4/n: Remove challenge from choose/confirm, use new path

                        .getByteArrayExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);

                final int userId = getIntent()

                        .getIntExtra(Intent.EXTRA_USER_ID, UserHandle.USER_NULL);

                final byte[] gkPw = getIntent().getByteArrayExtra(

                        ChooseLockSettingsHelper.EXTRA_KEY_GK_PW);

                intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN, token);

                intent.putExtra(Intent.EXTRA_USER_ID, userId);

                if (gkPw != null) {

                    intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_GK_PW, gkPw);

                }

            }

            startActivity(intent);

    @Override

    protected void onCreate(Bundle savedInstanceState) {

        super.onCreate(savedInstanceState);

        mToken = getIntent().getByteArrayExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);

        // Don't need to retrieve the HAT if it already exists. In some cases, the extras do not

        // contain EXTRA_KEY_CHALLENGE_TOKEN but contain EXTRA_KEY_GK_PW, in which case enrollment

        // classes may request a HAT to be created (as opposed to being passed in)

        if (mToken == null) {

            mToken = getIntent().getByteArrayExtra(

                    ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);

        }

        mFromSettingsSummary = getIntent().getBooleanExtra(EXTRA_FROM_SETTINGS_SUMMARY, false);

        if (savedInstanceState != null && mToken == null) {

            mLaunchedConfirmLock = savedInstanceState.getBoolean(EXTRA_KEY_LAUNCHED_CONFIRM);

        return intent;

    }

    protected void launchConfirmLock(int titleResId, long challenge) {

    protected void launchConfirmLock(int titleResId) {

        final ChooseLockSettingsHelper.Builder builder = new ChooseLockSettingsHelper.Builder(this);

        builder.setRequestCode(CONFIRM_REQUEST)

                .setTitle(getString(titleResId))

                .setChallenge(challenge)

                .setRequestGatekeeperPassword(true)

                .setForegroundOnly(true)

                .setReturnCredentials(true);

                // It's possible to have a token but mLaunchedConfirmLock == false, since

                // ChooseLockGeneric can pass us a token.

                mConfirmingCredentials = true;

                launchConfirmLock(getConfirmLockTitleResId(), getChallenge());

                launchConfirmLock(getConfirmLockTitleResId());

            }

        }

    }

    private void launchChooseLock() {

        Intent intent = getChooseLockIntent();

        long challenge = getChallenge();

        intent.putExtra(ChooseLockGeneric.ChooseLockGenericFragment.MINIMUM_QUALITY_KEY,

                DevicePolicyManager.PASSWORD_QUALITY_SOMETHING);

        intent.putExtra(ChooseLockGeneric.ChooseLockGenericFragment.HIDE_DISABLED_PREFS, true);

        intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_HAS_CHALLENGE, true);

        intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE, challenge);

        intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_REQUEST_GK_PW, true);

        intent.putExtra(getExtraKeyForBiometric(), true);

        if (mUserId != UserHandle.USER_NULL) {

            intent.putExtra(Intent.EXTRA_USER_ID, mUserId);

        } else if (requestCode == CHOOSE_LOCK_GENERIC_REQUEST) {

            if (resultCode == RESULT_FINISHED) {

                updatePasswordQuality();

                mToken = data.getByteArrayExtra(

                        ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);

                mToken = BiometricUtils.requestGatekeeperHat(this, data, mUserId, getChallenge());

                overridePendingTransition(R.anim.sud_slide_next_in, R.anim.sud_slide_next_out);

                mConfirmingCredentials = false;

                return;

        } else if (requestCode == CONFIRM_REQUEST) {

            mConfirmingCredentials = false;

            if (resultCode == RESULT_OK && data != null) {

                mToken = data.getByteArrayExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);

                mToken = BiometricUtils.requestGatekeeperHat(this, data, mUserId, getChallenge());

                overridePendingTransition(R.anim.sud_slide_next_in, R.anim.sud_slide_next_out);

            } else {

                setResult(resultCode, data);

/*

 * Copyright (C) 2020 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package com.android.settings.biometrics;

import android.app.Activity;

import android.content.Context;

import android.content.Intent;

import com.android.internal.widget.LockPatternUtils;

import com.android.settings.password.ChooseLockSettingsHelper;

/**

 * Common biometric utilities.

 */

public class BiometricUtils {

    /**

     * Given the result from confirming or choosing a credential, request Gatekeeper to generate

     * a HardwareAuthToken with the Gatekeeper Password together with a biometric challenge.

     *

     * @param context Caller's context

     * @param result The onActivityResult intent from ChooseLock* or ConfirmLock*

     * @param userId User ID that the credential/biometric operation applies to

     * @param challenge Unique biometric challenge from FingerprintManager/FaceManager

     * @return

     */

    public static byte[] requestGatekeeperHat(Context context, Intent result, int userId,

            long challenge) {

        final byte[] gkPassword = result.getByteArrayExtra(

                ChooseLockSettingsHelper.EXTRA_KEY_GK_PW);

        if (gkPassword == null) {

            throw new IllegalStateException("Gatekeeper Password is null!!");

        }

        final LockPatternUtils utils = new LockPatternUtils(context);

        return utils.verifyGatekeeperPassword(gkPassword, challenge, userId).getGatekeeperHAT();

    }

    public static boolean containsGatekeeperPassword(Intent data) {

        if (data == null) {

            return false;

        }

        return data.getByteArrayExtra(ChooseLockSettingsHelper.EXTRA_KEY_GK_PW) != null;

    }

}

import com.android.settings.R;

import com.android.settings.Utils;

import com.android.settings.biometrics.BiometricEnrollIntroduction;

import com.android.settings.biometrics.BiometricUtils;

import com.android.settings.overlay.FeatureFactory;

import com.android.settings.password.ChooseLockSettingsHelper;

import com.android.settingslib.RestrictedLockUtilsInternal;

public class FaceEnrollIntroduction extends BiometricEnrollIntroduction {

    private static final String TAG = "FaceIntro";

    private static final String TAG = "FaceEnrollIntroduction";

    private FaceManager mFaceManager;

    private FaceFeatureProvider mFaceFeatureProvider;

    @Override

    protected void onCreate(Bundle savedInstanceState) {

        mFaceManager = Utils.getFaceManagerOrNull(this);

        // Check if the Gateekeper Password exists. If so, request for a Gatekeeper HAT to be

        // created. This needs to be cleaned up, since currently it's not very clear which

        // superclass is responsible for what. Doing the check here is the least risky way.

        if (mToken == null && BiometricUtils.containsGatekeeperPassword(getIntent())) {

            // We either block on generateChallenge, or need to gray out the "next" button until

            // the challenge is ready. Let's just do this for now.

            final long challenge = mFaceManager.generateChallengeBlocking();

            mToken = BiometricUtils.requestGatekeeperHat(this, getIntent(), mUserId, challenge);

        }

        super.onCreate(savedInstanceState);

        mFaceManager = Utils.getFaceManagerOrNull(this);

        mFaceFeatureProvider = FeatureFactory.getFactory(getApplicationContext())

                .getFaceFeatureProvider();

                    RequireScrollMixin.class);

            requireScrollMixin.requireScrollWithButton(this, agreeButton,

                    R.string.security_settings_face_enroll_introduction_more,

                    button -> {

                        onNextButtonClick(button);

                    });

                    this::onNextButtonClick);

        }

        final TextView footer2 = findViewById(R.id.face_enroll_introduction_footer_part_2);