Do not reset incorrect password attempts after biometric authentication

For work challenges, do not reset incorrect password attempts if
challenge is resolved via biometric authentication. This is the
behaviour for personal keyguard and work challenge should be
consistent.

Bug: 139438785
Test: manual: enroll work challenge with fingerprint, set failed wipe
count (3) via TestDPC and attempt two failed attempts (via cmd
lock_settings). Resolve work challenge with fingerprint and attempt one
last failed attempt. Verify work profiel is wiped.

Change-Id: Ic64d3e44f3faa5adf8ac43db09e33c8403427990

src/com/android/settings/password/BiometricFragment.java

@@ -70,6 +70,13 @@ public class BiometricFragment extends InstrumentedFragment {
             });
             cleanup();
         }
+
+        @Override
+        public void onAuthenticationFailed() {
+            mClientExecutor.execute(() -> {
+                mClientCallback.onAuthenticationFailed();
+            });
+        }
     };
 
     private final DialogInterface.OnClickListener mNegativeButtonListener =

src/com/android/settings/password/ConfirmDeviceCredentialActivity.java

@@ -111,6 +111,7 @@ public class ConfirmDeviceCredentialActivity extends FragmentActivity {
     });
 
     private AuthenticationCallback mAuthenticationCallback = new AuthenticationCallback() {
+        @Override
         public void onAuthenticationError(int errorCode, @NonNull CharSequence errString) {
             if (!mGoingToBackground) {
                 if (errorCode == BiometricPrompt.BIOMETRIC_ERROR_USER_CANCELED
@@ -123,17 +124,24 @@ public class ConfirmDeviceCredentialActivity extends FragmentActivity {
             }
         }
 
+        @Override
         public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) {
             mTrustManager.setDeviceLockedForUser(mUserId, false);
-
+            final boolean isStrongAuth = result.getAuthenticationType()
+                    == BiometricPrompt.AUTHENTICATION_RESULT_TYPE_DEVICE_CREDENTIAL;
             ConfirmDeviceCredentialUtils.reportSuccessfulAttempt(mLockPatternUtils, mUserManager,
-                    mUserId);
+                    mDevicePolicyManager, mUserId, isStrongAuth);
             ConfirmDeviceCredentialUtils.checkForPendingIntent(
                     ConfirmDeviceCredentialActivity.this);
 
             setResult(Activity.RESULT_OK);
             finish();
         }
+
+        @Override
+        public void onAuthenticationFailed() {
+            mDevicePolicyManager.reportFailedBiometricAttempt(mUserId);
+        }
     };
 
     private String getStringForError(int errorCode) {

src/com/android/settings/password/ConfirmDeviceCredentialUtils.java

@@ -20,6 +20,7 @@ import android.app.Activity;
 import android.app.ActivityManager;
 import android.app.ActivityOptions;
 import android.app.IActivityManager;
+import android.app.admin.DevicePolicyManager;
 import android.content.Intent;
 import android.content.IntentSender;
 import android.os.RemoteException;
@@ -54,8 +55,12 @@ public class ConfirmDeviceCredentialUtils {
     }
 
     public static void reportSuccessfulAttempt(LockPatternUtils utils, UserManager userManager,
-            int userId) {
+            DevicePolicyManager dpm, int userId, boolean isStrongAuth) {
+        if (isStrongAuth) {
             utils.reportSuccessfulPasswordAttempt(userId);
+        } else {
+            dpm.reportSuccessfulBiometricAttempt(userId);
+        }
         if (userManager.isManagedProfile(userId)) {
             // Keyguard is responsible to disable StrongAuth for primary user. Disable StrongAuth
             // for work challenge only here.

src/com/android/settings/password/ConfirmLockPassword.java

@@ -475,7 +475,8 @@ public class ConfirmLockPassword extends ConfirmDeviceCredentialBaseActivity {
             if (matched) {
                 if (newResult) {
                     ConfirmDeviceCredentialUtils.reportSuccessfulAttempt(mLockPatternUtils,
-                            mUserManager, mEffectiveUserId);
+                            mUserManager, mDevicePolicyManager, mEffectiveUserId,
+                            /* isStrongAuth */ true);
                 }
                 startDisappearAnimation(intent);
                 ConfirmDeviceCredentialUtils.checkForPendingIntent(getActivity());

src/com/android/settings/password/ConfirmLockPattern.java

@@ -509,7 +509,8 @@ public class ConfirmLockPattern extends ConfirmDeviceCredentialBaseActivity {
             if (matched) {
                 if (newResult) {
                     ConfirmDeviceCredentialUtils.reportSuccessfulAttempt(mLockPatternUtils,
-                            mUserManager, mEffectiveUserId);
+                            mUserManager, mDevicePolicyManager, mEffectiveUserId,
+                            /* isStrongAuth */ true);
                 }
                 startDisappearAnimation(intent);
                 ConfirmDeviceCredentialUtils.checkForPendingIntent(getActivity());