Check foreground and appOps for BiometricPrompt#authenticate

Bug: 158481661

Test: Callers with incorrect opPackageName are no longer able to
      request auth
Test: Callers not in foreground are no longer able to request auth
Test: atest AuthServiceTest
Change-Id: Ic26e47c11395a5fded1d2ab3e75466fdbd6c2f1b
Merged-In: Ic26e47c11395a5fded1d2ab3e75466fdbd6c2f1b