Access values stored by ExpoSecureStore from a Flutter app [iOS]

How to / Third Party Tooling
1

Hello Expo forum!
I know my question is quite similar to “Get value from SecureStore on native application”, but please read on for details!

I have a ReactNative app (only published for iOS) which uses SecureStore.setItemAsync and getItemAsync to put and read values from iOS keychain.
Here is the link to the .m file - EXSecureStore.m on GitHub.

I am transitioning to Flutter and I need to keep the users logged in, i.e. to get their auth tokens from the previously installed RN version of the app.

I am using the FlutterSecureStoragePlugin (link to the .m file) to access the Keychain values.

So, here is what I do

  1. I install the RN app from the App store,
  2. Log in (the token is saved with ExpoSecureStore),
  3. Install my Flutter app
  4. Try to access the Keychain - nothing found!
  5. Reinstall the RN app from the App store,
  6. User is logged in when I open the app

So, my Flutter installation doesn’t delete the tokens, but it can’t access them!

  • The Flutter app has the same bundle ID, so that should not be the problem.

  • I’ve changed it’s source code so that I use the same keychain service (kSecAttrService), which defaults to "app".

  • Also, I’ve copied and adapted the code for reading the Keychain values from ExpoSecureStore.m to FlutterSecureStoragePlugin.m but still no luck…

Could there be any difference in the way RN and Flutter libraries pass strings down to native iOS? I guess there must be something going on with the Keychain access that I don’t know, so any help is very welcome!

Thank You for reading!

2

I’ve found the answer myself!

The complete process can be found on my StackOverflow answer (link). Here is the most important part, that caused the problem for me:

the trickiest part is setting the correct key (kSecAttrAccount) for the keychain item I wanted to get. What helped me was to use the Flutter plugin’s readAll method (link to the native source code of readAll on GitHub). It showed me that the keychain items were actually there, but that the keys were different than the ones ReactNative app was using. As I’ve found out by debugging (it’s nowhere in the docs!!!), the expo username and expo project’s name are added before the string used for the key! So, if in the ReactNative app you save a token with key accessToken, it will be saved to the Keychain as @expousername/project-name-accessToken! It’s nowhere in the docs, and I don’t know how it happens, because I’ve looked through the source code.

3

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.