Loading packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java +63 −27 Original line number Diff line number Diff line Loading @@ -45,6 +45,7 @@ import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STR import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_LOCKOUT; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE; import static com.android.systemui.Flags.glanceableHubV2; import static com.android.systemui.Flags.simPinBouncerReset; import static com.android.systemui.statusbar.policy.DevicePostureController.DEVICE_POSTURE_OPENED; Loading Loading @@ -901,10 +902,27 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, CoreSt Trace.endSection(); } /** * Indicates if STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE flag is set for a given * userId. * * Returns false if FLAG_SECURE_LOCK_DEVICE is disabled. */ private boolean isSecureLockDeviceStrongBiometricAuthFlagSet(int userId) { if (!secureLockDevice()) { return false; } return containsFlag(mStrongAuthTracker.getStrongAuthForUser(userId), STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE); } @VisibleForTesting public void onFingerprintAuthenticated(int userId, boolean isStrongBiometric) { try { Assert.isMainThread(); Trace.beginSection("KeyGuardUpdateMonitor#onFingerPrintAuthenticated"); Trace.beginSection("KeyguardUpdateMonitor#onFingerprintAuthenticated"); mUserFingerprintAuthenticated.put(userId, new BiometricAuthenticated(true, isStrongBiometric)); // Update/refresh trust state only if user can skip bouncer Loading @@ -923,17 +941,27 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, CoreSt } } mHandler.sendMessageDelayed(mHandler.obtainMessage(MSG_BIOMETRIC_AUTHENTICATION_CONTINUE), mHandler.sendMessageDelayed( mHandler.obtainMessage(MSG_BIOMETRIC_AUTHENTICATION_CONTINUE), FINGERPRINT_CONTINUE_DELAY_MS); // Only authenticate fingerprint once when assistant is visible mAssistantVisible = false; if (secureLockDevice() && isSecureLockDeviceStrongBiometricAuthFlagSet(userId)) { // Disabling secure lock device / unsetting strong auth flags is handled by // SecureLockDeviceService. Log.d(TAG, "onFingerprintAuthenticated(): secure lock device is enabled - unlock " + "is handled by SecureLockDeviceService."); return; } // Report unlock with strong or non-strong biometric reportSuccessfulBiometricUnlock(isStrongBiometric, userId); } finally { Trace.endSection(); } } private void reportSuccessfulBiometricUnlock(boolean isStrongBiometric, int userId) { mBackgroundExecutor.execute( Loading Loading @@ -1200,8 +1228,16 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, CoreSt // Only authenticate face once when assistant is visible mAssistantVisible = false; if (secureLockDevice() && isSecureLockDeviceStrongBiometricAuthFlagSet(userId)) { // Disabling secure lock device / unsetting strong auth flags is handled by // SecureLockDeviceService. Log.d(TAG, "onFaceAuthenticated(): secure lock device is enabled - skipping " + "unlock because face success requires user confirmation and is handled by " + "SecureLockDeviceService."); } else { // Report unlock with strong or non-strong biometric reportSuccessfulBiometricUnlock(isStrongBiometric, userId); } Trace.endSection(); } Loading packages/SystemUI/tests/src/com/android/keyguard/KeyguardUpdateMonitorTest.java +25 −0 Original line number Diff line number Diff line Loading @@ -34,6 +34,7 @@ import static android.telephony.SubscriptionManager.PROFILE_CLASS_PROVISIONING; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_USER_REQUEST; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE; import static com.android.keyguard.KeyguardUpdateMonitor.BIOMETRIC_STATE_CANCELLING_RESTARTING; import static com.android.keyguard.KeyguardUpdateMonitor.BIOMETRIC_STATE_STOPPED; import static com.android.keyguard.KeyguardUpdateMonitor.HAL_POWER_PRESS_TIMEOUT; Loading Loading @@ -1229,6 +1230,30 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { assertThat(mKeyguardUpdateMonitor.getUserCanSkipBouncer(user)).isFalse(); } @EnableFlags(FLAG_SECURE_LOCK_DEVICE) @Test public void testDoesNotReportFingerprintUnlock_duringSecureLockDevice() { when(mStrongAuthTracker.getStrongAuthForUser(mSelectedUserInteractor.getSelectedUserId())) .thenReturn(STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE); int user = mSelectedUserInteractor.getSelectedUserId(); mKeyguardUpdateMonitor.onFingerprintAuthenticated(user, true /* isClass3Biometric */); verify(mLockPatternUtils, never()).reportSuccessfulBiometricUnlock( eq(true), eq(user)); } @EnableFlags(FLAG_SECURE_LOCK_DEVICE) @Test public void testDoesNotReportFaceUnlock_duringSecureLockDevice() { when(mStrongAuthTracker.getStrongAuthForUser(mSelectedUserInteractor.getSelectedUserId())) .thenReturn(STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE); int user = mSelectedUserInteractor.getSelectedUserId(); mKeyguardUpdateMonitor.onFaceAuthenticated(user, true /* isClass3Biometric */); verify(mLockPatternUtils, never()).reportSuccessfulBiometricUnlock( eq(true), eq(user)); } @Test public void testGetUserCanSkipBouncer_whenFingerprint() { int user = mSelectedUserInteractor.getSelectedUserId(); Loading Loading
packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java +63 −27 Original line number Diff line number Diff line Loading @@ -45,6 +45,7 @@ import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STR import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_DPM_LOCK_NOW; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_LOCKOUT; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE; import static com.android.systemui.Flags.glanceableHubV2; import static com.android.systemui.Flags.simPinBouncerReset; import static com.android.systemui.statusbar.policy.DevicePostureController.DEVICE_POSTURE_OPENED; Loading Loading @@ -901,10 +902,27 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, CoreSt Trace.endSection(); } /** * Indicates if STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE flag is set for a given * userId. * * Returns false if FLAG_SECURE_LOCK_DEVICE is disabled. */ private boolean isSecureLockDeviceStrongBiometricAuthFlagSet(int userId) { if (!secureLockDevice()) { return false; } return containsFlag(mStrongAuthTracker.getStrongAuthForUser(userId), STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE); } @VisibleForTesting public void onFingerprintAuthenticated(int userId, boolean isStrongBiometric) { try { Assert.isMainThread(); Trace.beginSection("KeyGuardUpdateMonitor#onFingerPrintAuthenticated"); Trace.beginSection("KeyguardUpdateMonitor#onFingerprintAuthenticated"); mUserFingerprintAuthenticated.put(userId, new BiometricAuthenticated(true, isStrongBiometric)); // Update/refresh trust state only if user can skip bouncer Loading @@ -923,17 +941,27 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, CoreSt } } mHandler.sendMessageDelayed(mHandler.obtainMessage(MSG_BIOMETRIC_AUTHENTICATION_CONTINUE), mHandler.sendMessageDelayed( mHandler.obtainMessage(MSG_BIOMETRIC_AUTHENTICATION_CONTINUE), FINGERPRINT_CONTINUE_DELAY_MS); // Only authenticate fingerprint once when assistant is visible mAssistantVisible = false; if (secureLockDevice() && isSecureLockDeviceStrongBiometricAuthFlagSet(userId)) { // Disabling secure lock device / unsetting strong auth flags is handled by // SecureLockDeviceService. Log.d(TAG, "onFingerprintAuthenticated(): secure lock device is enabled - unlock " + "is handled by SecureLockDeviceService."); return; } // Report unlock with strong or non-strong biometric reportSuccessfulBiometricUnlock(isStrongBiometric, userId); } finally { Trace.endSection(); } } private void reportSuccessfulBiometricUnlock(boolean isStrongBiometric, int userId) { mBackgroundExecutor.execute( Loading Loading @@ -1200,8 +1228,16 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, CoreSt // Only authenticate face once when assistant is visible mAssistantVisible = false; if (secureLockDevice() && isSecureLockDeviceStrongBiometricAuthFlagSet(userId)) { // Disabling secure lock device / unsetting strong auth flags is handled by // SecureLockDeviceService. Log.d(TAG, "onFaceAuthenticated(): secure lock device is enabled - skipping " + "unlock because face success requires user confirmation and is handled by " + "SecureLockDeviceService."); } else { // Report unlock with strong or non-strong biometric reportSuccessfulBiometricUnlock(isStrongBiometric, userId); } Trace.endSection(); } Loading
packages/SystemUI/tests/src/com/android/keyguard/KeyguardUpdateMonitorTest.java +25 −0 Original line number Diff line number Diff line Loading @@ -34,6 +34,7 @@ import static android.telephony.SubscriptionManager.PROFILE_CLASS_PROVISIONING; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_USER_REQUEST; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE; import static com.android.keyguard.KeyguardUpdateMonitor.BIOMETRIC_STATE_CANCELLING_RESTARTING; import static com.android.keyguard.KeyguardUpdateMonitor.BIOMETRIC_STATE_STOPPED; import static com.android.keyguard.KeyguardUpdateMonitor.HAL_POWER_PRESS_TIMEOUT; Loading Loading @@ -1229,6 +1230,30 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { assertThat(mKeyguardUpdateMonitor.getUserCanSkipBouncer(user)).isFalse(); } @EnableFlags(FLAG_SECURE_LOCK_DEVICE) @Test public void testDoesNotReportFingerprintUnlock_duringSecureLockDevice() { when(mStrongAuthTracker.getStrongAuthForUser(mSelectedUserInteractor.getSelectedUserId())) .thenReturn(STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE); int user = mSelectedUserInteractor.getSelectedUserId(); mKeyguardUpdateMonitor.onFingerprintAuthenticated(user, true /* isClass3Biometric */); verify(mLockPatternUtils, never()).reportSuccessfulBiometricUnlock( eq(true), eq(user)); } @EnableFlags(FLAG_SECURE_LOCK_DEVICE) @Test public void testDoesNotReportFaceUnlock_duringSecureLockDevice() { when(mStrongAuthTracker.getStrongAuthForUser(mSelectedUserInteractor.getSelectedUserId())) .thenReturn(STRONG_BIOMETRIC_AUTH_REQUIRED_FOR_SECURE_LOCK_DEVICE); int user = mSelectedUserInteractor.getSelectedUserId(); mKeyguardUpdateMonitor.onFaceAuthenticated(user, true /* isClass3Biometric */); verify(mLockPatternUtils, never()).reportSuccessfulBiometricUnlock( eq(true), eq(user)); } @Test public void testGetUserCanSkipBouncer_whenFingerprint() { int user = mSelectedUserInteractor.getSelectedUserId(); Loading
