The multitude of slightly different launchConfirmationActivity(*)
methods are a big unsustainable pyramid. It's too difficult to
read, too difficult to track which clients are interested in which
parameters, and too difficult to add new parameters, since we need to
1) Read through all of them and find one that's the closest
2) Try not to affect other callers, so potentially add yet another
3) Modify the internal paths, which all basically call each other
until it reaches the biggest launchConfirmationActivity which
has ALL of the parameters
This change should have no behavioral change.
Note: CredentialStorage doesn't need returnCredentials anymore as of
ag/6073449
Test: make -j56 RunSettingsRoboTests
Test: Manually traced code paths for each invocation. A few hidden
dependencies (such as explicitly setting challenge=0 with
hasChallenge=true) were found. Left them the way they were in
case they were intended
Test: Enroll face, fingerprint
Test: Enable developer options
Test: Change to PIN, Pattern, Password, then back to PIN (so each
type requests confirmation)
Test: adb shell am start -a android.app.action.CONFIRM_DEVICE_CREDENTIAL,
authenticate
Test: adb shell am start -a android.app.action.CONFIRM_FRP_CREDENTIAL
(shows confirm credential screen)
Fixes: 138453993
Change-Id: Ic82ef3c3ac2e14d624281921f2d816bcdacbd82b
The internal implementation of generate/revoke in system_server is now
asynchronous. To keep existing clients working, the manager classes
introduce a blocking version of the generateChallenge calls. This change
updates Settings to use the backward-compatible blocking calls.
Bug: 157790417
Test: Enroll fingerprint/face
Test: After enrollment, toggle setFeature or do subsequent enrollment
in face/fingerprint settings
Change-Id: Ib4dfdc5f12530b938ab9b1745f5a19cd9e2eceee
setActiveUser is removed from the @hide API surface and is no longer
necessary. The framework ensures that the correct user is set without
an explicit call, since userId is sent as a parameter to each of the
methods already.
Bug: 157790417
Test: See testing from frameworks/base change (12/n) from the same
gerrit topic
Change-Id: Id88b818ed0bb1f75f18ac8e9ba7aff2a9b80b319
Force a garbage collection and zeroize some fields after Activity finishes
Test: Goes through password change flow, then grab a heap dump via
adb shell 'am dumpheap $(pidof com.android.settings)
/data/local/tmp/settings.hprof'
And grep for password in the dump
Bug: 144537463
Change-Id: Idd0a04ada98900aeb2a6d20bb1270a4a4aec2cfd
This is a terminal case for both authentication as well as the
activity itself, so this should be safe.
Fixes: 158635014
Test: Builds
Change-Id: Ieef1ab305e6518dbc0ae34ad59d52da82895972a
On devices without PersistentDataBlock support, we should
always allow setting up password during provisioning.
Bug: 157451551
Test: make RunSettingsRoboTests
ROBOTEST_FILTER=com.android.settings.password
Test: On cuttlefish, file ACTION_SET_NET_PASSWORD before SUW completes
Change-Id: Ic7b5d99b38e6427750ce70fa7e38f7ef6054d4ad
In several circumstances, the ConfirmDeviceCredentialActivity
may be started while the device is being unlocked - particularly, when
the managed profile on the device has a separate challenge and the user
is attempting to start an activity associated with the locked, managed
profile. For example, by double-tapping a notification from the managed
profile or trying to reply to such a notification.
When the ConfirmDeviceCredentialActivity is started after the user has
entered the primary lockscreen challenge but before the keyguard is
fully dismissed, the activity may be started and immediately paused.
If the activity then calls finish() in onPause(), the biometric prompt
will disappear and the user will not have a chance to authenticate.
Fix the issue by only calling finish() in onPause() if the biometric
prompt has not been shown.
The flag indicating whether the activity is waiting for biometric
prompt or not needs to be cleared whenever the biometric prompt invokes
the callback, so that the activity will correctly call finish() if the
user does abort authentication.
Bug: 153689182
Bug: 141470517
Test: Manual, set up a work profile and double-tap a work notification
or try to Reply to a work GMail notification.
Change-Id: I9d3d3000b99d0eb4b44b90f5a0c2856db5f32144
This moves the dependency to PromptInfo, which isn't optimal but
is still much more readable / manageable
Bug: 149067920
Test: adb shell am start -a android.app.action.CONFIRM_DEVICE_CREDENTIAL
Change-Id: I7d9ba2084db76284d08f68dd2005190f06412a1e
* In Android R, the work challenge
UI was updated to the latest material
spec. The background and organization
color are no longer used and can be
removed.
Bug: 155464031
Test: Check Settings work challenge to
ensure code removal does not break
anything.
Change-Id: Ibc4dac2f47441751fde95485c223e61785f5aae8
* If organization name has been set for
a managed profile, work challenge
should display it as the header.
Bug: 155274026
Test: manual testing
Manual Testing Steps
* Set up device with managed profile
* Set organization name via TestDPC
* Go Settings > Security > Work profile security
and add a work profile lock
* Select 'Work profile lock' and verify
organization name is shown in header
Change-Id: I83209383fd2cf9179c34ccfdf8c097c379ec933e
Allows it to be used in more projects
Bug: 154161590
Test: Manually opened each setting that was impacted
Change-Id: Ife59074e5f8ffa76c2c81cca4022ca200bb59526
When unifying work profile challenge, keep the device lock
as long as it will still meet password requirement after unification.
If not, prompt the user to set a new device lock and only unify
work challenge after a compliant device lock is set.
Bug: 148630506
Fix: 149682344
Test: make RunSettingsRoboTests
ROBOTEST_FILTER='ChooseLockGenericTest|ChooseLockPasswordTest|ChooseLockPatternTest|LockUnificationPreferenceControllerTest'
Change-Id: I99cde2650902927f6a4cc7c0cc7c6016e0dc283f
- Assign metrics category to perferences at an earlier stage in
DashboardFragment for better usability.
Bug: 137559984
Test: robotest
Change-Id: Icd4185efa0e655be20c4b673a1380fa42140923f
CDCA is a transparent activity with the sole purpose of
requesting authentication. Since authentication is all drawn
by SystemUI, we should also stop this activity from drawing
the StatusBar.
Register to receive biometric system events (early user canceled),
so that we can finish() and start the activity transition
simultaneously. This fixes some navigation bar jank.
Bug: 148273355
Test: Set up a work profile, then install BiometricPromptDemo
Disable one-lock and set up a password/biometric for the
work profile. Lock/unlock screen, then open the work
profile version of the app. No status bar jank seen.
Change-Id: I54a352527ed007dcaf1bea14a51711e4022fe028
With an associated change to the UI of the BiometricPrompt credential
view, this commit preserves the current appearance of the CDC auth flow
by promoting the "details" string from the description to the subtitle
field of the prompt.
Test: Manually, using the TestDPC app
Bug: 152053691
Change-Id: If1d773f7f9a7b141520eac70a6cd64c09eb27f20
Allow LockScreenPattern to be launched in the pinning screen
If work profile lock is enabled and work app is pinned, users will get a
black/white screen on the phone. That's because Settings is prevented
from other apps launch any pages of Settings in the pinning mode.
In order to launch some pages of Settings from other apps, we add a
condition to the preventive mechanism and allow the activity inherited
from SettingsBaseActivity to override the condition to have the activity
to be launched from other apps in the pinning mode.
Bug: 137015265
Bug: 135604684
Test: manual test
Change-Id: I8070de79a83350d1658efcb19e983669dad0e673
(cherry picked from commit 077dd9b07f)
For work challenges, do not reset incorrect password attempts if
challenge is resolved via biometric authentication. This is the
behaviour for personal keyguard and work challenge should be
consistent.
Bug: 139438785
Test: manual: enroll work challenge with fingerprint, set failed wipe
count (3) via TestDPC and attempt two failed attempts (via cmd
lock_settings). Resolve work challenge with fingerprint and attempt one
last failed attempt. Verify work profiel is wiped.
Change-Id: Ic64d3e44f3faa5adf8ac43db09e33c8403427990
The device management app may run before the end of device provisioning,
and it may start SetNewPasswordActivity. If this happens, use
ChooseLockGeneric instead of SetupChooseLockGeneric. Only use
SetupChoseLockGeneric if SetNewPasswordActivity was started by Setup
Wizard itself.
Fixes: 151552453
Test: atest com.android.settings.password.SetNewPasswordActivityTest
Test: atest com.android.settings.password.ChooseLockGenericTest
Test: Manually run consumer and enterprise device setup
Change-Id: I3b479ed18211d6625654f266fe692f07d0047e4f
Currently if a work profile with a separate lock is turned off
(a.k.a. in quiet mode), and the user has forgotten the password,
profile owner app cannot use DPM.resetPasswordWithToken because
the profile user is not running.
In BYOD case the user can remove and re-provision the profile but
in the new COPE mode (a.k.a. on an organization owned device with
work profile) it is not possible to remove the profile. So full
factory reset is required.
This CL allows the user to start the profile in locked state
(a.k.a direct boot mode) so that the admin can reset the password.
This CL adds "Forgot my password" button to work profile credential prompt
if all of the following conditions are true:
* Work profile is turned off
* Profile owner app is capable of running in direct boot mode.
* Profile owner app has an active password reset token.
* The device is an FBE device (otherwise profile will be unlocked).
Clicking this button starts the profile in locked state and shows an
activity to the user that instruct them to go to their IT admin.
Bug: 143516540
Test: manual
Change-Id: I832f7121b43e39161c5afa816f44ce89584b66e2
Invokes the new hidden API to allow the work authentication prompt to
supply specific text to BiometricPrompt for credential auth. This
allows the prompt to use work-specific language when verifying work
credentials, while retaining more generic language when authenticating
with biometrics.
Test: Work lock prompt shows "Enter your work ___" for credential
Test: Work lock prompt now shows "Verify it's you" for face
Bug: 149003660
Change-Id: Icab8e16702ca31d08fa8b0b00f0519c9a37f609f
* Updated text and description for PIN, password and pattern
* Added enterprise logo to work profile lock
Bug: 141290838
Test: Manual testing
atest com.android.systemui.biometrics.AuthBiometricViewTest
atest com.android.systemui.biometrics.AuthContainerViewTest
Change-Id: Iac6c9ca15e7446cbd7cce9fc1a1ac4e1c867bf31
* The incorrect string was being displayed when the user
was asked to enter their pin/password.
* Updated the string to include **work** instead of
**device** when entering a work pin/password.
Bug: 148211118
Test: Manual testing
Change-Id: I2239a5011dec62fd63574bbf75495548ddd0d907
CDCA no longer needs to cancel authentication in onPause. Since it
internally invokes BiometricPrompt, and BiometricPrompt's components e.g.
BiometricService and AuthController are aware of the "top-ness" of its
client, this code is redundant.
Fixes: 145991060
Test: Follow comment#3 in the bug above, repeat 10+ times
Test: Set up work profile, set up work profile password. Open work profile
app, but before entering password, swipe up to go to home screen.
Authentication is cancelled as expected.
Change-Id: I0b4d7d89cb9801ddbb6e3bd07f71191035cc75ec
* Updated FrameLayout of work profile lock in Settings to use GlifLayout
* Removed old background image of work profile lock
* Updated text for PIN, password and pattern
* Added enterprise logo to work profile lock
Bug: 141290838
Test: Manual testing
atest com.android.settings.password
Change-Id: Ie09974857b6c76a182a8075b9e1964a2e0af0de9
Test: Verified disabling fingerprint will not allow
the user to unlock work apps with fingerprint. (But can use fingeprint
within apps.)
Test: Verified disabling face and/or iris on a fingerprint device will
continue to
allow the user to unlock work apps with fingerprint.
Test: Verified disabling face on a face authentication device
will not allow the user to unlock work apps with face authentication.
(But can use face
authentication within apps.)
Test: Verified disabling fingerprint and/or iris on a face
authentication device will continue to allow the user to unlock work
apps with face authentication.
Change-Id: I2f72a85f39ec539e6c6bc2cf710ed2f5ebeb5f9a
- Search box is hidden if user set intent extra isSetupFlow true
Fixes: 135717823
Test: search box is hidden in the following command
adb shell am start -a android.settings.SETTINGS --ez isSetupFlow true
Change-Id: Ia3d955c9390d6b0eef9391b9b35b6a483eb63d26
Test: Verified disabling fingerprint will not allow
the user to unlock work apps with fingerprint. (But can use fingeprint
within apps.)
Test: Verified disabling face and/or iris on a fingerprint device will
continue to
allow the user to unlock work apps with fingerprint.
Test: Verified disabling face on a face authentication device
will not allow the user to unlock work apps with face authentication.
(But can use face
authentication within apps.)
Test: Verified disabling fingerprint and/or iris on a face
authentication device will continue to allow the user to unlock work
apps with face authentication.
Bug: 141382589
Change-Id: I74135dd9f6afb1b789302ad0af3daf8a73a4181b
If the user currently doesn't have a password and transitions
into another empty lockscreen (none -> swipe or swipe -> none),
there is no need to call setLockCredential.
Bug: 142701762
Test: Not yet :(
Change-Id: I553c8b30c7414775185d632660d962a73607baca
Previously, the biometrics were only cleared if the password was cleared from the Settings.
Moved the logic from the Settings app to the system server side.
Now, the biometrics will be removed no matter how the password is cleared (Settings, adb, TestDPC).
Bug: 130653263
Test: Atest LockSettingsServiceTests
manual testing from Settings, adb and TestDPC
Change-Id: I864b93404ec5cadb0685ac5d41376bf64ebde6f7
Bug: 140128468
Test: Verified with biometricpromptdemo that confirm device credential
still works correctly.
Change-Id: I0f608ba1256c696317402f56549452bf6933066b
