Home > Back-end >  How to add security layers to Expo EAS build?
How to add security layers to Expo EAS build?

Time:10-24

I want to add some security layers to my application, I know that I can’t protect my app 100%, I just want to make it harder for Attackers to mess with my code/app.

here is what I want to do:

SSL pinning

JailMonkey

Obfuscation of my own code for Android and IOS

All libraries made for these points explained their install steps for React native CLI, with no mention of EAS or Expo,

I don’t have an android folder in my app, I don’t use Prebuild.

I need some explanations/implementation steps on how to add those three points to my app, and which library should I use.

Thank you in advance

CodePudding user response:

Take a look at how Expo prebuild works.

tldr: Generally, when you call expo prebuild, Expo would create native folders for you, and that is what they do on EAS infra transparently for managed projects.

Auto-linking:

Additionally, they would also run auto-linking of RN packages that have proper specs for that. Therefore when you see a RN package that has installation instructions like the following, then it would just work out of the box on EAS without the need to link anything, just install an NPM package, and Expo would link it for you.

npm i jail-monkey --save
react-native link # Not required as of React Native 0.60.0

Additional configuration:

The majority of the configuration comes from the Expo Config, but when you bump into smth that is not yet supported (let's say SSL pinning), then Expo provides config-plugins to let you modify the artifacts of native folders or projects. That enables you to just follow the standard docs (let's say network security configuration) and just apply any changes to things like AndroidManifest through with withAndroidManifest plugins. You can basically do whatever you want to do at this point and integrate anything from the native world. The same applies to some extra build settings like proguard for obfuscation and so on, they are currently available through some standard plugins like BuildProperties.

You can see an example of a custom plugin for network security configuration here.

  • Related