diff --git a/README.md b/README.md index ce38d342..40fa10ae 100644 --- a/README.md +++ b/README.md @@ -15,12 +15,12 @@ - [Usage](#usage) - [API](#api) - [`setGenericPassword(username, password, [{ accessControl, accessible, accessGroup, service, securityLevel }])`](#setgenericpasswordusername-password--accesscontrol-accessible-accessgroup-service-securitylevel-) - - [`getGenericPassword([{ authenticationPrompt, service }])`](#getgenericpassword-authenticationprompt-service-) + - [`getGenericPassword([{ authenticationPrompt, promptInfoTitle, promptInfoSubtitle, promptInfoNegativeBtnText, service }])`](#getgenericpassword-authenticationprompt-promptinfotitle-promptinfosubtitle-promptinfonegativebtntext-service-) - [`resetGenericPassword([{ service }])`](#resetgenericpassword-service-) - [`setInternetCredentials(server, username, password, [{ accessControl, accessible, accessGroup, securityLevel }])`](#setinternetcredentialsserver-username-password--accesscontrol-accessible-accessgroup-securitylevel-) - - [`hasInternetCredentials(server, [{ authenticationPrompt }])`](#hasinternetcredentialsserver--authenticationprompt-) - - [`getInternetCredentials(server, [{ authenticationPrompt }])`](#getinternetcredentialsserver--authenticationprompt-) - - [`resetInternetCredentials(server, [{}])`](#resetinternetcredentialsserver-) + - [`hasInternetCredentials(server, [{ authenticationPrompt, promptInfoTitle, promptInfoSubtitle, promptInfoNegativeBtnText }])`](#hasinternetcredentialsserver--authenticationprompt-promptinfotitle-promptinfosubtitle-promptinfonegativebtntext-) + - [`getInternetCredentials(server, [{ authenticationPrompt, promptInfoTitle, promptInfoSubtitle, promptInfoNegativeBtnText }])`](#getinternetcredentialsserver--authenticationprompt-promptinfotitle-promptinfosubtitle-promptinfonegativebtntext-) + - [`resetInternetCredentials(server, [{}])`](#resetinternetcredentialsserver) - [`requestSharedWebCredentials()` (iOS only)](#requestsharedwebcredentials-ios-only) - [`setSharedWebCredentials(server, username, password)` (iOS only)](#setsharedwebcredentialsserver-username-password-ios-only) - [`canImplyAuthentication([{ authenticationType }])` (iOS only)](#canimplyauthentication-authenticationtype--ios-only) @@ -39,7 +39,7 @@ - [Rule 1: Automatic Security Level Upgrade](#rule-1-automatic-security-level-upgrade) - [Manual Installation](#manual-installation) - [iOS](#ios) - - [Option: Manually](#option-manually) + - [Option: Manually](#option--manually-) - [Option: With CocoaPods](#option-with-cocoapods) - [Enable `Keychain Sharing` entitlement for iOS 10+](#enable-keychain-sharing-entitlement-for-ios-10) - [Android](#android) @@ -103,7 +103,7 @@ Both `setGenericPassword` and `setInternetCredentials` are limited to strings on Will store the username/password combination in the secure storage. Resolves to `{service, storage}` or rejects in case of an error. `storage` - is a name of used internal cipher for saving secret; `service` - name used for storing secret in internal storage (empty string resolved to valid default name). -### `getGenericPassword([{ authenticationPrompt, service }])` +### `getGenericPassword([{ authenticationPrompt, promptInfoTitle, promptInfoSubtitle, promptInfoNegativeBtnText, service }])` Will retrieve the username/password combination from the secure storage. Resolves to `{ username, password, service, storage }` if an entry exists or `false` if it doesn't. It will reject only if an unexpected error is encountered like lacking entitlements or permission. @@ -115,11 +115,11 @@ Will remove the username/password combination from the secure storage. Resolves Will store the server/username/password combination in the secure storage. Resolves to `{ username, password, service, storage }`; -### `hasInternetCredentials(server, [{ authenticationPrompt }])` +### `hasInternetCredentials(server, [{ authenticationPrompt, promptInfoTitle, promptInfoSubtitle, promptInfoNegativeBtnText }])` Will check if the username/password combination for server is available in the secure storage. Resolves to `true` if an entry exists or `false` if it doesn't. -### `getInternetCredentials(server, [{ authenticationPrompt }])` +### `getInternetCredentials(server, [{ authenticationPrompt, promptInfoTitle, promptInfoSubtitle, promptInfoNegativeBtnText }])` Will retrieve the server/username/password combination from the secure storage. Resolves to `{ username, password }` if an entry exists or `false` if it doesn't. It will reject only if an unexpected error is encountered like lacking entitlements or permission. @@ -153,16 +153,19 @@ Get security level that is supported on the current device with the current OS. #### Data Structure Properties/Fields -| Key | Platform | Description | Default | -| -------------------------- | ------------ | ------------------------------------------------------------------------------------------------ | ------------------------------------------------------------ | -| **`accessControl`** | All | This dictates how a keychain item may be used, see possible values in `Keychain.ACCESS_CONTROL`. | *None* (iOS), `BIOMETRY_ANY` default for Android. | -| **`accessible`** | iOS only | This dictates when a keychain item is accessible, see possible values in `Keychain.ACCESSIBLE`. | *`Keychain.ACCESSIBLE.WHEN_UNLOCKED`* | -| **`accessGroup`** | iOS only | In which App Group to share the keychain. Requires additional setup with entitlements. | *None* | -| **`authenticationPrompt`** | iOS only | What to prompt the user when unlocking the keychain with biometry or device password. | `Authenticate to retrieve secret` | -| **`authenticationType`** | iOS only | Policies specifying which forms of authentication are acceptable. | `Keychain.AUTHENTICATION_TYPE.DEVICE_PASSCODE_OR_BIOMETRICS` | -| **`service`** | All | Reverse domain name qualifier for the service associated with password. | *App bundle ID* | -| **`storage`** | Android only | Force specific cipher storage usage during saving the password | Select best available storage | -| **`rules`** | Android only | Force following to a specific security rules | Default: `Keychain.RULES.AUTOMATIC_UPGRADE` | +| Key | Platform | Description | Default | +| --------------------------------- | ------------ | ------------------------------------------------------------------------------------------------ | ------------------------------------------------------------ | +| **`accessControl`** | All | This dictates how a keychain item may be used, see possible values in `Keychain.ACCESS_CONTROL`. | *None* (iOS), `BIOMETRY_ANY` default for Android. | +| **`accessible`** | iOS only | This dictates when a keychain item is accessible, see possible values in `Keychain.ACCESSIBLE`. | *`Keychain.ACCESSIBLE.WHEN_UNLOCKED`* | +| **`accessGroup`** | iOS only | In which App Group to share the keychain. Requires additional setup with entitlements. | *None* | +| **`authenticationPrompt`** | iOS only | What to prompt the user when unlocking the keychain with biometry or device password. | `Authenticate to retrieve secret` | +| **`authenticationType`** | iOS only | Policies specifying which forms of authentication are acceptable. | `Keychain.AUTHENTICATION_TYPE.DEVICE_PASSCODE_OR_BIOMETRICS` | +| **`service`** | All | Reverse domain name qualifier for the service associated with password. | *App bundle ID* | +| **`storage`** | Android only | Force specific cipher storage usage during saving the password | Select best available storage | +| **`rules`** | Android only | Force following to a specific security rules | Default: `Keychain.RULES.AUTOMATIC_UPGRADE` | +| **`promptInfoTitle`** | Android only | Title of the Android authentication prompt when requesting a stored secret. | `Authentication needed` | +| **`promptInfoSubtitle`** | Android only | Subtitle of the Android authentication prompt when requesting a stored secret. | `Some descriptive subtitle` | +| **`promptInfoNegativeBtnText`** | Android only | Negative button text of the Android authentication prompt when requesting a stored secret. | `Cancel` | #### `Keychain.ACCESS_CONTROL` enum