Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7828a484 authored by Chandru's avatar Chandru
Browse files

Do not run face auth if face is locked out and don't transition to 

bouncer when face is locked out.

Fixes: 244402839
Test: atest KeyguardUpdateMonitorTest
Test: Enroll only face auth, on keyguard attempt unsuccessful face
unlock until face unlock is locked out, from the bouncer swipe back to
go back to keyguard.

Change-Id: I275d60fcaa644c00fc5bbc20199569323709f81a
parent fcbb9f98

packages/SystemUI/src/com/android/keyguard/KeyguardListenModel.kt

+3 −1
Original line number Diff line number Diff line
@@ -55,6 +55,8 @@ data class KeyguardFaceListenModel( 
    val bouncerIsOrWillShow: Boolean,

    val faceAuthenticated: Boolean,

    val faceDisabled: Boolean,

    val faceLockedOut: Boolean,

    val fpLockedOut: Boolean,

    val goingToSleep: Boolean,

    val keyguardAwakeExcludingBouncerShowing: Boolean,

    val keyguardGoingAway: Boolean,
@@ -65,7 +67,7 @@ data class KeyguardFaceListenModel( 
    val scanningAllowedByStrongAuth: Boolean,

    val secureCameraLaunched: Boolean,

    val switchingUser: Boolean,

    val udfpsBouncerShowing: Boolean

    val udfpsBouncerShowing: Boolean,

) : KeyguardListenModel()

/**

 * Verbose debug information associated with [KeyguardUpdateMonitor.shouldTriggerActiveUnlock].

packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java

+4 −1
Original line number Diff line number Diff line
@@ -2626,6 +2626,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
        final boolean biometricEnabledForUser = mBiometricEnabledForUser.get(user);

        final boolean shouldListenForFaceAssistant = shouldListenForFaceAssistant();

        final boolean onlyFaceEnrolled = isOnlyFaceEnrolled();

        final boolean fpOrFaceIsLockedOut = isFaceLockedOut() || fpLockedout;



        // Only listen if this KeyguardUpdateMonitor belongs to the primary user. There is an

        // instance of KeyguardUpdateMonitor for each user but KeyguardUpdateMonitor is user-aware.
@@ -2642,7 +2643,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
                && strongAuthAllowsScanning && mIsPrimaryUser

                && (!mSecureCameraLaunched || mOccludingAppRequestingFace)

                && !faceAuthenticated

                && !fpLockedout;

                && !fpOrFaceIsLockedOut;



        // Aggregate relevant fields for debug logging.

        maybeLogListenerModelData(
@@ -2657,6 +2658,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab 
                    mBouncerIsOrWillBeShowing,

                    faceAuthenticated,

                    faceDisabledForUser,

                    isFaceLockedOut(),

                    fpLockedout,

                    mGoingToSleep,

                    awakeKeyguardExcludingBouncerShowing,

                    mKeyguardGoingAway,

packages/SystemUI/src/com/android/systemui/statusbar/phone/BiometricUnlockController.java

+1 −5
Original line number Diff line number Diff line
@@ -23,7 +23,6 @@ import android.content.res.Resources; 
import android.hardware.biometrics.BiometricFaceConstants;

import android.hardware.biometrics.BiometricFingerprintConstants;

import android.hardware.biometrics.BiometricSourceType;

import android.hardware.face.FaceManager;

import android.hardware.fingerprint.FingerprintManager;

import android.metrics.LogMaker;

import android.os.Handler;
@@ -683,10 +682,7 @@ public class BiometricUnlockController extends KeyguardUpdateMonitorCallback imp 
        final boolean fingerprintLockout = biometricSourceType == BiometricSourceType.FINGERPRINT

                && (msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT

                || msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT);

        final boolean faceLockout = biometricSourceType == BiometricSourceType.FACE

                && (msgId == FaceManager.FACE_ERROR_LOCKOUT

                || msgId == FaceManager.FACE_ERROR_LOCKOUT_PERMANENT);

        if (fingerprintLockout || faceLockout) {

        if (fingerprintLockout) {

            startWakeAndUnlock(MODE_SHOW_BOUNCER);

            UI_EVENT_LOGGER.log(BiometricUiEvent.BIOMETRIC_BOUNCER_SHOWN, getSessionId());

        }

packages/SystemUI/tests/src/com/android/keyguard/KeyguardListenQueueTest.kt

+3 −1
Original line number Diff line number Diff line
@@ -90,6 +90,8 @@ private fun faceModel(user: Int) = KeyguardFaceListenModel( 
    onlyFaceEnrolled = false,

    faceAuthenticated = false,

    faceDisabled = false,

    faceLockedOut = false,

    fpLockedOut = false,

    goingToSleep = false,

    keyguardAwakeExcludingBouncerShowing = false,

    keyguardGoingAway = false,
@@ -99,5 +101,5 @@ private fun faceModel(user: Int) = KeyguardFaceListenModel( 
    scanningAllowedByStrongAuth = false,

    secureCameraLaunched = false,

    switchingUser = false,

    udfpsBouncerShowing = false

    udfpsBouncerShowing = false,

)

packages/SystemUI/tests/src/com/android/keyguard/KeyguardUpdateMonitorTest.java

+33 −7
Original line number Diff line number Diff line
@@ -19,6 +19,7 @@ package com.android.keyguard; 
import static android.app.StatusBarManager.SESSION_KEYGUARD;

import static android.hardware.biometrics.BiometricFingerprintConstants.FINGERPRINT_ACQUIRED_START;

import static android.hardware.biometrics.BiometricFingerprintConstants.FINGERPRINT_ERROR_LOCKOUT;

import static android.hardware.biometrics.BiometricFingerprintConstants.FINGERPRINT_ERROR_LOCKOUT_PERMANENT;

import static android.telephony.SubscriptionManager.DATA_ROAMING_DISABLE;

import static android.telephony.SubscriptionManager.NAME_SOURCE_CARRIER_ID;
@@ -750,8 +751,7 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { 
        mTestableLooper.processAllMessages();

        mKeyguardUpdateMonitor.onKeyguardVisibilityChanged(true);



        mKeyguardUpdateMonitor.mFaceAuthenticationCallback

                .onAuthenticationError(FaceManager.FACE_ERROR_LOCKOUT_PERMANENT, "");

        faceAuthLockedOut();



        verify(mLockPatternUtils, never()).requireStrongAuth(anyInt(), anyInt());

    }
@@ -763,7 +763,7 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { 
        mKeyguardUpdateMonitor.onKeyguardVisibilityChanged(true);



        mKeyguardUpdateMonitor.mFingerprintAuthenticationCallback

                .onAuthenticationError(FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT, "");

                .onAuthenticationError(FINGERPRINT_ERROR_LOCKOUT_PERMANENT, "");



        verify(mLockPatternUtils).requireStrongAuth(anyInt(), anyInt());

    }
@@ -774,10 +774,9 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { 
        mTestableLooper.processAllMessages();

        mKeyguardUpdateMonitor.onKeyguardVisibilityChanged(true);



        mKeyguardUpdateMonitor.mFaceAuthenticationCallback

                .onAuthenticationError(FaceManager.FACE_ERROR_LOCKOUT_PERMANENT, "");

        faceAuthLockedOut();

        mKeyguardUpdateMonitor.mFingerprintAuthenticationCallback

                .onAuthenticationError(FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT, "");

                .onAuthenticationError(FINGERPRINT_ERROR_LOCKOUT_PERMANENT, "");



        verify(mLockPatternUtils).requireStrongAuth(anyInt(), anyInt());

    }
@@ -1216,7 +1215,7 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { 
    public void testShouldListenForFace_whenFpIsLockedOut_returnsFalse() throws RemoteException {

        // Face auth should run when the following is true.

        keyguardNotGoingAway();

        bouncerFullyVisibleAndNotGoingToSleep();

        occludingAppRequestsFaceAuth();

        currentUserIsPrimary();

        strongAuthNotRequired();

        biometricsEnabledForCurrentUser();
@@ -1224,6 +1223,7 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { 
        biometricsNotDisabledThroughDevicePolicyManager();

        userNotCurrentlySwitching();

        mTestableLooper.processAllMessages();

        assertThat(mKeyguardUpdateMonitor.shouldListenForFace()).isTrue();



        // Fingerprint is locked out.

        fingerprintErrorLockedOut();
@@ -1498,6 +1498,27 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { 
        assertThat(mKeyguardUpdateMonitor.shouldListenForFace()).isTrue();

    }



    @Test

    public void testShouldListenForFace_whenFaceIsLockedOut_returnsFalse()

            throws RemoteException {

        // Preconditions for face auth to run

        keyguardNotGoingAway();

        currentUserIsPrimary();

        currentUserDoesNotHaveTrust();

        biometricsNotDisabledThroughDevicePolicyManager();

        biometricsEnabledForCurrentUser();

        userNotCurrentlySwitching();

        mKeyguardUpdateMonitor.setUdfpsBouncerShowing(true);

        mTestableLooper.processAllMessages();

        assertThat(mKeyguardUpdateMonitor.shouldListenForFace()).isTrue();



        // Face is locked out.

        faceAuthLockedOut();

        mTestableLooper.processAllMessages();



        assertThat(mKeyguardUpdateMonitor.shouldListenForFace()).isFalse();

    }



    @Test

    public void testBouncerVisibility_whenBothFingerprintAndFaceIsEnrolled_stopsFaceAuth()

            throws RemoteException {
@@ -1586,6 +1607,11 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase { 
        verify(mPowerManager, never()).wakeUp(anyLong(), anyInt(), anyString());

    }



    private void faceAuthLockedOut() {

        mKeyguardUpdateMonitor.mFaceAuthenticationCallback

                .onAuthenticationError(FaceManager.FACE_ERROR_LOCKOUT_PERMANENT, "");

    }



    private void faceAuthEnabled() {

        // this ensures KeyguardUpdateMonitor updates the cached mIsFaceEnrolled flag using the

        // face manager mock wire-up in setup()