This document explains how the VIDA Flutter plugin works, as well as currently implemented methods with their usecases.
Method channel
All methods implemented as part of the plugin work using the MethodChannel (short guide).
Method channel used for the VIDA plugin is named vida_plugin
.
Every method is the same, in the sense that they follow the same structure _channel.invokeMethod(METHOD_NAME, PARAMS)
(accompanied with an optional onError
callback).
Android specifics
In case of “regular” SDK methods, bridging Flutter and Android is as simple as calling the appropriate Android SDK method.
In case of Worker Thread SDK methods (@androidx.annotation.WorkerThread
, link), bridging Flutter and Android requires handling in a separate thread.
iOS specifics
TODO
Plugin methods and usecases
Plugin method | Description | Current application usecase(s) | Notes |
---|---|---|---|
| Used to initialize the appropriate VIDA native SDK. | Application init phase | This method has to be called before any other methods. This method will accept VIDA environment, once it is updated as part of SM-6489 - [FE] Prepare for VIDA security turn on Done |
| Registers the device generating (in our case) two keypairs, storing private key(s) in secure local storage and sending public keys to the VIDA system. | User’s initial registration Forgotten password flow | Current SDK version accepts String for password, but later versions accept byte array. |
| Unregisters the device, removing stored private key(s), biometrics settings, and removing the public keys from the VIDA system. | No usecases | Requires current password. |
| Unregisters the device, removing stored private key(s), biometrics settings and removing the public keys from the VIDA system. | Forgotten password flow | / |
| Provides information as to whether the device is registered in the VIDA system or not. | No usecases | / |
| Returns | Request signing ( | / |
| Provides information as to whether the device is hardware backed or not. | No usecases | / |
| Enables biometrics on the device, requiring current password and (system) biometric confirmation. | Saving biometrics | User can fail biometrics multiple times, before there is feedback from the method (behavior noticed on SM-N960F with Android version 10). |
| Disables biometrics on the device, requiring current password. | Disabling biometrics | / |
| Provides information as to whether the device has enabled biometrics or not. | Settings screen (UI) | / |
| Changes the current password with the new one. | Changing password Changing temporary password (User’s initial registration, Forgotten password flow) | This operation clears biometrics, if they have been previously enabled. |
| Signs the message (provided as String, we provide a hash) using the silent key, without any user interaction, resulting in Base64 encoded signature. | Request signing |
Method accepts |
| Signs the message (provided as String, we provide a hash) using the enforced presence key, either with a password or by confirming biometrics, resulting in Base64 encoded signature. | Request signing Mocked login |
Method accepts |
| Syncs the signed messages with the VIDA system. | No usecases | This method can probably be removed as we do not have any uses for it. |
Some of the methods marked with No usecases have no usecases in any of the application flows, but are used as part of the VIDA demo screen.
Native SDK updates status
iOS:
Updated to the 18th Nov SDK version (link) - latest drop was 18th Nov and was not done in a new folder (can be checked in folder history)
Android: