PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add ability to finish() ConfirmDeviceCredential if it loses foreground

Browse Source 
If user enters face settings but does not enter the password, then
turns off the screen, it's possible the challenge is invalidated. Instead,
we should finish() the device credential screen as well as FaceSettings.

This prevents
1) The user from being prompted for credential with lack of context
2) Credential returning a HAT that wraps an invalidated challenge

The user will be returned to the security settings screen, where they
have more context and can decide if they want to enter face settings again.

Fixes: 138273242

Test: 1) Open face settings, do not enter password
      2) Press power button
      3) Unlock keyguard
      4) User is not presented with credential screen
Test: Go through SUW, turning on/off the screen at various security
      screens. Able to enroll successfully

Change-Id: I3c3d4600138012821bb0eea7d2927df00011cdb0
This commit is contained in:
Kevin Chyn
2019-07-26 14:53:20 -07:00
parent ba4fad160d
commit e27a304b97
5 changed files with 47 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/com/android/settings/biometrics/BiometricEnrollBase.java
View File

@@ -172,11 +172,11 @@ public abstract class BiometricEnrollBase extends InstrumentedActivity {
if (mUserId == UserHandle.USER_NULL) {
launchedConfirmationActivity = helper.launchConfirmationActivity(CONFIRM_REQUEST,
getString(titleResId),
null, null, challenge);
null, null, challenge, true /* foregroundOnly */);
} else {
launchedConfirmationActivity = helper.launchConfirmationActivity(CONFIRM_REQUEST,
getString(titleResId),
null, null, challenge, mUserId);
null, null, challenge, mUserId, true /* foregroundOnly */);
}
if (!launchedConfirmationActivity) {
// This shouldn't happen, as we should only end up at this step if a lock thingy is

2
src/com/android/settings/biometrics/face/FaceSettings.java
View File

@@ -171,7 +171,7 @@ public class FaceSettings extends DashboardFragment {
mConfirmingPassword = true;
if (!helper.launchConfirmationActivity(CONFIRM_REQUEST,
getString(R.string.security_settings_face_preference_title),
null, null, challenge, mUserId)) {
null, null, challenge, mUserId, true /* foregroundOnly */)) {
Log.e(TAG, "Password not set");
finish();
}

2
src/com/android/settings/biometrics/fingerprint/FingerprintSettings.java
View File

@@ -617,7 +617,7 @@ public class FingerprintSettings extends SubSettings {
ChooseLockSettingsHelper helper = new ChooseLockSettingsHelper(getActivity(), this);
if (!helper.launchConfirmationActivity(CONFIRM_REQUEST,
getString(R.string.security_settings_fingerprint_preference_title),
null, null, challenge, mUserId)) {
null, null, challenge, mUserId, true /* foregroundOnly */)) {
intent.setClassName(SETTINGS_PACKAGE_NAME, ChooseLockGeneric.class.getName());
intent.putExtra(ChooseLockGeneric.ChooseLockGenericFragment.MINIMUM_QUALITY_KEY,
DevicePolicyManager.PASSWORD_QUALITY_SOMETHING);

58
src/com/android/settings/password/ChooseLockSettingsHelper.java
View File

@@ -47,6 +47,7 @@ public final class ChooseLockSettingsHelper {
public static final String EXTRA_KEY_FOR_FINGERPRINT = "for_fingerprint";
public static final String EXTRA_KEY_FOR_FACE = "for_face";
public static final String EXTRA_KEY_FOR_CHANGE_CRED_REQUIRED_FOR_BOOT = "for_cred_req_boot";
public static final String EXTRA_KEY_FOREGROUND_ONLY = "foreground_only";
/**
* Intent extra for passing the requested min password complexity to later steps in the set new
@@ -105,7 +106,8 @@ public final class ChooseLockSettingsHelper {
null /* header */,
null /* description */,
false /* returnCredentials */,
false /* external */);
false /* external */,
false /* foregroundOnly */);
}
/**
@@ -124,7 +126,8 @@ public final class ChooseLockSettingsHelper {
null /* header */,
null /* description */,
returnCredentials /* returnCredentials */,
false /* external */);
false /* external */,
false /* foregroundOnly */);
}
/**
@@ -148,7 +151,8 @@ public final class ChooseLockSettingsHelper {
false /* external */,
false /* hasChallenge */,
0 /* challenge */,
Utils.enforceSameOwner(mActivity, userId) /* userId */);
Utils.enforceSameOwner(mActivity, userId) /* userId */,
false /* foregroundOnly */);
}
/**
@@ -162,12 +166,13 @@ public final class ChooseLockSettingsHelper {
* @param external specifies whether this activity is launched externally, meaning that it will
* get a dark theme, allow fingerprint authentication and it will forward
* activity result.
* @param foregroundOnly if the confirmation activity should be finished if it loses foreground.
* @return true if one exists and we launched an activity to confirm it
* @see Activity#onActivityResult(int, int, android.content.Intent)
*/
boolean launchConfirmationActivity(int request, @Nullable CharSequence title,
@Nullable CharSequence header, @Nullable CharSequence description,
boolean returnCredentials, boolean external) {
boolean returnCredentials, boolean external, boolean foregroundOnly) {
return launchConfirmationActivity(
request /* request */,
title /* title */,
@@ -177,7 +182,8 @@ public final class ChooseLockSettingsHelper {
external /* external */,
false /* hasChallenge */,
0 /* challenge */,
Utils.getCredentialOwnerUserId(mActivity) /* userId */);
Utils.getCredentialOwnerUserId(mActivity) /* userId */,
foregroundOnly /* foregroundOnly */);
}
/**
@@ -207,7 +213,8 @@ public final class ChooseLockSettingsHelper {
external /* external */,
false /* hasChallenge */,
0 /* challenge */,
Utils.enforceSameOwner(mActivity, userId) /* userId */);
Utils.enforceSameOwner(mActivity, userId) /* userId */,
false /* foregroundOnly */);
}
/**
@@ -217,12 +224,13 @@ public final class ChooseLockSettingsHelper {
* @param header header of the confirmation screen; shown as large text
* @param description description of the confirmation screen
* @param challenge a challenge to be verified against the device credential.
* @param foregroundOnly if the confirmation activity should be finished if it loses foreground.
* @return true if one exists and we launched an activity to confirm it
* @see Activity#onActivityResult(int, int, android.content.Intent)
*/
public boolean launchConfirmationActivity(int request, @Nullable CharSequence title,
@Nullable CharSequence header, @Nullable CharSequence description,
long challenge) {
long challenge, boolean foregroundOnly) {
return launchConfirmationActivity(
request /* request */,
title /* title */,
@@ -232,7 +240,8 @@ public final class ChooseLockSettingsHelper {
false /* external */,
true /* hasChallenge */,
challenge /* challenge */,
Utils.getCredentialOwnerUserId(mActivity) /* userId */);
Utils.getCredentialOwnerUserId(mActivity) /* userId */,
foregroundOnly /* foregroundOnly */);
}
/**
@@ -243,12 +252,13 @@ public final class ChooseLockSettingsHelper {
* @param description description of the confirmation screen
* @param challenge a challenge to be verified against the device credential.
* @param userId The userId for whom the lock should be confirmed.
* @param foregroundOnly if the confirmation activity should be finished if it loses foreground.
* @return true if one exists and we launched an activity to confirm it
* @see Activity#onActivityResult(int, int, android.content.Intent)
*/
public boolean launchConfirmationActivity(int request, @Nullable CharSequence title,
@Nullable CharSequence header, @Nullable CharSequence description,
long challenge, int userId) {
long challenge, int userId, boolean foregroundOnly) {
return launchConfirmationActivity(
request /* request */,
title /* title */,
@@ -258,7 +268,8 @@ public final class ChooseLockSettingsHelper {
false /* external */,
true /* hasChallenge */,
challenge /* challenge */,
Utils.enforceSameOwner(mActivity, userId) /* userId */);
Utils.enforceSameOwner(mActivity, userId) /* userId */,
foregroundOnly);
}
/**
@@ -287,7 +298,8 @@ public final class ChooseLockSettingsHelper {
external /* external */,
true /* hasChallenge */,
challenge /* challenge */,
Utils.enforceSameOwner(mActivity, userId) /* userId */);
Utils.enforceSameOwner(mActivity, userId) /* userId */,
false /* foregroundOnly */);
}
/**
@@ -316,7 +328,7 @@ public final class ChooseLockSettingsHelper {
private boolean launchConfirmationActivity(int request, @Nullable CharSequence title,
@Nullable CharSequence header, @Nullable CharSequence description,
boolean returnCredentials, boolean external, boolean hasChallenge,
long challenge, int userId) {
long challenge, int userId, boolean foregroundOnly) {
return launchConfirmationActivity(
request /* request */,
title /* title */,
@@ -328,7 +340,8 @@ public final class ChooseLockSettingsHelper {
challenge /* challenge */,
userId /* userId */,
null /* alternateButton */,
null /* extras */);
null /* extras */,
foregroundOnly /* foregroundOnly */);
}
private boolean launchConfirmationActivity(int request, @Nullable CharSequence title,
@@ -346,7 +359,8 @@ public final class ChooseLockSettingsHelper {
challenge /* challenge */,
userId /* userId */,
null /* alternateButton */,
extras /* extras */);
extras /* extras */,
false /* foregroundOnly */);
}
public boolean launchFrpConfirmationActivity(int request, @Nullable CharSequence header,
@@ -362,13 +376,15 @@ public final class ChooseLockSettingsHelper {
0 /* challenge */,
LockPatternUtils.USER_FRP /* userId */,
alternateButton /* alternateButton */,
null /* extras */);
null /* extras */,
false /* foregroundOnly */);
}
private boolean launchConfirmationActivity(int request, @Nullable CharSequence title,
@Nullable CharSequence header, @Nullable CharSequence description,
boolean returnCredentials, boolean external, boolean hasChallenge,
long challenge, int userId, @Nullable CharSequence alternateButton, Bundle extras) {
long challenge, int userId, @Nullable CharSequence alternateButton, Bundle extras,
boolean foregroundOnly) {
final int effectiveUserId = UserManager.get(mActivity).getCredentialOwnerProfile(userId);
boolean launched = false;
@@ -378,7 +394,8 @@ public final class ChooseLockSettingsHelper {
returnCredentials || hasChallenge
? ConfirmLockPattern.InternalActivity.class
: ConfirmLockPattern.class, returnCredentials, external,
hasChallenge, challenge, userId, alternateButton, extras);
hasChallenge, challenge, userId, alternateButton, extras,
foregroundOnly);
break;
case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC:
case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX:
@@ -390,7 +407,8 @@ public final class ChooseLockSettingsHelper {
returnCredentials || hasChallenge
? ConfirmLockPassword.InternalActivity.class
: ConfirmLockPassword.class, returnCredentials, external,
hasChallenge, challenge, userId, alternateButton, extras);
hasChallenge, challenge, userId, alternateButton, extras,
foregroundOnly);
break;
}
return launched;
@@ -399,7 +417,8 @@ public final class ChooseLockSettingsHelper {
private boolean launchConfirmationActivity(int request, CharSequence title, CharSequence header,
CharSequence message, Class<?> activityClass, boolean returnCredentials,
boolean external, boolean hasChallenge, long challenge,
int userId, @Nullable CharSequence alternateButton, Bundle extras) {
int userId, @Nullable CharSequence alternateButton, Bundle extras,
boolean foregroundOnly) {
final Intent intent = new Intent();
intent.putExtra(ConfirmDeviceCredentialBaseFragment.TITLE_TEXT, title);
intent.putExtra(ConfirmDeviceCredentialBaseFragment.HEADER_TEXT, header);
@@ -414,6 +433,7 @@ public final class ChooseLockSettingsHelper {
intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE, challenge);
intent.putExtra(Intent.EXTRA_USER_ID, userId);
intent.putExtra(KeyguardManager.EXTRA_ALTERNATE_BUTTON_LABEL, alternateButton);
intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_FOREGROUND_ONLY, foregroundOnly);
if (extras != null) {
intent.putExtras(extras);
}

4
src/com/android/settings/password/ConfirmDeviceCredentialBaseActivity.java
View File

@@ -172,6 +172,10 @@ public abstract class ConfirmDeviceCredentialBaseActivity extends SettingsActivi
mBiometricManager.onConfirmDeviceCredentialError(
BiometricConstants.BIOMETRIC_ERROR_USER_CANCELED,
getString(com.android.internal.R.string.biometric_error_user_canceled));
if (getIntent().getBooleanExtra(
ChooseLockSettingsHelper.EXTRA_KEY_FOREGROUND_ONLY, false)) {
finish();
}
}
}