Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 11dddec1 authored by Beverly's avatar Beverly Committed by Beverly Tai
Browse files

Allow udfps when strong auth is required 

Only disallow UDFPS usage if the device is
in lockdown or reboot. Otherwise, (for reasons like TIMEOUT
or SOME_AUTH_REQUIRED_AFTER_USER_REQUEST), we
allow the user to use fingerprint to authenticate; however,
the we will immediately bring up the bouncer instead of entering the
device.

Test: manual
Test: atest KeyguardUpdateMonitorTest
Fixes: 205556311
Change-Id: Ia7e56b7d9b857a76036161cbd6edd981bed3bb6c
parent 5505530a

packages/SystemUI/src/com/android/keyguard/KeyguardListenModel.kt

+1 −3
Original line number Diff line number Diff line
@@ -38,10 +38,8 @@ data class KeyguardFingerprintListenModel( 
    val shouldListenForFingerprintAssistant: Boolean,

    val switchingUser: Boolean,

    val udfps: Boolean,

    val userDoesNotHaveTrust: Boolean,

    val userNeedsStrongAuth: Boolean

    val userDoesNotHaveTrust: Boolean

) : KeyguardListenModel()



/**

 * Verbose debug information associated with [KeyguardUpdateMonitor.shouldListenForFace].

 */

packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java

+10 −5
Original line number Diff line number Diff line
@@ -2222,11 +2222,9 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
                !(mFingerprintLockedOut && mBouncer && mCredentialAttempted);



        final boolean isEncryptedOrLockdownForUser = isEncryptedOrLockdown(user);

        final boolean userNeedsStrongAuth = userNeedsStrongAuth();

        final boolean shouldListenUdfpsState = !isUdfps

                || (!userCanSkipBouncer

                    && !isEncryptedOrLockdownForUser

                    && !userNeedsStrongAuth

                    && userDoesNotHaveTrust

                    && !mFingerprintLockedOut);
@@ -2257,8 +2255,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
                        shouldListenForFingerprintAssistant,

                        mSwitchingUser,

                        isUdfps,

                        userDoesNotHaveTrust,

                        userNeedsStrongAuth));

                        userDoesNotHaveTrust));

        }



        return shouldListen;
@@ -2362,7 +2359,15 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
                || (DEBUG_FINGERPRINT

                    && model instanceof KeyguardFingerprintListenModel

                    && mFingerprintRunningState != BIOMETRIC_STATE_RUNNING);

        if (notYetRunning && model.getListening()) {

        final boolean running =

                (DEBUG_FACE

                        && model instanceof KeyguardFaceListenModel

                        && mFaceRunningState == BIOMETRIC_STATE_RUNNING)

                        || (DEBUG_FINGERPRINT

                        && model instanceof KeyguardFingerprintListenModel

                        && mFingerprintRunningState == BIOMETRIC_STATE_RUNNING);

        if (notYetRunning && model.getListening()

                || running && !model.getListening()) {

            mListenModels.add(model);

        }

    }

packages/SystemUI/tests/src/com/android/keyguard/KeyguardListenQueueTest.kt

+1 −2
Original line number Diff line number Diff line
@@ -75,8 +75,7 @@ private fun fingerprintModel(user: Int) = KeyguardFingerprintListenModel( 
    shouldListenForFingerprintAssistant = false,

    switchingUser = false,

    udfps = false,

    userDoesNotHaveTrust = false,

    userNeedsStrongAuth = false

    userDoesNotHaveTrust = false

)



private fun faceModel(user: Int) = KeyguardFaceListenModel(

packages/SystemUI/tests/src/com/android/keyguard/KeyguardUpdateMonitorTest.java

+14 −0
Original line number Diff line number Diff line
@@ -19,6 +19,7 @@ package com.android.keyguard; 
import static android.telephony.SubscriptionManager.DATA_ROAMING_DISABLE;

import static android.telephony.SubscriptionManager.NAME_SOURCE_CARRIER_ID;



import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_USER_REQUEST;

import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_BOOT;



import static com.google.common.truth.Truth.assertThat;
@@ -960,6 +961,19 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { 
        assertThat(mKeyguardUpdateMonitor.shouldListenForFingerprint(true)).isEqualTo(false);

    }



    @Test

    public void testStartUdfpsServiceStrongAuthRequiredAfterTimeout() {

        // GIVEN status bar state is on the keyguard

        mStatusBarStateListener.onStateChanged(StatusBarState.KEYGUARD);



        // WHEN user loses smart unlock trust

        when(mStrongAuthTracker.getStrongAuthForUser(KeyguardUpdateMonitor.getCurrentUser()))

                .thenReturn(SOME_AUTH_REQUIRED_AFTER_USER_REQUEST);



        // THEN we should still listen for udfps

        assertThat(mKeyguardUpdateMonitor.shouldListenForFingerprint(true)).isEqualTo(true);

    }



    @Test

    public void testShouldNotListenForUdfps_whenTrustEnabled() {

        // GIVEN a "we should listen for udfps" state