expo-local-authentication 13.5.0 → 13.7.0

package/CHANGELOG.md

@@ -10,6 +10,22 @@
 
 ### 💡 Others
 
+## 13.7.0 — 2023-10-17
+
+### 🛠 Breaking changes
+
+- Dropped support for Android SDK 21 and 22. ([#24201](https://github.com/expo/expo/pull/24201) by [@behenate](https://github.com/behenate))
+
+## 13.6.0 — 2023-09-04
+
+### 🎉 New features
+
+- Added support for React Native 0.73. ([#24018](https://github.com/expo/expo/pull/24018) by [@kudo](https://github.com/kudo))
+
+### 💡 Others
+
+- [Android] Migrate to use Expo Modules API. ([#24083](https://github.com/expo/expo/pull/24083) by [@lukmccall](https://github.com/lukmccall))
+
 ## 13.5.0 — 2023-08-02
 
 _This version does not introduce any user-facing changes._

package/android/build.gradle

@@ -3,15 +3,20 @@ apply plugin: 'kotlin-android'
 apply plugin: 'maven-publish'
 
 group = 'host.exp.exponent'
-version = '13.5.0'
+version = '13.7.0'
 
-buildscript {
-  def expoModulesCorePlugin = new File(project(":expo-modules-core").projectDir.absolutePath, "ExpoModulesCorePlugin.gradle")
-  if (expoModulesCorePlugin.exists()) {
-    apply from: expoModulesCorePlugin
-    applyKotlinExpoModulesCorePlugin()
+def expoModulesCorePlugin = new File(project(":expo-modules-core").projectDir.absolutePath, "ExpoModulesCorePlugin.gradle")
+if (expoModulesCorePlugin.exists()) {
+  apply from: expoModulesCorePlugin
+  applyKotlinExpoModulesCorePlugin()
+  // Remove this check, but keep the contents after SDK49 support is dropped
+  if (safeExtGet("expoProvidesDefaultConfig", false)) {
+    useExpoPublishing()
+    useCoreDependencies()
   }
+}
 
+buildscript {
   // Simple helper that allows the root project to override versions declared by this library.
   ext.safeExtGet = { prop, fallback ->
     rootProject.ext.has(prop) ? rootProject.ext.get(prop) : fallback
@@ -35,54 +40,70 @@ buildscript {
   }
 }
 
-afterEvaluate {
-  publishing {
-    publications {
-      release(MavenPublication) {
-        from components.release
+// Remove this if and it's contents, when support for SDK49 is dropped
+if (!safeExtGet("expoProvidesDefaultConfig", false)) {
+  afterEvaluate {
+    publishing {
+      publications {
+        release(MavenPublication) {
+          from components.release
+        }
       }
-    }
-    repositories {
-      maven {
-        url = mavenLocal().url
+      repositories {
+        maven {
+          url = mavenLocal().url
+        }
       }
     }
   }
 }
 
 android {
-  compileSdkVersion safeExtGet("compileSdkVersion", 33)
+  // Remove this if and it's contents, when support for SDK49 is dropped
+  if (!safeExtGet("expoProvidesDefaultConfig", false)) {
+    compileSdkVersion safeExtGet("compileSdkVersion", 33)
+
+    defaultConfig {
+      minSdkVersion safeExtGet("minSdkVersion", 23)
+      targetSdkVersion safeExtGet("targetSdkVersion", 33)
+    }
+
+    publishing {
+      singleVariant("release") {
+        withSourcesJar()
+      }
+    }
 
-  compileOptions {
-    sourceCompatibility JavaVersion.VERSION_11
-    targetCompatibility JavaVersion.VERSION_11
+    lintOptions {
+      abortOnError false
+    }
   }
 
-  kotlinOptions {
-    jvmTarget = JavaVersion.VERSION_11.majorVersion
+  def agpVersion = com.android.Version.ANDROID_GRADLE_PLUGIN_VERSION
+  if (agpVersion.tokenize('.')[0].toInteger() < 8) {
+    compileOptions {
+      sourceCompatibility JavaVersion.VERSION_11
+      targetCompatibility JavaVersion.VERSION_11
+    }
+
+    kotlinOptions {
+      jvmTarget = JavaVersion.VERSION_11.majorVersion
+    }
   }
 
   namespace "expo.modules.localauthentication"
   defaultConfig {
-    minSdkVersion safeExtGet("minSdkVersion", 21)
-    targetSdkVersion safeExtGet("targetSdkVersion", 33)
     versionCode 30
-    versionName "13.5.0"
-  }
-  lintOptions {
-    abortOnError false
-  }
-  publishing {
-    singleVariant("release") {
-      withSourcesJar()
-    }
+    versionName "13.7.0"
   }
 }
 
 dependencies {
-  implementation project(':expo-modules-core')
+  // Remove this if and it's contents, when support for SDK49 is dropped
+  if (!safeExtGet("expoProvidesDefaultConfig", false)) {
+    implementation project(':expo-modules-core')
+    implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk7:${getKotlinVersion()}"
+  }
 
   implementation "androidx.biometric:biometric:1.2.0-alpha04"
-
-  implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk7:${getKotlinVersion()}"
 }

package/android/src/main/java/expo/modules/localauthentication/LocalAuthenticationModule.kt

@@ -4,68 +4,163 @@ package expo.modules.localauthentication
 import android.app.Activity
 import android.app.KeyguardManager
 import android.content.Context
-import android.content.Intent
 import android.os.Build
 import android.os.Bundle
+import androidx.annotation.UiThread
 import androidx.biometric.BiometricManager
 import androidx.biometric.BiometricPrompt
 import androidx.biometric.BiometricPrompt.PromptInfo
 import androidx.fragment.app.FragmentActivity
-import expo.modules.core.ExportedModule
-import expo.modules.core.ModuleRegistry
-import expo.modules.core.ModuleRegistryDelegate
-import expo.modules.core.Promise
-import expo.modules.core.interfaces.ActivityEventListener
-import expo.modules.core.interfaces.ActivityProvider
-import expo.modules.core.interfaces.ExpoMethod
-import expo.modules.core.interfaces.services.UIManager
-import java.util.*
+import expo.modules.kotlin.Promise
+import expo.modules.kotlin.exception.Exceptions
+import expo.modules.kotlin.exception.UnexpectedException
+import expo.modules.kotlin.functions.Queues
+import expo.modules.kotlin.modules.Module
+import expo.modules.kotlin.modules.ModuleDefinition
+import expo.modules.kotlin.records.Field
+import expo.modules.kotlin.records.Record
+import kotlinx.coroutines.launch
 import java.util.concurrent.Executor
 import java.util.concurrent.Executors
 
-class LocalAuthenticationModule(context: Context) : ExportedModule(context), ActivityEventListener {
-  private val AUTHENTICATION_TYPE_FINGERPRINT = 1
-  private val AUTHENTICATION_TYPE_FACIAL_RECOGNITION = 2
-  private val AUTHENTICATION_TYPE_IRIS = 3
-  private val SECURITY_LEVEL_NONE = 0
-  private val SECURITY_LEVEL_SECRET = 1
-  private val SECURITY_LEVEL_BIOMETRIC = 2
-  private val DEVICE_CREDENTIAL_FALLBACK_CODE = 6
-  private val biometricManager = BiometricManager.from(context)
-  private val packageManager = context.packageManager
-  private var biometricPrompt: BiometricPrompt? = null
-  private var promise: Promise? = null
-  private var authOptions: Map<String?, Any?>? = null
-  private var isRetryingWithDeviceCredentials = false
-  private var isAuthenticating = false
-  private val moduleRegistryDelegate: ModuleRegistryDelegate = ModuleRegistryDelegate()
-  private val uIManager: UIManager by moduleRegistry()
+private const val AUTHENTICATION_TYPE_FINGERPRINT = 1
+private const val AUTHENTICATION_TYPE_FACIAL_RECOGNITION = 2
+private const val AUTHENTICATION_TYPE_IRIS = 3
+private const val SECURITY_LEVEL_NONE = 0
+private const val SECURITY_LEVEL_SECRET = 1
+private const val SECURITY_LEVEL_BIOMETRIC = 2
+private const val DEVICE_CREDENTIAL_FALLBACK_CODE = 6
 
-  private inline fun <reified T> moduleRegistry() = moduleRegistryDelegate.getFromModuleRegistry<T>()
+class AuthOptions : Record {
+  @Field
+  val promptMessage: String = ""
 
-  private fun convertErrorCode(code: Int): String {
-    return when (code) {
-      BiometricPrompt.ERROR_CANCELED, BiometricPrompt.ERROR_NEGATIVE_BUTTON, BiometricPrompt.ERROR_USER_CANCELED -> "user_cancel"
-      BiometricPrompt.ERROR_HW_NOT_PRESENT, BiometricPrompt.ERROR_HW_UNAVAILABLE, BiometricPrompt.ERROR_NO_BIOMETRICS, BiometricPrompt.ERROR_NO_DEVICE_CREDENTIAL -> "not_available"
-      BiometricPrompt.ERROR_LOCKOUT, BiometricPrompt.ERROR_LOCKOUT_PERMANENT -> "lockout"
-      BiometricPrompt.ERROR_NO_SPACE -> "no_space"
-      BiometricPrompt.ERROR_TIMEOUT -> "timeout"
-      BiometricPrompt.ERROR_UNABLE_TO_PROCESS -> "unable_to_process"
-      else -> "unknown"
+  @Field
+  val cancelLabel: String = ""
+
+  @Field
+  val disableDeviceFallback: Boolean = false
+
+  @Field
+  val requireConfirmation: Boolean = true
+}
+
+class LocalAuthenticationModule : Module() {
+  override fun definition() = ModuleDefinition {
+    Name("ExpoLocalAuthentication")
+
+    AsyncFunction("supportedAuthenticationTypesAsync") {
+      val results = mutableSetOf<Int>()
+      if (canAuthenticateUsingWeakBiometrics() == BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE) {
+        return@AsyncFunction results
+      }
+
+      // note(cedric): replace hardcoded system feature strings with constants from
+      // PackageManager when dropping support for Android SDK 28
+      results.apply {
+        addIf(hasSystemFeature("android.hardware.fingerprint"), AUTHENTICATION_TYPE_FINGERPRINT)
+        addIf(hasSystemFeature("android.hardware.biometrics.face"), AUTHENTICATION_TYPE_FACIAL_RECOGNITION)
+        addIf(hasSystemFeature("android.hardware.biometrics.iris"), AUTHENTICATION_TYPE_IRIS)
+        addIf(hasSystemFeature("com.samsung.android.bio.face"), AUTHENTICATION_TYPE_FACIAL_RECOGNITION)
+      }
+
+      return@AsyncFunction results
     }
-  }
 
-  private fun isBiometricUnavailable(code: Int): Boolean {
-    return when (code) {
-      BiometricPrompt.ERROR_HW_NOT_PRESENT,
-      BiometricPrompt.ERROR_HW_UNAVAILABLE,
-      BiometricPrompt.ERROR_NO_BIOMETRICS,
-      BiometricPrompt.ERROR_UNABLE_TO_PROCESS,
-      BiometricPrompt.ERROR_NO_SPACE -> true
-      else -> false
+    AsyncFunction("hasHardwareAsync") {
+      canAuthenticateUsingWeakBiometrics() != BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE
+    }
+
+    AsyncFunction("isEnrolledAsync") {
+      canAuthenticateUsingWeakBiometrics() == BiometricManager.BIOMETRIC_SUCCESS
+    }
+
+    AsyncFunction("getEnrolledLevelAsync") {
+      var level = SECURITY_LEVEL_NONE
+      if (isDeviceSecure) {
+        level = SECURITY_LEVEL_SECRET
+      }
+      if (canAuthenticateUsingWeakBiometrics() == BiometricManager.BIOMETRIC_SUCCESS) {
+        level = SECURITY_LEVEL_BIOMETRIC
+      }
+      return@AsyncFunction level
+    }
+
+    AsyncFunction("authenticateAsync") { options: AuthOptions, promise: Promise ->
+      val fragmentActivity = currentActivity as? FragmentActivity
+      if (fragmentActivity == null) {
+        promise.reject(Exceptions.MissingActivity())
+        return@AsyncFunction
+      }
+      if (!keyguardManager.isDeviceSecure) {
+        promise.resolve(
+          createResponse(
+            error = "not_enrolled",
+            warning = "KeyguardManager#isDeviceSecure() returned false"
+          )
+        )
+        return@AsyncFunction
+      }
+
+      this@LocalAuthenticationModule.authOptions = options
+
+      // BiometricPrompt callbacks are invoked on the main thread so also run this there to avoid
+      // having to do locking.
+      appContext.mainQueue.launch {
+        authenticate(fragmentActivity, options, promise)
+      }
+    }
+
+    AsyncFunction<Unit>("cancelAuthenticate") {
+      biometricPrompt?.cancelAuthentication()
+      isAuthenticating = false
+    }.runOnQueue(Queues.MAIN)
+
+    OnActivityResult { activity, (requestCode, resultCode, data) ->
+      if (requestCode == DEVICE_CREDENTIAL_FALLBACK_CODE) {
+        if (resultCode == Activity.RESULT_OK) {
+          promise?.resolve(createResponse())
+        } else {
+          promise?.resolve(
+            createResponse(
+              error = "user_cancel",
+              warning = "Device Credentials canceled"
+            )
+          )
+        }
+
+        isAuthenticating = false
+        isRetryingWithDeviceCredentials = false
+        biometricPrompt = null
+        promise = null
+        authOptions = null
+      } else if (activity is FragmentActivity) {
+        // If the user uses PIN as an authentication method, the result will be passed to the `onActivityResult`.
+        // Unfortunately, react-native doesn't pass this value to the underlying fragment - we won't resolve the promise.
+        // So we need to do it manually.
+        val fragment = activity.supportFragmentManager.findFragmentByTag("androidx.biometric.BiometricFragment")
+        fragment?.onActivityResult(requestCode and 0xffff, resultCode, data)
+      }
     }
   }
 
+  private val context: Context
+    get() = appContext.reactContext ?: throw Exceptions.ReactContextLost()
+
+  private val keyguardManager: KeyguardManager
+    get() = context.getSystemService(Context.KEYGUARD_SERVICE) as KeyguardManager
+
+  private val currentActivity: Activity?
+    get() = appContext.currentActivity
+
+  private val biometricManager by lazy { BiometricManager.from(context) }
+  private val packageManager by lazy { context.packageManager }
+  private var biometricPrompt: BiometricPrompt? = null
+  private var promise: Promise? = null
+  private var authOptions: AuthOptions? = null
+  private var isRetryingWithDeviceCredentials = false
+  private var isAuthenticating = false
+
   private val authenticationCallback: BiometricPrompt.AuthenticationCallback = object : BiometricPrompt.AuthenticationCallback() {
     override fun onAuthenticationSucceeded(result: BiometricPrompt.AuthenticationResult) {
       isAuthenticating = false
@@ -86,10 +181,10 @@ class LocalAuthenticationModule(context: Context) : ExportedModule(context), Act
         val options = authOptions
 
         if (options != null) {
-          val disableDeviceFallback = options["disableDeviceFallback"] as Boolean?
+          val disableDeviceFallback = options.disableDeviceFallback
 
           // Don't run the device credentials fallback if it's disabled.
-          if (disableDeviceFallback != true) {
+          if (!disableDeviceFallback) {
             promise?.let {
               isRetryingWithDeviceCredentials = true
               promptDeviceCredentialsFallback(options, it)
@@ -103,271 +198,105 @@ class LocalAuthenticationModule(context: Context) : ExportedModule(context), Act
       isRetryingWithDeviceCredentials = false
       biometricPrompt = null
       promise?.resolve(
-        Bundle().apply {
-          putBoolean("success", false)
-          putString("error", convertErrorCode(errMsgId))
-          putString("warning", errString.toString())
-        }
+        createResponse(
+          error = convertErrorCode(errMsgId),
+          warning = errString.toString()
+        )
       )
       promise = null
       authOptions = null
     }
   }
 
-  override fun getName(): String {
-    return "ExpoLocalAuthentication"
-  }
-
-  override fun onCreate(moduleRegistry: ModuleRegistry) {
-    moduleRegistryDelegate.onCreate(moduleRegistry)
-    uIManager.registerActivityEventListener(this)
-  }
-
-  @ExpoMethod
-  fun supportedAuthenticationTypesAsync(promise: Promise) {
-    val result = biometricManager.canAuthenticate(BiometricManager.Authenticators.BIOMETRIC_WEAK)
-    val results: MutableList<Int> = ArrayList()
-    if (result == BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE) {
-      promise.resolve(results)
+  @UiThread
+  private fun authenticate(fragmentActivity: FragmentActivity, options: AuthOptions, promise: Promise) {
+    if (isAuthenticating) {
+      this.promise?.resolve(
+        createResponse(
+          error = "app_cancel"
+        )
+      )
+      this.promise = promise
       return
     }
 
-    // note(cedric): replace hardcoded system feature strings with constants from
-    // PackageManager when dropping support for Android SDK 28
-    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-      if (packageManager.hasSystemFeature("android.hardware.fingerprint")) {
-        results.add(AUTHENTICATION_TYPE_FINGERPRINT)
-      }
-    }
-    if (Build.VERSION.SDK_INT >= 29) {
-      if (packageManager.hasSystemFeature("android.hardware.biometrics.face")) {
-        results.add(AUTHENTICATION_TYPE_FACIAL_RECOGNITION)
-      }
-      if (packageManager.hasSystemFeature("android.hardware.biometrics.iris")) {
-        results.add(AUTHENTICATION_TYPE_IRIS)
-      }
-    }
+    val promptMessage = options.promptMessage
+    val cancelLabel = options.cancelLabel
+    val disableDeviceFallback = options.disableDeviceFallback
+    val requireConfirmation = options.requireConfirmation
 
-    // check for face recognition support on some samsung devices
-    if (packageManager.hasSystemFeature("com.samsung.android.bio.face") && !results.contains(AUTHENTICATION_TYPE_FACIAL_RECOGNITION)) {
-      results.add(AUTHENTICATION_TYPE_FACIAL_RECOGNITION)
-    }
+    isAuthenticating = true
+    this.promise = promise
+    val executor: Executor = Executors.newSingleThreadExecutor()
+    biometricPrompt = BiometricPrompt(fragmentActivity, executor, authenticationCallback)
+    val promptInfoBuilder = PromptInfo.Builder().apply {
+      setTitle(promptMessage)
 
-    promise.resolve(results)
-  }
-
-  @ExpoMethod
-  fun hasHardwareAsync(promise: Promise) {
-    val result = biometricManager.canAuthenticate(BiometricManager.Authenticators.BIOMETRIC_WEAK)
-    promise.resolve(result != BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE)
-  }
-
-  @ExpoMethod
-  fun isEnrolledAsync(promise: Promise) {
-    val result = biometricManager.canAuthenticate(BiometricManager.Authenticators.BIOMETRIC_WEAK)
-    promise.resolve(result == BiometricManager.BIOMETRIC_SUCCESS)
-  }
-
-  @ExpoMethod
-  fun getEnrolledLevelAsync(promise: Promise) {
-    var level = SECURITY_LEVEL_NONE
-    if (isDeviceSecure) {
-      level = SECURITY_LEVEL_SECRET
+      if (disableDeviceFallback) {
+        setNegativeButtonText(cancelLabel)
+      } else {
+        setAllowedAuthenticators(
+          BiometricManager.Authenticators.BIOMETRIC_WEAK
+            or BiometricManager.Authenticators.DEVICE_CREDENTIAL
+        )
+      }
+      setConfirmationRequired(requireConfirmation)
     }
-    val result = biometricManager.canAuthenticate(BiometricManager.Authenticators.BIOMETRIC_WEAK)
-    if (result == BiometricManager.BIOMETRIC_SUCCESS) {
-      level = SECURITY_LEVEL_BIOMETRIC
+
+    val promptInfo = promptInfoBuilder.build()
+    try {
+      biometricPrompt!!.authenticate(promptInfo)
+    } catch (e: NullPointerException) {
+      promise.reject(UnexpectedException("Canceled authentication due to an internal error", e))
     }
-    promise.resolve(level)
   }
 
-  @ExpoMethod
-  fun authenticateAsync(options: Map<String?, Any?>, promise: Promise) {
-    if (Build.VERSION.SDK_INT < Build.VERSION_CODES.M) {
-      promise.reject("E_NOT_SUPPORTED", "Cannot display biometric prompt on android versions below 6.0")
-      return
-    }
-    if (currentActivity == null) {
-      promise.reject("E_NOT_FOREGROUND", "Cannot display biometric prompt when the app is not in the foreground")
-      return
-    }
-    if (!keyguardManager.isDeviceSecure) {
-      promise.resolve(
-        Bundle().apply {
-          putBoolean("success", false)
-          putString("error", "not_enrolled")
-          putString("warning", "KeyguardManager#isDeviceSecure() returned false")
-        }
-      )
-      return
-    }
+  private fun promptDeviceCredentialsFallback(options: AuthOptions, promise: Promise) {
     val fragmentActivity = currentActivity as FragmentActivity?
     if (fragmentActivity == null) {
       promise.resolve(
-        Bundle().apply {
-          putBoolean("success", false)
-          putString("error", "not_available")
-          putString("warning", "getCurrentActivity() returned null")
-        }
+        createResponse(
+          error = "not_available",
+          warning = "getCurrentActivity() returned null"
+        )
       )
       return
     }
 
-    this.authOptions = options
+    val promptMessage = options.promptMessage
+    val requireConfirmation = options.requireConfirmation
 
     // BiometricPrompt callbacks are invoked on the main thread so also run this there to avoid
     // having to do locking.
-    uIManager.runOnUiQueueThread(
-      Runnable {
-        if (isAuthenticating) {
-          this.promise?.resolve(
-            Bundle().apply {
-              putBoolean("success", false)
-              putString("error", "app_cancel")
-            }
-          )
-          this.promise = promise
-          return@Runnable
-        }
-        val promptMessage = if (options.containsKey("promptMessage")) {
-          options["promptMessage"] as String?
-        } else {
-          ""
-        }
-        val cancelLabel = if (options.containsKey("cancelLabel")) {
-          options["cancelLabel"] as String?
-        } else {
-          ""
-        }
-        val disableDeviceFallback = if (options.containsKey("disableDeviceFallback")) {
-          options["disableDeviceFallback"] as Boolean?
-        } else {
-          false
-        }
-        val requireConfirmation = options["requireConfirmation"] as? Boolean ?: true
-        isAuthenticating = true
-        this.promise = promise
-        val executor: Executor = Executors.newSingleThreadExecutor()
-        biometricPrompt = BiometricPrompt(fragmentActivity, executor, authenticationCallback)
-        val promptInfoBuilder = PromptInfo.Builder()
-        promptMessage?.let {
-          promptInfoBuilder.setTitle(it)
-        }
-        if (disableDeviceFallback == true) {
-          cancelLabel?.let {
-            promptInfoBuilder.setNegativeButtonText(it)
-          }
-        } else {
-          promptInfoBuilder.setAllowedAuthenticators(
-            BiometricManager.Authenticators.BIOMETRIC_WEAK
-              or BiometricManager.Authenticators.DEVICE_CREDENTIAL
-          )
-        }
-        promptInfoBuilder.setConfirmationRequired(requireConfirmation)
-        val promptInfo = promptInfoBuilder.build()
-        try {
-          biometricPrompt!!.authenticate(promptInfo)
-        } catch (ex: NullPointerException) {
-          promise.reject("E_INTERNAL_ERRROR", "Canceled authentication due to an internal error")
-        }
+    appContext.mainQueue.launch {
+      // On Android devices older than 11, we need to use Keyguard to unlock by Device Credentials.
+      if (Build.VERSION.SDK_INT < Build.VERSION_CODES.R) {
+        val credentialConfirmationIntent = keyguardManager.createConfirmDeviceCredentialIntent(promptMessage, "")
+        fragmentActivity.startActivityForResult(credentialConfirmationIntent, DEVICE_CREDENTIAL_FALLBACK_CODE)
+        return@launch
       }
-    )
-  }
 
-  @ExpoMethod
-  fun cancelAuthenticate(promise: Promise) {
-    uIManager.runOnUiQueueThread {
-      biometricPrompt?.cancelAuthentication()
-      isAuthenticating = false
-      promise.resolve(null)
-    }
-  }
+      val executor: Executor = Executors.newSingleThreadExecutor()
+      val localBiometricPrompt = BiometricPrompt(fragmentActivity, executor, authenticationCallback)
 
-  fun promptDeviceCredentialsFallback(options: Map<String?, Any?>, promise: Promise) {
-    val fragmentActivity = currentActivity as FragmentActivity?
-    if (fragmentActivity == null) {
-      promise.resolve(
-        Bundle().apply {
-          putBoolean("success", false)
-          putString("error", "not_available")
-          putString("warning", "getCurrentActivity() returned null")
-        }
-      )
-      return
-    }
-
-    val promptMessage = options["promptMessage"] as? String ?: ""
-    val requireConfirmation = options["requireConfirmation"] as? Boolean ?: true
-
-    // BiometricPrompt callbacks are invoked on the main thread so also run this there to avoid
-    // having to do locking.
-    uIManager.runOnUiQueueThread(
-      Runnable {
-        // On Android devices older than 11, we need to use Keyguard to unlock by Device Credentials.
-        if (Build.VERSION.SDK_INT < 30) {
-          val credentialConfirmationIntent = keyguardManager.createConfirmDeviceCredentialIntent(promptMessage, "")
-          fragmentActivity.startActivityForResult(credentialConfirmationIntent, DEVICE_CREDENTIAL_FALLBACK_CODE)
-          return@Runnable
-        }
-
-        val executor: Executor = Executors.newSingleThreadExecutor()
-        val localBiometricPrompt = BiometricPrompt(fragmentActivity, executor, authenticationCallback)
-        if (localBiometricPrompt == null) {
-          promise.reject("E_INTERNAL_ERRROR", "Canceled authentication due to an internal error")
-          return@Runnable
-        }
-        biometricPrompt = localBiometricPrompt
+      biometricPrompt = localBiometricPrompt
 
-        val promptInfoBuilder = PromptInfo.Builder()
-        promptMessage?.let {
-          promptInfoBuilder.setTitle(it)
-        }
-        promptInfoBuilder.setAllowedAuthenticators(BiometricManager.Authenticators.DEVICE_CREDENTIAL)
-        promptInfoBuilder.setConfirmationRequired(requireConfirmation)
-        val promptInfo = promptInfoBuilder.build()
-        try {
-          localBiometricPrompt.authenticate(promptInfo)
-        } catch (ex: NullPointerException) {
-          promise.reject("E_INTERNAL_ERRROR", "Canceled authentication due to an internal error")
-        }
+      val promptInfoBuilder = PromptInfo.Builder().apply {
+        setTitle(promptMessage)
+        setAllowedAuthenticators(BiometricManager.Authenticators.DEVICE_CREDENTIAL)
+        setConfirmationRequired(requireConfirmation)
       }
-    )
-  }
 
-  override fun onActivityResult(activity: Activity, requestCode: Int, resultCode: Int, data: Intent?) {
-    // When Biometric is unavailable and using Keyguard fallback, the result will be handled here.
-    if (requestCode == DEVICE_CREDENTIAL_FALLBACK_CODE) {
-      if (resultCode == Activity.RESULT_OK) {
-        promise?.resolve(
-          Bundle().apply {
-            putBoolean("success", true)
-          }
-        )
-      } else {
-        promise?.resolve(
-          Bundle().apply {
-            putBoolean("success", false)
-            putString("error", "user_cancel")
-            putString("warning", "Device Credentials canceled")
-          }
-        )
+      val promptInfo = promptInfoBuilder.build()
+      try {
+        localBiometricPrompt.authenticate(promptInfo)
+      } catch (e: NullPointerException) {
+        promise.reject(UnexpectedException("Canceled authentication due to an internal error", e))
       }
-
-      isAuthenticating = false
-      isRetryingWithDeviceCredentials = false
-      biometricPrompt = null
-      promise = null
-      authOptions = null
-    } else if (activity is FragmentActivity) {
-      // If the user uses PIN as an authentication method, the result will be passed to the `onActivityResult`.
-      // Unfortunately, react-native doesn't pass this value to the underlying fragment - we won't resolve the promise.
-      // So we need to do it manually.
-      val fragment = activity.supportFragmentManager.findFragmentByTag("androidx.biometric.BiometricFragment")
-      fragment?.onActivityResult(requestCode and 0xffff, resultCode, data)
     }
   }
 
-  override fun onNewIntent(intent: Intent) = Unit
+  private fun hasSystemFeature(feature: String) = packageManager.hasSystemFeature(feature)
 
   // NOTE: `KeyguardManager#isKeyguardSecure()` considers SIM locked state,
   // but it will be ignored on falling-back to device credential on biometric authentication.
@@ -378,25 +307,51 @@ class LocalAuthenticationModule(context: Context) : ExportedModule(context), Act
   // supported prior to API 30.
   // https://developer.android.com/reference/androidx/biometric/BiometricManager#canAuthenticate(int)
   private val isDeviceSecure: Boolean
-    get() = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-      keyguardManager.isDeviceSecure
-    } else {
-      // NOTE: `KeyguardManager#isKeyguardSecure()` considers SIM locked state,
-      // but it will be ignored on falling-back to device credential on biometric authentication.
-      // That means, setting level to `SECURITY_LEVEL_SECRET` might be misleading for some users.
-      // But there is no equivalent APIs prior to M.
-      // `andriodx.biometric.BiometricManager#canAuthenticate(int)` looks like an alternative,
-      // but specifying `BiometricManager.Authenticators.DEVICE_CREDENTIAL` alone is not
-      // supported prior to API 30.
-      // https://developer.android.com/reference/androidx/biometric/BiometricManager#canAuthenticate(int)
-      keyguardManager.isKeyguardSecure
+    get() = keyguardManager.isDeviceSecure
+
+  private fun convertErrorCode(code: Int): String {
+    return when (code) {
+      BiometricPrompt.ERROR_CANCELED, BiometricPrompt.ERROR_NEGATIVE_BUTTON, BiometricPrompt.ERROR_USER_CANCELED -> "user_cancel"
+      BiometricPrompt.ERROR_HW_NOT_PRESENT, BiometricPrompt.ERROR_HW_UNAVAILABLE, BiometricPrompt.ERROR_NO_BIOMETRICS, BiometricPrompt.ERROR_NO_DEVICE_CREDENTIAL -> "not_available"
+      BiometricPrompt.ERROR_LOCKOUT, BiometricPrompt.ERROR_LOCKOUT_PERMANENT -> "lockout"
+      BiometricPrompt.ERROR_NO_SPACE -> "no_space"
+      BiometricPrompt.ERROR_TIMEOUT -> "timeout"
+      BiometricPrompt.ERROR_UNABLE_TO_PROCESS -> "unable_to_process"
+      else -> "unknown"
     }
+  }
 
-  private val keyguardManager: KeyguardManager
-    get() = context.getSystemService(Context.KEYGUARD_SERVICE) as KeyguardManager
-  private val currentActivity: Activity?
-    get() {
-      val activityProvider: ActivityProvider by moduleRegistry()
-      return activityProvider.currentActivity
+  private fun isBiometricUnavailable(code: Int): Boolean {
+    return when (code) {
+      BiometricPrompt.ERROR_HW_NOT_PRESENT,
+      BiometricPrompt.ERROR_HW_UNAVAILABLE,
+      BiometricPrompt.ERROR_NO_BIOMETRICS,
+      BiometricPrompt.ERROR_UNABLE_TO_PROCESS,
+      BiometricPrompt.ERROR_NO_SPACE -> true
+
+      else -> false
+    }
+  }
+
+  private fun canAuthenticateUsingWeakBiometrics(): Int =
+    biometricManager.canAuthenticate(BiometricManager.Authenticators.BIOMETRIC_WEAK)
+
+  private fun createResponse(
+    error: String? = null,
+    warning: String? = null
+  ) = Bundle().apply {
+    putBoolean("success", error == null)
+    error?.let {
+      putString("error", it)
     }
+    warning?.let {
+      putString("warning", it)
+    }
+  }
+}
+
+fun <T> MutableSet<T>.addIf(condition: Boolean, valueToAdd: T) {
+  if (condition) {
+    add(valueToAdd)
+  }
 }

package/expo-module.config.json

@@ -3,5 +3,8 @@
   "platforms": ["ios", "android"],
   "ios": {
     "modules": ["LocalAuthenticationModule"]
+  },
+  "android": {
+    "modules": ["expo.modules.localauthentication.LocalAuthenticationModule"]
   }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "expo-local-authentication",
-  "version": "13.5.0",
+  "version": "13.7.0",
   "description": "Provides an API for FaceID and TouchID (iOS) or the Fingerprint API (Android) to authenticate the user with a face or fingerprint scan.",
   "main": "build/LocalAuthentication.js",
   "types": "build/LocalAuthentication.d.ts",
@@ -46,5 +46,5 @@
   "peerDependencies": {
     "expo": "*"
   },
-  "gitHead": "2240630a92eb79a4e4bf73e1439916c394876478"
+  "gitHead": "da25937e2a99661cbe5eb60ca1d8d6245fc96a50"
 }

package/android/src/main/java/expo/modules/localauthentication/LocalAuthenticationPackage.kt

@@ -1,11 +0,0 @@
-package expo.modules.localauthentication
-
-import android.content.Context
-import expo.modules.core.BasePackage
-import expo.modules.core.ExportedModule
-
-class LocalAuthenticationPackage : BasePackage() {
-  override fun createExportedModules(context: Context): List<ExportedModule> {
-    return listOf<ExportedModule>(LocalAuthenticationModule(context))
-  }
-}