Fix: Normalize empty keyAlias to undefined before native bridge call#92
Fix: Normalize empty keyAlias to undefined before native bridge call#92santisemhan wants to merge 2 commits into
Conversation
📝 WalkthroughWalkthroughMake the native ChangesKey-alias nullability & normalization
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 3 | ❌ 2❌ Failed checks (2 warnings)
✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/index.tsx`:
- Around line 272-278: The code normalizes keyAlias to undefined then passes it
to native methods with stricter typings; update the calls so types match the
native contracts: for verifyKeySignature ensure you pass a string (do not pass
undefined—use keyAlias as a string or fail early if missing) when calling
ReactNativeBiometrics.verifyKeySignature (refer to resolvedKeyAlias / keyAlias),
and for ReactNativeBiometrics.verifyKeySignatureWithOptions and
verifyKeySignatureWithEncoding ensure you pass null (not undefined) when no
alias is provided so the parameter is string | null as expected; adjust the
normalization logic around resolvedKeyAlias and the three call sites
accordingly.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
|
@sbaiahmed1 @mrejdak Can you check it? Thanks |
Problem
signWithOptionsandverifyKeySignaturedefaultkeyAliasto an empty string''when none is provided. This empty string gets passed as-is to the Android native layer.In
ReactNativeBiometricsSharedImpl.kt,getKeyAliasonly falls back to the default alias ("biometric_key") when receivingnull— an empty string is notnullin Kotlin, so no fallback occurs:As a result, the native layer looks for a key with alias
""in the Android Keystore, finds nothing, and returns{ success: false, error: "Key not found" }— without ever showing the biometric prompt.Fix
Normalize
keyAliastonullbefore passing it to the native bridge, so the existing Kotlin fallback works correctly:Applied to both
signWithOptionsandverifyKeySignature. The native type definition forverifyKeySignatureinNativeReactNativeBiometrics.tsis updated fromstringtostring | nullto match the Kotlin implementation (which already acceptsString?) and be consistent withverifyKeySignatureWithOptionsandverifyKeySignatureWithEncoding. No changes to public API signatures or defaults.Behaviour after fix
Calling
signWithOptions({ data, promptTitle })orverifyKeySignature('', data)without akeyAliasnow behaves identically to passingkeyAlias: 'biometric_key'— the biometric prompt is shown and the default key is used.