Google SafetyNet Attestation for React Native
About SafetyNet
Google provides an API to verify device integrity and detect harmful apps. See the SafetyNet documentation for more information.
Getting Started
$ npm install react-native-safetynet-client
or
$ yarn add react-native-google-safetynet-client
Mostly Automatic Installation
$ react-native link react-native-safetynet-client
Manual installation
Android
- Open up
android/app/src/main/java/[...]/MainActivity.java
- Add
import com.arifaydogmus.safetynet.RNSafetyNetPackage;to the imports at the top of the file - Add
new RNSafetyNetPackage()to the list returned by thegetPackages()method
- Append the following lines to
android/settings.gradle:include ':react-native-safetynet-client' project(':react-native-safetynet-client').projectDir = new File(rootProject.projectDir, '../node_modules/react-native-safetynet-client/android') - Insert the following lines inside the dependencies block in
android/app/build.gradle:implementation project(':react-native-safetynet-client')
Usage
; // STEP 1: Send nonce request to server with device unique idconst deviceId = 'You can use the "react-native-device-info" module to get the unique id of device'; const nonceResult = await RNSafetyNetClient; if !nonceResultnonce || nonceResulterror console; return; // STEP 2: Send attestation request to Google Play const attestationResult = await RNSafetyNetClient; if !attestationResultjws || attestationResulterror console; return; // STEP 3: Pass the JSW to your server for verification. const verification = await RNSafetyNetClient;