Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dc498938 authored by Joe Bolinger's avatar Joe Bolinger
Browse files

Check cancel status whenever cookies are received. 

Bug: 194405579
Bug: 189451155
Test: atest AuthSessionTest
Change-Id: I8073b8b22d06770ef0f2838d61ac3f27893a26e9
parent c300c9d7

services/core/java/com/android/server/biometrics/AuthSession.java

+10 −0
Original line number Diff line number Diff line
@@ -142,6 +142,7 @@ public final class AuthSession implements IBinder.DeathRecipient { 
    private @BiometricMultiSensorMode int mMultiSensorMode;

    private @MultiSensorState int mMultiSensorState;

    private int[] mSensors;

    private boolean mCancelled;

    // For explicit confirmation, do not send to keystore until the user has confirmed

    // the authentication.

    private byte[] mTokenEscrow;
@@ -187,6 +188,7 @@ public final class AuthSession implements IBinder.DeathRecipient { 
        mPromptInfo = promptInfo;

        mDebugEnabled = debugEnabled;

        mFingerprintSensorProperties = fingerprintSensorProperties;

        mCancelled = false;



        try {

            mClientReceiver.asBinder().linkToDeath(this, 0 /* flags */);
@@ -270,6 +272,11 @@ public final class AuthSession implements IBinder.DeathRecipient { 
    }



    void onCookieReceived(int cookie) {

        if (mCancelled) {

            Slog.w(TAG, "Received cookie but already cancelled (ignoring): " + cookie);

            return;

        }



        for (BiometricSensor sensor : mPreAuthInfo.eligibleSensors) {

            sensor.goToStateCookieReturnedIfCookieMatches(cookie);

        }
@@ -775,6 +782,8 @@ public final class AuthSession implements IBinder.DeathRecipient { 
     * @return true if this AuthSession is finished, e.g. should be set to null

     */

    boolean onCancelAuthSession(boolean force) {

        mCancelled = true;



        final boolean authStarted = mState == STATE_AUTH_CALLED

                || mState == STATE_AUTH_STARTED

                || mState == STATE_AUTH_STARTED_UI_SHOWING;
@@ -901,6 +910,7 @@ public final class AuthSession implements IBinder.DeathRecipient { 
    @Override

    public String toString() {

        return "State: " + mState

                + ", cancelled: " + mCancelled

                + ", isCrypto: " + isCrypto()

                + ", PreAuthInfo: " + mPreAuthInfo;

    }

services/tests/servicestests/src/com/android/server/biometrics/AuthSessionTest.java

+26 −0
Original line number Diff line number Diff line
@@ -184,6 +184,32 @@ public class AuthSessionTest { 
        }

    }



    @Test

    public void testCancelReducesAppetiteForCookies() throws Exception {

        setupFace(0 /* id */, false /* confirmationAlwaysRequired */,

                mock(IBiometricAuthenticator.class));

        setupFingerprint(1 /* id */, FingerprintSensorProperties.TYPE_UDFPS_OPTICAL);



        final AuthSession session = createAuthSession(mSensors,

                false /* checkDevicePolicyManager */,

                Authenticators.BIOMETRIC_STRONG,

                44 /* operationId */,

                2 /* userId */);



        session.goToInitialState();



        for (BiometricSensor sensor : session.mPreAuthInfo.eligibleSensors) {

            assertEquals(BiometricSensor.STATE_WAITING_FOR_COOKIE, sensor.getSensorState());

        }



        session.onCancelAuthSession(false /* force */);



        for (BiometricSensor sensor : session.mPreAuthInfo.eligibleSensors) {

            session.onCookieReceived(sensor.getCookie());

            assertEquals(BiometricSensor.STATE_CANCELING, sensor.getSensorState());

        }

    }



    @Test

    public void testMultiAuth_singleSensor_fingerprintSensorStartsAfterDialogAnimationCompletes()

            throws Exception {