verify method

  1. @override
Future<String> verify({
  1. required String clientData,
  2. String? iOSkeyID,
  3. int? androidCloudProjectNumber,
})
override

Use this method to sign your data in a way that can prove the integrity of the app on the server side.

Returns the signature of the client data, to be sent to the server along with the client data.

This method will throw if used on an unsupported device.

On android, androidPrepareIntegrityServer should be called on a non critical path before using this method, otherwise the Future might take several seconds to complete. See the doc

On iOS, iOSgenerateAttestation should be have been called once for the user before using this method, o therwise the method will fail. See the doc

Parameters:

clientData is the client data to secure, in the form of a JSON string. It should contain a nonce or a challenge to avoid replay attacks.

iOSkeyID is used and required on iOS only to retrieve the private key stored by the OS. If you don't provide it and call the method on iOS, the method will throw an error.

androidCloudProjectNumber is used on android only to set the cloud project number. It can be found in the Google Play Console. If not provided, the method will use the cloud project number set by androidPrepareIntegrityServer. If androidPrepareIntegrityServer was not called, the method will throw an error.

Official docs:

See this iOS official doc and this Android official doc for more details and implementation instructions.

Implementation

@override
Future<String> verify({
  required String clientData,
  String? iOSkeyID,
  int? androidCloudProjectNumber,
}) {
  return AppAttestIntegrityApi().verify(
    clientData: clientData,
    iOSkeyID: iOSkeyID,
    androidCloudProjectNumber: androidCloudProjectNumber,
  );
}