privacybydesign / irmamobile Goto Github PK
View Code? Open in Web Editor NEWIRMA app for iOS and Android
License: Other
IRMA app for iOS and Android
License: Other
For the Home screen to have a consistent number of Recent Activity entries (for example, the last 4)
On the Home screen under Recent Activity it first shows 4 activities when opening the app, but when switching back to Home screen after already being in the app it shows 2 activities instead.
The current app uses the language setting of the OS.
Please provide a setting in menu to choose a different language for the IRMA-app.
Sentry Issue: IRMAMOBILE-2020-136
_CastError: Null check operator used on a null value
File "session_screen.dart", line 61, in _SessionScreenState.dispose.<fn>
I would really like to see NFC support so I can add my creditcards and ov-card etc to irma. Then i could replace google wallet for irma and have more trust. is this an antcipated feature?
I suppose this is more of an issue with services.nijmegen.nl, but I wasn't sure where to better report it.
Open app -> Refresh card -> Inloggen met DigiD -> Redirect to Google Play Store
I've created a video to show the problem: https://streamable.com/hogqt6
IRMA: org.irmacard.cardemu 6.0.9
Browser: org.mozilla.firefox 82.1.1
DigiD: nl.rijksoverheid.digid.pub 5.16.1
It would be great to have an option to disable the FlutterPrivacyScreen, while the purpose of the FlutterPrivacyScreen is obvious and important, it can sometimes be useful to have the ability to take screenshots for debug purposes or to demo the APP using a screencast.
Some banking apps provide the same option in the settings.
The camera should be deactivated after scanning the QR code, as well as after closing the QR view.
The green camera indicator in the upper right-hand corner stays active, even after the QR code has been scanned. The camera also makes a sound as if it is focussing. Pressing the home button takes the app to the background, temporarily deactivating the camera, only to resume when the app is opened again. The only way to fully deactivate the camera is to close the app by double-tapping the home button and swiping up.
iPhone model: iPhone SE (2nd generation)
iOS version: 14.2
App version: 6.0.10
Sentry Issue: IRMAMOBILE-2020-12K
UnsupportedError: Unsupported operation: Cannot add to an unmodifiable list
File "history_repository.dart", line 65, in new HistoryRepository.<fn>
File "scan.dart", line 13, in _ScanStreamSink.add
...
(16 additional frame(s) were not displayed)
It only occurs on physical iOS devices. No clear exception is being shown. It looks like a silent timeout or something. It happens when the enrollment introduction
integration test is starting. That's after the issuance issue-municipality-en
test finishes. It's likely that the issue lies in one of these two tests.
The issue occurs both in Firebase Test Lab and in my local setup using my own iPhone, so it is not related to a specific environment.
When compiling with XCode 14.3.1 there are no issues. Upgrading flutter, golang or gomobile to the latest versions does not make a difference.
As a work-around we pinned the XCode version to 14.3.1 in #272 .
The latest version fail to build on F-Droid due to a missing git tag:
https://f-droid.org/wiki/page/org.irmacard.cardemu/lastbuild_130
Can you please add them?
Sentry Issue: IRMAMOBILE-2020-146
_CastError: Null check operator used on a null value
File "session_screen.dart", line 124, in _SessionScreenState._buildFinishedContinueSecondDevice
File "session_screen.dart", line 202, in _SessionScreenState._buildFinished
File "session_screen.dart", line 362, in _SessionScreenState.build.<fn>
...
(16 additional frame(s) were not displayed)
Stack trace:
String: Cannot initialize client: Hash of /var/mobile/Containers/Data/Application/***/Library/v2/irma_configuration/irma-demo/description.xml does not match scheme manager index
File "*errors.errorString", in Cannot initialize client: Hash of /var/mobile/Containers/Data/Application/***/Library/v2/irma_configuration/irma-demo/description.xml does not match scheme manager index
File "schemes.go:687", in (0x105385dd4)
File "schemes.go:675", in (0x105385c8c)
File "schemes.go:342", in (0x10538371c)
File "irmaconfig.go:156", in (0x105369f90)
File "common.go:245", in (0x1051d04f8)
File "common.go:225", in (0x1053699ac)
File "irmaconfig.go:155", in (0x105369959)
File "irmaconfig.go:227", in (0x10536a3dc)
File "client.go:176", in (0x10539d18c)
File "bridge.go:150", in (0x1053ba3e0)
File "go_irmagobridgemain.go:196", in (0x1053c29ac)
File "unparsed", in _cgo_gotypes.go:296 (0x1053c3734)
File "cgocall.go:316", in (0x104f6a4e4)
File "cgocall.go:235", in (0x104f6a218)
File "asm_arm64.s:1087", in (0x104fcb980)
File "asm_arm64.s:1165", in (0x104fcba54)
Potential causes:
It does not happen very often, so there is not much priority.
Sentry Issue: IRMAMOBILE-2020-1TC
PlatformException: PlatformException(, android.content.ActivityNotFoundException: No Activity found to handle Intent { act=android.intent.action.VIEW dat=https://sidnemailissuer.yiviconnect.nl/... (has extras) }, android.content.ActivityNotFoundException: No Activity found to handle Intent { act=android.intent.action.VIEW dat=https://sidnemailissuer.yiviconnect.nl/... (has extras) }
at android.app.Instrumentation.checkStartActivityResult(Instrumentation.java:2080)
at android.app.Instrumentation.execStartActivity(Instrumentation.java:1727)
at android.app.Activity.startActivityForResult(Activity.java:5377)
at android.app.Activity.startActivityForResult(Activity.java:5335)
at android.app.Activity.startActivity(Activity.java:5721)
at androidx.core.content.a$a.b(ContextCompat.java:1)
at androidx.core.content.a.i(ContextCompat.java:1)
at m.b.a(CustomTabsIntent.java:10)
at x1.a.onMethodCall(IIABPlugin.java:45)
at l2.k$a.a(MethodChannel.java:18)
at z1.c.l(DartMessenger.java:19)
at z1.c.m(DartMessenger.java:41)
at z1.c.i(DartMessenger.java:1)
at z1.b.run(R8$$SyntheticClass:13)
at android.os.Handler.handleCallback(Handler.java:938)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loop(Looper.java:246)
at android.app.ActivityThread.main(ActivityThread.java:8653)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:602)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1130)
, null)
File "irma_repository.dart", line 558, in IrmaRepository.openURLinAppBrowser
In the flow, it is possible to request optional attributes that may be 'not null.' For this purpose, a design has been created that needs to be implemented so that this exception can be handled. Important: It is optional in the credential, but the verifier can request this (specifically not null).
https://irma.app/docs/session-requests/#null-attributes
Note: It may be necessary to make changes in the bloc as well.
Cards with an issue, say 'expired', have a little alert icon instead of the three dots icon.
This alert icon does not invite interaction. If you want to delete a card due to being expired, you have to search and try to find out how you can delete it.
This can easily be fixed by adding the three dots icon for every card, and then display the alert icon just to the left of it. That way the interaction options for every card are the same, and for some cards you get an alert icon that indicates it is recommended to interact with them
Getting up and running with building this project for Android at present.
Can I get some further information (perhaps it can be added to the docs, happy to write them and submit a PR if I can get the information) on how the build flavors are used/named in irmamobile?
What do I get if I build for beta
over alpha
flavor in the resulting app?
Is alpha
more production ready than beta
or the other way around?
Many thanks :D
In dit scherm de tekst aanpassen naar:
"Wil je de volgende persoonlijke gegevens delen met gemeente Nijmegen en bellen naar xxxxx? "
• 'Dit' in de huidige tekst is niet duidelijk, dus concretiseren
• Dikdrukken van organisatie en telefoonnummer zou ik hanteren.
• Tekst knoppen: 'Nee, liever niet' is gek. Je kunt namelijk niet bellen als je je gegevens niet bekend maakt. Dus gewoon 'Nee'.
• Ik vind persoonlijk de interface niet helemaal duidelijk. Door de de vraag bovenin de plaatsen en de knoppen onderin moet ik even nadenken en goed kijken wat ik moet doen. Nadat dit scherm opent valt mijn oog namelijk gelijk op de knoppen (waarschijnlijk door het kleurgebruik maar ook door het grote witte vlak daarboven/ onder de vraag) maar snap ik niet waar deze knoppen voor dienen. Ik moest echt even zoeken naar de vraag. Kan daar iets aangedaan word qua vormgeving?
Daar zit de gotcha bij dat 'gemeente Nijmegen' natuurlijk niet de hostname is van de server waarop IRMA draait.
Voor een gebruiker is een logische naam wel veel voor de hand liggender dan een technische naam.
On several android phones, the Irma app gives an error when scanning a QR phones. Attached are photos of the error in the app.
The problem occurs on several Android phones that we tested. Other phones worked fine. I do not know if iOS is affected. The screenshot is of my personal Pixel 6a with android 12. Doing a full deinstall followed by a reinstall of the app does not solve the problem.
There is a bit of urgency here, apart from that such an error probably always is urgent in these kinds of apps. As you may know, Irma is being used by the Nuts Foundation, to authenticate users in sharing data in Healthcare. next week is the second hackathon for the eOverdracht-project, in which several vendors are testing their first use case on the nuts network, and will try to get their applications to share data in the nuts acceptance network. This cannot work without the Irma app functioning as intended.
What I did:
If users have a credential in their app where revocation is enabled, then this error is triggered and sent to Sentry. Error is not visible to the user.
nonrevocation witness invalidated by update
https://gabi-irma.sentry.io/issues/3928942545/?project=5251288
Part of the Governance of introducing IRMA in the Municipality of Amsterdam, we need to perform a risk analysis on information security and privacy.
An issue that might block or delay the introduction of IRMA is the weak pincode a user can choose to access IRMA.
Waarom kan ik niet het gebruiken zonder wifi?
The test fails half of the time with the following error:
java.lang.Exception: ══╡ EXCEPTION CAUGHT BY FLUTTER TEST FRAMEWORK ╞═════════════════
The following assertion was thrown running a test:
The finder "zero widgets with text "Prefer a shorter PIN?"
(considering only hit-testable ones) (ignoring offstage widgets)"
(used in a call to "tap()") could not find any matching widgets.
When the exception was thrown, this was the stack:
#0 WidgetController._getElementPoint (package:flutter_test/src/controller.dart:1294:7)
#1 WidgetController.getCenter (package:flutter_test/src/controller.dart:1233:12)
#2 WidgetController.tap (package:flutter_test/src/controller.dart:554:18)
#3 WidgetTesterUtil.tapAndSettle (file:///home/runner/work/irmamobile/irmamobile/integration_test/util.dart:15:11)
#4 main.<anonymous closure>.<anonymous closure> (file:///home/runner/work/irmamobile/irmamobile/integration_test/settings_test.dart:231:20)
<asynchronous suspension>
#5 testWidgets.<anonymous closure>.<anonymous closure> (package:flutter_test/src/widget_tester.dart:165:15)
<asynchronous suspension>
#6 TestWidgetsFlutterBinding._runTestBody (package:flutter_test/src/binding.dart:982:5)
<asynchronous suspension>
The test description was:
change-pin
On some phones the buttons to enter the digits 9 and 0 sometimes fall off the screen. Not all failed test cases point in the direction of this, so it could be that there are more issues.
At first the Yivi app works fine, but after a year the app starts with a fatar error:
java.security.InvalidKeyException: Keystore operation failed
android.security.keystore2.KeyStoreCryptoOperationUtils.getInvalidKeyException(KeyStoreCryptoOperationUtils.java:130), android.security.keystore2.KeyStoreCryptoOperationUtils.getExceptionForCipherInit(KeyStoreCryptoOperationUtils.java:154)
It only occurs on devices of the Samsung Galaxy S21 series. We currently have reports from 44 different users and all of them use a Samsung Galaxy S21.
On some Android devices an error occurs when requesting permission to the users camera. I was unable to reproduce this error on my own device, a One Plus Nord 2.
PlatformException(PermissionHandler.PermissionManager, A request for permissions is already running, please wait for it to finish before doing another request (note that you can request multiple permissions at the same time)., null, null)
This issue seems to be related to a problem within the package, and has been discussed in the following GitHub issue: Baseflow/flutter-permission-handler#950.
encountered behavior:
On Android (app version e63aee5), when viewing a card and then pressing the back button, the app exits.
Expected behavior:
When pressing the back button, the card view should return to the wallet view and not exit the app.
To run the integration test a test backend is needed where the app can make its network requests to. Currently, this is an improvised setup hosted by my personally. This is not future-proof. A publicly available test environment of the keyshare server should be created somewhere else for this.
Sentry Issue: IRMAMOBILE-2020-12F
_CastError: type 'Null' is not a subtype of type 'List<dynamic>' in type cast
File "session.g.dart", line 79, in _$RequestorInfoFromJson
File "session.dart", line 301, in new RequestorInfo.fromJson
File "log_entry.g.dart", line 38, in _$LogEntryFromJson
File "log_entry.dart", line 88, in new LogEntry.fromJson
File "log_entry.g.dart", line 11, in _$LogsEventFromJson.<fn>
...
(24 additional frame(s) were not displayed)
I cloned the project to my local machine and modified the description.xml file inside irma_configuration/pbdf/, adding tags. However, after recompiling the project, I still cannot display the language code "zh". How should I proceed?
https://drive.google.com/file/d/1uoezEJ85grhw_3rTV_zAo5pEEv0L3g5M/view?usp=sharing
I am trying to run the irmamobile project with flutter run, after following all the described steps in readme.
The output from the flutter run looks like this:
`lib/src/screens/pin/pin_screen.dart:64:13: Error: No named parameter with the name 'child'.
child: PinWrongAttemptsDialog(
^^^^^
../../flutter_windows_2.0.3-stable/flutter/packages/flutter/lib/src/material/dialog.dart:1035:12: Context: Found this candidate, but the arguments don't match.
Future<T?> showDialog({
^^^^^^^^^^
lib/src/screens/pin/pin_screen.dart:75:13: Error: No named parameter with the name 'child'.
child: PinWrongBlockedDialog(blocked: pinState.blockedUntil.difference(DateTime.now()).inSeconds),
^^^^^
../../flutter_windows_2.0.3-stable/flutter/packages/flutter/lib/src/material/dialog.dart:1035:12: Context: Found this candidate, but the arguments don't match.
Future<T?> showDialog({
^^^^^^^^^^
lib/src/screens/change_pin/change_pin_screen.dart:136:17: Error: No named parameter with the name 'child'.
child: PinWrongAttemptsDialog(attemptsRemaining: state.attemptsRemaining),
^^^^^
../../flutter_windows_2.0.3-stable/flutter/packages/flutter/lib/src/material/dialog.dart:1035:12: Context: Found this candidate, but the arguments don't match.
Future<T?> showDialog({
^^^^^^^^^^
lib/src/screens/enrollment/widgets/introduction.dart:40:7: Error: No named parameter with the name 'resizeToAvoidBottomPadding'.
resizeToAvoidBottomPadding: false,
^^^^^^^^^^^^^^^^^^^^^^^^^^
../../flutter_windows_2.0.3-stable/flutter/packages/flutter/lib/src/material/scaffold.dart:1451:9: Context: Found this candidate, but the arguments don't match.
const Scaffold({
^^^^^^^^
../../flutter_windows_2.0.3-stable/flutter/.pub-cache/hosted/pub.dartlang.org/flutter_svg-0.19.0/lib/src/picture_provider.dart:52:59: Error: No named parameter with the name 'nullOk'.
context != null ? Localizations.localeOf(context, nullOk: true) : null,
^^^^^^
../../flutter_windows_2.0.3-stable/flutter/packages/flutter/lib/src/widgets/localizations.dart:413:17: Context: Found this candidate, but the arguments don't match.
static Locale localeOf(BuildContext context) {
^^^^^^^^
../../flutter_windows_2.0.3-stable/flutter/.pub-cache/hosted/pub.dartlang.org/provider-3.2.0/lib/src/delegate_widget.dart:194:18: Error: Superclass has no method named 'inheritFromEle
ment'.
return super.inheritFromElement(ancestor, aspect: aspect);
^^^^^^^^^^^^^^^^^^
../../flutter_windows_2.0.3-stable/flutter/.pub-cache/hosted/pub.dartlang.org/provider-3.2.0/lib/src/provider.dart:259:19: Error: The method 'inheritFromWidgetOfExactType' isn't defin
ed for the class 'BuildContext'.
FAILURE: Build failed with an exception.
`
It seems like lib\src\screens\pin\pin_screen.dart uses a child
parameter from flutters showDialog
in dialog.dart, which is not supported anymore and was removed in december 2020. Similar thing could be the problem with resizeToAvoidBottomPadding
from lib/src/screens/enrollment/widgets/introduction.dart .
Greetings,
I'm creating a Docker image with all the dependencies needed to build the IRMA app. I installed all the dependencies and (recursively) cloned the current version of this repo, but if I try to build the app with the command flutter build apk
inside the repo's root, I get the following error: e: /root/flutter/.pub-cache/git/flutter_privacy_screen-a3c29f667d5a556cf0280f1b39851a2707f788be/android/src/main/kotlin/be/appmire/flutter_privacy_screen/FlutterPrivacyScreenPlugin.kt: (21, 63): Smart cast to 'Activity' is impossible, because 'registrar.activity()' is a complex expression
You can find the full output here. Are you able to build the current version? Maybe I have to checkout a particular branch?
Thank you for your help,
GTP
Problem
The IRMA iOS app freezes when I try to disclose pbdf.nijmegen.personalData.fullname
to a local irmago
server running in development mode (see below for versions of software used).
Expectation
That I can request the attribute.
Reproduce
./irma-master-darwin-amd64 server -v
in terminal window A./irma-master-darwin-amd64 session --server http://localhost:8088 --disclose pbdf.nijmegen.personalData.fullname
in terminal window BNote
I have tried to request another attribute and that worked great. It appears as though the specific attribute I'm requesting matters. For example: when I request pbdf.pbdf.mobilenumber.mobilenumber
using the same steps it works fine and the attribute appears in my terminal and the app keeps functioning. I've also tried deleting and re-adding the BRP data but that didn't help.
Software versions used
irma-master-darwin-amd64
with shasum=72618081e5c125995e168a71a546a05df0ab761f (latest master downloaded today). To make the confusion about which version I'm using complete, the shasum I mentioned doesn't refer to a git commit but is the hash of the file.iOS app
version ad77578 (running in developer mode)Sentry Issue: IRMAMOBILE-2020-12H
OSError: OS Error: No such file or directory, errno = 2
FileSystemException: FileSystemException: Cannot open file, path = 'c5d0f1e727ceeb73531281a6b2bc021fb0935dc3b18b4b3e8fe30f5ae410213b' (OS Error: No such file or directory, errno = 2)
File "file_impl.dart", line 356, in _File.open.<fn>
File "zone.dart", line 1434, in _rootRunUnary
File "<asynchronous suspension>"
File "image_provider.dart", line 890, in FileImage._loadAsync
Tekstvoorstel:
In blauwe kader: i + Je persoonlijke gegevens zijn doorgegeven aan gemeente Nijmegen
Je kunt nu bellen
Klik op doorgaan. Het telefoonnummer verschijnt dan automatisch. Achter het nummer staat een persoonlijke code. Hier hoef je niks mee te doen.
Kies je voor bellen, dan hoor je enkele tonen. Daarna word je verbonden
Overweging hierbij:
• Blauwe kader: er staat twee keer dat de gegevens zijn doorgegeven. 1 zin is voldoende. Sowieso is doorgegegeven geen woord. (er staat dus sowieso een vette type in het huidige scherm)
User story: I have one old email address which is expired in my list of attributes. Even though I select another non-expired attribute, this expired attribute is sent to the server.
I suspect that an index number in the 'un-expired' attribute list is used during selection, but during sending that index number is used on the full list of attributes (both expired and non-expired).
I consider this a privacy leak: an attribute (although expired) that I did not select is send to the IRMA server.
Next annoying thing: how can I remove an expired attribute from my list without renewing it? There is no way currently for this.
OS: Android
Version app: 7.2.0 (using the Yivi branding, some beta channel in the Play Store).
P.S. Nice Yivi redesign, nice that the app remembers which attribute was used to disclose to the server (did not remember seeing that before).
The irmagobridge
might give a KeyshareEnrollmentMissingSessionEvent
. The Flutter side fully ignores this event. Due to this a loading spinner is displayed indefinitely, because the app does not know that an error occured.
When you open the app after it has not been used for a year, you have the option the start over. The red button cannot be reached because it appears behind the keyboard which you can't hide.
In the first (re)setup flow after the pincode entry you are asked for your email address. When you leave the app and come back the input field is active, but the keyboard won't show. You have to skip that step or redo the pincode to show the keyboard.
iOS 14.8.1
Irma 6.2.0
iPhone 8
Edit: nvm. Turned out iOS messed up the update to 6.2.0. It does that sometimes.
Finding: users who do not live in Nijmegen are surprised and do not find it logical that their personal data is collected via Nijmegen. NB: this also applies for other data sources, the Chamber of Commerce data via Signicat.
Solution: show at the top of the Yivi explanation page through which organization (= Nijmegen) data is collected.
In the build-app-ios action the following error occurres:
Undefined symbols for architecture arm64: "_res_9_nclose", referenced from: _internal/syscall/unix.libresolv_res_9_nclose_trampoline.abi0 in Irmagobridge(go.o) "_res_9_ninit", referenced from: _internal/syscall/unix.libresolv_res_9_ninit_trampoline.abi0 in Irmagobridge(go.o) "_res_9_nsearch", referenced from: _internal/syscall/unix.libresolv_res_9_nsearch_trampoline.abi0 in Irmagobridge(go.o) ld: symbol(s) not found for architecture arm64
Finding: users compare/confuse the retrieved personal data with a passport data and see a validity period and wonder whether this is correct. And users do not know what a level of assurance is and relate this to themselves: am I averagely reliable?
Solution: show the validity period and LoA separately in Yivi, these are now presented as part of the retrieved personal data. Also provide an explanation of what this data means.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.