PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add mandatory biometric prompt to platform surfaces (3/N)

Browse Source 
Pass user ids for identity check. This is to make sure that the right
user is requested auth for different profiles.

Flag: android.hardware.biometrics.Flags.MANDATORY_BIOMETRICS
Bug: 339910718
Test: atest UtilsTest
Change-Id: I953b56e9bfd1edd49d080124905d42a23247b7a7
This commit is contained in:
Diya Bera
2024-07-22 21:52:36 +00:00
parent 51bb0fe4e4
commit 9bae71c15c
10 changed files with 79 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/com/android/settings/MainClear.java
View File

@@ -182,10 +182,13 @@ public class MainClear extends InstrumentedFragment implements OnGlobalLayoutLis
}
if (requestCode == KEYGUARD_REQUEST) {
final int userId = getActivity().getUserId();
if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(),
false /* biometricsSuccessfullyAuthenticated */,
false /* biometricsAuthenticationRequested */)) {
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRICS_REQUEST);
false /* biometricsAuthenticationRequested */,
userId)) {
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRICS_REQUEST,
userId);
return;
}
}

15
src/com/android/settings/Utils.java
View File

@@ -1487,23 +1487,25 @@ public final class Utils extends com.android.settingslib.Utils {
/**
* Request biometric authentication if all requirements for mandatory biometrics is satisfied.
*
* @param context of the corresponding activity/fragment
* @param biometricsSuccessfullyAuthenticated if the user has already authenticated using
* biometrics
* @param biometricsAuthenticationRequested if the activity/fragment has already requested for
* biometric prompt
* @param userId user id for the authentication request
* @return true if all requirements for mandatory biometrics is satisfied
*/
public static boolean requestBiometricAuthenticationForMandatoryBiometrics(
@NonNull Context context,
boolean biometricsSuccessfullyAuthenticated,
boolean biometricsAuthenticationRequested) {
boolean biometricsAuthenticationRequested, int userId) {
final BiometricManager biometricManager = context.getSystemService(BiometricManager.class);
if (biometricManager == null) {
Log.e(TAG, "Biometric Manager is null.");
return false;
}
final int status = biometricManager.canAuthenticate(
final int status = biometricManager.canAuthenticate(userId,
BiometricManager.Authenticators.MANDATORY_BIOMETRICS);
return android.hardware.biometrics.Flags.mandatoryBiometrics()
&& status == BiometricManager.BIOMETRIC_SUCCESS
@@ -1513,15 +1515,16 @@ public final class Utils extends com.android.settingslib.Utils {
/**
* Launch biometric prompt for mandatory biometrics. Call
* {@link #requestBiometricAuthenticationForMandatoryBiometrics(Context, boolean, boolean)}
* {@link #requestBiometricAuthenticationForMandatoryBiometrics(Context, boolean, boolean, int)}
* to check if all requirements for mandatory biometrics is satisfied
* before launching biometric prompt.
*
* @param fragment corresponding fragment of the surface
* @param requestCode for starting the new activity
* @param userId user id for the authentication request
*/
public static void launchBiometricPromptForMandatoryBiometrics(@NonNull Fragment fragment,
int requestCode) {
int requestCode, int userId) {
final Intent intent = new Intent();
intent.putExtra(BIOMETRIC_PROMPT_AUTHENTICATORS,
BiometricManager.Authenticators.MANDATORY_BIOMETRICS);
@@ -1529,8 +1532,10 @@ public final class Utils extends com.android.settingslib.Utils {
fragment.getString(R.string.cancel));
intent.putExtra(KeyguardManager.EXTRA_DESCRIPTION,
fragment.getString(R.string.mandatory_biometrics_prompt_description));
intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_ALLOW_ANY_USER, true);
intent.putExtra(EXTRA_USER_ID, userId);
intent.setClassName(SETTINGS_PACKAGE_NAME,
ConfirmDeviceCredentialActivity.class.getName());
ConfirmDeviceCredentialActivity.InternalActivity.class.getName());
fragment.startActivityForResult(intent, requestCode);
}

10
src/com/android/settings/biometrics/combination/BiometricsSettingsBase.java
View File

@@ -144,9 +144,10 @@ public abstract class BiometricsSettingsBase extends DashboardFragment {
launchChooseOrConfirmLock();
} else if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(
getActivity(), mBiometricsSuccessfullyAuthenticated,
mBiometricsAuthenticationRequested)) {
mBiometricsAuthenticationRequested, mUserId)) {
mBiometricsAuthenticationRequested = true;
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST);
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST,
mUserId);
}
updateUnlockPhonePreferenceSummary();
@@ -161,10 +162,11 @@ public abstract class BiometricsSettingsBase extends DashboardFragment {
public void onResume() {
super.onResume();
if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(),
mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested)
mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested, mUserId)
&& mGkPwHandle != 0L) {
mBiometricsAuthenticationRequested = true;
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST);
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST,
mUserId);
}
if (!mConfirmCredential) {
mDoNotFinishActivity = false;

6
src/com/android/settings/biometrics/face/FaceSettings.java
View File

@@ -289,9 +289,11 @@ public class FaceSettings extends DashboardFragment {
finish();
}
} else if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(),
mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested)) {
mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested,
mUserId)) {
mBiometricsAuthenticationRequested = true;
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST);
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST,
mUserId);
} else {
mAttentionController.setToken(mToken);
mEnrollController.setToken(mToken);

12
src/com/android/settings/biometrics/fingerprint/FingerprintSettings.java
View File

@@ -485,9 +485,11 @@ public class FingerprintSettings extends SubSettings {
mLaunchedConfirm = true;
launchChooseOrConfirmLock();
} else if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(),
mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested)) {
mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested,
mUserId)) {
mBiometricsAuthenticationRequested = true;
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST);
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST,
mUserId);
} else if (!mHasFirstEnrolled) {
mIsEnrolling = true;
addFirstFingerprint(null);
@@ -777,9 +779,11 @@ public class FingerprintSettings extends SubSettings {
.getUdfpsEnrollCalibrator(getActivity().getApplicationContext(), null, null);
if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(),
mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested)) {
mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested,
mUserId)) {
mBiometricsAuthenticationRequested = true;
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST);
Utils.launchBiometricPromptForMandatoryBiometrics(this,
BIOMETRIC_AUTH_REQUEST, mUserId);
}
}

5
src/com/android/settings/password/ChooseLockGeneric.java
View File

@@ -492,9 +492,10 @@ public class ChooseLockGeneric extends SettingsActivity {
: null;
updatePreferencesOrFinish(false /* isRecreatingActivity */);
if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getContext(),
mBiometricsAuthSuccessful, mWaitingForConfirmation)) {
mBiometricsAuthSuccessful, mWaitingForConfirmation, mUserId)) {
mWaitingForConfirmation = true;
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST);
Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST,
mUserId);
}
} else if (requestCode == BIOMETRIC_AUTH_REQUEST) {
if (resultCode == Activity.RESULT_OK) {

8
tests/robotests/src/com/android/settings/MainClearTest.java
View File

@@ -140,8 +140,8 @@ public class MainClearTest {
when(mScrollView.getChildCount()).thenReturn(1);
doReturn(mMockActivity).when(mMainClear).getActivity();
when(mMockActivity.getSystemService(BiometricManager.class)).thenReturn(mBiometricManager);
when(mBiometricManager.canAuthenticate(
BiometricManager.Authenticators.MANDATORY_BIOMETRICS))
when(mBiometricManager.canAuthenticate(anyInt(),
eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS)))
.thenReturn(BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE);
}
@@ -370,8 +370,8 @@ public class MainClearTest {
when(mContext.getResources()).thenReturn(mResources);
when(mMockActivity.getSystemService(BiometricManager.class)).thenReturn(mBiometricManager);
when(mResources.getString(anyInt())).thenReturn(TEST_ACCOUNT_NAME);
when(mBiometricManager.canAuthenticate(
BiometricManager.Authenticators.MANDATORY_BIOMETRICS))
when(mBiometricManager.canAuthenticate(anyInt(),
eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS)))
.thenReturn(BiometricManager.BIOMETRIC_SUCCESS);
doReturn(true).when(mMainClear).isValidRequestCode(eq(MainClear.KEYGUARD_REQUEST));
doNothing().when(mMainClear).startActivityForResult(any(), anyInt());

40
tests/robotests/src/com/android/settings/UtilsTest.java
View File

@@ -81,6 +81,7 @@ import androidx.fragment.app.Fragment;
import androidx.fragment.app.FragmentActivity;
import com.android.internal.widget.LockPatternUtils;
import com.android.settings.password.ChooseLockSettingsHelper;
import com.android.settings.password.ConfirmDeviceCredentialActivity;
import com.android.settings.testutils.shadow.ShadowLockPatternUtils;
@@ -532,31 +533,45 @@ public class UtilsTest {
when(mContext.getSystemService(BiometricManager.class)).thenReturn(null);
assertThat(Utils.requestBiometricAuthenticationForMandatoryBiometrics(mContext,
false /* biometricsSuccessfullyAuthenticated */,
false /* biometricsAuthenticationRequested */)).isFalse();
false /* biometricsAuthenticationRequested */, USER_ID)).isFalse();
}
@Test
@EnableFlags(Flags.FLAG_MANDATORY_BIOMETRICS)
public void testRequestBiometricAuthentication_biometricManagerReturnsSuccess_shouldReturnTrue() {
when(mBiometricManager.canAuthenticate(
when(mBiometricManager.canAuthenticate(USER_ID,
BiometricManager.Authenticators.MANDATORY_BIOMETRICS))
.thenReturn(BiometricManager.BIOMETRIC_SUCCESS);
boolean requestBiometricAuthenticationForMandatoryBiometrics =
final boolean requestBiometricAuthenticationForMandatoryBiometrics =
Utils.requestBiometricAuthenticationForMandatoryBiometrics(mContext,
true /* biometricsSuccessfullyAuthenticated */,
false /* biometricsAuthenticationRequested */);
assertThat(requestBiometricAuthenticationForMandatoryBiometrics).isFalse();
false /* biometricsSuccessfullyAuthenticated */,
false /* biometricsAuthenticationRequested */, USER_ID);
assertThat(requestBiometricAuthenticationForMandatoryBiometrics).isTrue();
}
@Test
@EnableFlags(Flags.FLAG_MANDATORY_BIOMETRICS)
public void testRequestBiometricAuthentication_biometricManagerReturnsError_shouldReturnFalse() {
when(mBiometricManager.canAuthenticate(
BiometricManager.Authenticators.MANDATORY_BIOMETRICS))
when(mBiometricManager.canAuthenticate(anyInt(),
eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS)))
.thenReturn(BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE);
assertThat(Utils.requestBiometricAuthenticationForMandatoryBiometrics(mContext,
false /* biometricsSuccessfullyAuthenticated */,
false /* biometricsAuthenticationRequested */)).isFalse();
false /* biometricsAuthenticationRequested */, USER_ID)).isFalse();
}
@Test
@EnableFlags(Flags.FLAG_MANDATORY_BIOMETRICS)
public void testRequestBiometricAuthentication_biometricManagerReturnsSuccessForDifferentUser_shouldReturnFalse() {
when(mBiometricManager.canAuthenticate(anyInt(),
eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS)))
.thenReturn(BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE);
when(mBiometricManager.canAuthenticate(0 /* userId */,
BiometricManager.Authenticators.MANDATORY_BIOMETRICS))
.thenReturn(BiometricManager.BIOMETRIC_SUCCESS);
assertThat(Utils.requestBiometricAuthenticationForMandatoryBiometrics(mContext,
false /* biometricsSuccessfullyAuthenticated */,
false /* biometricsAuthenticationRequested */, USER_ID)).isFalse();
}
@Test
@@ -566,7 +581,7 @@ public class UtilsTest {
final int requestCode = 1;
final ArgumentCaptor<Intent> intentArgumentCaptor = ArgumentCaptor.forClass(Intent.class);
Utils.launchBiometricPromptForMandatoryBiometrics(mFragment, requestCode);
Utils.launchBiometricPromptForMandatoryBiometrics(mFragment, requestCode, USER_ID);
verify(mFragment).startActivityForResult(intentArgumentCaptor.capture(), eq(requestCode));
@@ -576,9 +591,12 @@ public class UtilsTest {
BiometricManager.Authenticators.MANDATORY_BIOMETRICS);
assertThat(intent.getExtra(BIOMETRIC_PROMPT_NEGATIVE_BUTTON_TEXT)).isNotNull();
assertThat(intent.getExtra(KeyguardManager.EXTRA_DESCRIPTION)).isNotNull();
assertThat(intent.getBooleanExtra(ChooseLockSettingsHelper.EXTRA_KEY_ALLOW_ANY_USER, false))
.isTrue();
assertThat(intent.getIntExtra(Intent.EXTRA_USER_ID, 0)).isEqualTo(USER_ID);
assertThat(intent.getComponent().getPackageName()).isEqualTo(SETTINGS_PACKAGE_NAME);
assertThat(intent.getComponent().getClassName()).isEqualTo(
ConfirmDeviceCredentialActivity.class.getName());
ConfirmDeviceCredentialActivity.InternalActivity.class.getName());
}
private void setUpForConfirmCredentialString(boolean isEffectiveUserManagedProfile) {

10
tests/robotests/src/com/android/settings/biometrics/combination/CombinedBiometricProfileSettingsTest.java
View File

@@ -127,8 +127,8 @@ public class CombinedBiometricProfileSettingsTest {
mFragment = spy(new TestCombinedBiometricProfileSettings(mContext));
doReturn(mActivity).when(mFragment).getActivity();
doReturn(mBiometricManager).when(mActivity).getSystemService(BiometricManager.class);
when(mBiometricManager.canAuthenticate(
BiometricManager.Authenticators.MANDATORY_BIOMETRICS))
when(mBiometricManager.canAuthenticate(anyInt(),
eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS)))
.thenReturn(BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE);
ReflectionHelpers.setField(mFragment, "mDashboardFeatureProvider",
@@ -181,8 +181,8 @@ public class CombinedBiometricProfileSettingsTest {
public void testLaunchBiometricPrompt_onCreateFragment() {
ArgumentCaptor<Intent> intentArgumentCaptor = ArgumentCaptor.forClass(Intent.class);
doNothing().when(mFragment).startActivityForResult(any(), anyInt());
when(mBiometricManager.canAuthenticate(
BiometricManager.Authenticators.MANDATORY_BIOMETRICS))
when(mBiometricManager.canAuthenticate(anyInt(),
eq(BiometricManager.Authenticators.MANDATORY_BIOMETRICS)))
.thenReturn(BiometricManager.BIOMETRIC_SUCCESS);
mFragment.onAttach(mContext);
@@ -193,7 +193,7 @@ public class CombinedBiometricProfileSettingsTest {
Intent intent = intentArgumentCaptor.getValue();
assertThat(intent.getComponent().getClassName()).isEqualTo(
ConfirmDeviceCredentialActivity.class.getName());
ConfirmDeviceCredentialActivity.InternalActivity.class.getName());
}
@Test

2
tests/robotests/src/com/android/settings/biometrics/fingerprint/FingerprintSettingsFragmentTest.java
View File

@@ -176,7 +176,7 @@ public class FingerprintSettingsFragmentTest {
Intent intent = intentArgumentCaptor.getValue();
assertThat(intent.getComponent().getClassName()).isEqualTo(
ConfirmDeviceCredentialActivity.class.getName());
ConfirmDeviceCredentialActivity.InternalActivity.class.getName());
}
// Test the case when FingerprintAuthenticateSidecar receives an error callback from the