From 7edebeef7e29f3f8738f8b989201c98b0dc9347e Mon Sep 17 00:00:00 2001
From: Mill Chen <millchen@google.com>
Date: Fri, 9 Apr 2021 23:14:27 +0800
Subject: [PATCH 1/2] Combined biometric settings implementation

There will be multiple biometrics authentications existing at the same
time, so we added a new page for multiple biometrics to control
biometrics settings.

Bug: 183449119
Test: manual test
Change-Id: I359082caf771e07dfd5b24973cb8a3cf372c1b30
---
 AndroidManifest.xml                           | 16 ++++
 res/values/strings.xml                        | 20 +++++
 res/xml/security_dashboard_settings.xml       | 11 +++
 .../security_settings_combined_biometric.xml  | 69 +++++++++++++++
 ...ty_settings_combined_biometric_profile.xml | 56 ++++++++++++
 res/xml/security_settings_face.xml            | 10 ++-
 src/com/android/settings/Settings.java        |  2 +
 src/com/android/settings/Utils.java           |  7 ++
 ...FaceProfileStatusPreferenceController.java | 42 +++++++++
 ...ometricFaceStatusPreferenceController.java | 37 ++++++++
 ...rintProfileStatusPreferenceController.java | 42 +++++++++
 ...FingerprintStatusPreferenceController.java | 38 ++++++++
 ...metricSettingsAppPreferenceController.java | 86 +++++++++++++++++++
 ...cSettingsKeyguardPreferenceController.java | 67 +++++++++++++++
 .../CombinedBiometricProfileSettings.java     | 60 +++++++++++++
 ...tricProfileStatusPreferenceController.java | 60 +++++++++++++
 .../CombinedBiometricSettings.java            | 63 ++++++++++++++
 ...edBiometricStatusPreferenceController.java | 71 +++++++++++++++
 .../FaceSettingsAppPreferenceController.java  |  5 ++
 ...eSettingsKeyguardPreferenceController.java |  3 +-
 ...sLockscreenBypassPreferenceController.java |  6 ++
 .../face/FaceStatusPreferenceController.java  |  2 +-
 ...aceUnlockCategoryPreferenceController.java | 36 ++++++++
 ...FingerprintStatusPreferenceController.java |  3 +-
 .../core/gateway/SettingsGateway.java         |  4 +
 .../settings/security/SecuritySettings.java   |  5 ++
 26 files changed, 817 insertions(+), 4 deletions(-)
 create mode 100644 res/xml/security_settings_combined_biometric.xml
 create mode 100644 res/xml/security_settings_combined_biometric_profile.xml
 create mode 100644 src/com/android/settings/biometrics/combination/BiometricFaceProfileStatusPreferenceController.java
 create mode 100644 src/com/android/settings/biometrics/combination/BiometricFaceStatusPreferenceController.java
 create mode 100644 src/com/android/settings/biometrics/combination/BiometricFingerprintProfileStatusPreferenceController.java
 create mode 100644 src/com/android/settings/biometrics/combination/BiometricFingerprintStatusPreferenceController.java
 create mode 100644 src/com/android/settings/biometrics/combination/BiometricSettingsAppPreferenceController.java
 create mode 100644 src/com/android/settings/biometrics/combination/BiometricSettingsKeyguardPreferenceController.java
 create mode 100644 src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettings.java
 create mode 100644 src/com/android/settings/biometrics/combination/CombinedBiometricProfileStatusPreferenceController.java
 create mode 100644 src/com/android/settings/biometrics/combination/CombinedBiometricSettings.java
 create mode 100644 src/com/android/settings/biometrics/combination/CombinedBiometricStatusPreferenceController.java
 create mode 100644 src/com/android/settings/biometrics/face/FaceUnlockCategoryPreferenceController.java

diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index c352694f9f5..9b11fe81c98 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -494,6 +494,22 @@
                        android:value="com.android.settings.biometrics.fingerprint.FingerprintSettings$FingerprintSettingsFragment" />
         </activity>
 
+        <activity android:name="Settings$CombinedBiometricSettingsActivity"
+                  android:label="@string/security_settings_biometric_preference_title"
+                  android:theme="@style/Theme.SubSettings"
+                  android:exported="false">
+            <meta-data android:name="com.android.settings.FRAGMENT_CLASS"
+                       android:value="com.android.settings.biometrics.combination.CombinedBiometricSettings" />
+        </activity>
+
+        <activity android:name="Settings$CombinedBiometricProfileSettingsActivity"
+                  android:label="@string/security_settings_biometric_preference_title"
+                  android:theme="@style/Theme.SubSettings"
+                  android:exported="false">
+            <meta-data android:name="com.android.settings.FRAGMENT_CLASS"
+                       android:value="com.android.settings.biometrics.combination.CombinedBiometricProfileSettings" />
+        </activity>
+
         <activity android:name=".bluetooth.DevicePickerActivity"
                 android:label="@string/device_picker"
                 android:configChanges="orientation|keyboardHidden|screenSize"
diff --git a/res/values/strings.xml b/res/values/strings.xml
index 6134100c59f..c40dd1ee9e5 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -967,6 +967,22 @@
     <!-- Message shown in fingerprint security settings home screen. [CHAR LIMIT=NONE]-->
     <string name="security_settings_fingerprint_v2_home_screen">Use your fingerprint to unlock your phone or for authentication, like when you sign in to apps or approve a purchase\n\n<annotation id="url">Learn more</annotation></string>
 
+    <!-- Biometric settings --><skip />
+    <!-- Title shown for menu item that launches biometric settings. [CHAR LIMIT=66] -->
+    <string name="security_settings_biometric_preference_title">Face &amp; fingerprint unlock</string>
+    <!-- Message shown in summary field of biometric settings. [CHAR LIMIT=66] -->
+    <string name="security_settings_biometric_preference_summary">Face and fingerprint</string>
+    <!-- Introduction shown in face and fingerprint page to introduce the biometric feature. [CHAR LIMIT=NONE]-->
+    <string name="biometric_settings_intro">When you set up face unlock and fingerprint, your phone will ask for your fingerprint when you wear a mask or are in a dark area.</string>
+    <!-- Biometric category title - biometric options for unlocking the device. [CHAR LIMIT=50] -->
+    <string name="biometric_settings_category_ways_to_unlock">Ways to unlock</string>
+    <!-- Biometric category title - configuration options for using biometric to unlock the device or authenticate in apps. [CHAR LIMIT=50] -->
+    <string name="biometric_settings_category_ways_to_use">Use face and fingerprint to</string>
+    <!-- Text shown on a toggle which allows or disallows the device to use biometric for unlocking the device. [CHAR LIMIT=20] -->
+    <string name="biometric_settings_use_biometric_unlock_phone">Unlocking your phone</string>
+    <!-- Text shown on a toggle which allows or disallows the device to use biometric for authentication. [CHAR LIMIT=30] -->
+    <string name="biometric_settings_use_biometric_for_apps">Authentication in apps</string>
+
     <!-- Title of dialog shown when the user tries to skip setting up a screen lock, warning them of potential consequences of not doing so [CHAR LIMIT=30]-->
     <string name="lock_screen_intro_skip_title">Skip screen lock?</string>
     <!-- Dialog text shown when the user tries to skip setting up a screen lock, warning them of potential consequences of not doing so, including loss of factory reset protection. (tablet) [CHAR LIMIT=NONE] -->
@@ -7990,6 +8006,7 @@
     <string name="keywords_backup">backup, back up</string>
     <string name="keywords_assist_gesture_launch">gesture</string>
     <string name="keywords_face_unlock">face, unlock, auth, sign in</string>
+    <string name="keywords_biometric_unlock">face, unlock, auth, sign in, fingerprint, biometric</string>
     <string name="keywords_imei_info">imei, meid, min, prl version, imei sv</string>
     <string name="keywords_sim_status">network, mobile network state, service state, signal strength, mobile network type, roaming, iccid, eid</string>
     <string name="keywords_model_and_hardware">serial number, hardware version</string>
@@ -8015,6 +8032,9 @@
     <!-- Search keyword for fingerprint settings. [CHAR_LIMIT=NONE]-->
     <string name="keywords_fingerprint_settings">fingerprint, add fingerprint</string>
 
+    <!-- Search keyword for biometric settings. [CHAR_LIMIT=NONE]-->
+    <string name="keywords_biometric_settings">face, fingerprint, add fingerprint</string>
+
     <!-- Search keywords for adaptive brightness setting [CHAR LIMIT=NONE]-->
     <string name="keywords_display_auto_brightness">dim screen, touchscreen, battery, smart brightness, dynamic brightness, Auto brightness</string>
 
diff --git a/res/xml/security_dashboard_settings.xml b/res/xml/security_dashboard_settings.xml
index fd9f3186996..be1f34cebe3 100644
--- a/res/xml/security_dashboard_settings.xml
+++ b/res/xml/security_dashboard_settings.xml
@@ -55,6 +55,12 @@
             android:title="@string/security_settings_face_preference_title"
             android:summary="@string/summary_placeholder"
             settings:keywords="@string/keywords_face_settings" />
+
+        <Preference
+            android:key="biometric_settings"
+            android:title="@string/security_settings_biometric_preference_title"
+            android:summary="@string/summary_placeholder"
+            settings:keywords="@string/keywords_biometric_settings" />
     </PreferenceCategory>
 
     <!-- work profile security section -->
@@ -91,6 +97,11 @@
             android:title="@string/security_settings_face_preference_title"
             android:summary="@string/summary_placeholder" />
 
+        <Preference
+            android:key="biometric_settings_profile"
+            android:title="@string/security_settings_biometric_preference_title"
+            android:summary="@string/summary_placeholder" />
+
     </PreferenceCategory>
 
     <PreferenceCategory
diff --git a/res/xml/security_settings_combined_biometric.xml b/res/xml/security_settings_combined_biometric.xml
new file mode 100644
index 00000000000..f7d053994d3
--- /dev/null
+++ b/res/xml/security_settings_combined_biometric.xml
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+  Copyright (C) 2021 The Android Open Source Project
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<PreferenceScreen
+    xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:settings="http://schemas.android.com/apk/res-auto"
+    android:title="@string/security_settings_biometric_preference_title">
+
+    <com.android.settingslib.widget.TopIntroPreference
+        android:title="@string/biometric_settings_intro" />
+
+    <PreferenceCategory
+        android:key="biometric_ways_to_unlock"
+        android:title="@string/biometric_settings_category_ways_to_unlock">
+
+        <Preference
+            android:key="biometric_fingerprint_settings"
+            android:title="@string/security_settings_fingerprint_preference_title"
+            android:summary="@string/summary_placeholder"
+            settings:keywords="@string/keywords_fingerprint_settings"
+            settings:controller="com.android.settings.biometrics.combination.BiometricFingerprintStatusPreferenceController" />
+
+        <Preference
+            android:key="biometric_face_settings"
+            android:title="@string/security_settings_face_preference_title"
+            android:summary="@string/summary_placeholder"
+            settings:keywords="@string/keywords_face_settings"
+            settings:controller="com.android.settings.biometrics.combination.BiometricFaceStatusPreferenceController" />
+
+    </PreferenceCategory>
+
+    <PreferenceCategory
+        android:key="biometric_ways_to_use"
+        android:title="@string/biometric_settings_category_ways_to_use">
+
+        <com.android.settingslib.RestrictedSwitchPreference
+            android:key="biometric_settings_biometric_keyguard"
+            android:title="@string/biometric_settings_use_biometric_unlock_phone"
+            settings:keywords="@string/keywords_biometric_unlock"
+            settings:controller="com.android.settings.biometrics.combination.BiometricSettingsKeyguardPreferenceController"/>
+
+        <SwitchPreference
+            android:key="biometric_settings_biometric_app"
+            android:title="@string/biometric_settings_use_biometric_for_apps"
+            settings:keywords="@string/keywords_biometric_unlock"
+            settings:controller="com.android.settings.biometrics.combination.BiometricSettingsAppPreferenceController"/>
+
+    </PreferenceCategory>
+
+    <SwitchPreference
+        android:key="biometric_setting_lockdown_enabled"
+        android:title="@string/lockdown_settings_title"
+        android:summary="@string/lockdown_settings_summary"
+        settings:controller="com.android.settings.security.LockdownButtonPreferenceController" />
+
+</PreferenceScreen>
\ No newline at end of file
diff --git a/res/xml/security_settings_combined_biometric_profile.xml b/res/xml/security_settings_combined_biometric_profile.xml
new file mode 100644
index 00000000000..57111528603
--- /dev/null
+++ b/res/xml/security_settings_combined_biometric_profile.xml
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+  Copyright (C) 2021 The Android Open Source Project
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<PreferenceScreen
+    xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:settings="http://schemas.android.com/apk/res-auto"
+    android:title="@string/security_settings_biometric_preference_title">
+
+    <com.android.settingslib.widget.TopIntroPreference
+        android:title="@string/biometric_settings_intro" />
+
+    <PreferenceCategory
+        android:key="biometric_ways_to_unlock"
+        android:title="@string/biometric_settings_category_ways_to_unlock">
+
+        <Preference
+            android:key="biometric_fingerprint_settings_profile"
+            android:title="@string/security_settings_fingerprint_preference_title"
+            android:summary="@string/summary_placeholder"
+            settings:keywords="@string/keywords_fingerprint_settings"
+            settings:controller="com.android.settings.biometrics.combination.BiometricFingerprintProfileStatusPreferenceController" />
+
+        <Preference
+            android:key="biometric_face_settings_profile"
+            android:title="@string/security_settings_face_preference_title"
+            android:summary="@string/summary_placeholder"
+            settings:keywords="@string/keywords_face_settings"
+            settings:controller="com.android.settings.biometrics.combination.BiometricFaceProfileStatusPreferenceController" />
+
+    </PreferenceCategory>
+
+    <PreferenceCategory
+        android:key="biometric_ways_to_use"
+        android:title="@string/biometric_settings_category_ways_to_use">
+
+        <SwitchPreference
+            android:key="biometric_settings_biometric_app_profile"
+            android:title="@string/biometric_settings_use_biometric_for_apps"
+            settings:keywords="@string/keywords_biometric_unlock"
+            settings:controller="com.android.settings.biometrics.combination.BiometricSettingsAppPreferenceController"/>
+
+    </PreferenceCategory>
+</PreferenceScreen>
\ No newline at end of file
diff --git a/res/xml/security_settings_face.xml b/res/xml/security_settings_face.xml
index 1fc1ca82de5..131f222685c 100644
--- a/res/xml/security_settings_face.xml
+++ b/res/xml/security_settings_face.xml
@@ -31,7 +31,8 @@
 
     <PreferenceCategory
         android:key="security_settings_face_unlock_category"
-        android:title="@string/security_settings_face_settings_use_face_category">
+        android:title="@string/security_settings_face_settings_use_face_category"
+        settings:controller="com.android.settings.biometrics.face.FaceUnlockCategoryPreferenceController">
         <com.android.settingslib.RestrictedSwitchPreference
             android:key="security_settings_face_keyguard"
             android:title="@string/security_settings_face_settings_use_face_unlock_phone"
@@ -66,6 +67,13 @@
             android:summary="@string/security_settings_face_settings_require_confirmation_details"
             settings:keywords="@string/keywords_face_unlock"
             settings:controller="com.android.settings.biometrics.face.FaceSettingsConfirmPreferenceController"/>
+
+        <com.android.settingslib.RestrictedSwitchPreference
+            android:key="biometric_settings_lockscreen_bypass"
+            android:title="@string/lockscreen_bypass_title"
+            android:summary="@string/lockscreen_bypass_summary"
+            settings:keywords="@string/keywords_lockscreen_bypass"
+            settings:controller="com.android.settings.biometrics.face.FaceSettingsLockscreenBypassPreferenceController" />
     </PreferenceCategory>
 
     <PreferenceCategory
diff --git a/src/com/android/settings/Settings.java b/src/com/android/settings/Settings.java
index 48793e9c93f..c89402cb2cf 100644
--- a/src/com/android/settings/Settings.java
+++ b/src/com/android/settings/Settings.java
@@ -38,6 +38,8 @@ public class Settings extends SettingsActivity {
     public static class CreateShortcutActivity extends SettingsActivity { /* empty */ }
     public static class FaceSettingsActivity extends SettingsActivity { /* empty */ }
     public static class FingerprintSettingsActivity extends SettingsActivity { /* empty */ }
+    public static class CombinedBiometricSettingsActivity extends SettingsActivity { /* empty */ }
+    public static class CombinedBiometricProfileSettingsActivity extends SettingsActivity { /* empty */ }
     public static class TetherSettingsActivity extends SettingsActivity {
         // TODO(b/147675042): Clean the override up when we enable the new Fragment persistently.
         @Override
diff --git a/src/com/android/settings/Utils.java b/src/com/android/settings/Utils.java
index 391ee9067b0..84183154236 100644
--- a/src/com/android/settings/Utils.java
+++ b/src/com/android/settings/Utils.java
@@ -841,6 +841,13 @@ public final class Utils extends com.android.settingslib.Utils {
         return faceManager != null && faceManager.isHardwareDetected();
     }
 
+    /**
+     * Return true if the device supports multiple biometrics authentications.
+     */
+    public static boolean isMultipleBiometricsSupported(Context context) {
+        return hasFingerprintHardware(context) && hasFaceHardware(context);
+    }
+
     /**
      * Launches an intent which may optionally have a user id defined.
      * @param fragment Fragment to use to launch the activity.
diff --git a/src/com/android/settings/biometrics/combination/BiometricFaceProfileStatusPreferenceController.java b/src/com/android/settings/biometrics/combination/BiometricFaceProfileStatusPreferenceController.java
new file mode 100644
index 00000000000..1dbfa645446
--- /dev/null
+++ b/src/com/android/settings/biometrics/combination/BiometricFaceProfileStatusPreferenceController.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.combination;
+
+import android.content.Context;
+import android.os.UserHandle;
+
+/**
+ * Preference controller for face settings within the biometrics settings page of work profile,
+ * that controls the ability to unlock the phone with face authentication.
+ */
+public class BiometricFaceProfileStatusPreferenceController extends
+        BiometricFaceStatusPreferenceController {
+
+    public BiometricFaceProfileStatusPreferenceController(Context context, String key) {
+        super(context, key);
+    }
+
+    @Override
+    protected boolean isUserSupported() {
+        return mProfileChallengeUserId != UserHandle.USER_NULL
+                && mLockPatternUtils.isSeparateProfileChallengeAllowed(mProfileChallengeUserId);
+    }
+
+    @Override
+    protected int getUserId() {
+        return mProfileChallengeUserId;
+    }
+}
diff --git a/src/com/android/settings/biometrics/combination/BiometricFaceStatusPreferenceController.java b/src/com/android/settings/biometrics/combination/BiometricFaceStatusPreferenceController.java
new file mode 100644
index 00000000000..e4b210ea621
--- /dev/null
+++ b/src/com/android/settings/biometrics/combination/BiometricFaceStatusPreferenceController.java
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.combination;
+
+import android.content.Context;
+
+import com.android.settings.Utils;
+import com.android.settings.biometrics.face.FaceStatusPreferenceController;
+
+/**
+ * Preference controller for face settings within the biometrics settings page, that controls the
+ * ability to unlock the phone with face authentication.
+ */
+public class BiometricFaceStatusPreferenceController extends FaceStatusPreferenceController {
+
+    public BiometricFaceStatusPreferenceController(Context context, String key) {
+        super(context, key);
+    }
+
+    @Override
+    protected boolean isDeviceSupported() {
+        return Utils.hasFaceHardware(mContext);
+    }
+}
diff --git a/src/com/android/settings/biometrics/combination/BiometricFingerprintProfileStatusPreferenceController.java b/src/com/android/settings/biometrics/combination/BiometricFingerprintProfileStatusPreferenceController.java
new file mode 100644
index 00000000000..5477c9dca2e
--- /dev/null
+++ b/src/com/android/settings/biometrics/combination/BiometricFingerprintProfileStatusPreferenceController.java
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.combination;
+
+import android.content.Context;
+import android.os.UserHandle;
+
+/**
+ * Preference controller for fingerprint settings within the biometrics settings page, that controls
+ * the ability to unlock the phone with fingerprint.
+ */
+public class BiometricFingerprintProfileStatusPreferenceController extends
+        BiometricFingerprintStatusPreferenceController {
+
+    public BiometricFingerprintProfileStatusPreferenceController(Context context, String key) {
+        super(context, key);
+    }
+
+    @Override
+    protected boolean isUserSupported() {
+        return mProfileChallengeUserId != UserHandle.USER_NULL
+                && mLockPatternUtils.isSeparateProfileChallengeAllowed(mProfileChallengeUserId);
+    }
+
+    @Override
+    protected int getUserId() {
+        return mProfileChallengeUserId;
+    }
+}
diff --git a/src/com/android/settings/biometrics/combination/BiometricFingerprintStatusPreferenceController.java b/src/com/android/settings/biometrics/combination/BiometricFingerprintStatusPreferenceController.java
new file mode 100644
index 00000000000..fd742ffd30c
--- /dev/null
+++ b/src/com/android/settings/biometrics/combination/BiometricFingerprintStatusPreferenceController.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.combination;
+
+import android.content.Context;
+
+import com.android.settings.Utils;
+import com.android.settings.biometrics.fingerprint.FingerprintStatusPreferenceController;
+
+/**
+ * Preference controller for fingerprint settings within the biometrics settings page of work
+ * profile, that controls the ability to unlock the phone with fingerprint.
+ */
+public class BiometricFingerprintStatusPreferenceController extends
+        FingerprintStatusPreferenceController {
+
+    public BiometricFingerprintStatusPreferenceController(Context context, String key) {
+        super(context, key);
+    }
+
+    @Override
+    protected boolean isDeviceSupported() {
+        return Utils.hasFingerprintHardware(mContext);
+    }
+}
diff --git a/src/com/android/settings/biometrics/combination/BiometricSettingsAppPreferenceController.java b/src/com/android/settings/biometrics/combination/BiometricSettingsAppPreferenceController.java
new file mode 100644
index 00000000000..9107e1b48de
--- /dev/null
+++ b/src/com/android/settings/biometrics/combination/BiometricSettingsAppPreferenceController.java
@@ -0,0 +1,86 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.combination;
+
+import static android.provider.Settings.Secure.BIOMETRIC_APP_ENABLED;
+
+import android.app.admin.DevicePolicyManager;
+import android.content.Context;
+import android.hardware.face.FaceManager;
+import android.hardware.fingerprint.FingerprintManager;
+import android.provider.Settings;
+
+import com.android.settings.Utils;
+import com.android.settings.core.TogglePreferenceController;
+import com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
+import com.android.settingslib.RestrictedLockUtilsInternal;
+
+/**
+ * Preference controller that controls whether the biometrics authentication to be used in apps.
+ */
+public class BiometricSettingsAppPreferenceController extends TogglePreferenceController {
+    private static final int ON = 1;
+    private static final int OFF = 0;
+    private static final int DEFAULT = ON;
+
+    private int mUserId;
+    private FaceManager mFaceManager;
+    private FingerprintManager mFingerprintManager;
+
+    public BiometricSettingsAppPreferenceController(Context context, String key) {
+        super(context, key);
+        mFaceManager = Utils.getFaceManagerOrNull(context);
+        mFingerprintManager = Utils.getFingerprintManagerOrNull(context);
+    }
+
+    protected EnforcedAdmin getRestrictingAdmin() {
+        return RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(mContext,
+                DevicePolicyManager.KEYGUARD_DISABLE_BIOMETRICS, mUserId);
+    }
+
+    public void setUserId(int userId) {
+        mUserId = userId;
+    }
+
+    @Override
+    public boolean isChecked() {
+        return Settings.Secure.getIntForUser(mContext.getContentResolver(), BIOMETRIC_APP_ENABLED,
+                DEFAULT, mUserId) == ON;
+    }
+
+    @Override
+    public boolean setChecked(boolean isChecked) {
+        return Settings.Secure.putIntForUser(mContext.getContentResolver(), BIOMETRIC_APP_ENABLED,
+                isChecked ? ON : OFF, mUserId);
+    }
+
+    @Override
+    public int getAvailabilityStatus() {
+        if (mFaceManager == null || mFingerprintManager == null) {
+            return AVAILABLE_UNSEARCHABLE;
+        }
+        // This preference will be available only if the user has registered either face auth
+        // or fingerprint.
+        final boolean hasFaceEnrolledUser = mFaceManager.hasEnrolledTemplates(mUserId);
+        final boolean hasFingerprintEnrolledUser =
+                mFingerprintManager.hasEnrolledTemplates(mUserId);
+        if (hasFaceEnrolledUser || hasFingerprintEnrolledUser) {
+            return AVAILABLE;
+        } else {
+            return AVAILABLE_UNSEARCHABLE;
+        }
+    }
+}
diff --git a/src/com/android/settings/biometrics/combination/BiometricSettingsKeyguardPreferenceController.java b/src/com/android/settings/biometrics/combination/BiometricSettingsKeyguardPreferenceController.java
new file mode 100644
index 00000000000..263134a0154
--- /dev/null
+++ b/src/com/android/settings/biometrics/combination/BiometricSettingsKeyguardPreferenceController.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.combination;
+
+import static android.provider.Settings.Secure.BIOMETRIC_KEYGUARD_ENABLED;
+
+import android.app.admin.DevicePolicyManager;
+import android.content.Context;
+import android.provider.Settings;
+
+import com.android.settings.core.TogglePreferenceController;
+import com.android.settingslib.RestrictedLockUtils;
+import com.android.settingslib.RestrictedLockUtilsInternal;
+
+/**
+ * Preference controller that controls whether the biometrics authentication to unlock the device.
+ */
+public class BiometricSettingsKeyguardPreferenceController extends TogglePreferenceController {
+    private static final int ON = 1;
+    private static final int OFF = 0;
+    private static final int DEFAULT = ON;
+
+    private int mUserId;
+
+    public BiometricSettingsKeyguardPreferenceController(Context context, String key) {
+        super(context, key);
+    }
+
+    protected RestrictedLockUtils.EnforcedAdmin getRestrictingAdmin() {
+        return RestrictedLockUtilsInternal.checkIfKeyguardFeaturesDisabled(mContext,
+                DevicePolicyManager.KEYGUARD_DISABLE_BIOMETRICS, mUserId);
+    }
+
+    public void setUserId(int userId) {
+        mUserId = userId;
+    }
+
+    @Override
+    public boolean isChecked() {
+        return Settings.Secure.getIntForUser(mContext.getContentResolver(),
+                BIOMETRIC_KEYGUARD_ENABLED, DEFAULT, mUserId) == ON;
+    }
+
+    @Override
+    public boolean setChecked(boolean isChecked) {
+        return Settings.Secure.putIntForUser(mContext.getContentResolver(),
+                BIOMETRIC_KEYGUARD_ENABLED, isChecked ? ON : OFF, mUserId);
+    }
+
+    @Override
+    public int getAvailabilityStatus() {
+        return getRestrictingAdmin() != null ? DISABLED_FOR_USER : AVAILABLE;
+    }
+}
diff --git a/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettings.java b/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettings.java
new file mode 100644
index 00000000000..f4d1c398423
--- /dev/null
+++ b/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettings.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.combination;
+
+import android.app.settings.SettingsEnums;
+import android.content.Context;
+import android.content.Intent;
+import android.os.UserHandle;
+
+import com.android.settings.R;
+import com.android.settings.dashboard.DashboardFragment;
+import com.android.settings.search.BaseSearchIndexProvider;
+
+/**
+ * Settings screen for multiple biometrics used in work profile.
+ */
+public class CombinedBiometricProfileSettings extends DashboardFragment {
+    private static final String TAG = "BiometricProfileSetting";
+
+    private int mUserId;
+
+    @Override
+    public void onAttach(Context context) {
+        super.onAttach(context);
+        mUserId = getActivity().getIntent().getIntExtra(Intent.EXTRA_USER_ID,
+                UserHandle.myUserId());
+        use(BiometricSettingsAppPreferenceController.class).setUserId(mUserId);
+    }
+
+    @Override
+    protected int getPreferenceScreenResId() {
+        return R.xml.security_settings_combined_biometric_profile;
+    }
+
+    @Override
+    protected String getLogTag() {
+        return TAG;
+    }
+
+    @Override
+    public int getMetricsCategory() {
+        return SettingsEnums.COMBINED_BIOMETRIC_PROFILE;
+    }
+
+    public static final BaseSearchIndexProvider SEARCH_INDEX_DATA_PROVIDER =
+            new BaseSearchIndexProvider(R.xml.security_settings_combined_biometric_profile);
+}
diff --git a/src/com/android/settings/biometrics/combination/CombinedBiometricProfileStatusPreferenceController.java b/src/com/android/settings/biometrics/combination/CombinedBiometricProfileStatusPreferenceController.java
new file mode 100644
index 00000000000..e9cbcd8e763
--- /dev/null
+++ b/src/com/android/settings/biometrics/combination/CombinedBiometricProfileStatusPreferenceController.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.combination;
+
+import android.content.Context;
+import android.os.UserHandle;
+
+import com.android.settings.Settings;
+
+/**
+ * Preference controller for biometrics settings page of work profile, controlling the ability to
+ * unlock the phone with face and fingerprint.
+ */
+public class CombinedBiometricProfileStatusPreferenceController extends
+        CombinedBiometricStatusPreferenceController {
+
+    private static final String KEY_BIOMETRIC_SETTINGS = "biometric_settings_profile";
+
+    public CombinedBiometricProfileStatusPreferenceController(Context context) {
+        super(context, KEY_BIOMETRIC_SETTINGS);
+    }
+
+    public CombinedBiometricProfileStatusPreferenceController(Context context, String key) {
+        super(context, key);
+    }
+
+    @Override
+    protected boolean isUserSupported() {
+        return mProfileChallengeUserId != UserHandle.USER_NULL
+                && mLockPatternUtils.isSeparateProfileChallengeAllowed(mProfileChallengeUserId);
+    }
+
+    @Override
+    protected int getUserId() {
+        return mProfileChallengeUserId;
+    }
+
+    @Override
+    protected String getSettingsClassName() {
+        return Settings.CombinedBiometricProfileSettingsActivity.class.getName();
+    }
+
+    @Override
+    protected String getEnrollClassName() {
+        return Settings.CombinedBiometricProfileSettingsActivity.class.getName();
+    }
+}
diff --git a/src/com/android/settings/biometrics/combination/CombinedBiometricSettings.java b/src/com/android/settings/biometrics/combination/CombinedBiometricSettings.java
new file mode 100644
index 00000000000..843d93571a5
--- /dev/null
+++ b/src/com/android/settings/biometrics/combination/CombinedBiometricSettings.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.combination;
+
+import android.app.settings.SettingsEnums;
+import android.content.Context;
+import android.content.Intent;
+import android.os.UserHandle;
+
+import com.android.settings.R;
+import com.android.settings.dashboard.DashboardFragment;
+import com.android.settings.search.BaseSearchIndexProvider;
+import com.android.settingslib.search.SearchIndexable;
+
+/**
+ * Settings screen for multiple biometrics.
+ */
+@SearchIndexable
+public class CombinedBiometricSettings extends DashboardFragment {
+    private static final String TAG = "BiometricSettings";
+
+    private int mUserId;
+
+    @Override
+    public void onAttach(Context context) {
+        super.onAttach(context);
+        mUserId = getActivity().getIntent().getIntExtra(Intent.EXTRA_USER_ID,
+                UserHandle.myUserId());
+        use(BiometricSettingsKeyguardPreferenceController.class).setUserId(mUserId);
+        use(BiometricSettingsAppPreferenceController.class).setUserId(mUserId);
+    }
+
+    @Override
+    protected int getPreferenceScreenResId() {
+        return R.xml.security_settings_combined_biometric;
+    }
+
+    @Override
+    protected String getLogTag() {
+        return TAG;
+    }
+
+    @Override
+    public int getMetricsCategory() {
+        return SettingsEnums.COMBINED_BIOMETRIC;
+    }
+
+    public static final BaseSearchIndexProvider SEARCH_INDEX_DATA_PROVIDER =
+            new BaseSearchIndexProvider(R.xml.security_settings_combined_biometric);
+}
diff --git a/src/com/android/settings/biometrics/combination/CombinedBiometricStatusPreferenceController.java b/src/com/android/settings/biometrics/combination/CombinedBiometricStatusPreferenceController.java
new file mode 100644
index 00000000000..c3db1742755
--- /dev/null
+++ b/src/com/android/settings/biometrics/combination/CombinedBiometricStatusPreferenceController.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.combination;
+
+import android.content.Context;
+
+import com.android.settings.R;
+import com.android.settings.Settings;
+import com.android.settings.Utils;
+import com.android.settings.biometrics.BiometricStatusPreferenceController;
+
+/**
+ * Preference controller for biometrics settings page controlling the ability to unlock the phone
+ * with face and fingerprint.
+ */
+public class CombinedBiometricStatusPreferenceController extends
+        BiometricStatusPreferenceController {
+    private static final String KEY_BIOMETRIC_SETTINGS = "biometric_settings";
+
+
+    public CombinedBiometricStatusPreferenceController(Context context) {
+        this(context, KEY_BIOMETRIC_SETTINGS);
+    }
+
+    public CombinedBiometricStatusPreferenceController(Context context, String key) {
+        super(context, key);
+    }
+
+    @Override
+    protected boolean isDeviceSupported() {
+        return Utils.hasFingerprintHardware(mContext) && Utils.hasFaceHardware(mContext);
+    }
+
+    @Override
+    protected boolean hasEnrolledBiometrics() {
+        return false;
+    }
+
+    @Override
+    protected String getSummaryTextEnrolled() {
+        return mContext.getString(R.string.security_settings_biometric_preference_summary);
+    }
+
+    @Override
+    protected String getSummaryTextNoneEnrolled() {
+        return mContext.getString(R.string.security_settings_biometric_preference_summary);
+    }
+
+    @Override
+    protected String getSettingsClassName() {
+        return Settings.CombinedBiometricSettingsActivity.class.getName();
+    }
+
+    @Override
+    protected String getEnrollClassName() {
+        return Settings.CombinedBiometricSettingsActivity.class.getName();
+    }
+}
diff --git a/src/com/android/settings/biometrics/face/FaceSettingsAppPreferenceController.java b/src/com/android/settings/biometrics/face/FaceSettingsAppPreferenceController.java
index bde146b19cd..c296e56aa08 100644
--- a/src/com/android/settings/biometrics/face/FaceSettingsAppPreferenceController.java
+++ b/src/com/android/settings/biometrics/face/FaceSettingsAppPreferenceController.java
@@ -78,6 +78,11 @@ public class FaceSettingsAppPreferenceController extends FaceSettingsPreferenceC
 
     @Override
     public int getAvailabilityStatus() {
+        // When the device supports multiple biometrics auth, this preference will be hidden.
+        if (Utils.isMultipleBiometricsSupported(mContext)) {
+            return UNSUPPORTED_ON_DEVICE;
+        }
+
         if(mFaceManager == null){
             return AVAILABLE_UNSEARCHABLE;
         }
diff --git a/src/com/android/settings/biometrics/face/FaceSettingsKeyguardPreferenceController.java b/src/com/android/settings/biometrics/face/FaceSettingsKeyguardPreferenceController.java
index 8ee7ffd57ce..342d7864829 100644
--- a/src/com/android/settings/biometrics/face/FaceSettingsKeyguardPreferenceController.java
+++ b/src/com/android/settings/biometrics/face/FaceSettingsKeyguardPreferenceController.java
@@ -70,7 +70,8 @@ public class FaceSettingsKeyguardPreferenceController extends FaceSettingsPrefer
 
     @Override
     public int getAvailabilityStatus() {
-        return AVAILABLE;
+        // When the device supports multiple biometrics auth, this preference will be unavailable.
+        return Utils.isMultipleBiometricsSupported(mContext) ? UNSUPPORTED_ON_DEVICE : AVAILABLE;
     }
 
     @Override
diff --git a/src/com/android/settings/biometrics/face/FaceSettingsLockscreenBypassPreferenceController.java b/src/com/android/settings/biometrics/face/FaceSettingsLockscreenBypassPreferenceController.java
index 0a2757b5cbd..2f0ef4f1238 100644
--- a/src/com/android/settings/biometrics/face/FaceSettingsLockscreenBypassPreferenceController.java
+++ b/src/com/android/settings/biometrics/face/FaceSettingsLockscreenBypassPreferenceController.java
@@ -26,6 +26,7 @@ import android.provider.Settings;
 import androidx.preference.Preference;
 
 import com.android.internal.annotations.VisibleForTesting;
+import com.android.settings.Utils;
 import com.android.settingslib.RestrictedLockUtils.EnforcedAdmin;
 import com.android.settingslib.RestrictedSwitchPreference;
 
@@ -82,6 +83,11 @@ public class FaceSettingsLockscreenBypassPreferenceController
 
     @Override
     public int getAvailabilityStatus() {
+        // When the device supports multiple biometrics auth, this preference will be shown
+        // in face unlock category.
+        if (Utils.isMultipleBiometricsSupported(mContext)) {
+            return AVAILABLE;
+        }
         if (mUserManager.isManagedProfile(UserHandle.myUserId())) {
             return UNSUPPORTED_ON_DEVICE;
         }
diff --git a/src/com/android/settings/biometrics/face/FaceStatusPreferenceController.java b/src/com/android/settings/biometrics/face/FaceStatusPreferenceController.java
index 94651d754ac..c2143c043e0 100644
--- a/src/com/android/settings/biometrics/face/FaceStatusPreferenceController.java
+++ b/src/com/android/settings/biometrics/face/FaceStatusPreferenceController.java
@@ -41,7 +41,7 @@ public class FaceStatusPreferenceController extends BiometricStatusPreferenceCon
 
     @Override
     protected boolean isDeviceSupported() {
-        return FaceSettings.isFaceHardwareDetected(mContext);
+        return !Utils.isMultipleBiometricsSupported(mContext) && Utils.hasFaceHardware(mContext);
     }
 
     @Override
diff --git a/src/com/android/settings/biometrics/face/FaceUnlockCategoryPreferenceController.java b/src/com/android/settings/biometrics/face/FaceUnlockCategoryPreferenceController.java
new file mode 100644
index 00000000000..d0debdfe594
--- /dev/null
+++ b/src/com/android/settings/biometrics/face/FaceUnlockCategoryPreferenceController.java
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.face;
+
+import android.content.Context;
+
+import com.android.settings.Utils;
+import com.android.settings.core.BasePreferenceController;
+
+/**
+ * Preference controller that controls the face unlock features to be shown / be hidden.
+ */
+public class FaceUnlockCategoryPreferenceController extends BasePreferenceController {
+
+    public FaceUnlockCategoryPreferenceController(Context context, String key) {
+        super(context, key);
+    }
+
+    @Override
+    public int getAvailabilityStatus() {
+        return Utils.isMultipleBiometricsSupported(mContext) ? UNSUPPORTED_ON_DEVICE : AVAILABLE;
+    }
+}
diff --git a/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceController.java b/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceController.java
index 0e1ccd7839a..e53dbc411a1 100644
--- a/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceController.java
+++ b/src/com/android/settings/biometrics/fingerprint/FingerprintStatusPreferenceController.java
@@ -40,7 +40,8 @@ public class FingerprintStatusPreferenceController extends BiometricStatusPrefer
 
     @Override
     protected boolean isDeviceSupported() {
-        return mFingerprintManager != null && mFingerprintManager.isHardwareDetected();
+        return !Utils.isMultipleBiometricsSupported(mContext)
+                && Utils.hasFingerprintHardware(mContext);
     }
 
     @Override
diff --git a/src/com/android/settings/core/gateway/SettingsGateway.java b/src/com/android/settings/core/gateway/SettingsGateway.java
index a6305cbb83a..01c613a6c0c 100644
--- a/src/com/android/settings/core/gateway/SettingsGateway.java
+++ b/src/com/android/settings/core/gateway/SettingsGateway.java
@@ -63,6 +63,8 @@ import com.android.settings.applications.specialaccess.zenaccess.ZenAccessDetail
 import com.android.settings.backup.PrivacySettings;
 import com.android.settings.backup.ToggleBackupSettingFragment;
 import com.android.settings.backup.UserBackupSettingsActivity;
+import com.android.settings.biometrics.combination.CombinedBiometricProfileSettings;
+import com.android.settings.biometrics.combination.CombinedBiometricSettings;
 import com.android.settings.biometrics.face.FaceSettings;
 import com.android.settings.biometrics.fingerprint.FingerprintSettings;
 import com.android.settings.bluetooth.BluetoothDeviceDetailsFragment;
@@ -222,6 +224,8 @@ public class SettingsGateway {
             AssistGestureSettings.class.getName(),
             FaceSettings.class.getName(),
             FingerprintSettings.FingerprintSettingsFragment.class.getName(),
+            CombinedBiometricSettings.class.getName(),
+            CombinedBiometricProfileSettings.class.getName(),
             SwipeToNotificationSettings.class.getName(),
             DoubleTapPowerSettings.class.getName(),
             DoubleTapScreenSettings.class.getName(),
diff --git a/src/com/android/settings/security/SecuritySettings.java b/src/com/android/settings/security/SecuritySettings.java
index 577144fedc0..01cdba7b3ca 100644
--- a/src/com/android/settings/security/SecuritySettings.java
+++ b/src/com/android/settings/security/SecuritySettings.java
@@ -22,6 +22,8 @@ import android.content.Context;
 import android.content.Intent;
 
 import com.android.settings.R;
+import com.android.settings.biometrics.combination.CombinedBiometricProfileStatusPreferenceController;
+import com.android.settings.biometrics.combination.CombinedBiometricStatusPreferenceController;
 import com.android.settings.biometrics.face.FaceProfileStatusPreferenceController;
 import com.android.settings.biometrics.face.FaceStatusPreferenceController;
 import com.android.settings.biometrics.fingerprint.FingerprintProfileStatusPreferenceController;
@@ -115,6 +117,7 @@ public class SecuritySettings extends DashboardFragment {
         final List<AbstractPreferenceController> securityPreferenceControllers = new ArrayList<>();
         securityPreferenceControllers.add(new FaceStatusPreferenceController(context));
         securityPreferenceControllers.add(new FingerprintStatusPreferenceController(context));
+        securityPreferenceControllers.add(new CombinedBiometricStatusPreferenceController(context));
         securityPreferenceControllers.add(new ChangeScreenLockPreferenceController(context, host));
         controllers.add(new PreferenceCategoryController(context, SECURITY_CATEGORY)
                 .setChildren(securityPreferenceControllers));
@@ -128,6 +131,8 @@ public class SecuritySettings extends DashboardFragment {
                 context, lifecycle));
         profileSecurityControllers.add(new FaceProfileStatusPreferenceController(context));
         profileSecurityControllers.add(new FingerprintProfileStatusPreferenceController(context));
+        profileSecurityControllers
+                .add(new CombinedBiometricProfileStatusPreferenceController(context));
         controllers.add(new PreferenceCategoryController(context, WORK_PROFILE_SECURITY_CATEGORY)
                 .setChildren(profileSecurityControllers));
         controllers.addAll(profileSecurityControllers);

From 8843157b011f43c2d188d56f48fd76eb569a5109 Mon Sep 17 00:00:00 2001
From: Mill Chen <millchen@google.com>
Date: Thu, 22 Apr 2021 11:21:44 +0800
Subject: [PATCH 2/2] Update confirming credential flow for biometric settings

The combined biometrics settings has been integrating face and
fingerprint authentication together, so the confirming credential flow
has to be invoked before entering biometrics settings page.

Bug: 183449119
Test: manual
Change-Id: I3c0d059241cb10a254868c2e388c4d3b20305b10
---
 .../BiometricStatusPreferenceController.java  |   3 +
 .../combination/BiometricsSettingsBase.java   | 197 ++++++++++++++++++
 .../CombinedBiometricProfileSettings.java     |  21 +-
 .../CombinedBiometricSettings.java            |  21 +-
 4 files changed, 226 insertions(+), 16 deletions(-)
 create mode 100644 src/com/android/settings/biometrics/combination/BiometricsSettingsBase.java

diff --git a/src/com/android/settings/biometrics/BiometricStatusPreferenceController.java b/src/com/android/settings/biometrics/BiometricStatusPreferenceController.java
index 2a3bfb25947..70f0baf3de5 100644
--- a/src/com/android/settings/biometrics/BiometricStatusPreferenceController.java
+++ b/src/com/android/settings/biometrics/BiometricStatusPreferenceController.java
@@ -122,6 +122,9 @@ public abstract class BiometricStatusPreferenceController extends BasePreference
         final String clazz = hasEnrolledBiometrics() ? getSettingsClassName()
                 : getEnrollClassName();
         intent.setClassName(SETTINGS_PACKAGE_NAME, clazz);
+        if (!preference.getExtras().isEmpty()) {
+            intent.putExtras(preference.getExtras());
+        }
         intent.putExtra(Intent.EXTRA_USER_ID, userId);
         intent.putExtra(EXTRA_FROM_SETTINGS_SUMMARY, true);
         context.startActivity(intent);
diff --git a/src/com/android/settings/biometrics/combination/BiometricsSettingsBase.java b/src/com/android/settings/biometrics/combination/BiometricsSettingsBase.java
new file mode 100644
index 00000000000..4260c7c9130
--- /dev/null
+++ b/src/com/android/settings/biometrics/combination/BiometricsSettingsBase.java
@@ -0,0 +1,197 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.android.settings.biometrics.combination;
+
+import static android.app.Activity.RESULT_OK;
+
+import static com.android.settings.password.ChooseLockPattern.RESULT_FINISHED;
+
+import android.app.admin.DevicePolicyManager;
+import android.content.Context;
+import android.content.Intent;
+import android.hardware.face.FaceManager;
+import android.hardware.fingerprint.FingerprintManager;
+import android.os.Bundle;
+import android.os.UserHandle;
+import android.util.Log;
+
+import androidx.annotation.Nullable;
+import androidx.preference.Preference;
+
+import com.android.settings.R;
+import com.android.settings.Utils;
+import com.android.settings.biometrics.BiometricEnrollBase;
+import com.android.settings.biometrics.BiometricUtils;
+import com.android.settings.dashboard.DashboardFragment;
+import com.android.settings.password.ChooseLockGeneric;
+import com.android.settings.password.ChooseLockSettingsHelper;
+
+/**
+ * Base fragment with the confirming credential functionality for combined biometrics settings.
+ */
+public abstract class BiometricsSettingsBase extends DashboardFragment {
+
+    private static final int CONFIRM_REQUEST = 2001;
+    private static final int CHOOSE_LOCK_REQUEST = 2002;
+
+    private static final String SAVE_STATE_CONFIRM_CREDETIAL = "confirm_credential";
+
+    protected int mUserId;
+    protected long mFaceChallenge;
+    protected long mFingerprintChallenge;
+    protected int mFaceSensorId;
+    protected int mFingerprintSensorId;
+    protected long mGkPwHandle;
+    private boolean mConfirmCredential;
+    @Nullable private FaceManager mFaceManager;
+    @Nullable private FingerprintManager mFingerprintManager;
+
+    @Override
+    public void onAttach(Context context) {
+        super.onAttach(context);
+        mUserId = getActivity().getIntent().getIntExtra(Intent.EXTRA_USER_ID,
+                UserHandle.myUserId());
+    }
+
+    @Override
+    public void onCreate(Bundle savedInstanceState) {
+        super.onCreate(savedInstanceState);
+        mFaceManager = Utils.getFaceManagerOrNull(getActivity());
+        mFingerprintManager = Utils.getFingerprintManagerOrNull(getActivity());
+
+        if (BiometricUtils.containsGatekeeperPasswordHandle(getIntent())) {
+            mGkPwHandle = BiometricUtils.getGatekeeperPasswordHandle(getIntent());
+        }
+
+        if (savedInstanceState != null) {
+            mConfirmCredential = savedInstanceState.getBoolean(SAVE_STATE_CONFIRM_CREDETIAL);
+            if (savedInstanceState.containsKey(
+                    ChooseLockSettingsHelper.EXTRA_KEY_REQUEST_GK_PW_HANDLE)) {
+                mGkPwHandle = savedInstanceState.getLong(
+                        ChooseLockSettingsHelper.EXTRA_KEY_REQUEST_GK_PW_HANDLE);
+            }
+        }
+
+        if (mGkPwHandle == 0L && !mConfirmCredential) {
+            mConfirmCredential = true;
+            launchChooseOrConfirmLock();
+        }
+    }
+
+    @Override
+    public void onDestroy() {
+        super.onDestroy();
+        if (getActivity().isFinishing()) {
+            mFaceManager.revokeChallenge(mFaceSensorId, mUserId, mFaceChallenge);
+            mFingerprintManager.revokeChallenge(mUserId, mFingerprintChallenge);
+            BiometricUtils.removeGatekeeperPasswordHandle(getActivity(), mGkPwHandle);
+        }
+    }
+
+    @Override
+    public boolean onPreferenceTreeClick(Preference preference) {
+        final String key = preference.getKey();
+        if (getFacePreferenceKey().equals(key)) {
+            final byte[] token = BiometricUtils.requestGatekeeperHat(getActivity(), mGkPwHandle,
+                    mUserId, mFaceChallenge);
+            final Bundle extras = preference.getExtras();
+            extras.putByteArray(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN, token);
+            extras.putInt(BiometricEnrollBase.EXTRA_KEY_SENSOR_ID, mFaceSensorId);
+            extras.putLong(BiometricEnrollBase.EXTRA_KEY_CHALLENGE, mFaceChallenge);
+        } else if (getFingerprintPreferenceKey().equals(key)) {
+            final byte[] token = BiometricUtils.requestGatekeeperHat(getActivity(), mGkPwHandle,
+                    mUserId, mFingerprintChallenge);
+            final Bundle extras = preference.getExtras();
+            extras.putByteArray(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN, token);
+            extras.putLong(BiometricEnrollBase.EXTRA_KEY_CHALLENGE, mFingerprintChallenge);
+        }
+        return super.onPreferenceTreeClick(preference);
+    }
+
+    @Override
+    public void onSaveInstanceState(Bundle outState) {
+        super.onSaveInstanceState(outState);
+        outState.putBoolean(SAVE_STATE_CONFIRM_CREDETIAL, mConfirmCredential);
+        if (mGkPwHandle != 0L) {
+            outState.putLong(ChooseLockSettingsHelper.EXTRA_KEY_REQUEST_GK_PW_HANDLE, mGkPwHandle);
+        }
+    }
+
+    @Override
+    public void onActivityResult(int requestCode, int resultCode, @Nullable Intent data) {
+        super.onActivityResult(requestCode, resultCode, data);
+        if (requestCode == CONFIRM_REQUEST || requestCode == CHOOSE_LOCK_REQUEST) {
+            mConfirmCredential = false;
+            if (resultCode == RESULT_FINISHED || resultCode == RESULT_OK) {
+                if (data != null && BiometricUtils.containsGatekeeperPasswordHandle(data)) {
+                    mGkPwHandle = BiometricUtils.getGatekeeperPasswordHandle(data);
+                    mFaceManager.generateChallenge((sensorId, challenge) -> {
+                        mFaceSensorId = sensorId;
+                        mFaceChallenge = challenge;
+                    });
+                    mFingerprintManager.generateChallenge(mUserId, (sensorId, challenge) -> {
+                        mFingerprintSensorId = sensorId;
+                        mFingerprintChallenge = challenge;
+                    });
+                } else {
+                    Log.d(getLogTag(), "Data null or GK PW missing.");
+                    finish();
+                }
+            } else {
+                Log.d(getLogTag(), "Password not confirmed.");
+                finish();
+            }
+        }
+    }
+
+    /**
+     * Get the preference key of face for passing through credential data to face settings.
+     */
+    public abstract String getFacePreferenceKey();
+
+    /**
+     * Get the preference key of face for passing through credential data to face settings.
+     */
+    public abstract String getFingerprintPreferenceKey();
+
+    private void launchChooseOrConfirmLock() {
+        final ChooseLockSettingsHelper.Builder builder =
+                new ChooseLockSettingsHelper.Builder(getActivity(), this)
+                        .setRequestCode(CONFIRM_REQUEST)
+                        .setTitle(getString(R.string.security_settings_biometric_preference_title))
+                        .setRequestGatekeeperPasswordHandle(true)
+                        .setForegroundOnly(true)
+                        .setReturnCredentials(true);
+        if (mUserId != UserHandle.USER_NULL) {
+            builder.setUserId(mUserId);
+        }
+        final boolean launched = builder.show();
+
+        if (!launched) {
+            Intent intent = BiometricUtils.getChooseLockIntent(getActivity(), getIntent());
+            intent.putExtra(ChooseLockGeneric.ChooseLockGenericFragment.MINIMUM_QUALITY_KEY,
+                    DevicePolicyManager.PASSWORD_QUALITY_SOMETHING);
+            intent.putExtra(ChooseLockGeneric.ChooseLockGenericFragment.HIDE_DISABLED_PREFS, true);
+            intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_REQUEST_GK_PW_HANDLE, true);
+            intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_FOR_BIOMETRICS, true);
+
+            if (mUserId != UserHandle.USER_NULL) {
+                intent.putExtra(Intent.EXTRA_USER_ID, mUserId);
+            }
+            startActivityForResult(intent, CHOOSE_LOCK_REQUEST);
+        }
+    }
+}
diff --git a/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettings.java b/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettings.java
index f4d1c398423..08c934dbc44 100644
--- a/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettings.java
+++ b/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettings.java
@@ -17,26 +17,21 @@ package com.android.settings.biometrics.combination;
 
 import android.app.settings.SettingsEnums;
 import android.content.Context;
-import android.content.Intent;
-import android.os.UserHandle;
 
 import com.android.settings.R;
-import com.android.settings.dashboard.DashboardFragment;
 import com.android.settings.search.BaseSearchIndexProvider;
 
 /**
  * Settings screen for multiple biometrics used in work profile.
  */
-public class CombinedBiometricProfileSettings extends DashboardFragment {
+public class CombinedBiometricProfileSettings extends BiometricsSettingsBase {
     private static final String TAG = "BiometricProfileSetting";
-
-    private int mUserId;
+    private static final String KEY_FACE_SETTINGS = "biometric_face_settings_profile";
+    private static final String KEY_FINGERPRINT_SETTINGS = "biometric_fingerprint_settings_profile";
 
     @Override
     public void onAttach(Context context) {
         super.onAttach(context);
-        mUserId = getActivity().getIntent().getIntExtra(Intent.EXTRA_USER_ID,
-                UserHandle.myUserId());
         use(BiometricSettingsAppPreferenceController.class).setUserId(mUserId);
     }
 
@@ -45,6 +40,16 @@ public class CombinedBiometricProfileSettings extends DashboardFragment {
         return R.xml.security_settings_combined_biometric_profile;
     }
 
+    @Override
+    public String getFacePreferenceKey() {
+        return KEY_FACE_SETTINGS;
+    }
+
+    @Override
+    public String getFingerprintPreferenceKey() {
+        return KEY_FINGERPRINT_SETTINGS;
+    }
+
     @Override
     protected String getLogTag() {
         return TAG;
diff --git a/src/com/android/settings/biometrics/combination/CombinedBiometricSettings.java b/src/com/android/settings/biometrics/combination/CombinedBiometricSettings.java
index 843d93571a5..9ebb62f4939 100644
--- a/src/com/android/settings/biometrics/combination/CombinedBiometricSettings.java
+++ b/src/com/android/settings/biometrics/combination/CombinedBiometricSettings.java
@@ -17,11 +17,8 @@ package com.android.settings.biometrics.combination;
 
 import android.app.settings.SettingsEnums;
 import android.content.Context;
-import android.content.Intent;
-import android.os.UserHandle;
 
 import com.android.settings.R;
-import com.android.settings.dashboard.DashboardFragment;
 import com.android.settings.search.BaseSearchIndexProvider;
 import com.android.settingslib.search.SearchIndexable;
 
@@ -29,16 +26,14 @@ import com.android.settingslib.search.SearchIndexable;
  * Settings screen for multiple biometrics.
  */
 @SearchIndexable
-public class CombinedBiometricSettings extends DashboardFragment {
+public class CombinedBiometricSettings extends BiometricsSettingsBase {
     private static final String TAG = "BiometricSettings";
-
-    private int mUserId;
+    private static final String KEY_FACE_SETTINGS = "biometric_face_settings";
+    private static final String KEY_FINGERPRINT_SETTINGS = "biometric_fingerprint_settings";
 
     @Override
     public void onAttach(Context context) {
         super.onAttach(context);
-        mUserId = getActivity().getIntent().getIntExtra(Intent.EXTRA_USER_ID,
-                UserHandle.myUserId());
         use(BiometricSettingsKeyguardPreferenceController.class).setUserId(mUserId);
         use(BiometricSettingsAppPreferenceController.class).setUserId(mUserId);
     }
@@ -48,6 +43,16 @@ public class CombinedBiometricSettings extends DashboardFragment {
         return R.xml.security_settings_combined_biometric;
     }
 
+    @Override
+    public String getFacePreferenceKey() {
+        return KEY_FACE_SETTINGS;
+    }
+
+    @Override
+    public String getFingerprintPreferenceKey() {
+        return KEY_FINGERPRINT_SETTINGS;
+    }
+
     @Override
     protected String getLogTag() {
         return TAG;