Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8837ad0a authored by Diya Bera's avatar Diya Bera
Browse files

Use parent profile for device credential 

Flag: Flags.ENABLE_BIOMETRICS_TO_UNLOCK_PRIVATE_SPACE
Bug: 320458435
Test: atest CredentialInteractorImplTest

Change-Id: I8e0215a8281aa4882691677125d76077fb948bc5
parent 0d3b9e3b

core/api/test-current.txt

+1 −0
Original line number Diff line number Diff line
@@ -1548,6 +1548,7 @@ package android.hardware.biometrics { 


  public static class BiometricPrompt.Builder {

    method @NonNull @RequiresPermission(anyOf={android.Manifest.permission.TEST_BIOMETRIC, "android.permission.USE_BIOMETRIC_INTERNAL"}) public android.hardware.biometrics.BiometricPrompt.Builder setAllowBackgroundAuthentication(boolean);

    method @FlaggedApi("android.multiuser.enable_biometrics_to_unlock_private_space") @NonNull @RequiresPermission(anyOf={android.Manifest.permission.TEST_BIOMETRIC, "android.permission.USE_BIOMETRIC_INTERNAL"}) public android.hardware.biometrics.BiometricPrompt.Builder setAllowBackgroundAuthentication(boolean, boolean);

    method @NonNull @RequiresPermission(anyOf={android.Manifest.permission.TEST_BIOMETRIC, "android.permission.USE_BIOMETRIC_INTERNAL"}) public android.hardware.biometrics.BiometricPrompt.Builder setAllowedSensorIds(@NonNull java.util.List<java.lang.Integer>);

  }

core/java/android/hardware/biometrics/BiometricPrompt.java

+24 −1
Original line number Diff line number Diff line
@@ -22,8 +22,9 @@ import static android.Manifest.permission.USE_BIOMETRIC; 
import static android.Manifest.permission.USE_BIOMETRIC_INTERNAL;

import static android.hardware.biometrics.BiometricManager.Authenticators;

import static android.hardware.biometrics.Flags.FLAG_ADD_KEY_AGREEMENT_CRYPTO_OBJECT;

import static android.hardware.biometrics.Flags.FLAG_GET_OP_ID_CRYPTO_OBJECT;

import static android.hardware.biometrics.Flags.FLAG_CUSTOM_BIOMETRIC_PROMPT;

import static android.hardware.biometrics.Flags.FLAG_GET_OP_ID_CRYPTO_OBJECT;

import static android.multiuser.Flags.FLAG_ENABLE_BIOMETRICS_TO_UNLOCK_PRIVATE_SPACE;



import android.annotation.CallbackExecutor;

import android.annotation.DrawableRes;
@@ -500,6 +501,28 @@ public class BiometricPrompt implements BiometricAuthenticator, BiometricConstan 
            return this;

        }



        /**

         * Remove {@link Builder#setAllowBackgroundAuthentication(boolean)} once

         * FLAG_ENABLE_BIOMETRICS_TO_UNLOCK_PRIVATE_SPACE is enabled.

         *

         * @param allow If true, allows authentication when the calling package is not in the

         *              foreground. This is set to false by default.

         * @param useParentProfileForDeviceCredential If true, uses parent profile for device

         *                                            credential IME request

         * @return This builder

         * @hide

         */

        @FlaggedApi(FLAG_ENABLE_BIOMETRICS_TO_UNLOCK_PRIVATE_SPACE)

        @TestApi

        @NonNull

        @RequiresPermission(anyOf = {TEST_BIOMETRIC, USE_BIOMETRIC_INTERNAL})

        public Builder setAllowBackgroundAuthentication(boolean allow,

                boolean useParentProfileForDeviceCredential) {

            mPromptInfo.setAllowBackgroundAuthentication(allow);

            mPromptInfo.setUseParentProfileForDeviceCredential(useParentProfileForDeviceCredential);

            return this;

        }



        /**

         * If set check the Device Policy Manager for disabled biometrics.

         *

core/java/android/hardware/biometrics/PromptInfo.java

+15 −0
Original line number Diff line number Diff line
@@ -55,6 +55,7 @@ public class PromptInfo implements Parcelable { 
    private boolean mIgnoreEnrollmentState;

    private boolean mIsForLegacyFingerprintManager = false;

    private boolean mShowEmergencyCallButton = false;

    private boolean mUseParentProfileForDeviceCredential = false;



    public PromptInfo() {
@@ -85,6 +86,7 @@ public class PromptInfo implements Parcelable { 
        mIgnoreEnrollmentState = in.readBoolean();

        mIsForLegacyFingerprintManager = in.readBoolean();

        mShowEmergencyCallButton = in.readBoolean();

        mUseParentProfileForDeviceCredential = in.readBoolean();

    }



    public static final Creator<PromptInfo> CREATOR = new Creator<PromptInfo>() {
@@ -129,6 +131,7 @@ public class PromptInfo implements Parcelable { 
        dest.writeBoolean(mIgnoreEnrollmentState);

        dest.writeBoolean(mIsForLegacyFingerprintManager);

        dest.writeBoolean(mShowEmergencyCallButton);

        dest.writeBoolean(mUseParentProfileForDeviceCredential);

    }



    // LINT.IfChange
@@ -181,6 +184,13 @@ public class PromptInfo implements Parcelable { 
        }

        return false;

    }



    /**

     * Returns if parent profile needs to be used for device credential.

     */

    public boolean shouldUseParentProfileForDeviceCredential() {

        return mUseParentProfileForDeviceCredential;

    }

    // LINT.ThenChange(frameworks/base/core/java/android/hardware/biometrics/BiometricPrompt.java)



    // Setters
@@ -281,6 +291,11 @@ public class PromptInfo implements Parcelable { 
        mShowEmergencyCallButton = showEmergencyCallButton;

    }



    public void setUseParentProfileForDeviceCredential(

            boolean useParentProfileForDeviceCredential) {

        mUseParentProfileForDeviceCredential = useParentProfileForDeviceCredential;

    }



    // Getters

    @DrawableRes

    public int getLogoRes() {

packages/SystemUI/shared/biometrics/src/com/android/systemui/biometrics/shared/model/BiometricUserInfo.kt

+4 −0
Original line number Diff line number Diff line
@@ -21,8 +21,12 @@ package com.android.systemui.biometrics.shared.model 
 *

 * If the user's fallback credential is owned by another profile user the [deviceCredentialOwnerId]

 * will differ from the user's [userId].

 *

 * If prompt requests to use the user's parent profile for device credential,

 * [userIdForPasswordEntry] might differ from the user's [userId].

 */

data class BiometricUserInfo(

    val userId: Int,

    val deviceCredentialOwnerId: Int = userId,

    val userIdForPasswordEntry: Int = userId,

)

packages/SystemUI/src/com/android/systemui/biometrics/domain/interactor/CredentialInteractor.kt

+7 −1
Original line number Diff line number Diff line
@@ -7,9 +7,9 @@ import android.os.UserManager 
import com.android.internal.widget.LockPatternUtils

import com.android.internal.widget.LockscreenCredential

import com.android.internal.widget.VerifyCredentialResponse

import com.android.systemui.res.R

import com.android.systemui.biometrics.domain.model.BiometricPromptRequest

import com.android.systemui.dagger.qualifiers.Application

import com.android.systemui.res.R

import com.android.systemui.util.time.SystemClock

import javax.inject.Inject

import kotlinx.coroutines.delay
@@ -29,6 +29,9 @@ interface CredentialInteractor { 
    /** Get the effective user id (profile owner, if one exists) */

    fun getCredentialOwnerOrSelfId(userId: Int): Int



    /** Get parent user profile (if exists) */

    fun getParentProfileIdOrSelfId(userId: Int): Int



    /**

     * Verifies a credential and returns a stream of results.

     *
@@ -58,6 +61,9 @@ constructor( 
    override fun getCredentialOwnerOrSelfId(userId: Int): Int =

        userManager.getCredentialOwnerProfile(userId)



    override fun getParentProfileIdOrSelfId(userId: Int): Int =

        userManager.getProfileParent(userId).id



    override fun verifyCredential(

        request: BiometricPromptRequest.Credential,

        credential: LockscreenCredential,