Biometrics API in a Reactive Way
Biometric authentication methods ask for something you are (fingerprint, face, iris) to be sure that you are who you claim to be in a system. Let’s take a deeper look.
Android provides us, developers, with an API to integrate biometric authentication in our apps in a simple and consistent way on all the devices that we use.
This new API is called BiometricPrompt. It replaces the FingerprintManager and gives us by default an authentication Dialog that will be the same in each and every device.
BiometricPrompt is available for devices with Android 9 and higher, but there is a Compat Library to use it on older devices.
I will show you a way to implement it combined with RxKotlin.
First you need to include the necessary dependencies in your build.gradle file:
Don’t forget to add the permission to your AndroidManifest:
Then you create 2 new classes to do the mapping between the API errors and our app errors:
Create an interface with the authentication method that we are going to call from our code:
And this is the implementation combined with RxKotlin:
The parameters that we need to show the authentication Dialog are:
- FragmentActivity: it will contain the DialogFragment created by the Biometrics API
- Executor: to select in which Thread will run the authentication
- AuthenticationCallback: receives if the result was successful or if it has errors
- Title, Description, Subtitle, NegativeButtonText: define the strings that will be shown in the authentication Dialog
If there is any error we do a mapping to the 2 app errors that we created previously (you can add more if you need). By doing this, we just handle system errors (there are no fingerprints enrolled/ the device doesn’t have a biometric sensor) and user errors (the user cancelled the authentication manually / the user did too many failed attempts). You should define a different authentication flow for the system errors because they are unrecoverable.
All the API errors are listed in the class androidx.biometrics.BiometricConstants if you need more information about them.
And finally we call the authentication method from our MainActivity:
This is how the authentication Dialog will look like:
- Full code:
https://gist.github.com/juancruzgs/b38700fd3c78d4552b0241a3ad4bdeb2
- References:
https://source.android.com/security/biometric
https://android-developers.googleblog.com/2018/06/better-biometrics-in-android-p.html
https://developer.android.com/reference/android/hardware/biometrics/BiometricPrompt
Do you know any suggestions? Leave a comment! We really appreciate it.
Major League is a Staffing and Sourcing agency by Lateral View.
