Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit eea45735 authored by Wenhao Wang's avatar Wenhao Wang Committed by Automerger Merge Worker
Browse files

Merge "Add command to require strong auth" am: de6f930c 

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/2056513



Change-Id: I27dea99e4c982cc9ceb8fdd58af0ae6e9ab9a398
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents b869ffc4 de6f930c

services/core/java/com/android/server/locksettings/LockSettingsShellCommand.java

+29 −0
Original line number Diff line number Diff line
@@ -18,12 +18,14 @@ package com.android.server.locksettings; 


import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_NONE;

import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PATTERN;

import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;



import android.app.ActivityManager;

import android.app.admin.PasswordMetrics;

import android.content.Context;

import android.os.ShellCommand;

import android.os.SystemProperties;

import android.os.UserHandle;

import android.text.TextUtils;

import android.util.Slog;
@@ -48,6 +50,8 @@ class LockSettingsShellCommand extends ShellCommand { 
    private static final String COMMAND_REMOVE_CACHE = "remove-cache";

    private static final String COMMAND_SET_ROR_PROVIDER_PACKAGE =

            "set-resume-on-reboot-provider-package";

    private static final String COMMAND_REQUIRE_STRONG_AUTH =

            "require-strong-auth";

    private static final String COMMAND_HELP = "help";



    private int mCurrentUserId;
@@ -97,6 +101,9 @@ class LockSettingsShellCommand extends ShellCommand { 
                case COMMAND_SET_ROR_PROVIDER_PACKAGE:

                    runSetResumeOnRebootProviderPackage();

                    return 0;

                case COMMAND_REQUIRE_STRONG_AUTH:

                    runRequireStrongAuth();

                    return 0;

                case COMMAND_HELP:

                    onHelp();

                    return 0;
@@ -192,6 +199,10 @@ class LockSettingsShellCommand extends ShellCommand { 
            pw.println("    Sets the package name for server based resume on reboot service "

                    + "provider.");

            pw.println("");

            pw.println("  require-strong-auth [--user USER_ID] <reason>");

            pw.println("    Requires the strong authentication. The current supported reasons: "

                    + "STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN.");

            pw.println("");

        }

    }
@@ -288,6 +299,24 @@ class LockSettingsShellCommand extends ShellCommand { 
        return true;

    }



    private boolean runRequireStrongAuth() {

        final String reason = mNew;

        int strongAuthReason;

        switch (reason) {

            case "STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN":

                strongAuthReason = STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;

                mCurrentUserId = UserHandle.USER_ALL;

                break;

            default:

                getErrPrintWriter().println("Unsupported reason: " + reason);

                return false;

        }

        mLockPatternUtils.requireStrongAuth(strongAuthReason, mCurrentUserId);

        getOutPrintWriter().println("Require strong auth for USER_ID "

                + mCurrentUserId + " because of " + mNew);

        return true;

    }



    private boolean runClear() {

        LockscreenCredential none = LockscreenCredential.createNone();

        if (!isNewCredentialSufficient(none)) {

services/tests/servicestests/src/com/android/server/locksettings/LockSettingsShellCommandTest.java

+16 −0
Original line number Diff line number Diff line
@@ -25,6 +25,8 @@ import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC; 
import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_SOMETHING;

import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;



import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN;



import static junit.framework.Assert.assertEquals;



import static org.mockito.ArgumentMatchers.anyInt;
@@ -48,6 +50,7 @@ import android.os.Looper; 
import android.os.Process;

import android.os.ResultReceiver;

import android.os.ShellCallback;

import android.os.UserHandle;

import android.platform.test.annotations.Presubmit;



import androidx.test.InstrumentationRegistry;
@@ -370,6 +373,19 @@ public class LockSettingsShellCommandTest { 
                mUserId);

    }



    @Test

    public void testRequireStrongAuth_STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN() throws Exception {

        when(mLockPatternUtils.isSecure(mUserId)).thenReturn(true);



        assertEquals(0, mCommand.exec(new Binder(), in, out, err,

                new String[] { "require-strong-auth", "STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN"},

                mShellCallback, mResultReceiver));



        verify(mLockPatternUtils).requireStrongAuth(

                STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN,

                UserHandle.USER_ALL);

    }



    private List<LockPatternView.Cell> stringToPattern(String str) {

        return LockPatternUtils.byteArrayToPattern(str.getBytes());

    }