Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 397ee8b5 authored by Rubin Xu's avatar Rubin Xu
Browse files

Do not reset incorrect password attempts after biometric authentication 

For work challenges, do not reset incorrect password attempts if
challenge is resolved via biometric authentication. This is the
behaviour for personal keyguard and work challenge should be
consistent.

Bug: 139438785
Test: manual: enroll work challenge with fingerprint, set failed wipe
count (3) via TestDPC and attempt two failed attempts (via cmd
lock_settings). Resolve work challenge with fingerprint and attempt one
last failed attempt. Verify work profiel is wiped.

Change-Id: Ic64d3e44f3faa5adf8ac43db09e33c8403427990
parent 6d6e0f45

src/com/android/settings/password/BiometricFragment.java

+7 −0
Original line number Original line Diff line number Diff line
@@ -70,6 +70,13 @@ public class BiometricFragment extends InstrumentedFragment { 
            });

            });

            cleanup();

            cleanup();

        }

        }



        @Override

        public void onAuthenticationFailed() {

            mClientExecutor.execute(() -> {

                mClientCallback.onAuthenticationFailed();

            });

        }

    };

    };





    private final DialogInterface.OnClickListener mNegativeButtonListener =

    private final DialogInterface.OnClickListener mNegativeButtonListener =

src/com/android/settings/password/ConfirmDeviceCredentialActivity.java

+10 −2
Original line number Original line Diff line number Diff line
@@ -111,6 +111,7 @@ public class ConfirmDeviceCredentialActivity extends FragmentActivity { 
    });

    });





    private AuthenticationCallback mAuthenticationCallback = new AuthenticationCallback() {

    private AuthenticationCallback mAuthenticationCallback = new AuthenticationCallback() {

        @Override

        public void onAuthenticationError(int errorCode, @NonNull CharSequence errString) {

        public void onAuthenticationError(int errorCode, @NonNull CharSequence errString) {

            if (!mGoingToBackground) {

            if (!mGoingToBackground) {

                if (errorCode == BiometricPrompt.BIOMETRIC_ERROR_USER_CANCELED

                if (errorCode == BiometricPrompt.BIOMETRIC_ERROR_USER_CANCELED
@@ -123,17 +124,24 @@ public class ConfirmDeviceCredentialActivity extends FragmentActivity { 
            }

            }

        }

        }





        @Override

        public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) {

        public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) {

            mTrustManager.setDeviceLockedForUser(mUserId, false);

            mTrustManager.setDeviceLockedForUser(mUserId, false);



            final boolean isStrongAuth = result.getAuthenticationType()

                    == BiometricPrompt.AUTHENTICATION_RESULT_TYPE_DEVICE_CREDENTIAL;

            ConfirmDeviceCredentialUtils.reportSuccessfulAttempt(mLockPatternUtils, mUserManager,

            ConfirmDeviceCredentialUtils.reportSuccessfulAttempt(mLockPatternUtils, mUserManager,

                    mUserId);

                    mDevicePolicyManager, mUserId, isStrongAuth);

            ConfirmDeviceCredentialUtils.checkForPendingIntent(

            ConfirmDeviceCredentialUtils.checkForPendingIntent(

                    ConfirmDeviceCredentialActivity.this);

                    ConfirmDeviceCredentialActivity.this);





            setResult(Activity.RESULT_OK);

            setResult(Activity.RESULT_OK);

            finish();

            finish();

        }

        }



        @Override

        public void onAuthenticationFailed() {

            mDevicePolicyManager.reportFailedBiometricAttempt(mUserId);

        }

    };

    };





    private String getStringForError(int errorCode) {

    private String getStringForError(int errorCode) {

src/com/android/settings/password/ConfirmDeviceCredentialUtils.java

+7 −2
Original line number Original line Diff line number Diff line
@@ -20,6 +20,7 @@ import android.app.Activity; 
import android.app.ActivityManager;

import android.app.ActivityManager;

import android.app.ActivityOptions;

import android.app.ActivityOptions;

import android.app.IActivityManager;

import android.app.IActivityManager;

import android.app.admin.DevicePolicyManager;

import android.content.Intent;

import android.content.Intent;

import android.content.IntentSender;

import android.content.IntentSender;

import android.os.RemoteException;

import android.os.RemoteException;
@@ -54,8 +55,12 @@ public class ConfirmDeviceCredentialUtils { 
    }

    }





    public static void reportSuccessfulAttempt(LockPatternUtils utils, UserManager userManager,

    public static void reportSuccessfulAttempt(LockPatternUtils utils, UserManager userManager,

            int userId) {

            DevicePolicyManager dpm, int userId, boolean isStrongAuth) {

        if (isStrongAuth) {

            utils.reportSuccessfulPasswordAttempt(userId);

            utils.reportSuccessfulPasswordAttempt(userId);

        } else {

            dpm.reportSuccessfulBiometricAttempt(userId);

        }

        if (userManager.isManagedProfile(userId)) {

        if (userManager.isManagedProfile(userId)) {

            // Keyguard is responsible to disable StrongAuth for primary user. Disable StrongAuth

            // Keyguard is responsible to disable StrongAuth for primary user. Disable StrongAuth

            // for work challenge only here.

            // for work challenge only here.

src/com/android/settings/password/ConfirmLockPassword.java

+2 −1
Original line number Original line Diff line number Diff line
@@ -475,7 +475,8 @@ public class ConfirmLockPassword extends ConfirmDeviceCredentialBaseActivity { 
            if (matched) {

            if (matched) {

                if (newResult) {

                if (newResult) {

                    ConfirmDeviceCredentialUtils.reportSuccessfulAttempt(mLockPatternUtils,

                    ConfirmDeviceCredentialUtils.reportSuccessfulAttempt(mLockPatternUtils,

                            mUserManager, mEffectiveUserId);

                            mUserManager, mDevicePolicyManager, mEffectiveUserId,

                            /* isStrongAuth */ true);

                }

                }

                startDisappearAnimation(intent);

                startDisappearAnimation(intent);

                ConfirmDeviceCredentialUtils.checkForPendingIntent(getActivity());

                ConfirmDeviceCredentialUtils.checkForPendingIntent(getActivity());

src/com/android/settings/password/ConfirmLockPattern.java

+2 −1
Original line number Original line Diff line number Diff line
@@ -509,7 +509,8 @@ public class ConfirmLockPattern extends ConfirmDeviceCredentialBaseActivity { 
            if (matched) {

            if (matched) {

                if (newResult) {

                if (newResult) {

                    ConfirmDeviceCredentialUtils.reportSuccessfulAttempt(mLockPatternUtils,

                    ConfirmDeviceCredentialUtils.reportSuccessfulAttempt(mLockPatternUtils,

                            mUserManager, mEffectiveUserId);

                            mUserManager, mDevicePolicyManager, mEffectiveUserId,

                            /* isStrongAuth */ true);

                }

                }

                startDisappearAnimation(intent);

                startDisappearAnimation(intent);

                ConfirmDeviceCredentialUtils.checkForPendingIntent(getActivity());

                ConfirmDeviceCredentialUtils.checkForPendingIntent(getActivity());