Add mandatory biometric prompt to platform surfaces (1/N)

    <string name="security_settings_fingerprint_single_face_watch_preference_summary">Face, fingerprint, and <xliff:g id="watch" example="Dani's Watch">%s</xliff:g> added</string>

    <string name="security_settings_fingerprint_single_face_watch_preference_summary">Face, fingerprint, and <xliff:g id="watch" example="Dani's Watch">%s</xliff:g> added</string>

    <!-- Message showing that multiple fingerprints, face, and the current watch is set up. Shown for a menu item that launches fingerprint, face,  and active unlock settings or enrollment. [CHAR LIMIT=80]-->

    <!-- Message showing that multiple fingerprints, face, and the current watch is set up. Shown for a menu item that launches fingerprint, face,  and active unlock settings or enrollment. [CHAR LIMIT=80]-->

    <string name="security_settings_fingerprint_multiple_face_watch_preference_summary">Face, fingerprints, and <xliff:g id="watch" example="Dani's Watch">%s</xliff:g> added</string>

    <string name="security_settings_fingerprint_multiple_face_watch_preference_summary">Face, fingerprints, and <xliff:g id="watch" example="Dani's Watch">%s</xliff:g> added</string>

    <!-- Description for mandatory biometrics prompt-->

    <string name="mandatory_biometrics_prompt_description">This is needed since Identity Check is on</string>

    <!-- RemoteAuth unlock enrollment and settings --><skip />

    <!-- RemoteAuth unlock enrollment and settings --><skip />

    <!-- Title shown for menu item that launches watch unlock settings. [CHAR LIMIT=40] -->

    <!-- Title shown for menu item that launches watch unlock settings. [CHAR LIMIT=40] -->

    <string name ="security_settings_remoteauth_preference_title">Remote Authenticator Unlock</string>

    <string name ="security_settings_remoteauth_preference_title">Remote Authenticator Unlock</string>

import static android.text.format.DateUtils.FORMAT_ABBREV_MONTH;

import static android.text.format.DateUtils.FORMAT_ABBREV_MONTH;

import static android.text.format.DateUtils.FORMAT_SHOW_DATE;

import static android.text.format.DateUtils.FORMAT_SHOW_DATE;

import static com.android.settings.password.ConfirmDeviceCredentialActivity.BIOMETRIC_PROMPT_AUTHENTICATORS;

import static com.android.settings.password.ConfirmDeviceCredentialActivity.BIOMETRIC_PROMPT_NEGATIVE_BUTTON_TEXT;

import android.app.ActionBar;

import android.app.ActionBar;

import android.app.Activity;

import android.app.Activity;

import android.app.ActivityManager;

import android.app.ActivityManager;

import android.graphics.drawable.BitmapDrawable;

import android.graphics.drawable.BitmapDrawable;

import android.graphics.drawable.Drawable;

import android.graphics.drawable.Drawable;

import android.graphics.drawable.VectorDrawable;

import android.graphics.drawable.VectorDrawable;

import android.hardware.biometrics.BiometricManager;

import android.hardware.biometrics.SensorProperties;

import android.hardware.biometrics.SensorProperties;

import android.hardware.face.Face;

import android.hardware.face.Face;

import android.hardware.face.FaceManager;

import android.hardware.face.FaceManager;

import com.android.settings.dashboard.profileselector.ProfileSelectFragment;

import com.android.settings.dashboard.profileselector.ProfileSelectFragment;

import com.android.settings.dashboard.profileselector.ProfileSelectFragment.ProfileType;

import com.android.settings.dashboard.profileselector.ProfileSelectFragment.ProfileType;

import com.android.settings.password.ChooseLockSettingsHelper;

import com.android.settings.password.ChooseLockSettingsHelper;

import com.android.settings.password.ConfirmDeviceCredentialActivity;

import com.android.settingslib.widget.ActionBarShadowController;

import com.android.settingslib.widget.ActionBarShadowController;

import com.android.settingslib.widget.AdaptiveIcon;

import com.android.settingslib.widget.AdaptiveIcon;

        disableComponent(pm, new ComponentName(context, Settings.CreateShortcutActivity.class));

        disableComponent(pm, new ComponentName(context, Settings.CreateShortcutActivity.class));

    }

    }

    /**

     * Request biometric authentication if all requirements for mandatory biometrics is satisfied.

     * @param context of the corresponding activity/fragment

     * @param biometricsSuccessfullyAuthenticated if the user has already authenticated using

     *                                            biometrics

     * @param biometricsAuthenticationRequested if the activity/fragment has already requested for

     *                                          biometric prompt

     * @return true if all requirements for mandatory biometrics is satisfied

     */

    public static boolean requestBiometricAuthenticationForMandatoryBiometrics(

            @NonNull Context context,

            boolean biometricsSuccessfullyAuthenticated,

            boolean biometricsAuthenticationRequested) {

        final BiometricManager biometricManager = context.getSystemService(BiometricManager.class);

        if (biometricManager == null) {

            Log.e(TAG, "Biometric Manager is null.");

            return false;

        }

        final int status = biometricManager.canAuthenticate(

                BiometricManager.Authenticators.MANDATORY_BIOMETRICS);

        return android.hardware.biometrics.Flags.mandatoryBiometrics()

                && status == BiometricManager.BIOMETRIC_SUCCESS

                && !biometricsSuccessfullyAuthenticated

                && !biometricsAuthenticationRequested;

    }

    /**

     * Launch biometric prompt for mandatory biometrics. Call

     * {@link #requestBiometricAuthenticationForMandatoryBiometrics(Context, boolean, boolean)}

     * to check if all requirements for mandatory biometrics is satisfied

     * before launching biometric prompt.

     *

     * @param fragment corresponding fragment of the surface

     * @param requestCode for starting the new activity

     */

    public static void launchBiometricPromptForMandatoryBiometrics(@NonNull Fragment fragment,

            int requestCode) {

        final Intent intent = new Intent();

        intent.putExtra(BIOMETRIC_PROMPT_AUTHENTICATORS,

                BiometricManager.Authenticators.MANDATORY_BIOMETRICS);

        intent.putExtra(BIOMETRIC_PROMPT_NEGATIVE_BUTTON_TEXT,

                fragment.getString(R.string.cancel));

        intent.putExtra(KeyguardManager.EXTRA_DESCRIPTION,

                fragment.getString(R.string.mandatory_biometrics_prompt_description));

        intent.setClassName(SETTINGS_PACKAGE_NAME,

                ConfirmDeviceCredentialActivity.class.getName());

        fragment.startActivityForResult(intent, requestCode);

    }

    private static void disableComponent(PackageManager pm, ComponentName componentName) {

    private static void disableComponent(PackageManager pm, ComponentName componentName) {

        pm.setComponentEnabledSetting(componentName,

        pm.setComponentEnabledSetting(componentName,

                PackageManager.COMPONENT_ENABLED_STATE_DISABLED, PackageManager.DONT_KILL_APP);

                PackageManager.COMPONENT_ENABLED_STATE_DISABLED, PackageManager.DONT_KILL_APP);

    public static final String EXTRA_FINISHED_ENROLL_FACE = "finished_enrolling_face";

    public static final String EXTRA_FINISHED_ENROLL_FACE = "finished_enrolling_face";

    public static final String EXTRA_FINISHED_ENROLL_FINGERPRINT = "finished_enrolling_fingerprint";

    public static final String EXTRA_FINISHED_ENROLL_FINGERPRINT = "finished_enrolling_fingerprint";

    public static final String EXTRA_LAUNCHED_POSTURE_GUIDANCE = "launched_posture_guidance";

    public static final String EXTRA_LAUNCHED_POSTURE_GUIDANCE = "launched_posture_guidance";

    public static final String EXTRA_BIOMETRICS_AUTHENTICATED_SUCCESSFULLY =

            "biometrics_authenticated_successfully";

    /**

    /**

     * Used by the choose fingerprint wizard to indicate the wizard is

     * Used by the choose fingerprint wizard to indicate the wizard is

    public static final int LEARN_MORE_REQUEST = 3;

    public static final int LEARN_MORE_REQUEST = 3;

    public static final int CONFIRM_REQUEST = 4;

    public static final int CONFIRM_REQUEST = 4;

    public static final int ENROLL_REQUEST = 5;

    public static final int ENROLL_REQUEST = 5;

    public static final int BIOMETRIC_AUTH_REQUEST = 6;

    /**

    /**

     * Request code when starting another biometric enrollment from within a biometric flow. For

     * Request code when starting another biometric enrollment from within a biometric flow. For

    static final int CONFIRM_REQUEST = 2001;

    static final int CONFIRM_REQUEST = 2001;

    private static final int CHOOSE_LOCK_REQUEST = 2002;

    private static final int CHOOSE_LOCK_REQUEST = 2002;

    protected static final int ACTIVE_UNLOCK_REQUEST = 2003;

    protected static final int ACTIVE_UNLOCK_REQUEST = 2003;

    private static final int BIOMETRIC_AUTH_REQUEST = 2004;

    private static final String SAVE_STATE_CONFIRM_CREDETIAL = "confirm_credential";

    private static final String SAVE_STATE_CONFIRM_CREDETIAL = "confirm_credential";

    private static final String DO_NOT_FINISH_ACTIVITY = "do_not_finish_activity";

    private static final String DO_NOT_FINISH_ACTIVITY = "do_not_finish_activity";

    static final String RETRY_PREFERENCE_KEY = "retry_preference_key";

    static final String RETRY_PREFERENCE_KEY = "retry_preference_key";

    @VisibleForTesting

    @VisibleForTesting

    static final String RETRY_PREFERENCE_BUNDLE = "retry_preference_bundle";

    static final String RETRY_PREFERENCE_BUNDLE = "retry_preference_bundle";

    private static final String BIOMETRICS_AUTH_REQUESTED = "biometrics_auth_requested";

    private static final String BIOMETRICS_AUTHENTICATED_SUCCESSFULLY =

            "biometrics_authenticated_successfully";

    protected int mUserId;

    protected int mUserId;

    protected long mGkPwHandle;

    protected long mGkPwHandle;

    private boolean mConfirmCredential;

    private boolean mConfirmCredential;

    private boolean mBiometricsAuthenticationRequested;

    private boolean mBiometricsSuccessfullyAuthenticated;

    @Nullable private FaceManager mFaceManager;

    @Nullable private FaceManager mFaceManager;

    @Nullable private FingerprintManager mFingerprintManager;

    @Nullable private FingerprintManager mFingerprintManager;

    // Do not finish() if choosing/confirming credential, showing fp/face settings, or launching

    // Do not finish() if choosing/confirming credential, showing fp/face settings, or launching

            mGkPwHandle = BiometricUtils.getGatekeeperPasswordHandle(getIntent());

            mGkPwHandle = BiometricUtils.getGatekeeperPasswordHandle(getIntent());

        }

        }

        mBiometricsSuccessfullyAuthenticated = getIntent().getBooleanExtra(

                BIOMETRICS_AUTHENTICATED_SUCCESSFULLY, false);

        if (savedInstanceState != null) {

        if (savedInstanceState != null) {

            mConfirmCredential = savedInstanceState.getBoolean(SAVE_STATE_CONFIRM_CREDETIAL);

            mConfirmCredential = savedInstanceState.getBoolean(SAVE_STATE_CONFIRM_CREDETIAL);

            mDoNotFinishActivity = savedInstanceState.getBoolean(DO_NOT_FINISH_ACTIVITY);

            mDoNotFinishActivity = savedInstanceState.getBoolean(DO_NOT_FINISH_ACTIVITY);

                mGkPwHandle = savedInstanceState.getLong(

                mGkPwHandle = savedInstanceState.getLong(

                        ChooseLockSettingsHelper.EXTRA_KEY_REQUEST_GK_PW_HANDLE);

                        ChooseLockSettingsHelper.EXTRA_KEY_REQUEST_GK_PW_HANDLE);

            }

            }

            mBiometricsAuthenticationRequested = savedInstanceState.getBoolean(

                    BIOMETRICS_AUTH_REQUESTED);

            mBiometricsSuccessfullyAuthenticated = savedInstanceState.getBoolean(

                    BIOMETRICS_AUTHENTICATED_SUCCESSFULLY);

        }

        }

        if (mGkPwHandle == 0L && !mConfirmCredential) {

        if (mGkPwHandle == 0L && !mConfirmCredential) {

            mConfirmCredential = true;

            mConfirmCredential = true;

            launchChooseOrConfirmLock();

            launchChooseOrConfirmLock();

        } else if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(

                getActivity(), mBiometricsSuccessfullyAuthenticated,

                mBiometricsAuthenticationRequested)) {

            mBiometricsAuthenticationRequested = true;

            Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST);

        }

        }

        updateUnlockPhonePreferenceSummary();

        updateUnlockPhonePreferenceSummary();

    @Override

    @Override

    public void onResume() {

    public void onResume() {

        super.onResume();

        super.onResume();

        if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(),

                mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested)

                && mGkPwHandle != 0L) {

            mBiometricsAuthenticationRequested = true;

            Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST);

        }

        if (!mConfirmCredential) {

        if (!mConfirmCredential) {

            mDoNotFinishActivity = false;

            mDoNotFinishActivity = false;

        }

        }

                    extras.putByteArray(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN, token);

                    extras.putByteArray(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN, token);

                    extras.putInt(BiometricEnrollBase.EXTRA_KEY_SENSOR_ID, sensorId);

                    extras.putInt(BiometricEnrollBase.EXTRA_KEY_SENSOR_ID, sensorId);

                    extras.putLong(BiometricEnrollBase.EXTRA_KEY_CHALLENGE, challenge);

                    extras.putLong(BiometricEnrollBase.EXTRA_KEY_CHALLENGE, challenge);

                    extras.putBoolean(

                            BiometricEnrollBase.EXTRA_BIOMETRICS_AUTHENTICATED_SUCCESSFULLY,

                            mBiometricsSuccessfullyAuthenticated);

                    onFaceOrFingerprintPreferenceTreeClick(preference);

                    onFaceOrFingerprintPreferenceTreeClick(preference);

                } catch (IllegalStateException e) {

                } catch (IllegalStateException e) {

                    if (retry) {

                    if (retry) {

                    final Bundle extras = preference.getExtras();

                    final Bundle extras = preference.getExtras();

                    extras.putByteArray(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN, token);

                    extras.putByteArray(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN, token);

                    extras.putLong(BiometricEnrollBase.EXTRA_KEY_CHALLENGE, challenge);

                    extras.putLong(BiometricEnrollBase.EXTRA_KEY_CHALLENGE, challenge);

                    extras.putBoolean(

                            BiometricEnrollBase.EXTRA_BIOMETRICS_AUTHENTICATED_SUCCESSFULLY,

                            mBiometricsSuccessfullyAuthenticated);

                    onFaceOrFingerprintPreferenceTreeClick(preference);

                    onFaceOrFingerprintPreferenceTreeClick(preference);

                } catch (IllegalStateException e) {

                } catch (IllegalStateException e) {

                    if (retry) {

                    if (retry) {

            outState.putString(RETRY_PREFERENCE_KEY, mRetryPreferenceKey);

            outState.putString(RETRY_PREFERENCE_KEY, mRetryPreferenceKey);

            outState.putBundle(RETRY_PREFERENCE_BUNDLE, mRetryPreferenceExtra);

            outState.putBundle(RETRY_PREFERENCE_BUNDLE, mRetryPreferenceExtra);

        }

        }

        outState.putBoolean(BIOMETRICS_AUTH_REQUESTED,

                mBiometricsAuthenticationRequested);

        outState.putBoolean(BIOMETRICS_AUTHENTICATED_SUCCESSFULLY,

                mBiometricsSuccessfullyAuthenticated);

    }

    }

    @Override

    @Override

            }

            }

            mRetryPreferenceKey = null;

            mRetryPreferenceKey = null;

            mRetryPreferenceExtra = null;

            mRetryPreferenceExtra = null;

        } else if (requestCode == BIOMETRIC_AUTH_REQUEST) {

            mBiometricsAuthenticationRequested = false;

            if (resultCode == RESULT_OK) {

                mBiometricsSuccessfullyAuthenticated = true;

            } else {

                finish();

            }

        }

        }

    }

    }

import static android.app.admin.DevicePolicyResources.Strings.Settings.FACE_SETTINGS_FOR_WORK_TITLE;

import static android.app.admin.DevicePolicyResources.Strings.Settings.FACE_SETTINGS_FOR_WORK_TITLE;

import static com.android.settings.Utils.isPrivateProfile;

import static com.android.settings.Utils.isPrivateProfile;

import static com.android.settings.biometrics.BiometricEnrollBase.BIOMETRIC_AUTH_REQUEST;

import static com.android.settings.biometrics.BiometricEnrollBase.CONFIRM_REQUEST;

import static com.android.settings.biometrics.BiometricEnrollBase.CONFIRM_REQUEST;

import static com.android.settings.biometrics.BiometricEnrollBase.ENROLL_REQUEST;

import static com.android.settings.biometrics.BiometricEnrollBase.ENROLL_REQUEST;

import static com.android.settings.biometrics.BiometricEnrollBase.EXTRA_BIOMETRICS_AUTHENTICATED_SUCCESSFULLY;

import static com.android.settings.biometrics.BiometricEnrollBase.RESULT_FINISHED;

import static com.android.settings.biometrics.BiometricEnrollBase.RESULT_FINISHED;

import static com.android.settings.biometrics.BiometricEnrollBase.RESULT_TIMEOUT;

import static com.android.settings.biometrics.BiometricEnrollBase.RESULT_TIMEOUT;

    private static final String TAG = "FaceSettings";

    private static final String TAG = "FaceSettings";

    private static final String KEY_TOKEN = "hw_auth_token";

    private static final String KEY_TOKEN = "hw_auth_token";

    private static final String KEY_RE_ENROLL_FACE = "re_enroll_face_unlock";

    private static final String KEY_RE_ENROLL_FACE = "re_enroll_face_unlock";

    private static final String KEY_BIOMETRICS_SUCCESSFULLY_AUTHENTICATED =

            "biometrics_successfully_authenticated";

    private static final String PREF_KEY_DELETE_FACE_DATA =

    private static final String PREF_KEY_DELETE_FACE_DATA =

            "security_settings_face_delete_faces_container";

            "security_settings_face_delete_faces_container";

    private FaceFeatureProvider mFaceFeatureProvider;

    private FaceFeatureProvider mFaceFeatureProvider;

    private boolean mConfirmingPassword;

    private boolean mConfirmingPassword;

    private boolean mBiometricsAuthenticationRequested;

    private boolean mBiometricsSuccessfullyAuthenticated;

    private final FaceSettingsRemoveButtonPreferenceController.Listener mRemovalListener = () -> {

    private final FaceSettingsRemoveButtonPreferenceController.Listener mRemovalListener = () -> {

    public void onSaveInstanceState(Bundle outState) {

    public void onSaveInstanceState(Bundle outState) {

        super.onSaveInstanceState(outState);

        super.onSaveInstanceState(outState);

        outState.putByteArray(KEY_TOKEN, mToken);

        outState.putByteArray(KEY_TOKEN, mToken);

        outState.putBoolean(KEY_BIOMETRICS_SUCCESSFULLY_AUTHENTICATED,

                mBiometricsSuccessfullyAuthenticated);

    }

    }

    @Override

    @Override

        mToken = getIntent().getByteArrayExtra(KEY_TOKEN);

        mToken = getIntent().getByteArrayExtra(KEY_TOKEN);

        mSensorId = getIntent().getIntExtra(BiometricEnrollBase.EXTRA_KEY_SENSOR_ID, -1);

        mSensorId = getIntent().getIntExtra(BiometricEnrollBase.EXTRA_KEY_SENSOR_ID, -1);

        mChallenge = getIntent().getLongExtra(BiometricEnrollBase.EXTRA_KEY_CHALLENGE, 0L);

        mChallenge = getIntent().getLongExtra(BiometricEnrollBase.EXTRA_KEY_CHALLENGE, 0L);

        mBiometricsSuccessfullyAuthenticated = getIntent().getBooleanExtra(

                EXTRA_BIOMETRICS_AUTHENTICATED_SUCCESSFULLY, false);

        mUserId = getActivity().getIntent().getIntExtra(

        mUserId = getActivity().getIntent().getIntExtra(

                Intent.EXTRA_USER_ID, UserHandle.myUserId());

                Intent.EXTRA_USER_ID, UserHandle.myUserId());

        if (savedInstanceState != null) {

        if (savedInstanceState != null) {

            mToken = savedInstanceState.getByteArray(KEY_TOKEN);

            mToken = savedInstanceState.getByteArray(KEY_TOKEN);

            mBiometricsSuccessfullyAuthenticated = savedInstanceState.getBoolean(

                    KEY_BIOMETRICS_SUCCESSFULLY_AUTHENTICATED);

        }

        }

    }

    }

                Log.e(TAG, "Password not set");

                Log.e(TAG, "Password not set");

                finish();

                finish();

            }

            }

        } else if (Utils.requestBiometricAuthenticationForMandatoryBiometrics(getActivity(),

                mBiometricsSuccessfullyAuthenticated, mBiometricsAuthenticationRequested)) {

            mBiometricsAuthenticationRequested = true;

            Utils.launchBiometricPromptForMandatoryBiometrics(this, BIOMETRIC_AUTH_REQUEST);

        } else {

        } else {

            mAttentionController.setToken(mToken);

            mAttentionController.setToken(mToken);

            mEnrollController.setToken(mToken);

            mEnrollController.setToken(mToken);

                setResult(resultCode, data);

                setResult(resultCode, data);

                finish();

                finish();

            }

            }

        } else if (requestCode == BIOMETRIC_AUTH_REQUEST) {

            mBiometricsAuthenticationRequested = false;

            if (resultCode == RESULT_OK) {

                mBiometricsSuccessfullyAuthenticated = true;

            } else {

                finish();

            }

        }

        }

    }

    }