PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

2/n: Add default implementation for multi-biometric enroll

Browse Source 
1) Adds a layout for multi-biometric selection in BiometricEnrollActivity
2) Adds widgets for checkboxes
3) Shows ConfirmLock*/ChooseLock* for multi-biometric devices in
   BiometricEnrollActivity
4) finish()'s when loses foreground
5) Adds default string for ChooseLock* and multi-biometrics, e.g.
   "Set up Password + Biometrics", as well as associated plumbing
   to bring the user back to BiometricEnrollActivity once the
   credential is enrolled
6) When max templates enrolled, checkbox becomes disabled and
   description string is updated

Bug: 162341940
Bug: 152242790
Fixes: 161742393

No effect on existing devices with the following:
Test: adb shell am start -a android.settings.BIOMETRIC_ENROLL
Test: SUW
Test: make -j RunSettingsRoboTests

Exempt-From-Owner-Approval: Biometric-related change
to EncryptionInterstitial

Change-Id: I855460d50228ace24d4ec5fbe330f02ab406cc02
This commit is contained in:
Kevin Chyn
2020-09-09 13:28:28 -07:00
parent eb8c0f14ea
commit 87bb772e16
35 changed files with 1281 additions and 270 deletions
Download Patch File Download Diff File Expand all files Collapse all files

314
src/com/android/settings/biometrics/BiometricEnrollActivity.java
View File

@@ -21,23 +21,36 @@ import android.app.admin.DevicePolicyManager;
import android.app.settings.SettingsEnums;
import android.content.Intent;
import android.content.pm.PackageManager;
import android.content.res.Resources;
import android.hardware.biometrics.BiometricManager;
import android.hardware.biometrics.BiometricManager.Authenticators;
import android.hardware.face.FaceManager;
import android.hardware.face.FaceSensorProperties;
import android.hardware.fingerprint.FingerprintManager;
import android.hardware.fingerprint.FingerprintSensorProperties;
import android.os.Bundle;
import android.os.UserHandle;
import android.os.UserManager;
import android.provider.Settings;
import android.util.Log;
import android.view.View;
import androidx.annotation.Nullable;
import com.android.internal.widget.LockPatternUtils;
import com.android.settings.R;
import com.android.settings.SetupWizardUtils;
import com.android.settings.biometrics.face.FaceEnrollIntroduction;
import com.android.settings.biometrics.fingerprint.FingerprintEnrollFindSensor;
import com.android.settings.biometrics.fingerprint.FingerprintEnrollIntroduction;
import com.android.settings.biometrics.fingerprint.SetupFingerprintEnrollIntroduction;
import com.android.settings.core.InstrumentedActivity;
import com.android.settings.password.ChooseLockGeneric;
import com.android.settings.password.ChooseLockPattern;
import com.android.settings.password.ChooseLockSettingsHelper;
import com.google.android.setupcompat.template.FooterBarMixin;
import com.google.android.setupcompat.template.FooterButton;
import com.google.android.setupcompat.util.WizardManagerHelper;
import com.google.android.setupdesign.GlifLayout;
import java.util.List;
/**
* Trampoline activity launched by the {@code android.settings.BIOMETRIC_ENROLL} action which
@@ -49,18 +62,53 @@ public class BiometricEnrollActivity extends InstrumentedActivity {
private static final String TAG = "BiometricEnrollActivity";
private static final int REQUEST_CHOOSE_LOCK = 1;
private static final int REQUEST_CONFIRM_LOCK = 2;
public static final int RESULT_SKIP = BiometricEnrollBase.RESULT_SKIP;
// Intent extra. If true, biometric enrollment should skip introductory screens. Currently
// this only applies to fingerprint.
public static final String EXTRA_SKIP_INTRO = "skip_intro";
private static final String SAVED_STATE_CONFIRMING_CREDENTIALS = "confirming_credentials";
private static final String SAVED_STATE_GK_PW_HANDLE = "gk_pw_handle";
public static final class InternalActivity extends BiometricEnrollActivity {}
private int mUserId = UserHandle.myUserId();
private boolean mConfirmingCredentials;
@Nullable private Long mGkPwHandle;
private BiometricEnrollCheckbox mCheckboxFace;
private BiometricEnrollCheckbox mCheckboxFingerprint;
@Nullable private MultiBiometricEnrollHelper mMultiBiometricEnrollHelper;
@Override
public void onCreate(Bundle savedInstanceState) {
public void onCreate(@Nullable Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
if (this instanceof InternalActivity) {
mUserId = getIntent().getIntExtra(Intent.EXTRA_USER_ID, UserHandle.myUserId());
}
if (savedInstanceState != null) {
mConfirmingCredentials = savedInstanceState
.getBoolean(SAVED_STATE_CONFIRMING_CREDENTIALS, false);
if (savedInstanceState.containsKey(SAVED_STATE_GK_PW_HANDLE)) {
mGkPwHandle = savedInstanceState.getLong(SAVED_STATE_GK_PW_HANDLE);
}
}
// Put the theme in the intent so it gets propagated to other activities in the flow
final Intent intent = getIntent();
if (intent.getStringExtra(WizardManagerHelper.EXTRA_THEME) == null) {
intent.putExtra(
WizardManagerHelper.EXTRA_THEME,
SetupWizardUtils.getThemeString(intent));
}
// Default behavior is to enroll BIOMETRIC_WEAK or above. See ACTION_BIOMETRIC_ENROLL.
final int authenticators = getIntent().getIntExtra(
final int authenticators = intent.getIntExtra(
Settings.EXTRA_BIOMETRIC_AUTHENTICATORS_ALLOWED, Authenticators.BIOMETRIC_WEAK);
Log.d(TAG, "Authenticators: " + authenticators);
@@ -73,9 +121,7 @@ public class BiometricEnrollActivity extends InstrumentedActivity {
if (isSetupWizard) {
if (hasFeatureFace && hasFeatureFingerprint) {
// TODO(b/162341940, b/152242790) this should show a multi-biometric selection
// screen
launchFingerprintOnlyEnroll();
setupForMultiBiometricEnroll();
} else if (hasFeatureFace) {
launchFaceOnlyEnroll();
} else if (hasFeatureFingerprint) {
@@ -98,9 +144,7 @@ public class BiometricEnrollActivity extends InstrumentedActivity {
if (authenticators == BiometricManager.Authenticators.DEVICE_CREDENTIAL) {
launchCredentialOnlyEnroll();
} else if (hasFeatureFace && hasFeatureFingerprint) {
// TODO(b/162341940, b/152242790) this should show a multi-biometric selection
// screen
launchFingerprintOnlyEnroll();
setupForMultiBiometricEnroll();
} else if (hasFeatureFingerprint) {
launchFingerprintOnlyEnroll();
} else if (hasFeatureFace) {
@@ -112,30 +156,216 @@ public class BiometricEnrollActivity extends InstrumentedActivity {
}
}
@Override
protected void onSaveInstanceState(@NonNull Bundle outState) {
super.onSaveInstanceState(outState);
outState.putBoolean(SAVED_STATE_CONFIRMING_CREDENTIALS, mConfirmingCredentials);
if (mGkPwHandle != null) {
outState.putLong(SAVED_STATE_GK_PW_HANDLE, mGkPwHandle);
}
}
@Override
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
super.onActivityResult(requestCode, resultCode, data);
if (mMultiBiometricEnrollHelper == null) {
overridePendingTransition(R.anim.sud_slide_next_in, R.anim.sud_slide_next_out);
switch (requestCode) {
case REQUEST_CHOOSE_LOCK:
mConfirmingCredentials = false;
if (resultCode == ChooseLockPattern.RESULT_FINISHED) {
mGkPwHandle = BiometricUtils.getGatekeeperPasswordHandle(data);
} else {
Log.d(TAG, "Unknown result for chooseLock: " + resultCode);
setResult(resultCode);
finish();
}
break;
case REQUEST_CONFIRM_LOCK:
mConfirmingCredentials = false;
if (resultCode == RESULT_OK) {
mGkPwHandle = BiometricUtils.getGatekeeperPasswordHandle(data);
} else {
Log.d(TAG, "Unknown result for confirmLock: " + resultCode);
finish();
}
break;
default:
Log.d(TAG, "Unknown requestCode: " + requestCode + ", finishing");
finish();
}
} else {
mMultiBiometricEnrollHelper.onActivityResult(requestCode, resultCode, data);
}
}
@Override
protected void onApplyThemeResource(Resources.Theme theme, int resid, boolean first) {
resid = SetupWizardUtils.getTheme(getIntent());
theme.applyStyle(R.style.SetupWizardPartnerResource, true);
super.onApplyThemeResource(theme, resid, first);
}
@Override
protected void onStop() {
super.onStop();
if (mConfirmingCredentials || mMultiBiometricEnrollHelper != null) {
return;
}
if (!isChangingConfigurations()) {
Log.d(TAG, "Finishing in onStop");
finish();
}
}
private void setupForMultiBiometricEnroll() {
setContentView(R.layout.biometric_enroll_layout);
mCheckboxFace = findViewById(R.id.checkbox_face);
mCheckboxFingerprint = findViewById(R.id.checkbox_fingerprint);
mCheckboxFace.setListener(this::updateNextButton);
mCheckboxFingerprint.setListener(this::updateNextButton);
final FingerprintManager fingerprintManager = getSystemService(FingerprintManager.class);
final FaceManager faceManager = getSystemService(FaceManager.class);
final List<FingerprintSensorProperties> fpProperties =
fingerprintManager.getSensorProperties();
final List<FaceSensorProperties> faceProperties = faceManager.getSensorProperties();
// This would need to be updated for devices with multiple sensors of the same modality
final boolean maxFacesEnrolled = faceManager.getEnrolledFaces(mUserId).size()
>= faceProperties.get(0).maxTemplatesAllowed;
final boolean maxFingerprintsEnrolled = fingerprintManager.getEnrolledFingerprints(mUserId)
.size() >= fpProperties.get(0).maxTemplatesAllowed;
if (maxFacesEnrolled) {
mCheckboxFace.setEnabled(false);
mCheckboxFace.setDescription(R.string.face_intro_error_max);
}
if (maxFingerprintsEnrolled) {
mCheckboxFingerprint.setEnabled(false);
mCheckboxFingerprint.setDescription(R.string.fingerprint_intro_error_max);
}
final FooterBarMixin footerBarMixin = ((GlifLayout) findViewById(R.id.setup_wizard_layout))
.getMixin(FooterBarMixin.class);
footerBarMixin.setSecondaryButton(new FooterButton.Builder(this)
.setText(R.string.multi_biometric_enroll_skip)
.setListener(this::onButtonNegative)
.setButtonType(FooterButton.ButtonType.SKIP)
.setTheme(R.style.SudGlifButton_Secondary)
.build());
footerBarMixin.setPrimaryButton(new FooterButton.Builder(this)
.setText(R.string.multi_biometric_enroll_next)
.setListener(this::onButtonPositive)
.setButtonType(FooterButton.ButtonType.NEXT)
.setTheme(R.style.SudGlifButton_Primary)
.build());
footerBarMixin.getSecondaryButton().setVisibility(View.VISIBLE);
footerBarMixin.getPrimaryButton().setVisibility(View.VISIBLE);
if (!mConfirmingCredentials && mGkPwHandle == null) {
mConfirmingCredentials = true;
if (!userHasPassword(mUserId)) {
launchChooseLock();
} else {
launchConfirmLock();
}
}
}
private void updateNextButton(View view) {
final boolean canEnrollAny = canEnrollFace() || canEnrollFingerprint();
final FooterBarMixin footerBarMixin = ((GlifLayout) findViewById(R.id.setup_wizard_layout))
.getMixin(FooterBarMixin.class);
footerBarMixin.getPrimaryButton().setEnabled(canEnrollAny);
}
private void onButtonPositive(View view) {
// Start the state machine according to checkboxes, taking max enrolled into account
mMultiBiometricEnrollHelper = new MultiBiometricEnrollHelper(this, mUserId,
canEnrollFace(), canEnrollFingerprint(), mGkPwHandle);
mMultiBiometricEnrollHelper.startNextStep();
}
private void onButtonNegative(View view) {
setResult(RESULT_SKIP);
finish();
}
private boolean canEnrollFace() {
return mCheckboxFace.isEnabled() && mCheckboxFace.isChecked();
}
private boolean canEnrollFingerprint() {
return mCheckboxFingerprint.isEnabled() && mCheckboxFingerprint.isChecked();
}
private boolean userHasPassword(int userId) {
final UserManager userManager = getSystemService(UserManager.class);
final int passwordQuality = new LockPatternUtils(this)
.getActivePasswordQuality(userManager.getCredentialOwnerProfile(userId));
return passwordQuality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
}
private void launchChooseLock() {
Log.d(TAG, "launchChooseLock");
Intent intent = BiometricUtils.getChooseLockIntent(this, getIntent());
intent.putExtra(ChooseLockGeneric.ChooseLockGenericFragment.MINIMUM_QUALITY_KEY,
DevicePolicyManager.PASSWORD_QUALITY_SOMETHING);
intent.putExtra(ChooseLockGeneric.ChooseLockGenericFragment.HIDE_DISABLED_PREFS, true);
intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_REQUEST_GK_PW_HANDLE, true);
intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_FOR_BIOMETRICS, true);
if (mUserId != UserHandle.USER_NULL) {
intent.putExtra(Intent.EXTRA_USER_ID, mUserId);
}
startActivityForResult(intent, REQUEST_CHOOSE_LOCK);
}
private void launchConfirmLock() {
Log.d(TAG, "launchConfirmLock");
final ChooseLockSettingsHelper.Builder builder = new ChooseLockSettingsHelper.Builder(this);
builder.setRequestCode(REQUEST_CONFIRM_LOCK)
.setRequestGatekeeperPasswordHandle(true)
.setForegroundOnly(true)
.setReturnCredentials(true);
if (mUserId != UserHandle.USER_NULL) {
builder.setUserId(mUserId);
}
final boolean launched = builder.show();
if (!launched) {
// This shouldn't happen, as we should only end up at this step if a lock thingy is
// already set.
finish();
}
}
/**
* This should only be used to launch enrollment for single-sensor devices, which use
* FLAG_ACTIVITY_FORWARD_RESULT path.
*
* @param intent Enrollment activity that should be started (e.g. FaceEnrollIntroduction.class,
* etc).
*/
private void launchEnrollActivity(@NonNull Intent intent) {
intent.setFlags(Intent.FLAG_ACTIVITY_FORWARD_RESULT);
byte[] hardwareAuthToken = null;
if (this instanceof InternalActivity) {
// Propagate challenge and user Id from ChooseLockGeneric.
final byte[] token = getIntent()
.getByteArrayExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);
final int userId = getIntent()
.getIntExtra(Intent.EXTRA_USER_ID, UserHandle.USER_NULL);
final long gkPwHandle = getIntent().getLongExtra(
ChooseLockSettingsHelper.EXTRA_KEY_GK_PW_HANDLE, 0L);
intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN, token);
intent.putExtra(Intent.EXTRA_USER_ID, userId);
if (gkPwHandle != 0L) {
intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_GK_PW_HANDLE, gkPwHandle);
}
hardwareAuthToken = getIntent().getByteArrayExtra(
ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);
}
startActivity(intent);
finish();
BiometricUtils.launchEnrollForResult(this, intent, 0 /* requestCode */, hardwareAuthToken,
null /* gkPwHandle */, mUserId);
}
private void launchCredentialOnlyEnroll() {
@@ -152,40 +382,18 @@ public class BiometricEnrollActivity extends InstrumentedActivity {
// ChooseLockGeneric can request to start fingerprint enroll bypassing the intro screen.
if (getIntent().getBooleanExtra(EXTRA_SKIP_INTRO, false)
&& this instanceof InternalActivity) {
intent = getFingerprintFindSensorIntent();
intent = BiometricUtils.getFingerprintFindSensorIntent(this, getIntent());
} else {
intent = getFingerprintIntroIntent();
intent = BiometricUtils.getFingerprintIntroIntent(this, getIntent());
}
launchEnrollActivity(intent);
}
private void launchFaceOnlyEnroll() {
final Intent intent = getFaceIntroIntent();
final Intent intent = BiometricUtils.getFaceIntroIntent(this, getIntent());
launchEnrollActivity(intent);
}
private Intent getFingerprintFindSensorIntent() {
Intent intent = new Intent(this, FingerprintEnrollFindSensor.class);
SetupWizardUtils.copySetupExtras(getIntent(), intent);
return intent;
}
private Intent getFingerprintIntroIntent() {
if (WizardManagerHelper.isAnySetupWizard(getIntent())) {
Intent intent = new Intent(this, SetupFingerprintEnrollIntroduction.class);
WizardManagerHelper.copyWizardManagerExtras(getIntent(), intent);
return intent;
} else {
return new Intent(this, FingerprintEnrollIntroduction.class);
}
}
private Intent getFaceIntroIntent() {
Intent intent = new Intent(this, FaceEnrollIntroduction.class);
WizardManagerHelper.copyWizardManagerExtras(getIntent(), intent);
return intent;
}
@Override
public int getMetricsCategory() {
return SettingsEnums.BIOMETRIC_ENROLL_ACTIVITY;