From a8c12b429812be513e7d918596d2583f4c5037a1 Mon Sep 17 00:00:00 2001
From: Pavel Grafov <pgrafov@google.com>
Date: Wed, 24 Nov 2021 16:19:44 +0000
Subject: [PATCH] Check user validity before retrying authentication

When managed profile gets wiped Settings may crash with SecurityException
when trying to retry authentication for no longer valid user.

Test: manually with TestDPC
Bug: 201513984
Change-Id: Ib7309abf89be76fcc1bf756c37c09d6b60c6b95c
---
 .../settings/password/ConfirmDeviceCredentialActivity.java    | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/com/android/settings/password/ConfirmDeviceCredentialActivity.java b/src/com/android/settings/password/ConfirmDeviceCredentialActivity.java
index 03e83a4f61b..22d87a51a0e 100644
--- a/src/com/android/settings/password/ConfirmDeviceCredentialActivity.java
+++ b/src/com/android/settings/password/ConfirmDeviceCredentialActivity.java
@@ -108,6 +108,10 @@ public class ConfirmDeviceCredentialActivity extends FragmentActivity {
                 if (errorCode == BiometricPrompt.BIOMETRIC_ERROR_USER_CANCELED
                         || errorCode == BiometricPrompt.BIOMETRIC_ERROR_CANCELED) {
                     finish();
+                } else if (mUserManager.getUserInfo(mUserId) == null) {
+                    // This can happen when profile gets wiped due to too many failed auth attempts.
+                    Log.i(TAG, "Finishing, user no longer valid: " + mUserId);
+                    finish();
                 } else {
                     // All other errors go to some version of CC
                     showConfirmCredentials();