4/n: Remove challenge from choose/confirm, use new path

Biometric enrollment will not request a Gatekeeper HAT during
initial credential setup or credential confirmation anymore.
Instead, it is broken down into the following steps now.

Bug: 161765592

1) Request credential setup / confirmation to return a
   Gatekeeper Password
2) Biometric enrollment will generate a challenge
3) Biometric enrollment will request LockSettingsService to
   verify(GatekeeperPassword, challenge), and upon verification,
   the Gatekeeper HAT will be returned.

Since both LockSettingsService and Biometric enroll/settings
make use of biometric challenges, this allows us to make the
challenge ownership/lifecycle clear (vs. previously, where
LockSettingsService has no idea who the challenge belongs to).

Exempt-From-Owner-Approval:For files not owned by our team,
(StorageWizard), this change is just a method rename

Test: RunSettingsRoboTests

Run the following on face/fingerprint devices
Test: Remove credential
      adb shell am start -a android.app.action.SET_NEW_PASSWORD
      Set up credential + fingerprint
Test: Remove credential,
      adb shell am start -a android.settings.FINGERPRINT_SETTINGS
      This tests the ChooseLock* logic in FingerprintSettings
Test: Set up credential,
      adb shell am start -a android.settings.FINGERPRINT_SETTINGS
      This tests the ConfirmLock* logic in FingerprintSettings
Test: Remove device credential, enroll fingerprint/face. Succeeds.
      This tests the ChooseLock* returning SP path from
      BiometricEnrollIntro
Test: With credential and fingerprint/face enrolled, go to
      fingerprint/face settings and enroll. This tests the
      ConfirmLock* path in Fingerprint/FaceSettings
Test: Remove device credential, enroll credential-only, enroll
      fingerprint/face separately. Succeeds. This tests the
      ConfirmLock* returning SP path in BiometricEnrollIntro
Test: In SUW, set up credential, then biometric. This tests
      the ChooseLock* path in SUW
Test: In SUW, set up credential, go back, then set up biometric.
      This tests the ConfirmLock* path in SUW

Change-Id: Idf6fcb43f7497323d089eb9c37125294e7a7f5dc

src/com/android/settings/biometrics/face/FaceEnrollIntroduction.java

@@ -26,6 +26,7 @@ import android.widget.TextView;
 import com.android.settings.R;
 import com.android.settings.Utils;
 import com.android.settings.biometrics.BiometricEnrollIntroduction;
+import com.android.settings.biometrics.BiometricUtils;
 import com.android.settings.overlay.FeatureFactory;
 import com.android.settings.password.ChooseLockSettingsHelper;
 import com.android.settingslib.RestrictedLockUtilsInternal;
@@ -38,16 +39,26 @@ import com.google.android.setupdesign.template.RequireScrollMixin;
 
 public class FaceEnrollIntroduction extends BiometricEnrollIntroduction {
 
-    private static final String TAG = "FaceIntro";
+    private static final String TAG = "FaceEnrollIntroduction";
 
     private FaceManager mFaceManager;
     private FaceFeatureProvider mFaceFeatureProvider;
 
     @Override
     protected void onCreate(Bundle savedInstanceState) {
+        mFaceManager = Utils.getFaceManagerOrNull(this);
+        // Check if the Gateekeper Password exists. If so, request for a Gatekeeper HAT to be
+        // created. This needs to be cleaned up, since currently it's not very clear which
+        // superclass is responsible for what. Doing the check here is the least risky way.
+        if (mToken == null && BiometricUtils.containsGatekeeperPassword(getIntent())) {
+            // We either block on generateChallenge, or need to gray out the "next" button until
+            // the challenge is ready. Let's just do this for now.
+            final long challenge = mFaceManager.generateChallengeBlocking();
+            mToken = BiometricUtils.requestGatekeeperHat(this, getIntent(), mUserId, challenge);
+        }
+
         super.onCreate(savedInstanceState);
 
-        mFaceManager = Utils.getFaceManagerOrNull(this);
         mFaceFeatureProvider = FeatureFactory.getFactory(getApplicationContext())
                 .getFaceFeatureProvider();
 
@@ -86,9 +97,7 @@ public class FaceEnrollIntroduction extends BiometricEnrollIntroduction {
                     RequireScrollMixin.class);
             requireScrollMixin.requireScrollWithButton(this, agreeButton,
                     R.string.security_settings_face_enroll_introduction_more,
-                    button -> {
-                        onNextButtonClick(button);
-                    });
+                    this::onNextButtonClick);
         }
 
         final TextView footer2 = findViewById(R.id.face_enroll_introduction_footer_part_2);