28 lines
1.3 KiB
Dart
28 lines
1.3 KiB
Dart
import 'package:flutter_secure_storage/flutter_secure_storage.dart';
|
|
|
|
/// Keychain access group shared between the Runner and the (Phase 3) iOS
|
|
/// Notification Service Extension so the NSE can read the RSA private key,
|
|
/// the server public key and the Nextcloud app password to decrypt pushes
|
|
/// while the app is not running.
|
|
///
|
|
/// The value reuses the existing app-group id already present in the iOS
|
|
/// project (`ios/Runner/Runner.entitlements`). Phase 3 must additionally list
|
|
/// it under `keychain-access-groups` for both the Runner and the NSE target.
|
|
/// On Android `groupId` is ignored, so this is a no-op there.
|
|
const String kPushKeychainGroup = 'group.eu.mhsl.marianum.mobile.client.widget';
|
|
|
|
/// [IOSOptions] used for every push-related secure-storage entry. Uses
|
|
/// `first_unlock` accessibility so the NSE can read the key material after the
|
|
/// first device unlock following a reboot (the NSE may run while locked).
|
|
const IOSOptions kPushIosOptions = IOSOptions(
|
|
groupId: kPushKeychainGroup,
|
|
accessibility: KeychainAccessibility.first_unlock,
|
|
);
|
|
|
|
/// Shared secure storage instance for all push key material and registration
|
|
/// bookkeeping. Kept separate from [AccountData]'s default storage because the
|
|
/// entries here are group-scoped for NSE access.
|
|
const FlutterSecureStorage pushSecureStorage = FlutterSecureStorage(
|
|
iOptions: kPushIosOptions,
|
|
);
|