🏠 Overview ✅ Implementation Tasks ✅ epic-biometric-session-authentication-foundation-task-003

Configure Android platform permissions for biometrics

epic-biometric-session-authentication-foundation-task-003 — Add USE_BIOMETRIC and USE_FINGERPRINT permissions to AndroidManifest.xml. Ensure minSdkVersion is compatible with the BiometricPrompt API (API 23+). Verify Android Keystore is accessible by configuring the FlutterSecureStorage Android options with encryptedSharedPreferences enabled.

critical priority low complexity infrastructure pending infrastructure specialist Tier 1

Acceptance Criteria

android.permission.USE_BIOMETRIC is present in android/app/src/main/AndroidManifest.xml
android.permission.USE_FINGERPRINT is present in android/app/src/main/AndroidManifest.xml (required for API 23–27 compatibility)
minSdkVersion in android/app/build.gradle is set to 23 or higher
flutter_secure_storage AndroidOptions is configured with encryptedSharedPreferences: true in the app's SecureSessionStorage implementation (this task verifies the platform config is ready; implementation is in task-005)
flutter build apk --debug completes without errors related to permissions or minSdk
App launches on Android emulator API 29+ without crashing
flutter analyze shows no new warnings after the changes
The diff shows only the intended AndroidManifest.xml and build.gradle changes — no unintended modifications

Technical Requirements

frameworks
local_auth (Android BiometricPrompt integration)
flutter_secure_storage (Android EncryptedSharedPreferences)
Android Gradle Build System
apis
Android BiometricPrompt API (API 28+)
Android FingerprintManager API (API 23–27, legacy fallback)
Android Keystore System
performance requirements
Android build time must not increase significantly due to these configuration-only changes
security requirements
encryptedSharedPreferences relies on Android Keystore hardware-backed key storage — verify that the target emulator/device supports hardware-backed keys
USE_FINGERPRINT is a normal permission (not dangerous) and does not require a runtime permission request dialog — confirm this is understood to avoid unnecessary requestPermissions calls
Do not set targetSdkVersion below 33 as this affects security compliance on modern Android

Execution Context

Execution Tier
Tier 1

Tier 1 - 540 tasks

Can start after Tier 0 completes

Implementation Notes

In android/app/src/main/AndroidManifest.xml, add both permission lines inside the tag but outside the tag: '' and ''. In android/app/build.gradle, set minSdkVersion = 23 in the defaultConfig block if it is currently lower. If the project's flutter_local_auth or other packages already require minSdk 21, bumping to 23 is a safe change with minimal impact on the Norwegian target audience (Android 6.0 from 2015). The encryptedSharedPreferences flag is applied in Dart code (AndroidOptions(encryptedSharedPreferences: true)) in the SecureSessionStorage implementation — this manifest task only ensures the platform prerequisites are in place.

Note: on API 23–27, BiometricPrompt is not available; local_auth falls back to FingerprintManager. The USE_FINGERPRINT permission covers this legacy path. For devices running API 28+, USE_BIOMETRIC is the correct modern permission. Both must be declared to support the full device range.

Testing Requirements

After configuration changes, run flutter build apk --debug and confirm exit code 0. Launch on Android emulator (API 29+ recommended) and verify the app starts without crash. Use the emulator's Extended Controls → Fingerprint panel to simulate a fingerprint scan if testing the auth flow manually. Run flutter analyze to confirm no regressions.

Verify the AndroidManifest.xml using aapt dump permissions on the built APK: run 'flutter build apk --debug && aapt dump permissions build/app/outputs/flutter-apk/app-debug.apk' and confirm both USE_BIOMETRIC and USE_FINGERPRINT appear. No new automated test files are required for this infrastructure task.

Component
Local Auth Integration
infrastructure low
Dependencies (1)
Add flutter_secure_storage and local_auth packages to pubspec.yaml. Pin to versions compatible with the project's Flutter SDK. Run pub get and verify no dependency conflicts with existing Supabase and Riverpod packages. epic-biometric-session-authentication-foundation-task-001
Epic Risks (3)
high impact medium prob technical

iOS Keychain access requires correct entitlement configuration and provisioning profile setup. Misconfigured entitlements cause silent failures in CI/CD and on physical devices, where the plugin appears to work in the simulator but fails at runtime. This can delay foundation delivery and block all downstream epics.

Mitigation & Contingency

Mitigation: Add a dedicated integration test running on a physical iOS device early in the epic. Document required entitlements and provisioning steps in a developer runbook. Validate Keychain access in the CI pipeline using an iOS simulator with correct entitlements enabled.

Contingency: If Keychain entitlements cannot be resolved quickly, temporarily use in-memory storage behind the SecureSessionStorage interface to unblock downstream epics, then resolve the Keychain issue in a hotfix before release.

medium impact medium prob dependency

The Flutter local_auth plugin has a history of breaking API changes between major versions, and its Android implementation depends on BiometricPrompt which behaves differently across Android API levels (23-34). An incompatible plugin version or unexpected Android API behaviour can cause authentication failures on a significant portion of the target device fleet.

Mitigation & Contingency

Mitigation: Pin local_auth to a specific stable version in pubspec.yaml. Test against Android API levels 23, 28, and 33 in the CI matrix. Review the plugin changelog and migration guide before adopting any version bump.

Contingency: If the pinned version proves incompatible with target devices, evaluate flutter_local_auth_android as a replacement or fork the plugin adapter to isolate the breaking surface.

high impact low prob security

If users upgrade from a version of the app that stored session data in non-encrypted storage (SharedPreferences), a migration path is required. Failing to migrate silently leaves old tokens in plain storage, creating a security gap and potentially causing confusing authentication state on first launch of the new version.

Mitigation & Contingency

Mitigation: Audit existing storage usage across the codebase before writing SecureSessionStorage. If legacy plain storage keys exist, implement a one-time migration routine that reads from SharedPreferences, writes to Keychain/Keystore, and deletes the plain-text entry.

Contingency: If migration is discovered late, ship the migration as a mandatory patch release before the biometric feature is enabled for users, and add a startup check that blocks biometric opt-in until migration is confirmed complete.

Quick Links
All Tasks Execution Plan