Add a new EXTRA value to indicate whehter the face enrollment should be
launched first.
Bug: 370940762
Test: atest BiometricEnrollActivityTest
Flag: com.android.settings.flags.biometrics_onboarding_education
Change-Id: I7c85212c7fbcc6fe9dd53a26515412623c80ecbf
Add an error dialog to help user recover from biometric error for
for identity check for enrollment, changing LSKF and accessing
biometrics settings
Flag: android.hardware.biometrics.flag.mandatory_biometrics
Bug: 358641110
Bug: 358179610
Test: Manual
Change-Id: Iaf1986d3c1892b6158808bc3ded96145f410dc62
For private space lock setup as part of both PS setup and separate lock
form private space settings we need to show only traditional unlock
factors and Fingerprint but not show Face enrolment even on devices
where Face unlock is supported by hardware.
Once LSKF is enrolled it should be followed by Fingerprint enrollment
flow and after that Face enrollment should not be shown and exit lock
setup flow.
Currently for separate profile lock setup ACTION_SET_NEW_PASSWORD intent
is used in private space setup.
With this intent the options of LSKF+fingerprint+Face is shown in
devices supporting both fingerprint and face hardware. After the LSKF
ennrollment BiometricEnrollActivity is started which continues with
fingerprint and Face enrollment.
With this change we are passing an extra along with the intent to enroll
fingerprint only. Based on the intent extra value if set even if hardware
support exists the lock enrollment for the profile will support only
LSKF and fingerprint enrollment but not start Face enrollment.
User will still have the option to enroll Face from the dedicated settings
entrypoint in private space settings.
Recording link : b/323839067#comment4
Bug: 323839067
Test: Manual, verified option for face enrollment is shown or not shown
based on the intent extra. When extra is not passed the behaviour will be
default.
Change-Id: Idf92084052e02df9ca89f288c618796750e563e6
This reverts commit 19d1d3d15d.
Reason for revert: revert it because this is not the root cause.
bug: 316867690
Change-Id: I0f168dbb64044aa720202af7b1040afd4f028c9c
This reverts commit cf0501e4d7.
Reason for revert: b/317462033, it seems a flaky but revert it first.
Change-Id: Ie1d5e279cca6477fc17d8c27c1ecda8d7a6b2553
Bug: 280530120
Test: atest BiometricEnrollActivityTest
Test: tested manually by swiping back after enrollments
Change-Id: I305dd0904f86e2fc77f02047de8f3fc2c54621cb
When calling biometric enroll intent with biometric_strong, don't include
weak enrollments as options.
Bug: 265898482
Test: Tested manually by calling enrollment and verifying correct
options are shown
Test: atest BiometricEnrollActivityTest
Change-Id: I5fa650a593aee536955ae806f5963ffbdc135a2e
Update mIsFaceEnrollable and mIsFingerprintEnrollable in
BiometricEnrollActivity, and use them to determine the activity flow.
Bug: 270102158
Test: Manually test following cases
1. Complete fp and face in suw, then back to "Google Service" page
to make sure
a. Fingeprint introduction page isn't shown
b. Face introduction page isn't shown
c. ConfirmCredential page is shown
2. Complete fp in suw, then press back to previous page in Face
introduction page. And check Fingerpirnt isn't shown.
Change-Id: Ibc74128f6776128d8a0f4cab014b58057ac0f844
Apply suw transition for fingerprint
1. Fix incorrect animation between Lock and Fingeprint in Suw
2. Fix incorrect animation between Fingeprint and FaceLock in Suw
3. Remove unnecessary overridePendingAnimation during Enorlling
4. Fix no animation in biometrics v2 because of incorrect calling order
in FragmentTransaction
Bug: 269063515
Test: Manually test transition animation for fingerprint enrollments
Change-Id: I12475dae5cb2905c81b24d3b57438b898afa1e27
Handle is returned when LSKF is set after successful verification.
It is used by SUW to add biometrics without asking for LSKF.
Bug: 272807192
Test: manual
Change-Id: I3fe6ed7fd6401421090ccd684509dfede9106076
The activity which instructs the user to set up face or fingerprint unlock before setting the watch unlock
Bug: 264813445
Bug: 264962961
Test: make RunSettingsRoboTests ROBOTEST_FILTER=ActiveUnlockRequireBiometricSetupTest
Change-Id: I556c62b6b8102f6e15045a37cf506c0c0eedf733
1. Add config_suw_support_face_enroll default is TRUE
2. Impl FaceFeatureProvider to obtain the config
3. Overlay config_suw_support_face_enroll by requirements
Test: Flash build and manual check if device go through face enroll in SUW
Bug: 262469686
Change-Id: I61aa5c818bedfb490f2172a7481f59fda7295c1a
For compatible with Biometric V2, launch FaceEnrollPage from
BiometricEnrollActivity
Bug: 259658609
Test: 1. adb root
2. adb shell am start -n com.google.android.setupwizard/.SetupWizardTestActivity
3. Test Fingerprint & Face enrollment
Change-Id: Ice85406abaa3d7a4b686fb017349471118a42951
ChooseLockGeneneric uses intent extra key to determine correct strings
on "Choose screen lock" screen.
Bug: 219419005
Test: atest BiometricEnrollActivityTest
Test: Manully test SUW as following combinations
1. W/ unicorn flow or W/O unicorn flow
2. Fingerprint only devices or Fingerpirnt+Face devices
Change-Id: I2abf9555676f3fb3b92dd6ddcc091ea8158bfe9f
Run setOrConfirmCredentialsNow() before enrolling for devices w/
single-sensor
Bug: 239105333
Test: atest BiometricEnrollActivityTest
Test: Manually test multi-sensor and single-sensor devices
Change-Id: I807418c842eb076974f839a0d08bae67d3bc51dc
Add metric intent if ChooseLockGeneric is triggered in SUW.
1. Save the result bundle data from ChooseLockGeneric to cache inside
BiometricEnrollActivity and pass back to SUW after all finished.
2. Since fingerprint enrollment trigger points in SUW for
fingerprint-only or fingerprint + faceAuth devices are all moved
from SetupFingerprintEnrollIntroduction to BiometricEnrollActivity,
remove deprecated code from SetupFingerprintEnrollIntroduction.
Bug: 235458700
Test: Manually test fingerprint enroll with SUW or w/o SUW
Test: Manually test fingerprint enroll with unicorn SUW
Test: atest BiometricEnrollActivityTest
Test: robo tests FingerprintEnrollIntroductionTest
Change-Id: I34b2884ab4c2c65d464d91eaef0f58c72dad438b
Run setOrConfirmCredentialsNow() before enrolling fingerprint for
fingerprint-only device.
Bug: 237433373
Test: atest BiometricEnrollActivityTest
Test: Manually test SUW flows for fingerprint-only device
1. check confirm pin case
2. check choose pin case
3. enable always_finish_activities, check confirm pin case
4. enable always_finish_activities, check choose pin case
Change-Id: I68da429145835fc79f83f3292749088dc25fdeee
Test: Verified that Unicorn SUW flows can now
enroll a face.
Test: Verified normal SUW flow works as expected.
Fixes: 237088482
Fixes: 234663447
Change-Id: I9c4100f61b5e7d40fc9ed67c6918ec7bf31fc30a
Test: During SUW verified Fingerprint enrollment
comes before face.
Test: During SUW enrolled multiple fingerprints than 1 face.
Test: Skipped and cancelled on every possible screen to ensure behavior
was correct.
Bug: 228607474
Change-Id: I4c50763a804fe4eb9d62451eb2f957545857723e
Additionally, ensure that consent is only requested for modalities
that have not been previously consented to. We retrieve the consent
requirement (which come from DPM) in onActivityResult instead of
onCreate, since the signal may not be ready immediately.
Fixes: 196060286
Fixes: 204592495
Test: make -j56 RunSettingsRoboTests ROBOTEST_FILTER=CombinedBiometricStatusPreferenceControllerTest
Change-Id: I984e61f28ffbf957c16cac4ea84f40b6ad7d8ae9
Test: See below
Fixes: 203375738
Change-Id: I3e59191a8c936c7c7a3d8561e908593dbf9710b5
1. Enrolled a face during SUW
2. Pressed back on fingerprint enroll intro
3. Verified that the next button's text is chnaged to done
4. The done action launches the fingerprint enroll intro flow.
Change-Id: Id5d652257445e40426ade3d396a31ebf936cc348
Managed accounts may set the pin/pattern before enrollment begins.
Fix: 191608999
Test: atest BiometricEnrollActivityTest
Change-Id: I4065989ecc26ce72ffd0e06e7c6e68029a11908f
This prevents biometric enrollment from happening after consent
has been obtained and is being managed by family link.
Note that this requires a corresponding change the setup wizard app
to work in most cases.
Bug: 193577587
Test: manual (enroll then relaunch SuW and repeat)
Change-Id: If260e49f38a141931d7f3362c1faf80ee7790232
Settings flow does not need to show this screen
Fixes: 192586840
Test: adb shell am start -a android.settings.BIOMETRIC_ENROLL --ez require_consent true --ez skip_return_to_parent <true/false>
Test: adb shell am start -a android.settings.BIOMETRIC_ENROLL --ez require_consent true
Test: atest com.android.settings.biometrics.ParentalConsentHelperTest
Change-Id: Ic2edbb5ec9693d05c89206d49249f59fd968aa2f
This reverts commit c358adad56.
Reason for revert: Applying original change with additional change for single sensor devices.
Bug: 192420564
Bug: 188847063
Test: manual enroll face & fingerprint via setup wizard (on fp, face, & fp+face device variants)
Change-Id: Idfaaa2b6f4611056f9999325bac8401e28a7510b
This reverts commit eb1dac69f0.
Reason for revert: Based on bisection, this CL is the root cause for bug 192420564, which breaks Setup Wizard.
Bug: 192420564
Change-Id: I8d9aee7fe2415e134fcc981b0548bd9ce300db55
Currently, if a user has completed a fingerprint/face enrollment
in SUW and they press the back button, we show the UI for each, and
it fails with no error.
This change makes it so that if a user completes 1 fingerprint or 1
face enrollment, it will no longer try and enroll them again if they
have failed.
Test: Manual
Bug: 191073296
Change-Id: I020c423b5d34797cd7c8be66a2e24051135c9be0
* Move all logics around aggregating password policies
to the controller
* Replace HIDE_DISABLED_PREFS and MINIMUM_QUALITY_KEY
with HIDE_INSECURE_OPTIONS as all call sites are just
using them to hide insecure screenlock options.
* Remove password policy aggregation logic from
ChooseLockPassword and make it use policies passed in.
* Remove padlock from disabled screen lock options,
per UX mock.
* Increase char limit for some strings
Bug: 177638284
Bug: 177641868
Bug: 182561862
Test: m RunSettingsRoboTests -j ROBOTEST_FILTER=com.android.settings.password
Test: 1. set profile password quality/complexity and enroll device lock
2. set profile password quality/complexity and enroll work challenge
3. set parent password quality/complexity and enroll device lock
4. set parent password quality/complexity and enroll work challenge
5. set profile and parent password complexity, then enroll work challenge
6. set profile and parent password complexity, then unify work challenge
7. Enroll device lock during SUW
Change-Id: Iba1d37e6f33eba7b7e8e1f805f8e37aaec108404
Using the back buttons can cause a crash in at least two cases. Skipping
face enrollment and then starting/stopping any enrollment can lead to
an invalid token and failed HAT request. Backing out of the activity and
restarting it can also lead to using a stale token that fails.
Fix: 179336333
Test: manual on device
Change-Id: I0c1133e4c3d9c97997043ddc9374aa3cfc4f1c97
Adds logging to Settings for new authentication and biometric atoms
introduced as part of ag/13856328.
Test: Manually trigger each case and verify log statements are called.
Bug: 185136248
Change-Id: Ic41a89da4f148dc94864f140e85b55f63643681b
On devices with multiple biometric sensors, this removes the
interstitial screen in Setup Wizard that let the user choose whether to
enroll face, fingerprint, or both. Instead, such devices will always
show face enrollment followed by fingerprint, with the option to skip
either or both.
Test: Manually tested all enroll/skip combinations in SUW
Fixes: 183720580
Change-Id: I7f045579f732196bde28dd96e9443e4bb4c906ae
Fixes: 169629017
Test: Wipe device, go through setup flow with a managed account.
Successfully set up credential and fingerprint
During the conversion to GkPwHandle (instead of HAT), the code in
Choose/ConfirmLock* and most of the biometric paths were updated, with
the exception of 2a below.
1) Only multi-biometric devices request Choose/ConfirmLock in
BiometricEnrollActivity.
2) Single-biometric devices (in almost all paths) request credentials
in their intro activities (FingerprintEnrollIntro, etc).
2a) However, there is a special path used by work profiles where
credentials are first set up, and the GkPwHandle is passed into
BiometricEnrollActivity, with the request to skip the fingerprint
enroll introduction page. In this case, we must remember to
forward the GkPwHandle to the relavent enrollment page
(FingerprintEnrollFindSensor).
At some point in the future we should have all credential stuff
done in BiometricEnrollActivity. However, due to legacy APIs, etc,
it may be more work than it's worth right now.
Change-Id: I3f95876de6969fee7130d7a19c8db363da69c4c2
