Gathering detailed insights and metrics for @rnx-kit/react-native-test-app-msal
Gathering detailed insights and metrics for @rnx-kit/react-native-test-app-msal
Modern, scalable tools. Exceptional developer experience.
Installations
npm install @rnx-kit/react-native-test-app-msalDeveloper Guide
BETA
Typescript
No
Module System
N/A
Min. Node Version
>=16.17
Node Version
20.19.1
NPM Version
10.8.2
Releases
653
@rnx-kit/tsconfig@2.1.1
@rnx-kit/tsconfig@2.1.1
Updated on Jun 26, 2025
@rnx-kit/reporter@0.1.0
@rnx-kit/reporter@0.1.0
Updated on Jun 26, 2025
@rnx-kit/tools-filesystem@0.1.2
@rnx-kit/tools-filesystem@0.1.2
Updated on Jun 26, 2025
@rnx-kit/tools-workspaces@0.2.3
@rnx-kit/tools-workspaces@0.2.3
Updated on Jun 23, 2025
@rnx-kit/align-deps@3.0.8
@rnx-kit/align-deps@3.0.8
Updated on Jun 23, 2025
@rnx-kit/config@0.7.4
@rnx-kit/config@0.7.4
Updated on Jun 23, 2025
Languages
13
TypeScript
JavaScript
Kotlin
MDX
Objective-C
Swift
Objective-C++
Rust
CSS
Ruby
C++
Shell
C
TypeScript (72.72%)
JavaScript (15.89%)
Kotlin (2.19%)
MDX (2.12%)
Objective-C (1.64%)
Swift (1.34%)
Objective-C++ (1.26%)
Rust (1.17%)
CSS (0.46%)
Ruby (0.45%)
C++ (0.4%)
Shell (0.24%)
C (0.11%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
1,642 Stars
3,327 Commits
105 Forks
17 Watchers
17 Branches
10,000 Contributors
Updated on Jul 15, 2025
Maintainers
7
Package Meta Information
Latest Version
5.0.2
Package Id
@rnx-kit/react-native-test-app-msal@5.0.2
Unpacked Size
81.07 kB
Size
19.26 kB
File Count
40
NPM Version
10.8.2
Node Version
20.19.1
Published on
May 16, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
2
@rnx-kit/react-native-test-app-msal
Microsoft Authentication Library (MSAL) module for React Native Test App.
Install
Add @rnx-kit/react-native-test-app-msal as a dev dependency:
yarn add @rnx-kit/react-native-test-app-msal --dev
or if you're using npm:
npm add --save-dev @rnx-kit/react-native-test-app-msal
iOS/macOS
We need to set the deployment target for iOS and macOS to 14.0 and 11.0 (or
higher) respectively, and add MSAL to Podfile:
1+platform :ios, '14.0' # If targeting iOS, discard the line below 2+platform :macos, '11.0' # If targeting macOS, discard the line above 3+ 4 require_relative '../node_modules/react-native-test-app/test_app' 5 6 workspace 'MyTestApp.xcworkspace' 7 8+use_test_app! do |target| 9+ target.app do 10+ # We must use modular headers here otherwise Swift compiler will fail 11+ pod 'MSAL', :modular_headers => true 12+ end 13+end
Usage
Add an entry for the account switcher in your app.json, e.g.:
1 { 2 "name": "MyTestApp", 3 "displayName": "MyTestApp", 4 "components": [ 5 { 6 "appKey": "MyTestApp", 7+ }, 8+ { 9+ "appKey": "com.microsoft.reacttestapp.msal.MicrosoftAccountsActivity", 10+ "displayName": "MicrosoftAccounts (Android)" 11+ }, 12+ { 13+ "appKey": "MicrosoftAccounts", 14+ "displayName": "MicrosoftAccounts (iOS/macOS)" 15 } 16 ], 17 "resources": { 18 "android": ["dist/res", "dist/main.android.bundle"], 19 "ios": ["dist/assets", "dist/main.ios.jsbundle"], 20 "macos": ["dist/assets", "dist/main.macos.jsbundle"], 21 "windows": ["dist/assets", "dist/main.windows.bundle"] 22 } 23 }
Register your app with a unique bundle identifier to get your Azure Active
Directory client identifier and related scopes
(quickstart here),
then fill out the following fields in app.json:
1 { 2 "name": "MyTestApp", 3 "displayName": "MyTestApp", 4 "components": [ 5 { 6 "appKey": "MyTestApp", 7 }, 8 { 9 "appKey": "com.microsoft.reacttestapp.msal.MicrosoftAccountsActivity", 10 "displayName": "MicrosoftAccounts (Android)" 11 }, 12 { 13 "appKey": "MicrosoftAccounts", 14 "displayName": "MicrosoftAccounts (iOS/macOS)" 15 } 16 ], 17+ "android": { 18+ "package": "com.contoso.MyTestApp" 19+ }, 20+ "ios": { 21+ "bundleIdentifier": "com.contoso.MyTestApp" 22+ }, 23+ "macos": { 24+ "bundleIdentifier": "com.contoso.MyTestApp" 25+ }, 26+ "react-native-test-app-msal": { 27+ "clientId": "4b0db8c2-9f26-4417-8bde-3f0e3656f8e0", 28+ "msaScopes": ["user.read"], 29+ "orgScopes": ["user.read"], 30+ "signatureHash": "1wIqXSqBj7w+h11ZifsnqwgyKrY=" 31+ }, 32 "resources": { 33 "android": ["dist/res", "dist/main.android.jsbundle"], 34 "ios": ["dist/assets", "dist/main.ios.jsbundle"], 35 "macos": ["dist/assets", "dist/main.macos.jsbundle"], 36 "windows": ["dist/assets", "dist/main.windows.bundle"] 37 } 38 }
Getting a Token from Native Code
A token can be acquired from native code using the TokenBroker singleton.
Android
On Android, we will need the Context to retrieve the singleton, and the
current Activity to acquire a token. We need the Activity in case we need to
ask the user to log in:
1import com.microsoft.reacttestapp.msal.TokenBroker 2 3TokenBroker.getInstance(context).acquireToken(context.currentActivity, ...) { result, error -> 4 // handle result here 5}
iOS/macOS
On iOS/macOS, we will need the current UIViewController (iOS) or
NSViewController (macOS) to acquire a token in case we need to ask the user to
log in:
1import ReactTestApp_MSAL
2
3TokenBroker.shared.acquireToken(scopes: ..., sender: viewController) { result, error ->
4 // handle result here
5}
No vulnerabilities found.
Reason
all changesets reviewed
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
SAST tool is run on all commits
Details
- Info: all commits (30) are checked with a SAST tool
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: found token with 'none' permissions: .github/workflows/pr.yml:1
- Info: found token with 'none' permissions: .github/workflows/pr.yml:1
- Info: found token with 'none' permissions: .github/workflows/pr.yml:1
- Info: found token with 'none' permissions: .github/workflows/pr.yml:1
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/pr.yml:218
- Info: found token with 'none' permissions: .github/workflows/rnx-build.yml:1
- Info: found token with 'none' permissions: .github/workflows/rnx-build.yml:1
- Info: found token with 'none' permissions: .github/workflows/rnx-build.yml:1
- Info: found token with 'none' permissions: .github/workflows/rnx-build.yml:1
- Info: found token with 'none' permissions: .github/workflows/rnx-build.yml:1
- Warn: no topLevel permission defined: .github/workflows/build.yml:1
- Warn: no topLevel permission defined: .github/workflows/pr.yml:1
- Warn: no topLevel permission defined: .github/workflows/rnx-build.yml:1
- Info: no jobLevel write permissions found
Reason
binaries present in source code
Details
- Warn: binary detected: packages/test-app/android/gradle/wrapper/gradle-wrapper.jar:1
- Warn: binary detected: test-repos/yarn-pnpm/packages/test-app-mobile/android/gradle/wrapper/gradle-wrapper.jar:1
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'main'
- Info: 'force pushes' disabled on branch 'main'
- Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'
- Warn: 'stale review dismissal' is disabled on branch 'main'
- Warn: required approving review count is 1 on branch 'main'
- Info: codeowner review is required on branch 'main'
- Info: 'last push approval' is required to merge on branch 'main'
- Info: status check found to merge onto on branch 'main'
- Info: PRs are required in order to make changes on branch 'main'
Reason
3 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
- Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/build.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/build.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/pr.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/pr.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/pr.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/pr.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/pr.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/pr.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/pr.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:146: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:159: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rnx-build.yml:203: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/rnx-kit/rnx-build.yml/main?enable=pin
- Info: 0 out of 19 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 7 third-party GitHubAction dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
7.6
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More