Adds an activity result extra during multi-biometric enroll that
ensures fingerprint setup will not be repeated multiple times if
explicitly finished or skipped by the user. Also updates various
activities in the stack to ensure that they handle all possible result
codes correctly and pass along result data.
Test: Manually skip and complete at each stage of multi-biometric enroll
Test: Manually test single-biometric enroll flows for SUW and Settings
Fixes: 193601823
Change-Id: Ic5a8306068eb4c32009f146ad6fff824fde25a11
Adds an additional message about the "Require eyes to be open" setting
for Face Unlock to the intro/consent screen of enrollment, gated by a
config flag.
Test: Manual
Bug: 192272785
Change-Id: Idcd2395a290b74f4578898fdfebd05b81cd74075
Currently, the primary footer button on the face and fingerprint enroll
consent pages reads "I agree" even before the user has scrolled to the
bottom of the screen. This commit fixes the issue so that "More" is
displayed until the user scrolls to the bottom. The remaining logic is
left intact.
Test: Manual:
1. Start face or fingerprint enrollment
2. Confirm primary button shows "More" and secondary button is hidden
3. Press the "More" button or scroll to the bottom of the screen
4. Ensure primary button shows "I agree" and secondary shows "No thanks"
Fixes: 189268868
Change-Id: I02fa47d1de83bd5b5d82c733495ae579cbd2d6c6
No longer show the "No thanks" button until the user has
scrolled to the bottom of the introduction text.
This applies for both face and fingerprint enroll introduction screens.
Fixes: 189268868
Test: Manual
Change-Id: I0ccf6ae1d329df06f769f05288706ef22183bc21
Makes the following UI changes to the consent screens for face and
fingerprint enrollment:
- Sets description text in XML rather than in Java
- Highlight both primary and secondary buttons
- Use extracted highlight color for all icons
Test: Manually tested SUW flow
Bug: 188922185
Bug: 187458628
Bug: 183710943
Change-Id: I39d9b990dcbb82f443515a2175766dc51ca1180c
Updates the UI of the face enroll intro screen based on the latest
mocks, while still allowing strings to be overlaid depending on the
device and/or face auth implementation.
Test: Manually tested face enrollment
Bug: 187207438
Change-Id: I5d912261b1eecfc7a241d6b48d549c4ff253ecdf
Using the back buttons can cause a crash in at least two cases. Skipping
face enrollment and then starting/stopping any enrollment can lead to
an invalid token and failed HAT request. Backing out of the activity and
restarting it can also lead to using a stale token that fails.
Fix: 179336333
Test: manual on device
Change-Id: I0c1133e4c3d9c97997043ddc9374aa3cfc4f1c97
1) Adds a layout for multi-biometric selection in BiometricEnrollActivity
2) Adds widgets for checkboxes
3) Shows ConfirmLock*/ChooseLock* for multi-biometric devices in
BiometricEnrollActivity
4) finish()'s when loses foreground
5) Adds default string for ChooseLock* and multi-biometrics, e.g.
"Set up Password + Biometrics", as well as associated plumbing
to bring the user back to BiometricEnrollActivity once the
credential is enrolled
6) When max templates enrolled, checkbox becomes disabled and
description string is updated
Bug: 162341940
Bug: 152242790
Fixes: 161742393
No effect on existing devices with the following:
Test: adb shell am start -a android.settings.BIOMETRIC_ENROLL
Test: SUW
Test: make -j RunSettingsRoboTests
Exempt-From-Owner-Approval: Biometric-related change
to EncryptionInterstitial
Change-Id: I855460d50228ace24d4ec5fbe330f02ab406cc02
LockSettingsService returns a handle to the gatekeeper password
instead of the password itself now. As such, update areas of code
accordingly.
Bug: 161765592
Test: RunSettingsRoboTests
Run the following on face/fingerprint devices
Test: Remove credential
adb shell am start -a android.app.action.SET_NEW_PASSWORD
Set up credential + fingerprint
Test: Remove credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ChooseLock* logic in FingerprintSettings
Test: Set up credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ConfirmLock* logic in FingerprintSettings
Test: Remove device credential, enroll fingerprint/face. Succeeds.
This tests the ChooseLock* returning SP path from
BiometricEnrollIntro
Test: With credential and fingerprint/face enrolled, go to
fingerprint/face settings and enroll. This tests the
ConfirmLock* path in Fingerprint/FaceSettings
Test: Remove device credential, enroll credential-only, enroll
fingerprint/face separately. Succeeds. This tests the
ConfirmLock* returning SP path in BiometricEnrollIntro
Test: In SUW, set up credential, then biometric. This tests
the ChooseLock* path in SUW
Test: In SUW, set up credential, go back, then set up biometric.
This tests the ConfirmLock* path in SUW
Change-Id: Ibc71ec88f8192620d041bfd125f400371708b296
Test: make -j56 RunSettingsRoboTests
Face Tests:
Test: Open face settings, remove face, add face
Test: Open face settings, but cancel credential confirmation.
Face settings does not show up
Test: adb shell am start -a android.app.action.SET_NEW_PASSWORD
Able to enroll face
Fingerprint Tests:
Test: Open fingerprint settings, add button is shown
Test: Open fingerprint settings, but cancel credential confirmation.
Fingerprint settings does not show up
Test: adb shell am start -a android.app.action.SET_NEW_PASSWORD
Able to enroll fingerprint
Bug: 162533680
Change-Id: Ie448ed086e73b0b545bd3a2e62437c543f7aad6c
GenerateChallenge used to block when showing the credential screen.
Now that GenerateChallenge is moved to after the credential screen
is shown, we need to delay the next button instead. This is generally
non percievable to the user, but this is more robust against busy
system server.
Fixes: 161325267
Test: Enroll fingerprint/face device
Change-Id: I0fbbef8bf469e32bed251acf22556ad2ea8e2933
Biometric enrollment will not request a Gatekeeper HAT during
initial credential setup or credential confirmation anymore.
Instead, it is broken down into the following steps now.
Bug: 161765592
1) Request credential setup / confirmation to return a
Gatekeeper Password
2) Biometric enrollment will generate a challenge
3) Biometric enrollment will request LockSettingsService to
verify(GatekeeperPassword, challenge), and upon verification,
the Gatekeeper HAT will be returned.
Since both LockSettingsService and Biometric enroll/settings
make use of biometric challenges, this allows us to make the
challenge ownership/lifecycle clear (vs. previously, where
LockSettingsService has no idea who the challenge belongs to).
Exempt-From-Owner-Approval:For files not owned by our team,
(StorageWizard), this change is just a method rename
Test: RunSettingsRoboTests
Run the following on face/fingerprint devices
Test: Remove credential
adb shell am start -a android.app.action.SET_NEW_PASSWORD
Set up credential + fingerprint
Test: Remove credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ChooseLock* logic in FingerprintSettings
Test: Set up credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ConfirmLock* logic in FingerprintSettings
Test: Remove device credential, enroll fingerprint/face. Succeeds.
This tests the ChooseLock* returning SP path from
BiometricEnrollIntro
Test: With credential and fingerprint/face enrolled, go to
fingerprint/face settings and enroll. This tests the
ConfirmLock* path in Fingerprint/FaceSettings
Test: Remove device credential, enroll credential-only, enroll
fingerprint/face separately. Succeeds. This tests the
ConfirmLock* returning SP path in BiometricEnrollIntro
Test: In SUW, set up credential, then biometric. This tests
the ChooseLock* path in SUW
Test: In SUW, set up credential, go back, then set up biometric.
This tests the ConfirmLock* path in SUW
Change-Id: Idf6fcb43f7497323d089eb9c37125294e7a7f5dc
The internal implementation of generate/revoke in system_server is now
asynchronous. To keep existing clients working, the manager classes
introduce a blocking version of the generateChallenge calls. This change
updates Settings to use the backward-compatible blocking calls.
Bug: 157790417
Test: Enroll fingerprint/face
Test: After enrollment, toggle setFeature or do subsequent enrollment
in face/fingerprint settings
Change-Id: Ib4dfdc5f12530b938ab9b1745f5a19cd9e2eceee
Currently, there are some biometric security setting and enrollment
screens which remain open after the user has backgrounded them. This
means that they can later be resumed without requiring the user to
confirm their device credential as normal.
This commit fixes the issue in AOSP by adding logic to the affected
biometric enrollment/setting activities in to finish() with
RESULT_TIMEOUT in onStop(). We don't want to finish() these activities
prematurely if the user is currently in a wizard setup flow, however. In
that case, this commit ensures that the newly added logic will not run.
Test: Pixel 3 - Background at each step of fingerprint enroll => finish
Test: Pixel 3 - Rotate at each step of fingerprint enroll => no finish
Test: Pixel 3 - Proceed though fingerprint setup wizard => no change
Bug: 142544519
Change-Id: I8ec0fa1e30bafe097d9dc82991ff786ebf24844b
Test: Verified in SUW/Settings user must scroll through contents in
order to go to the next screen.
Bug: 141380294
Change-Id: I483ab6ae6a282c81ba2f2c4d1d9d1f21c6cb9453
Test: Verified in SUW that enrollment will skip after
tapping the cancel button in the Introduction.
Fixes: 140702414
Change-Id: I9d9da0ff6d10b6ee6929cb52ff4a03a684f43d17
Bug: 134971919
Test: Entering keyguard on any enrollment screen finishes enrollment now
Test: Going back/forward works
Change-Id: I2c80a5586c10fa3feb780a5eadfe203abed52dea
1) Toggles resources between normal and accessibility enrollment
2) Add footer for more detail text
Fixes: 127514618
Bug: 111548033
Test: Builds
Change-Id: Ib0c47f04abc5ce9abbd8b27ef5782d1874379f16
When running in setup flow:
- If fingerprint enrollment is desired, go to
SetupFingerprintEnrollIntroduction
- Makes sure WizardManagerHelper.copyWizardManagerExtras is called
to propagate the extras from the incoming intent, propagating
extras like whether we are in initial / deferred setup flow, theme,
etc.
- Forward the result code in BiometricEnrollActivity using
FLAG_ACTIVITY_FORWARD_RESULT
Bug: 120797018
Test: Manual
Change-Id: Ibc0ecc035141d62339f5f664346ed108570e0905
1. Change to FooterBarMixin
2. Move FooterButton to the same package with FooterBarMixin
Bug: 120805516
Test: RunSettingsRoboTests
Change-Id: Ic6937e3cbc515dd7bf877c9193932cd5800ac801
FotterButton constructor in setupcompat will be deprecated, change to
use builder.
Bug: 120805516
Test: RunSettingsRoboTests
Change-Id: Ic84b0c91205bf3c770bc658e8eaf2626e4d7bddd
Skip button is now shown when ChooseLock is launched by
BiometricEnroll, otherwise users are forced to use passwords
(maybe good thing?)
Bug: 111548033
Test: Pin/pattern/pass must be set/confirmed before enrollment
Test: Able to enroll FP in SUW and Settings
Change-Id: Ic4bbeb539e4bf01c1c402dec308943292b43406d
1. remove the dependence of setupwizardlib.
2. add to use setupcompat and setupdesign.
3. modify new footer button in following up cl.
Bug: 120805516
Bug: 120872944
Test: RunSettingsRoboTests
Change-Id: I463dd35b799d4250b2aabce0cb0b8102cf9dd7d6
Settings page should not show if device credential is not confirmed
Bug: 111548037
Fixes: 116531896
Test: adb shell settings get secure face_unlock_app_enabled
Test: make -j56 RunSettingsRoboTests
Change-Id: I651ee88e9ee4017ee3dc52fa8a5d05cb8f092e1d
This means that in some cases RestrictedLockUtils has to be used and in
some RestrictedLockUtilsInternal.
This causes a lot of trivial code changes.
I also updated the ordering of the imports in all affected files.
Bug: 110953302
Test: Built
make -j RunSettingsRoboTests
Change-Id: I9bdf8b89134f853bae4f38c81af436715c73e924
Bug: 110589286
Test: fingerprint enrolling still works
Test: enrollment flow with and without a pin set up still works properly
Test: enrollment continues when configuration changes, stops otherwise
Change-Id: I39f76c7f1a16e9533cef573f87cf4b81cb20cb18
