app_device_integrity 1.0.0 copy "app_device_integrity: ^1.0.0" to clipboard
app_device_integrity: ^1.0.0 copied to clipboard

Published 13 months agoverified publisherbubotech.co• Latest: 1.1.0
[unknown platforms]

Metadata

This plugin was created to make your app attestation more easy. It uses the Native Attestation Providers from Apple and Google, App Attest and Play Integrity respectively, to generate tokens to be dec [...]

More...

App Device Integrity #

Build pub package Discord

This plugin was created to make your app attestation more easy. It uses the Native Attestation Providers from Apple and Google, App Attest and Play Integrity respectively, to generate tokens to be decrypted by your Server to check if your app is being accessed by a reliable device.

Buy Me A Coffee

How to Use It #

To use this plugin correctly, you need to contemplate these two steps:

Provide a Session UUID, in iOS Case
Provide your GCP Project ID, in Android Case

iOS:
The Session UUID is the challenge created by your server for App Attest to issue the token requested from the device to be "marked".
Basically your server sends the challenge to Apple to ensure that the token is marked with it, attested by the service with it so that when the server receives the token, it was actually sent by the device with that session UUID sent by the server before.

Android:
Providing the GCP Project ID links your app with your development and deployment environment. Before you implement it in your project, you need to follow the steps provided by the following doc:
https://developer.android.com/google/play/integrity/setup?set-google-console#set-google-console

To be more "precise", when you link you GCP Project to your app in Google Play Console, the project ID is right beside of your project name. That's the information you need.
It's recommended to create environmental variable with the project ID to maintain your app, and project, integrity.

Server:
I am very proud to provide you with an open-source service that you can Attest your implementations in server side.
It checks from which platform the token is sent and verifies the token, providing very important information about risks, enabling better decision-making to reinforce the security of your services.
Fell comfortable to fork it, or clone it, and customize it, according to your business demands.

For more information about App Attest and Play Integrity, you can access the docs from Apple and Google in the links bellow:
https://developer.apple.com/documentation/devicecheck/establishing-your-app-s-integrity https://developer.android.com/google/play/integrity

Metadata

16
likes
0
points
217
downloads

Publisher

verified publisherbubotech.co

Weekly Downloads

Metadata

This plugin was created to make your app attestation more easy. It uses the Native Attestation Providers from Apple and Google, App Attest and Play Integrity respectively, to generate tokens to be decrypted by your Server to check if your app is being accessed by a reliable device.

Homepage

License

unknown (license)

Dependencies

flutter, plugin_platform_interface

More

Packages that depend on app_device_integrity

Back