Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 31402833 authored by Kevin Chyn's avatar Kevin Chyn
Browse files

Add setting for always requiring confirmation 

Bug: 122119972

Test: Secure settings changes biometric service behavior appropriately
Change-Id: Ic2915d8ab37de22a58b1b61f34f59ad7ada0cd29
parent e1912712

core/java/android/provider/Settings.java

+16 −0
Original line number Diff line number Diff line
@@ -7834,6 +7834,19 @@ public final class Settings { 
        private static final Validator FACE_UNLOCK_APP_ENABLED_VALIDATOR =

                BOOLEAN_VALIDATOR;













        /**













         * Whether or not face unlock always requires user confirmation, meaning {@link













         * android.hardware.biometrics.BiometricPrompt.Builder#setRequireConfirmation(boolean)}













         * is always 'true'. This overrides the behavior that apps choose in the













         * setRequireConfirmation API.













         * @hide













         */













        public static final String FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION =













                "face_unlock_always_require_confirmation";

























        private static final Validator FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION_VALIDATOR =













                BOOLEAN_VALIDATOR;



























        /**















         * Whether the assist gesture should be enabled.















         *










@@ -8431,6 +8444,7 @@ public final class Settings {













            AUTOMATIC_STORAGE_MANAGER_DAYS_TO_RETAIN,















            FACE_UNLOCK_KEYGUARD_ENABLED,















            FACE_UNLOCK_APP_ENABLED,













            FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION,















            ASSIST_GESTURE_ENABLED,















            ASSIST_GESTURE_SILENCE_ALERTS_ENABLED,















            ASSIST_GESTURE_WAKE_ENABLED,










@@ -8584,6 +8598,8 @@ public final class Settings {













                    AUTOMATIC_STORAGE_MANAGER_DAYS_TO_RETAIN_VALIDATOR);















            VALIDATORS.put(FACE_UNLOCK_KEYGUARD_ENABLED, FACE_UNLOCK_KEYGUARD_ENABLED_VALIDATOR);















            VALIDATORS.put(FACE_UNLOCK_APP_ENABLED, FACE_UNLOCK_APP_ENABLED_VALIDATOR);













            VALIDATORS.put(FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION,













                    FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION_VALIDATOR);















            VALIDATORS.put(ASSIST_GESTURE_ENABLED, ASSIST_GESTURE_ENABLED_VALIDATOR);















            VALIDATORS.put(ASSIST_GESTURE_SILENCE_ALERTS_ENABLED,















                    ASSIST_GESTURE_SILENCE_ALERTS_ENABLED_VALIDATOR);

































services/core/java/com/android/server/biometrics/BiometricService.java



+23
−1




























Original line number
Diff line number
Diff line








@@ -132,10 +132,13 @@ public class BiometricService extends SystemService {













                Settings.Secure.getUriFor(Settings.Secure.FACE_UNLOCK_KEYGUARD_ENABLED);















        private final Uri FACE_UNLOCK_APP_ENABLED =















                Settings.Secure.getUriFor(Settings.Secure.FACE_UNLOCK_APP_ENABLED);













        private final Uri FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION =













                Settings.Secure.getUriFor(Settings.Secure.FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION);































        private final ContentResolver mContentResolver;















        private boolean mFaceEnabledOnKeyguard;















        private boolean mFaceEnabledForApps;













        private boolean mFaceAlwaysRequireConfirmation;































        /**















         * Creates a content observer.









@@ -158,10 +161,15 @@ public class BiometricService extends SystemService {













                    false /* notifyForDescendents */,















                    this /* observer */,















                    UserHandle.USER_CURRENT);













            mContentResolver.registerContentObserver(FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION,













                    false /* notifyForDescendents */,













                    this /* observer */,













                    UserHandle.USER_CURRENT);































            // Update the value immediately















            onChange(true /* selfChange */, FACE_UNLOCK_KEYGUARD_ENABLED);















            onChange(true /* selfChange */, FACE_UNLOCK_APP_ENABLED);













            onChange(true /* selfChange */, FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION);















        }































        @Override









@@ -185,6 +193,13 @@ public class BiometricService extends SystemService {













                                Settings.Secure.FACE_UNLOCK_APP_ENABLED,















                                1 /* default */,















                                UserHandle.USER_CURRENT) != 0;













            } else if (FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION.equals(uri)) {













                mFaceAlwaysRequireConfirmation =













                        Settings.Secure.getIntForUser(













                                mContentResolver,













                                Settings.Secure.FACE_UNLOCK_ALWAYS_REQUIRE_CONFIRMATION,













                                0 /* default */,













                                UserHandle.USER_CURRENT) != 0;















            }















        }

























@@ -195,6 +210,10 @@ public class BiometricService extends SystemService {













        boolean getFaceEnabledForApps() {















            return mFaceEnabledForApps;















        }



























        boolean getFaceAlwaysRequireConfirmation() {













            return mFaceAlwaysRequireConfirmation;













        }















    }































    private final class EnabledOnKeyguardCallback implements IBinder.DeathRecipient {










@@ -731,7 +750,7 @@ public class BiometricService extends SystemService {













                IBiometricServiceReceiver receiver, String opPackageName, Bundle bundle,















                int callingUid, int callingPid, int callingUserId, int modality) {















            try {













                final boolean requireConfirmation = bundle.getBoolean(













                boolean requireConfirmation = bundle.getBoolean(















                        BiometricPrompt.KEY_REQUIRE_CONFIRMATION, true /* default */);































                // Generate random cookies to pass to the services that should prepare to start









@@ -757,6 +776,9 @@ public class BiometricService extends SystemService {













                    Slog.w(TAG, "Iris unsupported");















                }















                if ((modality & TYPE_FACE) != 0) {













                    // Check if the user has forced confirmation to be required in Settings.













                    requireConfirmation = requireConfirmation













                            || mSettingObserver.getFaceAlwaysRequireConfirmation();















                    mFaceService.prepareForAuthentication(requireConfirmation,















                            token, sessionId, userId, mInternalReceiver, opPackageName,















                            cookie, callingUid, callingPid, callingUserId);