From f4462ac5c224db867b23f59638ae0bc93d6eff6f Mon Sep 17 00:00:00 2001
From: Meng Wang <mewan@google.com>
Date: Tue, 16 Apr 2024 18:36:52 +0000
Subject: [PATCH] When erasing an eSIM, verify the device screen PIN lock if
 one is set.

SIM PIN lock existence isn't checked anymore.

Bug: 329202869
Test: manual - see b/329202869#comment41
Change-Id: I2c4d2b7e224973c4afa75573e05afe7607d2ae6b
---
 .../DeleteSimProfilePreferenceController.kt   |  4 +-
 .../network/telephony/MobileNetworkUtils.java | 56 +++++++++++++++++++
 2 files changed, 58 insertions(+), 2 deletions(-)

diff --git a/src/com/android/settings/network/telephony/DeleteSimProfilePreferenceController.kt b/src/com/android/settings/network/telephony/DeleteSimProfilePreferenceController.kt
index b7ee41dd50e..312d4468bfd 100644
--- a/src/com/android/settings/network/telephony/DeleteSimProfilePreferenceController.kt
+++ b/src/com/android/settings/network/telephony/DeleteSimProfilePreferenceController.kt
@@ -26,7 +26,7 @@ import androidx.preference.PreferenceScreen
 import com.android.settings.R
 import com.android.settings.core.BasePreferenceController
 import com.android.settings.network.SubscriptionUtil
-import com.android.settings.wifi.dpp.WifiDppUtils
+import com.android.settings.network.telephony.MobileNetworkUtils
 import com.android.settingslib.spa.framework.util.collectLatestWithLifecycle
 
 /** This controls a preference allowing the user to delete the profile for an eSIM.  */
@@ -65,7 +65,7 @@ class DeleteSimProfilePreferenceController(context: Context, preferenceKey: Stri
     override fun handlePreferenceTreeClick(preference: Preference): Boolean {
         if (preference.key != preferenceKey) return false
 
-        WifiDppUtils.showLockScreen(mContext) { deleteSim() }
+        MobileNetworkUtils.showLockScreen(mContext) { deleteSim() }
 
         return true
     }
diff --git a/src/com/android/settings/network/telephony/MobileNetworkUtils.java b/src/com/android/settings/network/telephony/MobileNetworkUtils.java
index 4430642e3cf..ea549ae7c94 100644
--- a/src/com/android/settings/network/telephony/MobileNetworkUtils.java
+++ b/src/com/android/settings/network/telephony/MobileNetworkUtils.java
@@ -31,6 +31,7 @@ import static com.android.settings.network.telephony.TelephonyConstants.Telephon
 import static com.android.settings.network.telephony.TelephonyConstants.TelephonyManagerConstants.NETWORK_MODE_NR_LTE_CDMA_EVDO;
 import static com.android.settings.network.telephony.TelephonyConstants.TelephonyManagerConstants.NETWORK_MODE_NR_LTE_GSM_WCDMA;
 
+import android.app.KeyguardManager;
 import android.content.ContentResolver;
 import android.content.Context;
 import android.content.Intent;
@@ -41,13 +42,18 @@ import android.graphics.Color;
 import android.graphics.drawable.ColorDrawable;
 import android.graphics.drawable.Drawable;
 import android.graphics.drawable.LayerDrawable;
+import android.hardware.biometrics.BiometricPrompt;
 import android.net.ConnectivityManager;
 import android.net.Network;
 import android.net.NetworkCapabilities;
 import android.os.Bundle;
+import android.os.CancellationSignal;
+import android.os.Handler;
+import android.os.Looper;
 import android.os.PersistableBundle;
 import android.os.SystemClock;
 import android.os.SystemProperties;
+import android.os.UserHandle;
 import android.os.UserManager;
 import android.provider.Settings;
 import android.telecom.PhoneAccountHandle;
@@ -68,6 +74,7 @@ import android.text.TextUtils;
 import android.util.Log;
 import android.view.Gravity;
 
+import androidx.annotation.NonNull;
 import androidx.annotation.Nullable;
 import androidx.annotation.VisibleForTesting;
 
@@ -1050,4 +1057,53 @@ public class MobileNetworkUtils {
                 .launch();
     }
 
+    /**
+     * Shows authentication screen to confirm credentials (pin/pattern/password) for the current
+     * user of the device.
+     *
+     * <p>Similar to WifiDppUtils.showLockScreen(), but doesn't check for the existence of
+     * SIM PIN lock, only screen PIN lock.
+     *
+     * @param context The {@code Context} used to get {@link KeyguardManager} service
+     * @param onSuccess The {@code Runnable} which will be executed if the user does not setup
+     *                  device security or if lock screen is unlocked
+     */
+    public static void showLockScreen(@NonNull Context context, @NonNull Runnable onSuccess) {
+        final KeyguardManager keyguardManager =
+                context.getSystemService(KeyguardManager.class);
+
+        if (keyguardManager.isDeviceSecure()) {
+            final BiometricPrompt.AuthenticationCallback authenticationCallback =
+                    new BiometricPrompt.AuthenticationCallback() {
+                        @Override
+                        public void onAuthenticationSucceeded(
+                                    BiometricPrompt.AuthenticationResult result) {
+                            onSuccess.run();
+                        }
+
+                        @Override
+                        public void onAuthenticationError(int errorCode, CharSequence errString) {
+                            // Do nothing
+                        }
+            };
+
+            final int userId = UserHandle.myUserId();
+            final BiometricPrompt biometricPrompt = new BiometricPrompt.Builder(context)
+                    .setTitle(context.getText(R.string.wifi_dpp_lockscreen_title))
+                    .setDeviceCredentialAllowed(true)
+                    .setTextForDeviceCredential(
+                        /* title= */ null,
+                        Utils.getConfirmCredentialStringForUser(
+                                context, userId, Utils.getCredentialType(context, userId)),
+                        /* description= */ null)
+                    .build();
+            final Handler handler = new Handler(Looper.getMainLooper());
+            biometricPrompt.authenticate(
+                    new CancellationSignal(),
+                    handler::post,
+                    authenticationCallback);
+        } else {
+            onSuccess.run();
+        }
+    }
 }