Overview

HUAWEI FIDO BioAuthn provides your app with powerful biometric authentication capabilities, including fingerprint authentication and 3D facial authentication. It allows your app to provide secure and easy-to-use password-free authentication for users while ensuring reliable authentication results.

What You Will Create

In this codelab, you will use the demo project to call the FIDO BioAuthn API. Through this demo project, you will:

What You Will Learn

Hardware Requirements

Software Requirements

HUAWEI HMS Core integration requires the following preparations

For details, see the HUAWEI HMS Core Integration Preparation.

Enabling the Service

Go to Console > AppGallery Connect > My apps, chick your app, and go to Develop > Overview > Manage APIs.

Enable the FIDO service.

Adding the AppGallery Connect Configuration File of Your App

Move the downloaded agconnect-services.json file to the app directory of your Android Studio project.

Configuring the Maven Repository Address for the HMS SDK

Open the build.gradle file in the root directory of your Android Studio project.

Go to allprojects > repositories and configure the Maven repository address for the HMS SDK.

allprojects { repositories { google() jcenter() // Add the following line. maven { url 'http://developer.huawei.com/repo/' } } }

Go to buildscript > repositories and configure the Maven repository address for the HMS SDK.

buildscript { repositories { google() jcenter() // Add the following line. maven { url 'http://developer.huawei.com/repo/' } } }

Go to buildscript > dependencies and add dependency configurations.

buildscript { dependencies { classpath 'com.android.tools.build:gradle:3.3.0' // Add the following line classpath 'com.huawei.agconnect:agcp:1.0.0.300' } }

Adding Build Dependencies

Open the build.gradle file in the app directory.

Configure build dependencies.

dependencies { // Add the following line implementation 'com.huawei.hms:fido:4.0.0.300' }

Add the AppGallery Connect plug-in dependency to the file header.

Apply plugin: 'com.huawei.agconnect'

Configure the signature in android.

Copy the JKS file (for example, FIDO BioAuthn Android Sample.jks) obtained during integration preparations to the app directory of your project, and configure the signature in the build.gradle file.

android { signingConfigs { config { keyAlias 'FIDO BioAuthn Android Sample' keyPassword '123456' storeFile file('FIDO BioAuthn Android Sample.jks') storePassword '123456' } } buildTypes { debug { signingConfig signingConfigs.config } release { signingConfig signingConfigs.config minifyEnabled false proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro' } } }

Click Sync Now to synchronize the project.

The sample code for biometric authentication consists of two parts: fingerprint authentication and 3D facial authentication.

Fingerprint Authentication

Huawei provides secure fingerprint authentication. Before fingerprint authentication, the device running environment is checked. If the device running environment is insecure, the callback function (BioAuthnCallback. onAuthError) returns the error code BioAuthnPrompt.ERROR_SYS_INTEGRITY_FAILED or BioAuthnPrompt.ERROR_CRYPTO_VERIFY_FAILED. If the device running environment is secure, fingerprint authentication is performed. For details about fingerprint authentication error codes, please refer to the API Reference.
Precautions:

  1. Only EMUI 5 (API Level 24) and later versions support fingerprint authentication. In addition, ensure that the device hardware supports fingerprint authentication.
  2. When you use PromptInfo.Builder to create PromptInfo, setDeviceCredentialAllowed(true) and setNegativeButtonText() are mutually exclusive. You can select only one of them. setDeviceCredentialAllowed(true) allows switch from the fingerprint authentication page to other authentication modes, for example, password authentication.
  3. When the BioAuthnPrompt.auth(BioAuthnPrompt.PromptInfo, CryptoObject) API is used for fingerprint authentication, setDeviceCredentialAllowed(true) cannot be set in PromptInfo.

The following code snippet shows how to use Huawei's fingerprint authentication:

import android.view.View; import androidx.appcompat.app.AppCompatActivity; import androidx.core.content.ContextCompat; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnCallback; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnManager; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnPrompt; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnResult; public class MainActivity extends AppCompatActivity { public void btnFingerAuthenticateWithoutCryptoObjectClicked(View view) { // can authenticate BioAuthnManager bioAuthnManager = new BioAuthnManager(this); int errorCode = bioAuthnManager.canAuth(); if (errorCode != 0) { // Can not authenticate. return; } // call back BioAuthnCallback callback = new BioAuthnCallback() { @Override public void onAuthError(int errMsgId, CharSequence errString) { // Authentication error. } @Override public void onAuthSucceeded(BioAuthnResult result) { // Authentication succeeded } @Override public void onAuthFailed() { // Authentication failed. } }; BioAuthnPrompt bioAuthnPrompt = new BioAuthnPrompt(this, ContextCompat.getMainExecutor(this), callback); // build prompt info BioAuthnPrompt.PromptInfo.Builder builder = new BioAuthnPrompt.PromptInfo.Builder().setTitle("This is the title.") .setSubtitle("This is the subtitle") .setDescription("This is the description"); // The user will first be prompted to authenticate with biometrics, but also given the option to // authenticate with their device PIN, pattern, or password. setNegativeButtonText(CharSequence) should // not be set if this is set to true. builder.setDeviceCredentialAllowed(true); // Set the text for the negative button. setDeviceCredentialAllowed(true) should not be set if this button text // is set. // builder.setNegativeButtonText("This is the 'Cancel' button."); BioAuthnPrompt.PromptInfo info = builder.build(); bioAuthnPrompt.auth(info); } }

3D Facial Authentication

Huawei provides secure 3D facial authentication. Before 3D facial authentication, the device running environment is checked. If the device running environment is insecure, the callback function (BioAuthnCallback.onAuthError) provides the error code FaceManager.FACE_ERROR_SYS_INTEGRITY_FAILED. If the device running environment is secure, 3D facial authentication is performed. For details about fingerprint authentication error codes, please refer to the API Reference.

The following code snippet shows how to use Huawei's 3D facial authentication:

import android.os.CancellationSignal; import android.os.Handler; import android.view.View; import androidx.appcompat.app.AppCompatActivity; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnCallback; import com.huawei.hms.support.api.fido.bioauthn.BioAuthnResult; import com.huawei.hms.support.api.fido.bioauthn.CryptoObject; import com.huawei.hms.support.api.fido.bioauthn.FaceManager; public class MainActivity extends AppCompatActivity { public void btnFaceAuthenticateWithoutCryptoObjectClicked(View view) { // Call back. BioAuthnCallback callback = new BioAuthnCallback() { @Override public void onAuthError(int errMsgId, CharSequence errString) { // Authentication error. } @Override public void onAuthHelp(int helpMsgId, CharSequence helpString) { // Authentication help. } @Override public void onAuthSucceeded(BioAuthnResult result) { // Authentication succeeded. } @Override public void onAuthFailed() { // Authentication failed. } }; // Cancellation Signal CancellationSignal cancellationSignal = new CancellationSignal(); FaceManager faceManager = new FaceManager(this); int errorCode = faceManager.canAuth(); if (errorCode != 0) { // Cannot authenticate. return; } // Flags. int flags = 0; // Authentication messsage handler. Handler handler = null; // Recommended CryptoObject to be set to null. KeyStore is not associated with facial authentication in current // version. KeyGenParameterSpec.Builder.setUserAuthenticationRequired() must be set to false in this scenario. CryptoObject crypto = null; faceManager.auth(crypto, cancellationSignal, flags, callback, handler); } }

Install the APK to be tested and tap the test button to trigger fingerprint authentication or facial authentication.

Well done. You have successfully completed this codelab and learned:

For more information, please click the following link:
Related documents

Download source code

Code copied