Secure In-App Secrets Management#8
Open
patrickmenendez29 wants to merge 1 commit intoIntent-Lab:mainfrom
Open
Conversation
…reen and NonStream views
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces a new Settings screen that enables users to manage application secrets directly within the app. Previously, secrets were hardcoded in the source code and required code modifications and redeployment for updates.
The new implementation removes hardcoded secrets and provides a secure, authenticated interface for adding and editing secrets at runtime.
Changes Introduced
Settings Screen for Secrets Management
• Added a new Settings screen dedicated to managing application secrets.
• Users can add, update, and persist secrets without modifying source code.
Removal of Hardcoded Secrets
• Eliminated hardcoded secrets from the codebase.
• Updated relevant components to retrieve secrets from persisted storage.
Access Control and Authentication
• Implemented password protection for the Settings screen.
• Integrated biometric authentication (Face ID) for supported devices.
• Enforced authentication prior to granting access to sensitive configuration data.
Persistence Layer
• Secrets are stored using UserDefaults.
• Ensured consistent retrieval and update behavior across application sessions.
Security Considerations
• Access to secrets is restricted via password authentication.
• Face ID is supported where available to enhance security and user convenience.
• Secrets are persisted in UserDefaults. While appropriate for the current scope, migration to a more secure storage mechanism (e.g., Keychain) may be considered in future iterations depending on sensitivity requirements.