first commit

.github/workflows/ci.yaml

@@ -0,0 +1,23 @@
+name: CI
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  staticcheck:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version-file: "go.mod"
+      - uses: dominikh/staticcheck-action@v1
+        with:
+          version: "latest"
+          install-go: false

.gitignore

@@ -0,0 +1,2 @@
+.DS_Store
+.vscode

.lefthook.yaml

@@ -0,0 +1,5 @@
+pre-commit:
+  parallel: true
+  commands:
+    go-lint:
+      run: staticcheck ./...

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 aethiopicuschan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,56 @@
+# TouchID Go
+
+[![License: MIT](https://img.shields.io/badge/License-MIT-brightgreen?style=flat-square)](/LICENSE)
+[![Go Reference](https://pkg.go.dev/badge/github.com/aethiopicuschan/touchid-go.svg)](https://pkg.go.dev/github.com/aethiopicuschan/touchid-go)
+[![Go Report Card](https://goreportcard.com/badge/github.com/aethiopicuschan/touchid-go)](https://goreportcard.com/report/github.com/aethiopicuschan/touchid-go)
+[![CI](https://github.com/aethiopicuschan/touchid-go/actions/workflows/ci.yaml/badge.svg)](https://github.com/aethiopicuschan/touchid-go/actions/workflows/ci.yaml)
+
+`touchid-go` is a Go library for Touch ID authentication on macOS. It provides a simple API and supports `context.Context` for managing timeouts and cancellations.
+
+It is possible that it works on iOS as well, but it has not been confirmed.
+
+## Installation
+
+```sh
+go get -u github.com/aethiopicuschan/touchid-go
+```
+
+## Example
+
+```go
+package main
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"time"
+
+	"github.com/aethiopicuschan/touchid-go"
+)
+
+func main() {
+	// Wait for 5 seconds for the user to authenticate
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+
+	// Authenticate with Touch ID
+	ok, err := touchid.Authenticate(ctx, "Sample Text")
+	if err != nil {
+		if ctx.Err() == context.DeadlineExceeded {
+			fmt.Println("Authentication timed out")
+		} else {
+			fmt.Println("Error:", err.Error())
+		}
+		os.Exit(1)
+	}
+
+	// Check the result
+	if ok {
+		fmt.Println("Authentication succeeded")
+	} else {
+		fmt.Println("Authentication failed")
+		os.Exit(1)
+	}
+}
+```

go.mod

@@ -0,0 +1,3 @@
+module github.com/aethiopicuschan/touchid-go
+
+go 1.23.1

touchid.go

@@ -0,0 +1,101 @@
+//go:build darwin
+
+package touchid
+
+/*
+#cgo CFLAGS: -x objective-c -fmodules -fblocks
+#cgo LDFLAGS: -framework CoreFoundation -framework LocalAuthentication -framework Foundation
+#import <LocalAuthentication/LocalAuthentication.h>
+
+typedef struct {
+  LAContext *context;
+  dispatch_semaphore_t sema;
+  __block int result;
+} AuthContext;
+
+AuthContext* InitAuthContext() {
+  AuthContext *authCtx = (AuthContext *)malloc(sizeof(AuthContext));
+  authCtx->context = [[LAContext alloc] init];
+  authCtx->sema = dispatch_semaphore_create(0);
+  authCtx->result = 0;
+  return authCtx;
+}
+
+void ReleaseAuthContext(AuthContext *authCtx) {
+  if (authCtx) {
+    [authCtx->context release];
+    dispatch_release(authCtx->sema);
+    free(authCtx);
+  }
+}
+
+void CancelAuthentication(AuthContext *authCtx) {
+  if (authCtx && authCtx->context) {
+    [authCtx->context invalidate];
+  }
+}
+
+int AuthenticateWithContext(AuthContext *authCtx, char const* reason) {
+  NSError *authError = nil;
+  NSString *nsReason = [NSString stringWithUTF8String:reason];
+
+  // Use LAPolicyDeviceOwnerAuthentication to allow both biometrics and password
+  if ([authCtx->context canEvaluatePolicy:LAPolicyDeviceOwnerAuthentication error:&authError]) {
+    [authCtx->context evaluatePolicy:LAPolicyDeviceOwnerAuthentication
+      localizedReason:nsReason
+      reply:^(BOOL success, NSError *error) {
+        if (success) {
+          authCtx->result = 1;
+        } else {
+          // Handle failure due to user canceling or other errors
+          if (error.code == LAErrorUserFallback) {
+            authCtx->result = 2;  // Password used
+          } else {
+            authCtx->result = 3;  // Other error
+          }
+        }
+        dispatch_semaphore_signal(authCtx->sema);
+      }];
+  }
+
+  dispatch_semaphore_wait(authCtx->sema, DISPATCH_TIME_FOREVER);
+  return authCtx->result;
+}
+*/
+import (
+	"C"
+)
+import (
+	"context"
+	"errors"
+	"unsafe"
+)
+
+func Authenticate(ctx context.Context, reason string) (bool, error) {
+	reasonStr := C.CString(reason)
+	defer C.free(unsafe.Pointer(reasonStr))
+
+	authCtx := C.InitAuthContext()
+	defer C.ReleaseAuthContext(authCtx)
+
+	resultChan := make(chan int, 1)
+	go func() {
+		result := C.AuthenticateWithContext(authCtx, reasonStr)
+		resultChan <- int(result)
+	}()
+
+	select {
+	case <-ctx.Done():
+		C.CancelAuthentication(authCtx)
+		return false, ctx.Err()
+	case result := <-resultChan:
+		switch result {
+		case 1:
+			return true, nil
+		case 2:
+			return false, nil
+		}
+	}
+
+	return false, errors.New("unexpected error")
+}