Fixed an issue where sometimes after completing face authentication the
more & agree buttons would display instead of the done button.
1. Enter SUW
2. Complete face authentication flow
3. Go to next step (finishing the Biometric flow)
4. Press the back button
5. Observe that the text now says "Done"
Fixes: 205203673
Test: Verified button text is changed as expected during SUW.
Change-Id: I5cfad265f9b27669dcad64e5872750695b1b5bdc
Test: See below
Fixes: 203375738
Change-Id: I3e59191a8c936c7c7a3d8561e908593dbf9710b5
1. Enrolled a face during SUW
2. Pressed back on fingerprint enroll intro
3. Verified that the next button's text is chnaged to done
4. The done action launches the fingerprint enroll intro flow.
Change-Id: Id5d652257445e40426ade3d396a31ebf936cc348
Work profiles and parental management both utilize the
DevicePolicyManager KEYGUARD_DISABLE_* flags. This CL ensures that
work profile strings are only shown for work profiles, and not
parent-managed devices.
Bug: 196060286
Bug: 196443744
Test: Set up child account, then enroll from Settings > Security
Change-Id: Ib5ed1d63dd5d58ac64caf30010e340ac7784c38f
Adds an activity result extra during multi-biometric enroll that
ensures fingerprint setup will not be repeated multiple times if
explicitly finished or skipped by the user. Also updates various
activities in the stack to ensure that they handle all possible result
codes correctly and pass along result data.
Test: Manually skip and complete at each stage of multi-biometric enroll
Test: Manually test single-biometric enroll flows for SUW and Settings
Fixes: 193601823
Change-Id: Ic5a8306068eb4c32009f146ad6fff824fde25a11
Ensures that each biometric enroll intro activity handles an activity
result of RESULT_SKIP by calling the appropriate skip handler, rather
than just finishing. This fixes an issue where skipping face setup from
some Setup Wizard states would skip fingerprint setup as well.
Test: Manually skipped face setup from each screen during SUW
Bug: 193367620
Change-Id: If9ef9f19f8e967093f17dde98093a506400d7c09
Currently, the primary footer button on the face and fingerprint enroll
consent pages reads "I agree" even before the user has scrolled to the
bottom of the screen. This commit fixes the issue so that "More" is
displayed until the user scrolls to the bottom. The remaining logic is
left intact.
Test: Manual:
1. Start face or fingerprint enrollment
2. Confirm primary button shows "More" and secondary button is hidden
3. Press the "More" button or scroll to the bottom of the screen
4. Ensure primary button shows "I agree" and secondary shows "No thanks"
Fixes: 189268868
Change-Id: I02fa47d1de83bd5b5d82c733495ae579cbd2d6c6
No longer show the "No thanks" button until the user has
scrolled to the bottom of the introduction text.
This applies for both face and fingerprint enroll introduction screens.
Fixes: 189268868
Test: Manual
Change-Id: I0ccf6ae1d329df06f769f05288706ef22183bc21
Moves the logic for setting an explicit background on the status and
footer bars shown during face and fingerprint enrollment from
BiometricEnrollIntroduction to BiometricEnrollBase. This ensures that
the status and footer bars on all biometric enroll screens will have
their backgrounds set, preventing the screen content from showing
through.
Test: Manual
Fixes: 190138494
Change-Id: If5050d07d277f51c784daecf80d5e3cdeae0ba49
Sets a solid background for the status and footer bar shown on each of
the biometric enroll introduction screens, to prevent the content from
showing through.
Test: Manually tested face and fingerprint enrollment
Fixes: 189075189
Change-Id: I1a41dc911c5ac7ded94e33b25a9c0e990e93ba3f
Makes the following UI changes to the consent screens for face and
fingerprint enrollment:
- Sets description text in XML rather than in Java
- Highlight both primary and secondary buttons
- Use extracted highlight color for all icons
Test: Manually tested SUW flow
Bug: 188922185
Bug: 187458628
Bug: 183710943
Change-Id: I39d9b990dcbb82f443515a2175766dc51ca1180c
* Move all logics around aggregating password policies
to the controller
* Replace HIDE_DISABLED_PREFS and MINIMUM_QUALITY_KEY
with HIDE_INSECURE_OPTIONS as all call sites are just
using them to hide insecure screenlock options.
* Remove password policy aggregation logic from
ChooseLockPassword and make it use policies passed in.
* Remove padlock from disabled screen lock options,
per UX mock.
* Increase char limit for some strings
Bug: 177638284
Bug: 177641868
Bug: 182561862
Test: m RunSettingsRoboTests -j ROBOTEST_FILTER=com.android.settings.password
Test: 1. set profile password quality/complexity and enroll device lock
2. set profile password quality/complexity and enroll work challenge
3. set parent password quality/complexity and enroll device lock
4. set parent password quality/complexity and enroll work challenge
5. set profile and parent password complexity, then enroll work challenge
6. set profile and parent password complexity, then unify work challenge
7. Enroll device lock during SUW
Change-Id: Iba1d37e6f33eba7b7e8e1f805f8e37aaec108404
- Move top description into subtitle for landscape mode
- Update the button text
Bug: 177591560
Test: robotest and visual verified
1) Settings -> Security -> Fingerprint
2) Rotate the device and check if the description is on the right side
Change-Id: Ie20597fce48f73aa83c5d637682db1860c384a7a
1) Adds a layout for multi-biometric selection in BiometricEnrollActivity
2) Adds widgets for checkboxes
3) Shows ConfirmLock*/ChooseLock* for multi-biometric devices in
BiometricEnrollActivity
4) finish()'s when loses foreground
5) Adds default string for ChooseLock* and multi-biometrics, e.g.
"Set up Password + Biometrics", as well as associated plumbing
to bring the user back to BiometricEnrollActivity once the
credential is enrolled
6) When max templates enrolled, checkbox becomes disabled and
description string is updated
Bug: 162341940
Bug: 152242790
Fixes: 161742393
No effect on existing devices with the following:
Test: adb shell am start -a android.settings.BIOMETRIC_ENROLL
Test: SUW
Test: make -j RunSettingsRoboTests
Exempt-From-Owner-Approval: Biometric-related change
to EncryptionInterstitial
Change-Id: I855460d50228ace24d4ec5fbe330f02ab406cc02
LockSettingsService returns a handle to the gatekeeper password
instead of the password itself now. As such, update areas of code
accordingly.
Bug: 161765592
Test: RunSettingsRoboTests
Run the following on face/fingerprint devices
Test: Remove credential
adb shell am start -a android.app.action.SET_NEW_PASSWORD
Set up credential + fingerprint
Test: Remove credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ChooseLock* logic in FingerprintSettings
Test: Set up credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ConfirmLock* logic in FingerprintSettings
Test: Remove device credential, enroll fingerprint/face. Succeeds.
This tests the ChooseLock* returning SP path from
BiometricEnrollIntro
Test: With credential and fingerprint/face enrolled, go to
fingerprint/face settings and enroll. This tests the
ConfirmLock* path in Fingerprint/FaceSettings
Test: Remove device credential, enroll credential-only, enroll
fingerprint/face separately. Succeeds. This tests the
ConfirmLock* returning SP path in BiometricEnrollIntro
Test: In SUW, set up credential, then biometric. This tests
the ChooseLock* path in SUW
Test: In SUW, set up credential, go back, then set up biometric.
This tests the ConfirmLock* path in SUW
Change-Id: Ibc71ec88f8192620d041bfd125f400371708b296
Test: make -j56 RunSettingsRoboTests
Face Tests:
Test: Open face settings, remove face, add face
Test: Open face settings, but cancel credential confirmation.
Face settings does not show up
Test: adb shell am start -a android.app.action.SET_NEW_PASSWORD
Able to enroll face
Fingerprint Tests:
Test: Open fingerprint settings, add button is shown
Test: Open fingerprint settings, but cancel credential confirmation.
Fingerprint settings does not show up
Test: adb shell am start -a android.app.action.SET_NEW_PASSWORD
Able to enroll fingerprint
Bug: 162533680
Change-Id: Ie448ed086e73b0b545bd3a2e62437c543f7aad6c
GenerateChallenge used to block when showing the credential screen.
Now that GenerateChallenge is moved to after the credential screen
is shown, we need to delay the next button instead. This is generally
non percievable to the user, but this is more robust against busy
system server.
Fixes: 161325267
Test: Enroll fingerprint/face device
Change-Id: I0fbbef8bf469e32bed251acf22556ad2ea8e2933
Biometric enrollment will not request a Gatekeeper HAT during
initial credential setup or credential confirmation anymore.
Instead, it is broken down into the following steps now.
Bug: 161765592
1) Request credential setup / confirmation to return a
Gatekeeper Password
2) Biometric enrollment will generate a challenge
3) Biometric enrollment will request LockSettingsService to
verify(GatekeeperPassword, challenge), and upon verification,
the Gatekeeper HAT will be returned.
Since both LockSettingsService and Biometric enroll/settings
make use of biometric challenges, this allows us to make the
challenge ownership/lifecycle clear (vs. previously, where
LockSettingsService has no idea who the challenge belongs to).
Exempt-From-Owner-Approval:For files not owned by our team,
(StorageWizard), this change is just a method rename
Test: RunSettingsRoboTests
Run the following on face/fingerprint devices
Test: Remove credential
adb shell am start -a android.app.action.SET_NEW_PASSWORD
Set up credential + fingerprint
Test: Remove credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ChooseLock* logic in FingerprintSettings
Test: Set up credential,
adb shell am start -a android.settings.FINGERPRINT_SETTINGS
This tests the ConfirmLock* logic in FingerprintSettings
Test: Remove device credential, enroll fingerprint/face. Succeeds.
This tests the ChooseLock* returning SP path from
BiometricEnrollIntro
Test: With credential and fingerprint/face enrolled, go to
fingerprint/face settings and enroll. This tests the
ConfirmLock* path in Fingerprint/FaceSettings
Test: Remove device credential, enroll credential-only, enroll
fingerprint/face separately. Succeeds. This tests the
ConfirmLock* returning SP path in BiometricEnrollIntro
Test: In SUW, set up credential, then biometric. This tests
the ChooseLock* path in SUW
Test: In SUW, set up credential, go back, then set up biometric.
This tests the ConfirmLock* path in SUW
Change-Id: Idf6fcb43f7497323d089eb9c37125294e7a7f5dc
Fixes: 162486392
Test: Remove all fingerprints/credentials, tap fingerprint settings,
rotate device when setting credential. Finish credential
setup and biometric enrollment. Only prompted to set up credential
once.
Test: 1) Wipe device
2) Proceed to set up credential in SUW, but pause on first
credential screen (choose lock)
3) adb shell cmd uimode night yes // triggers activity recreate
4) Proceed with credential/biometric setup
Notice not re-prompted for credentials
Change-Id: I65fc0265acad98b18b152070b85cc4f71693cc68
The multitude of slightly different launchConfirmationActivity(*)
methods are a big unsustainable pyramid. It's too difficult to
read, too difficult to track which clients are interested in which
parameters, and too difficult to add new parameters, since we need to
1) Read through all of them and find one that's the closest
2) Try not to affect other callers, so potentially add yet another
3) Modify the internal paths, which all basically call each other
until it reaches the biggest launchConfirmationActivity which
has ALL of the parameters
This change should have no behavioral change.
Note: CredentialStorage doesn't need returnCredentials anymore as of
ag/6073449
Test: make -j56 RunSettingsRoboTests
Test: Manually traced code paths for each invocation. A few hidden
dependencies (such as explicitly setting challenge=0 with
hasChallenge=true) were found. Left them the way they were in
case they were intended
Test: Enroll face, fingerprint
Test: Enable developer options
Test: Change to PIN, Pattern, Password, then back to PIN (so each
type requests confirmation)
Test: adb shell am start -a android.app.action.CONFIRM_DEVICE_CREDENTIAL,
authenticate
Test: adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL
(shows confirm credential screen)
Fixes: 138453993
Change-Id: Ic82ef3c3ac2e14d624281921f2d816bcdacbd82b
Currently, there are some biometric security setting and enrollment
screens which remain open after the user has backgrounded them. This
means that they can later be resumed without requiring the user to
confirm their device credential as normal.
This commit fixes the issue in AOSP by adding logic to the affected
biometric enrollment/setting activities in to finish() with
RESULT_TIMEOUT in onStop(). We don't want to finish() these activities
prematurely if the user is currently in a wizard setup flow, however. In
that case, this commit ensures that the newly added logic will not run.
Test: Pixel 3 - Background at each step of fingerprint enroll => finish
Test: Pixel 3 - Rotate at each step of fingerprint enroll => no finish
Test: Pixel 3 - Proceed though fingerprint setup wizard => no change
Bug: 142544519
Change-Id: I8ec0fa1e30bafe097d9dc82991ff786ebf24844b
Bug: 134971919
Test: Entering keyguard on any enrollment screen finishes enrollment now
Test: Going back/forward works
Change-Id: I2c80a5586c10fa3feb780a5eadfe203abed52dea
Fixes: 133822544
Test: No more multiple instances of fingerprint settings after enrolling
from within the settings page
Test: adb shell am start -a android.settings.BIOMETRIC_ENROLL does not
send the user to fingerprint settings after completing enrollment
Change-Id: I003dc142b01ed6ffae83299ab4b69f4896eb93e3
- Default backup screen lock type to PIN when in SUW
- Propagate the result codes in BiometricEnrollIntroduction, so that
when the user hits back, SUW will get RESULT_CANCELED
- Follow-up change that was missed in ag/6664364 to not start activity
when neither fingerprint nor face is available
Test: Manual
Bug: 120797018
Change-Id: I6d4f662928451fb86f301ddb5c6586622c7e6cf7
When running in setup flow:
- If fingerprint enrollment is desired, go to
SetupFingerprintEnrollIntroduction
- Makes sure WizardManagerHelper.copyWizardManagerExtras is called
to propagate the extras from the incoming intent, propagating
extras like whether we are in initial / deferred setup flow, theme,
etc.
- Forward the result code in BiometricEnrollActivity using
FLAG_ACTIVITY_FORWARD_RESULT
Bug: 120797018
Test: Manual
Change-Id: Ibc0ecc035141d62339f5f664346ed108570e0905
1. Change to FooterBarMixin
2. Move FooterButton to the same package with FooterBarMixin
Bug: 120805516
Test: RunSettingsRoboTests
Change-Id: Ic6937e3cbc515dd7bf877c9193932cd5800ac801
When the user has already reached max enrollments, we should show a done
button. It's possible to get to the introduction page (back button during
SUW, or launching android.settings.BIOMETRIC_ENROLL).
Bug: 111548033
Test: Done button is shown and works as expected when max enrollments
Change-Id: Ia70c21f63606393116e222ca940ee93bcfb25995
Skip button is now shown when ChooseLock is launched by
BiometricEnroll, otherwise users are forced to use passwords
(maybe good thing?)
Bug: 111548033
Test: Pin/pattern/pass must be set/confirmed before enrollment
Test: Able to enroll FP in SUW and Settings
Change-Id: Ic4bbeb539e4bf01c1c402dec308943292b43406d
1. remove the dependence of setupwizardlib.
2. add to use setupcompat and setupdesign.
3. modify new footer button in following up cl.
Bug: 120805516
Bug: 120872944
Test: RunSettingsRoboTests
Change-Id: I463dd35b799d4250b2aabce0cb0b8102cf9dd7d6
Bug: 110589286
Test: fingerprint enrolling still works
Test: enrollment flow with and without a pin set up still works properly
Test: enrollment continues when configuration changes, stops otherwise
Change-Id: I39f76c7f1a16e9533cef573f87cf4b81cb20cb18
This change refactors common biometric settings code as well to minimize
duplicated code in areas such as:
Preference Controller
EnrollBase
EnrollIntro
This change also updates ChooseLock to have Face + Pin/Pattern/Pass
Bug: 110589286
Test: Fingerprint settings/enrollment still works
Test: make -j56 RunSettingsRoboTests
Change-Id: Ie35406a01b85617423beece42683ac086e9bc4a7
