding,
+                this.DeviceID,
+                this.UnofficialStore,
+            ];
+    }
+}
+Threat.AppIntegrity = new Threat(0);
+Threat.PrivilegedAccess = new Threat(0);
+Threat.Debug = new Threat(0);
+Threat.Hooks = new Threat(0);
+Threat.Passcode = new Threat(0);
+Threat.Simulator = new Threat(0);
+Threat.SecureHardwareNotAvailable = new Threat(0);
+Threat.DeviceBinding = new Threat(0);
+Threat.DeviceID = new Threat(0);
+Threat.UnofficialStore = new Threat(0);
+Threat.Overlay = new Threat(0);
+Threat.ObfuscationIssues = new Threat(0);
 //# sourceMappingURL=definitions.js.map

package/dist/esm/definitions.js.map

@@ -1 +1 @@
-{"version":3,"file":"definitions.js","sourceRoot":"","sources":["../../src/definitions.ts"],"names":[],"mappings":"","sourcesContent":["export interface FreeraspPlugin {\n  addListener(listener: string, callback: () => any): any;\n  talsecStart(options: { config: FreeraspConfig }): Promise<{ started: boolean }>;\n}\n\nexport type FreeraspConfig = {\n  androidConfig?: AndroidConfig;\n  iosConfig?: IOSConfig;\n  watcherMail: string;\n  isProd?: boolean;\n}\n\nexport type AndroidConfig = {\n  packageName: string;\n  certificateHashes: string[];\n  supportedAlternativeStores?: string[];\n}\n\nexport type IOSConfig = {\n  appBundleId: string;\n  appTeamId: string;\n}\n\nexport type NativeEventEmitterActions = {\n  privilegedAccess?: () => any;\n  debug?: () => any;\n  simulator?: () => any;\n  appIntegrity?: () => any;\n  unofficialStore?: () => any;\n  hooks?: () => any;\n  deviceBinding?: () => any;\n  deviceID?: () => any;\n  passcode?: () => any;\n  secureHardwareNotAvailable?: () => any;\n  obfuscationIssues?: () => any;\n};\n"]}
+{"version":3,"file":"definitions.js","sourceRoot":"","sources":["../../src/definitions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AA0C5C,MAAM,OAAO,MAAM;IAgBjB,YAAY,KAAa;QACvB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,MAAM,CAAC,SAAS;QACd,OAAO,SAAS,CAAC,WAAW,EAAE,KAAK,SAAS;YAC1C,CAAC,CAAC;gBACE,IAAI,CAAC,YAAY;gBACjB,IAAI,CAAC,gBAAgB;gBACrB,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,QAAQ;gBACb,IAAI,CAAC,SAAS;gBACd,IAAI,CAAC,0BAA0B;gBAC/B,IAAI,CAAC,aAAa;gBAClB,IAAI,CAAC,eAAe;gBACpB,IAAI,CAAC,OAAO;gBACZ,IAAI,CAAC,iBAAiB;aACvB;YACH,CAAC,CAAC;gBACE,IAAI,CAAC,YAAY;gBACjB,IAAI,CAAC,gBAAgB;gBACrB,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,QAAQ;gBACb,IAAI,CAAC,SAAS;gBACd,IAAI,CAAC,0BAA0B;gBAC/B,IAAI,CAAC,aAAa;gBAClB,IAAI,CAAC,QAAQ;gBACb,IAAI,CAAC,eAAe;aACrB,CAAC;IACR,CAAC;;AA5CM,mBAAY,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC7B,uBAAgB,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACjC,YAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,YAAK,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,eAAQ,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACzB,gBAAS,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,iCAA0B,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC3C,oBAAa,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAC9B,eAAQ,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACzB,sBAAe,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AAChC,cAAO,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC;AACxB,wBAAiB,GAAG,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC","sourcesContent":["import { Capacitor } from \"@capacitor/core\";\n\nexport interface FreeraspPlugin {\n  addListener(listener: string, callback: (event: any) => void): any;\n  talsecStart(options: { config: FreeraspConfig }): Promise<{ started: boolean }>;\n  onInvalidCallback(): void;\n  getThreatIdentifiers(): Promise<{ ids: number[] }>;\n  getThreatChannelData(): Promise<{ ids: [string, string] }>;\n}\n\nexport type FreeraspConfig = {\n  androidConfig?: AndroidConfig;\n  iosConfig?: IOSConfig;\n  watcherMail: string;\n  isProd?: boolean;\n}\n\nexport type AndroidConfig = {\n  packageName: string;\n  certificateHashes: string[];\n  supportedAlternativeStores?: string[];\n}\n\nexport type IOSConfig = {\n  appBundleId: string;\n  appTeamId: string;\n}\n\nexport type NativeEventEmitterActions = {\n  privilegedAccess?: () => any;\n  debug?: () => any;\n  simulator?: () => any;\n  appIntegrity?: () => any;\n  unofficialStore?: () => any;\n  hooks?: () => any;\n  deviceBinding?: () => any;\n  deviceID?: () => any;\n  passcode?: () => any;\n  secureHardwareNotAvailable?: () => any;\n  obfuscationIssues?: () => any;\n};\n\nexport class Threat {\n  value: number;\n\n  static AppIntegrity = new Threat(0);\n  static PrivilegedAccess = new Threat(0);\n  static Debug = new Threat(0);\n  static Hooks = new Threat(0);\n  static Passcode = new Threat(0);\n  static Simulator = new Threat(0);\n  static SecureHardwareNotAvailable = new Threat(0);\n  static DeviceBinding = new Threat(0);\n  static DeviceID = new Threat(0);\n  static UnofficialStore = new Threat(0);\n  static Overlay = new Threat(0);\n  static ObfuscationIssues = new Threat(0);\n\n  constructor(value: number) {\n    this.value = value;\n  }\n\n  static getValues(): Threat[] {\n    return Capacitor.getPlatform() === 'android'\n      ? [\n          this.AppIntegrity,\n          this.PrivilegedAccess,\n          this.Debug,\n          this.Hooks,\n          this.Passcode,\n          this.Simulator,\n          this.SecureHardwareNotAvailable,\n          this.DeviceBinding,\n          this.UnofficialStore,\n          this.Overlay,\n          this.ObfuscationIssues,\n        ]\n      : [\n          this.AppIntegrity,\n          this.PrivilegedAccess,\n          this.Debug,\n          this.Hooks,\n          this.Passcode,\n          this.Simulator,\n          this.SecureHardwareNotAvailable,\n          this.DeviceBinding,\n          this.DeviceID,\n          this.UnofficialStore,\n        ];\n  }\n}\n"]}

package/dist/esm/index.js

@@ -1,16 +1,78 @@
-import { Capacitor, registerPlugin } from '@capacitor/core';
+import { registerPlugin } from '@capacitor/core';
+import { Threat } from './definitions';
+import { getThreatCount, itemsHaveType } from './utils';
 const activeListeners = [];
 const Freerasp = registerPlugin('Freerasp', {
     web: () => import('./web').then(m => new m.FreeraspWeb()),
 });
+const onInvalidCallback = () => {
+    Freerasp.onInvalidCallback();
+};
+const getThreatIdentifiers = async () => {
+    const { ids } = await Freerasp.getThreatIdentifiers();
+    if (ids.length !== getThreatCount() || !itemsHaveType(ids, 'number')) {
+        onInvalidCallback();
+    }
+    return ids;
+};
+const getThreatChannelData = async () => {
+    const { ids } = await Freerasp.getThreatChannelData();
+    if (ids.length !== 2 || !itemsHaveType(ids, 'string')) {
+        onInvalidCallback();
+    }
+    return ids;
+};
+const prepareMapping = async () => {
+    const newValues = await getThreatIdentifiers();
+    const threats = Threat.getValues();
+    threats.map((threat, index) => {
+        threat.value = newValues[index];
+    });
+};
 const setThreatListeners = async (callbacks) => {
-    for (const [threat, action] of Object.entries(callbacks)) {
-        if ((threat === 'obfuscationIssues' && Capacitor.getPlatform() === 'ios') || (action === undefined)) {
-            continue;
+    const [channel, key] = await getThreatChannelData();
+    await prepareMapping();
+    await Freerasp.addListener(channel, (event) => {
+        var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k;
+        if (event[key] === undefined) {
+            onInvalidCallback();
         }
-        const listener = await Freerasp.addListener(threat, action);
-        activeListeners.push(listener);
-    }
+        switch (event[key]) {
+            case Threat.PrivilegedAccess.value:
+                (_a = callbacks.privilegedAccess) === null || _a === void 0 ? void 0 : _a.call(callbacks);
+                break;
+            case Threat.Debug.value:
+                (_b = callbacks.debug) === null || _b === void 0 ? void 0 : _b.call(callbacks);
+                break;
+            case Threat.Simulator.value:
+                (_c = callbacks.simulator) === null || _c === void 0 ? void 0 : _c.call(callbacks);
+                break;
+            case Threat.AppIntegrity.value:
+                (_d = callbacks.appIntegrity) === null || _d === void 0 ? void 0 : _d.call(callbacks);
+                break;
+            case Threat.UnofficialStore.value:
+                (_e = callbacks.unofficialStore) === null || _e === void 0 ? void 0 : _e.call(callbacks);
+                break;
+            case Threat.Hooks.value:
+                (_f = callbacks.hooks) === null || _f === void 0 ? void 0 : _f.call(callbacks);
+                break;
+            case Threat.DeviceBinding.value:
+                (_g = callbacks.deviceBinding) === null || _g === void 0 ? void 0 : _g.call(callbacks);
+                break;
+            case Threat.Passcode.value:
+                (_h = callbacks.passcode) === null || _h === void 0 ? void 0 : _h.call(callbacks);
+                break;
+            case Threat.SecureHardwareNotAvailable.value:
+                (_j = callbacks.secureHardwareNotAvailable) === null || _j === void 0 ? void 0 : _j.call(callbacks);
+                break;
+            case Threat.ObfuscationIssues.value:
+                (_k = callbacks.obfuscationIssues) === null || _k === void 0 ? void 0 : _k.call(callbacks);
+                break;
+            default:
+                onInvalidCallback();
+                break;
+        }
+    });
 };
 const removeThreatListeners = () => {
     activeListeners.forEach((listener) => listener.remove());

package/dist/esm/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAI5D,MAAM,eAAe,GAAU,EAAE,CAAC;AAElC,MAAM,QAAQ,GAAG,cAAc,CAAiB,UAAU,EAAE;IAC1D,GAAG,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;CAC1D,CAAC,CAAC;AAEH,MAAM,kBAAkB,GAAG,KAAK,EAC9B,SAA4E,EAC5E,EAAE;IAEF,KAAK,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE;QACxD,IAAI,CAAC,MAAM,KAAK,mBAAmB,IAAI,SAAS,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,EAAE;YACnG,SAAS;SACV;QACD,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC5D,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;KAChC;AACH,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,GAAG,EAAE;IACjC,eAAe,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;AAC3D,CAAC,CAAC;AAEF,MAAM,aAAa,GAAG,KAAK,EAAuC,MAAsB,EAAE,SAA6E,EAAE,EAAE;IAEzK,MAAM,kBAAkB,CAAC,SAAS,CAAC,CAAC;IACpC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,EAAC,MAAM,EAAC,CAAC,CAAA;IAExD,OAAO,OAAO,CAAA;AAChB,CAAC,CAAA;AAED,cAAc,eAAe,CAAC;AAC9B,OAAO,EAAE,QAAQ,EAAE,aAAa,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,CAAC","sourcesContent":["import { Capacitor, registerPlugin } from '@capacitor/core';\n\nimport type { FreeraspPlugin, FreeraspConfig, NativeEventEmitterActions } from './definitions';\n\nconst activeListeners: any[] = [];\n\nconst Freerasp = registerPlugin<FreeraspPlugin>('Freerasp', {\n  web: () => import('./web').then(m => new m.FreeraspWeb()),\n});\n\nconst setThreatListeners = async <T extends NativeEventEmitterActions>(\n  callbacks: T & Record<Exclude<keyof T, keyof NativeEventEmitterActions>, []>\n) => {\n\n  for (const [threat, action] of Object.entries(callbacks)) {\n    if ((threat === 'obfuscationIssues' && Capacitor.getPlatform() === 'ios') || (action === undefined)) {\n      continue;\n    }\n    const listener = await Freerasp.addListener(threat, action);\n    activeListeners.push(listener);\n  }\n};\n\nconst removeThreatListeners = () => {\n  activeListeners.forEach((listener) => listener.remove());\n};\n\nconst startFreeRASP = async <T extends NativeEventEmitterActions>(config: FreeraspConfig, reactions:  T & Record<Exclude<keyof T, keyof NativeEventEmitterActions>, []>) => {\n  \n  await setThreatListeners(reactions);\n  const { started } = await Freerasp.talsecStart({config})\n\n  return started\n}\n\nexport * from './definitions';\nexport { Freerasp, startFreeRASP, setThreatListeners, removeThreatListeners };\n"]}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAGjD,OAAO,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AACvC,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAExD,MAAM,eAAe,GAAU,EAAE,CAAC;AAElC,MAAM,QAAQ,GAAG,cAAc,CAAiB,UAAU,EAAE;IAC1D,GAAG,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;CAC1D,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,GAAS,EAAE;IACnC,QAAQ,CAAC,iBAAiB,EAAE,CAAC;AAC/B,CAAC,CAAC;AAEF,MAAM,oBAAoB,GAAG,KAAK,IAAuB,EAAE;IACzD,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,QAAQ,CAAC,oBAAoB,EAAE,CAAC;IACtD,IAAI,GAAG,CAAC,MAAM,KAAK,cAAc,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,QAAQ,CAAC,EAAE;QACpE,iBAAiB,EAAE,CAAC;KACrB;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAEF,MAAM,oBAAoB,GAAG,KAAK,IAA+B,EAAE;IACjE,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,QAAQ,CAAC,oBAAoB,EAAE,CAAC;IACtD,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,QAAQ,CAAC,EAAE;QACrD,iBAAiB,EAAE,CAAC;KACrB;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAEF,MAAM,cAAc,GAAG,KAAK,IAAmB,EAAE;IAC/C,MAAM,SAAS,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;IAEnC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,CAAC,KAAK,GAAG,SAAS,CAAC,KAAK,CAAE,CAAC;IACnC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,KAAK,EAC9B,SAA4E,EAC5E,EAAE;IACA,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,MAAM,oBAAoB,EAAE,CAAC;IACpD,MAAM,cAAc,EAAE,CAAC;IAEvB,MAAM,QAAQ,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC,KAAU,EAAE,EAAE;;QACnD,IAAI,KAAK,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE;YAC5B,iBAAiB,EAAE,CAAC;SACrB;QACD,QAAQ,KAAK,CAAC,GAAG,CAAC,EAAE;YAClB,KAAK,MAAM,CAAC,gBAAgB,CAAC,KAAK;gBAChC,MAAA,SAAS,CAAC,gBAAgB,+CAA1B,SAAS,EAAsB;gBAC/B,MAAM;YACR,KAAK,MAAM,CAAC,KAAK,CAAC,KAAK;gBACrB,MAAA,SAAS,CAAC,KAAK,+CAAf,SAAS,EAAW;gBACpB,MAAM;YACR,KAAK,MAAM,CAAC,SAAS,CAAC,KAAK;gBACzB,MAAA,SAAS,CAAC,SAAS,+CAAnB,SAAS,EAAe;gBACxB,MAAM;YACR,KAAK,MAAM,CAAC,YAAY,CAAC,KAAK;gBAC5B,MAAA,SAAS,CAAC,YAAY,+CAAtB,SAAS,EAAkB;gBAC3B,MAAM;YACR,KAAK,MAAM,CAAC,eAAe,CAAC,KAAK;gBAC/B,MAAA,SAAS,CAAC,eAAe,+CAAzB,SAAS,EAAqB;gBAC9B,MAAM;YACR,KAAK,MAAM,CAAC,KAAK,CAAC,KAAK;gBACrB,MAAA,SAAS,CAAC,KAAK,+CAAf,SAAS,EAAW;gBACpB,MAAM;YACR,KAAK,MAAM,CAAC,aAAa,CAAC,KAAK;gBAC7B,MAAA,SAAS,CAAC,aAAa,+CAAvB,SAAS,EAAmB;gBAC5B,MAAM;YACR,KAAK,MAAM,CAAC,QAAQ,CAAC,KAAK;gBACxB,MAAA,SAAS,CAAC,QAAQ,+CAAlB,SAAS,EAAc;gBACvB,MAAM;YACR,KAAK,MAAM,CAAC,0BAA0B,CAAC,KAAK;gBAC1C,MAAA,SAAS,CAAC,0BAA0B,+CAApC,SAAS,EAAgC;gBACzC,MAAM;YACR,KAAK,MAAM,CAAC,iBAAiB,CAAC,KAAK;gBACjC,MAAA,SAAS,CAAC,iBAAiB,+CAA3B,SAAS,EAAuB;gBAChC,MAAM;YACR;gBACE,iBAAiB,EAAE,CAAC;gBACpB,MAAM;SACT;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,MAAM,qBAAqB,GAAG,GAAG,EAAE;IACjC,eAAe,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;AAC3D,CAAC,CAAC;AAEF,MAAM,aAAa,GAAG,KAAK,EAAuC,MAAsB,EAAE,SAA6E,EAAE,EAAE;IAEzK,MAAM,kBAAkB,CAAC,SAAS,CAAC,CAAC;IACpC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,EAAC,MAAM,EAAC,CAAC,CAAA;IAExD,OAAO,OAAO,CAAA;AAChB,CAAC,CAAA;AAED,cAAc,eAAe,CAAC;AAC9B,OAAO,EAAE,QAAQ,EAAE,aAAa,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,CAAC","sourcesContent":["import { registerPlugin } from '@capacitor/core';\n\nimport type { FreeraspPlugin, FreeraspConfig, NativeEventEmitterActions } from './definitions';\nimport { Threat } from './definitions';\nimport { getThreatCount, itemsHaveType } from './utils';\n\nconst activeListeners: any[] = [];\n\nconst Freerasp = registerPlugin<FreeraspPlugin>('Freerasp', {\n  web: () => import('./web').then(m => new m.FreeraspWeb()),\n});\n\nconst onInvalidCallback = (): void => {\n  Freerasp.onInvalidCallback();\n};\n\nconst getThreatIdentifiers = async (): Promise<number[]> => {\n  const { ids } = await Freerasp.getThreatIdentifiers();\n  if (ids.length !== getThreatCount() || !itemsHaveType(ids, 'number')) {\n    onInvalidCallback();\n  }\n  return ids;\n};\n\nconst getThreatChannelData = async (): Promise<[string, string]> => {\n  const { ids } = await Freerasp.getThreatChannelData();\n  if (ids.length !== 2 || !itemsHaveType(ids, 'string')) {\n    onInvalidCallback();\n  }\n  return ids;\n};\n\nconst prepareMapping = async (): Promise<void> => {\n  const newValues = await getThreatIdentifiers();\n  const threats = Threat.getValues();\n\n  threats.map((threat, index) => {\n    threat.value = newValues[index]!;\n  });\n};\n\nconst setThreatListeners = async <T extends NativeEventEmitterActions>(\n  callbacks: T & Record<Exclude<keyof T, keyof NativeEventEmitterActions>, []>\n) => {\n    const [channel, key] = await getThreatChannelData();\n    await prepareMapping();\n\n    await Freerasp.addListener(channel, (event: any) => {\n    if (event[key] === undefined) {\n      onInvalidCallback();\n    }\n    switch (event[key]) {\n      case Threat.PrivilegedAccess.value:\n        callbacks.privilegedAccess?.();\n        break;\n      case Threat.Debug.value:\n        callbacks.debug?.();\n        break;\n      case Threat.Simulator.value:\n        callbacks.simulator?.();\n        break;\n      case Threat.AppIntegrity.value:\n        callbacks.appIntegrity?.();\n        break;\n      case Threat.UnofficialStore.value:\n        callbacks.unofficialStore?.();\n        break;\n      case Threat.Hooks.value:\n        callbacks.hooks?.();\n        break;\n      case Threat.DeviceBinding.value:\n        callbacks.deviceBinding?.();\n        break;\n      case Threat.Passcode.value:\n        callbacks.passcode?.();\n        break;\n      case Threat.SecureHardwareNotAvailable.value:\n        callbacks.secureHardwareNotAvailable?.();\n        break;\n      case Threat.ObfuscationIssues.value:\n        callbacks.obfuscationIssues?.();\n        break;\n      default:\n        onInvalidCallback();\n        break;\n    }\n  });\n};\n\nconst removeThreatListeners = () => {\n  activeListeners.forEach((listener) => listener.remove());\n};\n\nconst startFreeRASP = async <T extends NativeEventEmitterActions>(config: FreeraspConfig, reactions:  T & Record<Exclude<keyof T, keyof NativeEventEmitterActions>, []>) => {\n  \n  await setThreatListeners(reactions);\n  const { started } = await Freerasp.talsecStart({config})\n\n  return started\n}\n\nexport * from './definitions';\nexport { Freerasp, startFreeRASP, setThreatListeners, removeThreatListeners };\n"]}

package/dist/esm/utils.d.ts

@@ -0,0 +1,2 @@
+export declare const getThreatCount: () => number;
+export declare const itemsHaveType: (data: any[], desiredType: string) => boolean;

package/dist/esm/utils.js

@@ -0,0 +1,8 @@
+import { Threat } from './definitions';
+export const getThreatCount = () => {
+    return Threat.getValues().length;
+};
+export const itemsHaveType = (data, desiredType) => {
+    return data.every(item => typeof item === desiredType);
+};
+//# sourceMappingURL=utils.js.map

package/dist/esm/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAEvC,MAAM,CAAC,MAAM,cAAc,GAAG,GAAW,EAAE;IACzC,OAAO,MAAM,CAAC,SAAS,EAAE,CAAC,MAAM,CAAC;AACnC,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,IAAW,EAAE,WAAmB,EAAW,EAAE;IACzE,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,IAAI,KAAK,WAAW,CAAC,CAAC;AACzD,CAAC,CAAC","sourcesContent":["import { Threat } from './definitions';\n\nexport const getThreatCount = (): number => {\n  return Threat.getValues().length;\n};\n\nexport const itemsHaveType = (data: any[], desiredType: string): boolean => {\n  return data.every(item => typeof item === desiredType);\n};"]}

package/dist/esm/web.d.ts

@@ -1,6 +1,13 @@
 import { WebPlugin } from '@capacitor/core';
 import type { FreeraspPlugin, FreeraspConfig } from './definitions';
 export declare class FreeraspWeb extends WebPlugin implements FreeraspPlugin {
+    onInvalidCallback(): void;
+    getThreatIdentifiers(): Promise<{
+        ids: number[];
+    }>;
+    getThreatChannelData(): Promise<{
+        ids: [string, string];
+    }>;
     talsecStart(_options: {
         config: FreeraspConfig;
     }): Promise<{

package/dist/esm/web.js

@@ -1,5 +1,14 @@
 import { WebPlugin } from '@capacitor/core';
 export class FreeraspWeb extends WebPlugin {
+    onInvalidCallback() {
+        throw new Error('Method not implemented.');
+    }
+    getThreatIdentifiers() {
+        throw new Error('Method not implemented.');
+    }
+    getThreatChannelData() {
+        throw new Error('Method not implemented.');
+    }
     // eslint-disable-next-line @typescript-eslint/no-unused-vars
     async talsecStart(_options) {
         throw new Error('Method not implemented.');

package/dist/esm/web.js.map

@@ -1 +1 @@
-{"version":3,"file":"web.js","sourceRoot":"","sources":["../../src/web.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAI5C,MAAM,OAAO,WAAY,SAAQ,SAAS;IACxC,6DAA6D;IAC7D,KAAK,CAAC,WAAW,CAAC,QAAoC;QACpD,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;CACF","sourcesContent":["import { WebPlugin } from '@capacitor/core';\n\nimport type { FreeraspPlugin, FreeraspConfig } from './definitions';\n\nexport class FreeraspWeb extends WebPlugin implements FreeraspPlugin {\n  // eslint-disable-next-line @typescript-eslint/no-unused-vars\n  async talsecStart(_options: { config: FreeraspConfig }): Promise<{ started: boolean }> {\n    throw new Error('Method not implemented.');\n  }\n}\n"]}
+{"version":3,"file":"web.js","sourceRoot":"","sources":["../../src/web.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAI5C,MAAM,OAAO,WAAY,SAAQ,SAAS;IACxC,iBAAiB;QACf,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IACD,oBAAoB;QAClB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IACD,oBAAoB;QAClB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IACD,6DAA6D;IAC7D,KAAK,CAAC,WAAW,CAAC,QAAoC;QACpD,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;CACF","sourcesContent":["import { WebPlugin } from '@capacitor/core';\n\nimport type { FreeraspPlugin, FreeraspConfig } from './definitions';\n\nexport class FreeraspWeb extends WebPlugin implements FreeraspPlugin {\n  onInvalidCallback(): void {\n    throw new Error('Method not implemented.');\n  }\n  getThreatIdentifiers(): Promise<{ ids: number[]; }> {\n    throw new Error('Method not implemented.');\n  }\n  getThreatChannelData(): Promise<{ ids: [string, string]; }> {\n    throw new Error('Method not implemented.');\n  }\n  // eslint-disable-next-line @typescript-eslint/no-unused-vars\n  async talsecStart(_options: { config: FreeraspConfig }): Promise<{ started: boolean }> {\n    throw new Error('Method not implemented.');\n  }\n}\n"]}