![GitHub Repo stars](#installation)
![GitHub Repo stars](#managed-expo)
![GitHub Repo stars](https://discord.gg/fgPHnZpH9d)
![GitHub Repo stars](https://github.com/numandev1/react-native-keys/stargazers)
!npm

REACT-NATIVE-KEYS is a react-native package, which helps us to protect our ENVs and manage different environments like dev, staging, production

$3

We should use react-native-keys instead of react-native-config because react-native-keys gives guarantee of protected envs whereas react-native-config envs can be decompile and hack

Note: We highly recommend utilizing third-party client-side API KEYS, such as Google Map or Branch.io, in the secure section of this package.

#### See the Migration from react-native-config

Making protected Envs library for React Native.

- 🔐 Made for protected ENVs on react native apps
- 🗄️ Manage different enviroments (dev, staging, production)
- 🏎️ Up to 200x faster than all other solutions
- ⚡️ Lightning fast implementation with pure C++ and JSI instead of the "old" Bridge
- 🧪 Well tested in JS and C++

We can Manage secure(protected) and public enviroment through react-native-keys supporting iOS and Android

secure: Secure environment variables with the highest encryption which are protected

public: Public environment variables are stored on the native side like Java and Objective-C which can decompile or hack.
Note: in public, we mostly store Bundle Id, Package Id, App Name or any other AndroidManifest.xml env

$3

#### See the How we are protecting ENVs on the app side?

Open Table of Contents

- Installation
- For React Native
- Managed Expo
- Basic Usage
- Javascript
- Public Keys
- Secure Keys
- Setup
- IOS
- Android
- Native Usage
- Android
- Public Keys
- Secure Keys
- IOS
- Public Keys
- Secure Keys
- Different environments
- Advanced Android Setup
- Advanced IOS Setup
- Test Security
- Problems with Proguard
- Using node with nvm, fnm or notion
- Star on GitHub
- How we are protecting ENVs on the app side?

Installation

``sh yarn add react-native-keys`

##### New Architecture (Turbo Module) Supported

You can give feedback on Discord channel

`Managed Expo`


Click here to Expand Managed Expo plugin Config

`expo install react-native-keys`

Add keys.development.json, keys.staging.json and keys.production.json at project root directory

Add the Keys plugin to your Expo config (app.json, app.config.json or app.config.js):

`json { "name": "my app", "plugins": [ [ "react-native-keys", { "android": { "defaultKeyFile": "keys.staging.json" //default: keys.development.json }, "ios": { "defaultKeyFile": "keys.staging.json" //default: keys.development.json } } ] ] }`

Finally, compile the mods:

`expo prebuild`

Optional If you wanna use different Variants then the you should write eas.json like this

`{ "build": { "development": { "env": { "APP_VARIANT": "development", "KEYSFILE": "keys.development.json" } }, "staging": { "env": { "APP_VARIANT": "staging", "KEYSFILE": "keys.staging.json" } }, "production": { "env": { "APP_VARIANT": "production", "KEYSFILE": "keys.production.json" } } }, "submit": { "production": {} } }`

To apply the changes, build a new binary with EAS:

`eas build`

use different Variants script into package.json like this

`{ "scripts": { "dev:android": "KEYSFILE=keys.development.json npx expo run:android", "staging:android": "KEYSFILE=keys.staging.json npx expo run:android", "prod:android": "KEYSFILE=keys.production.json npx expo run:android", "dev:ios": "KEYSFILE=keys.development.json npx expo run:ios", "staging:ios": "KEYSFILE=keys.staging.json npx expo run:ios", "prod:ios": "KEYSFILE=keys.production.json npx expo run:ios" } }

`Basic Usage`

Create a new file keys.development.json in the root of your React Native app and add Envs in secure object for protected envs variables and add Envs in public for public usage this:

`json { "secure": { "GOOGLE_API": "ABCD", "BRANCH_API": "ABCDEF" }, "public": { "APP_NAME": "Keys Example", "BUNDLE_ID": "com.example.rnkeys.dev", "ANDROID_CODE": "50", "PACKAGE_ID": "com.example.rnkeys.dev" } }`

Note: Dont forgot to follow other steps for Android and IOS to use these keys

later on you can define other enviroment files like keys.staging.json and keys.production.json

`Javascript`

`$3`

`js import Keys from 'react-native-keys';

Keys.API_URL; // https://example.com' Keys.URI_SCHEME; // fb://`

`$3`

`js import Keys from 'react-native-keys';

Keys.secureFor('API_TOKEN'); // 'ABCSE#$DDSD Keys.secureFor('GOOGLE_API_KEY'); // 'ABCSE#$DDSD Keys.secureFor('SECRET_KEY'); // 'ABCSE#$DDSD`

Keep in mind It's basically impossible to prevent users from reverse engineering mobile app secrets but this library is more secure.

`Setup`

Install the package:

`yarn add react-native-keys`

Link the library:

(Note: For React Native 0.60 or greater, autolinking is available)

or later. For earlier versions you need to manually link the module.)

`react-native link react-native-keys`

`$3`

if cocoapods are used in the project then pod has to be installed as well:

`(cd ios; pod install)`

> Note: If you get Undefined symbols \_BIO_f_base64 error during Xcode build then follow the below stackoverflow solution > > Solution: StackOverFlow

- Manual Link (iOS)

1. In XCode, in the project navigator, right click Libraries ➜ Add Files to [your project's name]2. Go tonode_modules ➜ react-native-keys and add Keys.xcodeproj3. Expand theKeys.xcodeproj ➜ Productsfolder 4. In the project navigator, select your project. AddKeys.a to your project's Build Phases ➜ Link Binary With Libraries5. And go the Build Settings tab. Make sure All is toggled on (instead of Basic) 6. Look for Header Search Paths and add$(SRCROOT)/../node_modules/react-native-keys/ios/** as non-recursive

- Mandatory Step

With one extra step environment values can be exposed to "Info.plist" and Build settings in the native project.

1. click on the file tree and create new file of type XCConfig !img !img 2. save it underios folder as "Config.xcconfig" with the following content:

`#include? "tmp.xcconfig"`

3. add the following to your ".gitignore":

`ios/tmp.xcconfig`

4. go to project settings 5. apply config to your configurations !img 6. Go to _Edit scheme..._ -> _Build_ -> _Pre-actions_, click _+_ and select _New Run Script Action_. Paste below code which will generate "tmp.xcconfig" before each build exposing values to Build Settings and Info.plist. Make sure to select your target under _Provide build settings from_ and Shared checkbox is ticked/enabled, so$SRCROOT environment variables is available to the script..

`"${SRCROOT}/../node_modules/react-native-keys/keysIOS.js"`

if you face env: node: No such file or directory issue due to Nvm, Fnm or notion please follow this guide

!img

7. You can now access your env variables in the Info.plist, for example $(MY_ENV_VARIABLE). If you face issues accessing variables, please open a new issue and provide as much details as possible so above steps can be improved.

- Go to _Edit scheme..._ -> _Build_ -> _Pre-actions_, click _+_ and select _New Run Script Action_. Paste below code which will generate KEYS keys on native ios side (into nodemodules) Make sure to select your target under \_Provide build settings from, so $SRCROOT environment variables is available to the script.

`sh export KEYSFILE=keys.development.json

"${SRCROOT}/../node_modules/react-native-keys/keysIOS.js"`

Alternatively, you can define a map in Pre-actions associating builds with env files:

`sh export KEYSFILE = "path_to_env" "${SRCROOT}/../node_modules/react-native-keys/keysIOS.js"`

`$3`

- Manual Link (Android)

android/settings.gradle

`diff + include ':react-native-keys' + project(':react-native-keys').projectDir = new File(rootProject.projectDir, '../node_modules/react-native-keys/android')`

android/app/build.gradle

`diff dependencies { implementation "com.facebook.react:react-native:+" // From node_modules + implementation project(':react-native-keys') }`

MainApplication.java

`diff + import com.reactnativekeysjsi.KeysPackage;

@Override protected List getPackages() { return Arrays.asList( new MainReactPackage() + new KeysPackage() ); }`

- Mandatory Step

app/build.gradle

you can define a map in build.gradle associating builds with env files. Do it before the apply from call, and use build cases in lowercase, like:

`groovy project.ext.keyFiles = [ debug: "keys.development.json", release: "keys.staging.json", ]

apply from: project(':react-native-keys').projectDir.getPath() + "/RNKeys.gradle"`

`Native Usage`

`$3`

#### Public Keys

you can only read jni key into java file.like this

`java URL url = new URL(BuildConfig.API_URL); // https://example.com`

You can also read them from your Gradle configuration(only public keys):

`groovy defaultConfig { applicationId project.keys.get("APP_ID") }`

And use them to configure libraries in AndroidManifest.xml and others:

`xml android:name="io.branch.sdk.BranchKey.test" android:value="@string/BRANCH_KEY" />`

All variables are strings, so you may need to cast them. For instance, in Gradle:

`versionCode project.keys.get("VERSION_CODE").toInteger()`

#### Advanced Android Setup

In android/app/build.gradle, if you use applicationIdSuffix or applicationId that is different from the package name indicated in AndroidManifest.xml in tag, for example, to support different build variants: Add this inandroid/app/build.gradle

`defaultConfig { ... resValue "string", "build_config_package", "YOUR_PACKAGE_NAME_IN_ANDROIDMANIFEST_XML_OR_YOUR_NAME_SPACE" }`

#### Secure Keys (JNI)

`java import static com.reactnativekeysjsi.KeysModule.getSecureFor;

String secureValue = getSecureFor("BRANCH_KEY"); // key_test_omQ7YYKiq57vOqEJsdcsdfeEsiWkwxE`

#### Android troubleshoot

- Problems with Proguard - 2 files found with path '\\/libcrypto.so - Advanced Android Setup for applicationIdSuffix

`$3`

#### Public Keys

Read variables declared in keys.development.json from your Obj-C classes like:

`objective-c // import header #import "Keys.h"

// then read individual keys like: NSString *value = [Keys publicFor:@"API_URL"]; // https://example.com

// or just fetch all keys NSDictionary *allKeys = [Keys public_keys];`

#### Secure Keys

`objective-c // import header #import "Keys.h"

// then read individual keys like: NSString *value = [Keys secureFor:@"BRANCH_KEY"]; //key_test_omQ7YYKiq57vOqEJsdcsdfeEsiWkwxE`

call, and use build cases in lowercase, like:

`$3`

Save config for different environments in different files: keys.staging.json, keys.production.json, etc.

By default react-native-keys will read from keys.development.json, but you can change it when building or releasing your app.

The simplest approach is to tell it what file to read with an environment variable, like:

`sh KEYSFILE=keys.staging.json react-native run-ios # bash SET KEYSFILE=keys.staging.json && react-native run-ios # windows env:KEYSFILE="keys.staging.json"; react-native run-ios # powershell`

This also works for run-android. Alternatively, there are platform-specific options below.

#### Android

The same environment variable can be used to assemble releases with a different config:

`sh cd android && KEYSFILE=keys.staging.json ./gradlew assembleRelease`

#### Advanced Android Setup

`groovy defaultConfig { ... resValue "string", "build_config_package", "YOUR_PACKAGE_NAME_IN_ANDROIDMANIFEST_XML" }`

if you are using Proguard then you should read Problems with Proguard

#### iOS

The basic idea in iOS is to have one scheme per environment file, so you can easily alternate between them.

Start by creating a new scheme:

- In the Xcode menu, go to Product > Scheme > Edit Scheme - Click Duplicate Scheme on the bottom - Give it a proper name on the top left. For instance: "Myapp (staging)"

Then edit the newly created scheme to make it use a different env file. From the same "manage scheme" window:

- Expand the "Build" settings on left - Click "Pre-actions", and under the plus sign select "New Run Script Action" - Where it says "Type a script or drag a script file", type:

you can also set different file for debug and release build like this.

`bash #DEBUG_KEYSFILE will choose env file export KEYSFILE=keys.production.json

#if you wannna use different keys for same scheme export DEBUG_KEYSFILE=keys.debug.json # in running metro export RELEASE_KEYSFILE=keys.staging.json # in IPA

#above DEBUG_KEYSFILE and RELEASE_KEYSFILE variable are optional

"${SRCROOT}/../node_modules/react-native-keys/keysIOS.js"`

Also ensure that "Provide build settings from", just above the script, has a value selected so that PROJECT_DIR is set.

`Test Security`

you can decompile APK/IPA by this package react-native-decompiler and can find public and secure keys. you will not find secure keys.

Troubleshooting

`$3`

When Proguard is enabled (which it is by default for Android release builds), it can rename the BuildConfig Java class in the minification process and prevent React Native Keys from referencing it. To avoid this, add an exception to android/app/proguard-rules.pro:

-keep class com.mypackage.BuildConfig { *; }

com.mypackage should match the package value in your app/src/main/AndroidManifest.xml file.

we can find BuildConfig file at android/app/build/generated/source/buildConfig/debug/com.mypackage/BuildConfig.java

If using Dexguard, the shrinking phase will remove resources it thinks are unused. It is necessary to add an exception to preserve the build config package name.

-keepresources string/build_config_package

`$3`

if you face 2 files found with path '**/libcrypto.so'then inside android/app/build.gradle just add this:

`android { ... packagingOptions { pickFirst 'lib/x86/libcrypto.so' pickFirst 'lib/x86_64/libcrypto.so' pickFirst 'lib/armeabi-v7a/libcrypto.so' pickFirst 'lib/arm64-v8a/libcrypto.so' } }`

`$3`

Build failure in Xcode looks something like:

> env: node: No such file or directory

Change the Pre-actions script scripts in Xcode to:

`bash

`Setup nvm and set node`

[ -z "$NVM_DIR" ] && export NVM_DIR="$HOME/.nvm"

if [[-s "$HOME/.nvm/nvm.sh"]]; then . "$HOME/.nvm/nvm.sh" elif [[ -x "$(command -v brew)" && -s "$(brew --prefix nvm)/nvm.sh" ]]; then . "$(brew --prefix nvm)/nvm.sh" fi

`Set up the nodenv node version manager if present`

if [[-x "$HOME/.nodenv/bin/nodenv"]]; then eval "$("$HOME/.nodenv/bin/nodenv" init -)" fi

`Set up the fnm node version manager if present`

if [[-s "$HOME/.fnm/fnm"]]; then eval "$HOME/.fnm/fnm env --multi" fi

`Trying notion`

if [ -z "$NODE_BINARY" ]; then if [[-s "$HOME/.notion/bin/node"]]; then export NODE_BINARY="$HOME/.notion/bin/node" fi fi

[ -z "$NODE_BINARY" ] && export NODE_BINARY="node"

$NODE_BINARY "${SRCROOT}/../node_modules/react-native-keys/keysIOS.js"``

Alternative Package

This package full alternative of react-native-config and react-native-dotenv

The above-mentioned packages do not provide any security for environment variables as well as these packages are not as fast as the react-native-keys package because it does not use JSI (JavaScript Interface).

Consider supporting with a ⭐️ star on GitHub

If you are using the library in one of your projects, consider supporting it with a star. It takes a lot of time and effort to keep this maintained and address issues and bugs. Thank you.

REACT-NATIVE-KEYS is a react-native package, which helps us to protect our ENVs and manage different environments like dev, staging, production

$3

Note: We highly recommend utilizing third-party client-side API KEYS, such as Google Map or Branch.io, in the secure section of this package.

#### See the Migration from react-native-config

Making protected Envs library for React Native.

We can Manage secure(protected) and public enviroment through react-native-keys supporting iOS and Android

secure: Secure environment variables with the highest encryption which are protected

$3

#### See the How we are protecting ENVs on the app side?

Open Table of Contents

Installation

``sh yarn add react-native-keys`

##### New Architecture (Turbo Module) Supported

You can give feedback on Discord channel

`Managed Expo`


Click here to Expand Managed Expo plugin Config