June 12, 2019
iOS 12 and Android 8 brought a simple and useful feature called the password autofill framework. Even though integration of this feature doesn’t require significant efforts, many Xamarin.Forms applications still haven’t adopted this. In this post I’ll show you how you can enable the Password Autofill feature for your app with little effort.
Just by enabling Autofill (setting contentType to.username and.password/.newPassword, as well as adding an Associated Domain), the app automatically prompts to 'Save Password?' When the active ViewController gets dismissed if I'm logging in or signing up with my own password (kinda cool that I don't need to add any code to have these. To enable Browser App Extension auto-fill on iOS: Open your Bitwarden app and tap Settings. Tap the App Extension option in the Auto-fill section. Tap the Enable App Extension button. AutoFill is the successor 1Password needed, and it works perfectly. There’s one other key feature made possible in 1Password thanks to iOS 12: if you use 1Password to store single-use codes for an account’s two-factor authentication setup, the password manager will automatically copy the relevant code to the clipboard at the time you need it.
Autofill effect
Xamarin.Forms.Effect is aт extremely flexible way to get access to native view properties without sub-classing Xamarin.Forms views and writing huge custom renderers. In our case, the Effect would look something like this:
The AutofillContentType is an enumerable type that lists all the supported autofill entries. In fact, iOS and Android support various types of input fields, including credit card information and even 2FA OTP codes, but in our sample we will only use username and password:
Now we can use this effect on our login page. Let’s attach them to the username and password entries:
The platform-specific implementation of the effect is simple and short, however you have to make sure you do not call an API that doesn’t exist on this particular platform.
iOS effect implementation:
How To Find Autofill Passwords
Android effect implementation:
Enable 1password Autofill Ios
As for iOS, that’s enough!
As for Android, you need additional code. The Autofill framework automatically detects when the login form is closed, but it can’t detect this event on Android. This happens because how Xamarin.Forms is designed under the hood and what the Autofill framework expects to happen.
On iOS each Xamarin.Forms.Page instance is basically a separate ViewController, and once the Page is closed, the ViewController is destroyed and the Autofill Framework traits it as expected. However, on Android things are different. Each Xamarin.Forms.Page is a Fragment, and all these fragments exist on a single Activity. Because the Autofill framework expects the Login activity to be destroyed once user logs in and this is not what happens with Xamarin.Forms, we have to call AutofillManager.commit() method directly right after the login process finishes:
ICrossAutofillManager is a simple interface used as a bridge to the native stuff:
After you have added it, compile and run the application. The Password Autofill feature on Android works pretty the same as on iOS:
We are done! Another great benefit of the Autofill framework is that it can work not only with iCloud but also with third-party password managers: projects such as 1Password have adopted the Password Autofill framework, so you do not force your users to share their credentials with Apple or Google.
Domain association
What we did is fine but it’s still not the maximum what we can achieve. Both platforms provide domain-app credential sharing, which allows users to enter their credentials only once (or even never if password generator is used) and then smoothly log in into your service on any device. So, a user can create an account on Mac using Safari, then download the iOS app and log in into the app just with one tap.
In order to achieve it, domain association should be set up. Open Entitlements.plist file in your Xamarin.iOS project and enable Associated Domains:
You also need to enable “Associated Domain” for your app in the Apple Developer console:
The last step is to prepare the Apple App Site association file. It is just a regular JSON file that you need to put on your server, the file’s URL should match the following format:
This file contains a JSON document with a dictionary that lists all applications associated with your domain:
Team Identifier can be obtained from the Apple Developer portal, Bundle Identifier is set in the Info.plist file.
On Android at first you need to allow credential sharing in the app manifest. Add the following meta-data to the manifest under <application> tag:
Then you need to specify your domain: add a new string resource called asset_statements with the following content:
The last step with Android application is actually the same what you did with iOS: you need to prepare a special file that is supposed to be accessible from your server. The URL should be:
And the JSON file content is:
The package_name property is your app’s application ID specified in the manifest file, sha256_cert_fingerprints is, obviously, the SHA256 fingerprint of your signing certificate. Use the following command to generate the fingerprint:
Once it’s done, you have to publish the Android application to the Google Play Store. This step is necessary, and if you don’t want to share the application, you can publish it to the limited Alpha channel. The ultimate step is to fill and submit the Smart Lock for Passwords affiliation form to request verification from Google.
All source code is available on Github.
Xamarin.Forms is a great instrument to build mobile apps of various complexity, but, apparently, it will be always missing some native functionality. Xamarin team did amazing work providing developers an easy access to the native things, and hopefully, using them and reading this post you have achieved what you wanted.
Take care.
Further reading:
- Password AutoFill | Apple Developer Documentation: developer.apple.com
- Autofill framework | Android Developers: developer.android.com
- Autofilling new password with confirmation in iOS 12: stackoverflow.com
Managing passwords has become more smooth-sailing with the introduction of iOS 11. Now, you no longer need to remember passwords or use third-party apps to manage them seamlessly. Using the built-in password manager, you can effortlessly log into your favorite apps. Apple calls it “Password AutoFill for Apps“. All you have to save your username and password and then leave the rest for the password manager to do.
How to Save/Add Password for Favorite Apps
Step #1. Open the Settings app on your iOS device.
Step #2. Next, scroll down and tap on Accounts & Passwords.
Step #3. Now, tap on App & Website Passwords.
Step #4. Scroll down and Tap on Add Password.
View Saved Passwords Windows 10
Step #5. Next up, you need to enter the website name, username, and the password → Make sure to tap on Done at the top right corner to confirm.
Use Password AutoFill for Apps
Step #1. Open the app/web which passwords you have saved.
Step #2. Now, the moment you proceed to enter your login detail, your username will appear right above the keyboard. Tap on username.
Step #3. Your login details will be automatically filled. Now, just tap on the login/sign in button.
How to Access Saved Password of Apps
Step #1. Launch Settings app → Accounts & Passwords → App & Website Passwords.
Step #2. Tap on the app/website name.
Step #3. On the next screen, you will see your username, password, and the related website name.
How to Manage Password AutoFill for Apps
Step #1. Launch Settings app → Accounts & Passwords → App & Website Passwords.
Step #2. Tap on the website name.
Step #3. Now, tap on the Edit button at the top right corner.
Step #4. Next, edit your account and password. → Tap on Done in the end to confirm.
If you want to delete the website, tap on the red button left to it and then tap on Delete.
Delete App/Website from Password AutoFill for Apps
You can delete the app, which password you no longer want to keep. To do so, Launch Settings app → Accounts & Passwords → App & Website Passwords → tap on the Edit button at the top → select the app → tap on Delete at the top left corner.
Wrapping up!
I think the importance of a top-notch password manager like 1Password hasn’t gone down at all. The battle for the best has just been intensified. Hence, only the one that has better qualities will rule the roost. And it’s the end-users who will be the ultimate winner of the cut-throat competition.
What do you think of it? Share your valuable feedback in the comments below.
Don’t miss out on these posts as well: