Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f46c0ebb authored by Derek Jedral's avatar Derek Jedral
Browse files

Fix TrustAgent showing unclear string. 

TrustAgents currently show the string "Device was locked manually" if
the trustagent times out, or if lockUser() was called. Changed to show a
more generic string, informing the user that they need to authenticate
with whatever credentials they have set up (instead of using the
trustagent).

Test: LockPatternUtilsTest. Manual test lockUser and trust timeout, verify biometrics works and string appears.
Bug: 243710694
Change-Id: Ia2f3c560ad0f959f0117f8967f556c3c026747a3
parent 84d043eb

core/java/com/android/internal/widget/LockPatternUtils.java

+10 −2
Original line number Diff line number Diff line
@@ -1522,7 +1522,8 @@ public class LockPatternUtils { 
                        STRONG_AUTH_REQUIRED_AFTER_LOCKOUT,

                        STRONG_AUTH_REQUIRED_AFTER_TIMEOUT,

                        STRONG_AUTH_REQUIRED_AFTER_USER_LOCKDOWN,

                        STRONG_AUTH_REQUIRED_AFTER_NON_STRONG_BIOMETRICS_TIMEOUT})

                        STRONG_AUTH_REQUIRED_AFTER_NON_STRONG_BIOMETRICS_TIMEOUT,

                        SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED})

        @Retention(RetentionPolicy.SOURCE)

        public @interface StrongAuthFlags {}
@@ -1574,12 +1575,19 @@ public class LockPatternUtils { 
         */

        public static final int STRONG_AUTH_REQUIRED_AFTER_NON_STRONG_BIOMETRICS_TIMEOUT = 0x80;



        /**

         * Some authentication is required because the trustagent either timed out or was disabled

         * manually.

         */

        public static final int SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED = 0x100;



        /**

         * Strong auth flags that do not prevent biometric methods from being accepted as auth.

         * If any other flags are set, biometric authentication is disabled.

         */

        private static final int ALLOWING_BIOMETRIC = STRONG_AUTH_NOT_REQUIRED

                | SOME_AUTH_REQUIRED_AFTER_USER_REQUEST;

                | SOME_AUTH_REQUIRED_AFTER_USER_REQUEST

                | SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED;



        private final SparseIntArray mStrongAuthRequiredForUser = new SparseIntArray();

        private final H mHandler;

core/tests/utiltests/src/com/android/internal/util/LockPatternUtilsTest.java

+43 −0
Original line number Diff line number Diff line
@@ -19,6 +19,9 @@ package com.android.internal.util; 
import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_MANAGED;

import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;



import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED;

import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_LOCKOUT;



import static com.google.common.truth.Truth.assertThat;



import static org.junit.Assert.assertFalse;
@@ -37,6 +40,7 @@ import android.content.ComponentName; 
import android.content.Context;

import android.content.ContextWrapper;

import android.content.pm.UserInfo;

import android.os.Looper;

import android.os.RemoteException;

import android.os.UserManager;

import android.provider.Settings;
@@ -233,6 +237,45 @@ public class LockPatternUtilsTest { 
                ComponentName.unflattenFromString("com.test/.TestAgent"));

    }



    @Test

    public void isBiometricAllowedForUser_afterTrustagentExpired_returnsTrue()

            throws RemoteException {

        TestStrongAuthTracker tracker = createStrongAuthTracker();

        tracker.changeStrongAuth(SOME_AUTH_REQUIRED_AFTER_TRUSTAGENT_EXPIRED);



        assertTrue(tracker.isBiometricAllowedForUser(

                /* isStrongBiometric = */ true,

                DEMO_USER_ID));

    }



    @Test

    public void isBiometricAllowedForUser_afterLockout_returnsFalse()

            throws RemoteException {

        TestStrongAuthTracker tracker = createStrongAuthTracker();

        tracker.changeStrongAuth(STRONG_AUTH_REQUIRED_AFTER_LOCKOUT);



        assertFalse(tracker.isBiometricAllowedForUser(

                /* isStrongBiometric = */ true,

                DEMO_USER_ID));

    }





    private TestStrongAuthTracker createStrongAuthTracker() {

        final Context context = new ContextWrapper(InstrumentationRegistry.getTargetContext());

        return new TestStrongAuthTracker(context, Looper.getMainLooper());

    }



    private static class TestStrongAuthTracker extends LockPatternUtils.StrongAuthTracker {



        TestStrongAuthTracker(Context context, Looper looper) {

            super(context, looper);

        }



        public void changeStrongAuth(@StrongAuthFlags int strongAuthFlags) {

            handleStrongAuthRequiredChanged(strongAuthFlags, DEMO_USER_ID);

        }

    }



    private ILockSettings createTestLockSettings() {

        final Context context = spy(new ContextWrapper(InstrumentationRegistry.getTargetContext()));

        mLockPatternUtils = spy(new LockPatternUtils(context));

packages/SystemUI/src/com/android/keyguard/KeyguardPasswordView.java

+3 −0
Original line number Diff line number Diff line
@@ -24,6 +24,7 @@ import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_NON_STRONG 
import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_PREPARE_FOR_UPDATE;

import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_RESTART;

import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_TIMEOUT;

import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_TRUSTAGENT_EXPIRED;

import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_USER_REQUEST;



import android.animation.Animator;
@@ -106,6 +107,8 @@ public class KeyguardPasswordView extends KeyguardAbsKeyInputView { 
                return R.string.kg_prompt_reason_timeout_password;

            case PROMPT_REASON_NON_STRONG_BIOMETRIC_TIMEOUT:

                return R.string.kg_prompt_reason_timeout_password;

            case PROMPT_REASON_TRUSTAGENT_EXPIRED:

                return R.string.kg_prompt_reason_timeout_password;

            case PROMPT_REASON_NONE:

                return 0;

            default:

packages/SystemUI/src/com/android/keyguard/KeyguardPatternViewController.java

+3 −0
Original line number Diff line number Diff line
@@ -324,6 +324,9 @@ public class KeyguardPatternViewController 
            case PROMPT_REASON_NON_STRONG_BIOMETRIC_TIMEOUT:

                mMessageAreaController.setMessage(R.string.kg_prompt_reason_timeout_pattern);

                break;

            case PROMPT_REASON_TRUSTAGENT_EXPIRED:

                mMessageAreaController.setMessage(R.string.kg_prompt_reason_timeout_pattern);

                break;

            case PROMPT_REASON_NONE:

                break;

            default:

packages/SystemUI/src/com/android/keyguard/KeyguardPinBasedInputView.java

+3 −0
Original line number Diff line number Diff line
@@ -22,6 +22,7 @@ import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_NON_STRONG 
import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_PREPARE_FOR_UPDATE;

import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_RESTART;

import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_TIMEOUT;

import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_TRUSTAGENT_EXPIRED;

import static com.android.keyguard.KeyguardSecurityView.PROMPT_REASON_USER_REQUEST;



import android.animation.Animator;
@@ -123,6 +124,8 @@ public abstract class KeyguardPinBasedInputView extends KeyguardAbsKeyInputView 
                return R.string.kg_prompt_reason_timeout_pin;

            case PROMPT_REASON_NON_STRONG_BIOMETRIC_TIMEOUT:

                return R.string.kg_prompt_reason_timeout_pin;

            case PROMPT_REASON_TRUSTAGENT_EXPIRED:

                return R.string.kg_prompt_reason_timeout_pin;

            case PROMPT_REASON_NONE:

                return 0;

            default: