Ionic-native: Secure storage plugin is no longer maintained and crashes on Android Q/10
I'm submitting a ... (check one with "x")
[x] bug report
[ ] feature request
[ ] support request => Please do not submit support requests here, use one of these channels: https://forum.ionicframework.com/ or https://ionicworldwide.herokuapp.com/
Current behavior:
The plugin crashes on Android Q due to the usage of an internal Android api that has been deprecated or removed in Android 10. See https://github.com/Crypho/cordova-plugin-secure-storage/issues/169 for details.
Expected behavior:
The plugin should continue to work with Android 10, or it should be removed from ionic-native or users should at least get information when they visit the ionic native plugin catalogue.
Other information:
There is a fork that for now fixes the Android issues, but it doesn't seem to be plans to maintain it for iOS.
oddcb
All 12 comments
We face the same problem. First customers with Android Q/10 on Pixel devices cannot use our app anymore.
olivierschmid
on 18 Sep 2019
We face the same problem. First customers with Android Q/10 on Pixel devices cannot use our app anymore.
Take a look at the fork. It fixes the issue, but be aware of the new implementation details in the RSA-class, for instance it now adds a check that the key is kept in a secure environment. Could possibly give issues on older devices. Also there is an unmerged pull request to get the code to compile (https://github.com/mibrito707/cordova-plugin-secure-storage/pull/6)
oddcb
on 18 Sep 2019
@oddcb Thanks! Will try the fork.
olivierschmid
on 18 Sep 2019
Are people successfully using the @mibrito707 fork in Ionic apps?
If so, can you please share how your app references it? Does Ionic team need to add any work for type binding?
l3ender
on 8 Oct 2019
@l3ender Yes - we are using it productive as there was no other option. And it seems to work so far :-). Just reference the plugin in package.json ("cordova-plugin-secure-storage": "https://github.com/mibrito707/cordova-plugin-secure-storage.git").
olivierschmid
on 8 Oct 2019
@l3ender Yes. To add:
First remove existing
cordova plugin remove cordova-plugin-secure-storage
Add the fork from mibrito707, 5.0.0 was latest release at this time
cordova plugin add [email protected]
The interface between the plugin and ionic-native hasn't changed.
oddcb
on 8 Oct 2019
I will change the suggested plugin source inside the docs.
danielsogl
on 8 Oct 2019
Please be caution while using that plugin (_cordova-plugin-secure-storage-echo_). For me it isn't working on some devices.. More info at this issue.
eeschiavo
on 25 Nov 2019
@eeschiavo Did you find a solution for this?
cmartin81
on 26 Nov 2019
@eeschiavo Did you find a solution for this?
I ended up using this plugin which seems to work very well
eeschiavo
on 26 Nov 2019
I deleted this comment, it did not solve my problem. Now everybody have to reauthenticate after a couple of hours. Which means that the credential is not stored for a loong time.
cmartin81
on 27 Nov 2019
@eeschiavo It did not work as expected. Now My credentials are stored correctly in secure storage, but after a couple of hours the stored credentials are gone. So it looks like it only stores for a couple of hours
:(
cmartin81
on 1 Dec 2019
Related issues
danbucholtz
路
3Comments
JaneDawson
路
4Comments
shaliko
路
3Comments
ajcrites
路
3Comments
icchio
路
3Comments
Most helpful comment
@l3ender Yes. To add:
First remove existing
Add the fork from mibrito707, 5.0.0 was latest release at this time
The interface between the plugin and ionic-native hasn't changed.