Cause: with unified screenlock, ConfirmDeviceCredentialActivity didn't
forward result with FLAG_ACTIVITY_FORWARD_RESULT
Also, fixed that ConfirmDeviceCredentialActivity didn't allow fingerprint
authenication in unified screenlock after keystore unlocked.
In ChooseLockSettingsHelper, add one new util function to allow
extra option to set returnCredentials to false while external to true.
Set StrongAuth to "not required" when it has been successfully unlocked.
Test:
1. PO Unified Screenlock/Work Challenge x fingerprint -> ok to trust cert
(Also, no credential is returned in intent)
2. WorkMode off -> Reboot -> turn on Work mode
-> no fingerprint option, PIN unlock successful to turn work mode on
Bug: 28752364
Change-Id: I6dc8865e8f005545f8577d7731afb4495647062b
Use the organization name as default header text for the work
challenge. If an app passes a different header text, this will get
priority.
Bug: 26638631
Change-Id: I09a5bd7172ff1eed0ff97be02818e838a1a0a520
If the challenge shown is for a work profile, add the default image and
color to the background of the fragment.
Change-Id: I148c6cd3a835a84c7bac78b020839dfdae4a6c36
Add support in the Confirm Credentials flow to read an Intent extra
and fire it when authentication succeeds.
This is part of the Separate Work Challenge feature.
Change-Id: I52c203735fa9b53fd2f7df971824747eeb930f36
Make sure to finish ConfirmDeviceCredentialActivity directly, and use
Intent.FLAG_ACTIVITY_FORWARD_RESULT, so we can't even end up in a
state where we have the trampoline activity but not the real activity.
Bug: 23849216
Change-Id: I7a5be5af74ca85c11df1f61a69c3fd5cf558e1fb
ConfirmDeviceCredentialsActivity and ChooseLockGeneric now understand
CLSH.EXTRA_KEY_HAS_CHALLENGE and CLSH.EXTRA_KEY_CHALLENGE in their
launching intents. If present, they return a hw_auth_token_t verifying
the challenge passed in as a field in keyed by
CLSH.EXTRA_KEY_CHALLENGE_TOKEN in their result intents.
Change-Id: I0b4e02b6a798a9e57d02522880a180dffadfcde1
- New strings in the screen.
- New layout/style.
- Clean up internal API's around it.
- Add fingerprint support if launched from externally
- Separate theme if launched from externally
- If launched from above Keyguard, use SHOW_WHEN_LOCKED flag
Change-Id: Icdf9bf9e0506841f24e8aab5f0f1d1f4b688951f
When an accessibility service is enabled we are not using the user secure
lock when encrypting the data. If the latter is already used for encryption
we are decreasing the encryption level and therefore shall challenge the
user with their secure lock.
bug:17881324
Change-Id: If8905c05e20bc6bb6a6415e501871e5ad83f3d86
Adds an activity that prompts the user for their PIN/password/pattern.
cherry-pick from master b88e8577b9
Bug 16242766
Change-Id: I3468215a8ac522a06de6573c93a5f5a6dc72ee2d
