{"id":22268080,"url":"https://github.com/curityio/react-native-haapi-module","last_synced_at":"2025-10-14T13:03:00.399Z","repository":{"id":228329037,"uuid":"743556281","full_name":"curityio/react-native-haapi-module","owner":"curityio","description":"React Native Modules to use with Hypermedia Authentication API of the Curity Identity Server","archived":false,"fork":false,"pushed_at":"2024-11-19T07:47:30.000Z","size":525,"stargazers_count":1,"open_issues_count":2,"forks_count":2,"subscribers_count":6,"default_branch":"main","last_synced_at":"2024-11-19T08:38:40.801Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-01-15T13:43:12.000Z","updated_at":"2024-08-07T14:40:35.000Z","dependencies_parsed_at":null,"dependency_job_id":"66bce883-7320-491d-ae85-97467d9affea","html_url":"https://github.com/curityio/react-native-haapi-module","commit_stats":null,"previous_names":["curityio/react-native-haapi-module"],"tags_count":19,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Freact-native-haapi-module","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Freact-native-haapi-module/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Freact-native-haapi-module/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Freact-native-haapi-module/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curityio","download_url":"https://codeload.github.com/curityio/react-native-haapi-module/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227905532,"owners_count":17837906,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-03T11:11:01.600Z","updated_at":"2025-10-14T13:02:55.342Z","avatar_url":"https://github.com/curityio.png","language":"Kotlin","funding_links":[],"categories":[],"sub_categories":[],"readme":"# react-native-haapi-module\n\n[![Quality](https://img.shields.io/badge/quality-test-yellow)](https://curity.io/resources/code-examples/status/) [![Availability](https://img.shields.io/badge/availability-source-blue)](https://curity.io/resources/code-examples/status/)\n\nThis a react-native Native Module that use the Hypermedia Authentication API of the Curity Identity Server. The module utilizes the iOS and Android SDK to perform attestation and communication with the API.\n\n\u003chttps://curity.io/product/authentication-service/authentication-api/\u003e\n\n## Getting started\n\n`$ npm install @curity/react-native-haapi-module --save`\n\n## Configuration\n\nParameter Name | Platform | Required | Default | Description\n-------------------------- | -------- | -------- | ---------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------\n`appRedirect` | both | false | `app:start` | Redirect URI to use in OAuth requests. Needs to be registered in server config\n`keyStoreAlias` | android | false | `haapi-react-native-android` | Keystore alias for keys used in an authentication flow. Only used on Android\n`configurationName` | ios | false | `HaapiModule` | The name to use for the configuration on iOS. If you are in testing mode and switching environments, make sure that each environment sets a different name\n`clientId` | both | true | | The registered `client_id`\n`baseUri` | both | true | | Base URI of the server. Used for relative redirects.\n`tokenEndpointUri` | both | true | | URI of the token endpoint.\n`authorizationEndpointUri` | both | true | | URI of the authorize endpoint.\n`revocationEndpointUri` | both | true | | URI of the revocation endpoint.\n`registrationEndpointUri` | android | false | | URI of the registration endpoint. Required if fallback registration should be used.\n`fallback_template_id` | android | false | | Name of the template client to be used in fallback. Required if fallback registration should be used.\n`registration_secret` | android | false | | Name of the template client to be used in fallback. Required if fallback registration should be used.\n`validateTlsCertificate` | both | false | true | If the server TLS certificate should be validated. Set to `false` to accept self signed certificates.\n`acrValues` | both | false | `\"\"` | Space separated string to send in authorize request.\n`scope` | both | false | `\"\"` | Space separated string of scopes to request.\n`extraRequestParameters` | both | false | `{}` | Map of extra parameters to send in the request to the authorize endpoint.\n`extraHttpHeaders` | both | false | `{}` | Map of extra http headers to send in all requests to the authentication API.\n\n## Usage\n\nAll functions of the module are async operations. The application may use events produced by the module to drive the authentication flow, or rely on results return by promises.\n\n### Load\n\nTo use the module, first load the module with the desired configuration.\n\n```javascript\nimport {NativeModules} from \"react-native\";\n\nconst {HaapiModule} = NativeModules;\n\n// Example configuration\nconst haapiConfiguration = {\n \"appRedirect\": \"app:start\",\n \"keyStoreAlias\": \"haapi-react-native\",\n \"clientId\": \"react-dev-client\",\n \"baseUri\": \"https://login.example.com\",\n \"tokenEndpointUri\": \"https://login.example.com/oauth/token\",\n \"authorizationEndpointUri\": \"https://login.example.com/oauth/authorize\",\n \"revocationEndpointUri\": \"https://login.example.com/oauth/revoke\",\n \"scope\": \"openid profile\",\n \"registrationEndpointUri\": \"https://login.example.com/oauth/registration\",\n \"fallback_template_id\": \"react-native-fallback\",\n \"registration_secret\": \"my-good-secret\"\n \"validateTlsCertificate\": true,\n \"extraRequestParameters\": {\"prompt\": \"login\"},\n \"extraHttpHeaders\": {\"x-my-good-header\": \"foobar\"}\n \"acrValues\": \"\"\n}\n\nHaapiModule.load(HaapiConfiguration).catch(e =\u003e {\n console.error('Error in loading configuration', e);\n});\n\nexport default HaapiModule;\n```\n\n`load()` may be called multiple times with different configuration, to be able to start authentication flows requesting different `acr` or `scope`.\n\n## Start\n\nAfter the module has been loaded, the `start()` function may be called. `start()` will setup the communication with HAAPI, perform attestation, and then start emitting events for the application to react on. Receiving events will allow the application to know more about the contents of the current state than if it were to receive the raw HaapiResponse. The module will follow redirect responses automatically.\n\n```javascript\ntry {\n await HaapiModule.start();\n} catch (e) {\n console.error(e);\n}\n```\n\nTo listen for the events produced:\n\n```javascript\nconst eventEmitter = new NativeEventEmitter(HaapiModule);\neventEmitter.addListener(\"EventName\", () =\u003e {\n // Handle event\n});\n```\n\nSince `start()` will start an authentication flow, it's recommended to only call it when a user performs an action to start the login.\n\n## Navigate\n\nTo follow a link in a HAAPI response, the `navigate(model)` function can be used. `model` is an object conforming to [Link](https://curity.io/docs/haapi-data-model/latest/links.html)\n\n```javascript\ntry {\n await HaapiModule.navigate(model);\n} catch (e) {\n console.error(e);\n}\n```\n\n## Submit form\n\nTo submit a form in an action, use the submitForm(action, parameters), where `action` is the form to submit, and `parameters` is an object containing the field names and the values to fill the form.\n\n```javascript\ntry {\n await HaapiModule.submitForm(action, parameters);\n} catch (e) {\n console.error(e);\n}\n```\n\n## Refresh Access Token\n\nRefresh the access token using the refresh token. The application may listen to the events `TokenResponse`/`TokenResponseError` for the result of the refresh.\n\n```javascript\nHaapiModule.refreshAccessToken(refreshToken);\n```\n\n## Log out\n\nCalling log out will revoke the tokens, and close the underlying managers to clear the state.\n\n```javascript\nHaapiModule.logout().then(/* Remove tokens from state */);\n```\n\n## Events\n\nEvent Name | Emitted when\n--------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------\nAuthenticationStep | An action is required by the user as part of authentication. See [Authentication Step](https://curity.io/docs/haapi-data-model/latest/authentication-step.html)\nAuthenticationSelectorStep | An `AuthenticationStep` with the kind `authenticator-selector` is received. An authenticator selector screen should be be shown to the user.\nContinueSameStep | A screen should be shown to the user, containing some information. The only required action by the user is to accept or in some cases cancel. [Continue Same Step](https://curity.io/docs/haapi-data-model/latest/continue-same-step.html)\nPollingStep | An authentication step that requires polling was received. May contain information for the user for how to proceed authentication out of band. [Polling Step](https://curity.io/docs/haapi-data-model/latest/polling-step.html)\nPollingStepResult | A poll result was received with the `status` `PENDING`. The application may show new information to the user and continue polling.\nStopPolling | A successful poll result was received. Application should stop polling, and the module will continue execution and may issue new events.\nTokenResponse | Authentication was successful, and the resulting token(s) was received. The payload of the event will contain `accessToken`, `expiresIn` and `scope`. May contain `refreshToken` and `idToken`\nTokenResponseError | Authentication was successful, but the token request returned an error.\nSessionTimedOut | The authentication process took too long, and timed out. The user will have to start over using `start()` method again.\nIncorrectCredentials | The user enter wrong credentials in an `AuthenticationStep`. Show an error to the user and allow them to try again. [Invalid Input Problem](https://curity.io/docs/haapi-data-model/latest/invalid-input-problem.html)\nProblemRepresentation | The server returned an unexpected problem. [Problem](https://curity.io/docs/haapi-data-model/latest/problem.html)\nHaapiError | An unexpected problem happened. Event will have members `error` and `error_description`\nRegistrationStep | Registration is expected of the user. See [Registration Step](https://curity.io/docs/haapi-data-model/latest/registration-step.html)\nUnkownResponse | Server returned a response that is not supported by the module\nHaapiLoading | The module has started a request and is waiting on a response\nHaapiFinishedLoading | The module received response and finished processing\nLoggedOut | The module finished the logout\nWebAuthnAuthenticationStep | Current authentication step is a webauthn/passkeys step. The module will perform a client operation to ask the user to authenticate on their device. The full step is provided to the client to be able to show an appropriate screen. [Login with WebAuthn](https://curity.io/docs/haapi-data-model/latest/webauthn-authentication-step.html)\nWebAuthnUserCancelled | User canceled the authentication request. App should show appropriate screens for how to proceed\nWebAuthnRegistrationFailed | Registration of a webauthn device failed\nWebAuthnRegistrationFailedKeyRegistered | Registration of a webauthn device failed. Reason is likely because the key is already registered. User should proceed to authenticate using the key.\n\n## Passkeys\nPasskey implementation is supported on iOS 15.0+, and on Android the Credential Manager API is used which should support passkeys from version 9, API level 28.\nAdditional configuration is necessary to be able to use passkeys in the app, but also on Curity configuration. See the Curity article on how to enable [Mobile Logins Using Passkeys](https://curity.io/resources/learn/mobile-logins-using-native-passkeys/)\n\n## Example implementation\n\nSee \u003chttps://github.com/curityio/react-native-haapi-example\u003e for example implementation in javascript which is mostly driven by events.\n\n## Development\n\nThis module cannot be compiled as it is, instead add a file system dependency to the example application and open that workspace. See the [example repository](https://github.com/curityio/react-native-haapi-example) for instructions.\n\n## Known limitations\n\n- Registration steps are not yet fully supported\n- External Browser flow not yet supported\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Freact-native-haapi-module","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurityio%2Freact-native-haapi-module","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Freact-native-haapi-module/lists"}