Merge "Return enrollment consent status to caller." into sc-dev

    private static final int REQUEST_CHOOSE_OPTIONS = 3;

    // prompt hand phone back to parent after enrollment

    private static final int REQUEST_HANDOFF_PARENT = 4;

    private static final int REQUEST_SINGLE_ENROLL = 5;

    public static final int RESULT_SKIP = BiometricEnrollBase.RESULT_SKIP;

    // this only applies to fingerprint.

    public static final String EXTRA_SKIP_INTRO = "skip_intro";

    // TODO: temporary while waiting for team to add real flag

    public static final String EXTRA_TEMP_REQUIRE_PARENTAL_CONSENT = "require_consent";

    // Intent extra. If true, parental consent will be requested before user enrollment.

    public static final String EXTRA_REQUIRE_PARENTAL_CONSENT = "require_consent";

    // If EXTRA_REQUIRE_PARENTAL_CONSENT was used to start the activity then the result

    // intent will include this extra containing a bundle of the form:

    // "modality" -> consented (boolean).

    public static final String EXTRA_PARENTAL_CONSENT_STATUS = "consent_status";

    private static final String SAVED_STATE_CONFIRMING_CREDENTIALS = "confirming_credentials";

    private static final String SAVED_STATE_ENROLL_ACTION_LOGGED = "enroll_action_logged";

        // TODO(b/188847063): replace with real flag when ready

        mParentalOptionsRequired = intent.getBooleanExtra(

                BiometricEnrollActivity.EXTRA_TEMP_REQUIRE_PARENTAL_CONSENT, false);

                BiometricEnrollActivity.EXTRA_REQUIRE_PARENTAL_CONSENT, false);

        if (mParentalOptionsRequired && mParentalOptions == null) {

            mParentalConsentHelper = new ParentalConsentHelper(

    }

    private void startEnroll() {

        // TODO(b/188847063): This can be deleted, but log it now until it's wired up for real.

        if (mParentalOptionsRequired) {

            if (mParentalOptions == null) {

                throw new IllegalStateException("consent options required, but not set");

            }

            Log.d(TAG, "consent for face: "

                    + ParentalConsentHelper.hasFaceConsent(mParentalOptions));

            Log.d(TAG, "consent for fingerprint: "

                    + ParentalConsentHelper.hasFingerprintConsent(mParentalOptions));

        } else {

            Log.d(TAG, "startEnroll without requiring consent");

        }

        // Default behavior is to enroll BIOMETRIC_WEAK or above. See ACTION_BIOMETRIC_ENROLL.

        final int authenticators = getIntent().getIntExtra(

                EXTRA_BIOMETRIC_AUTHENTICATORS_ALLOWED, Authenticators.BIOMETRIC_WEAK);

            }

        }

        boolean canUseFace = mHasFeatureFace;

        boolean canUseFingerprint = mHasFeatureFingerprint;

        if (mParentalOptionsRequired) {

            if (mParentalOptions == null) {

                throw new IllegalStateException("consent options required, but not set");

            }

            canUseFace = canUseFace

                    && ParentalConsentHelper.hasFaceConsent(mParentalOptions);

            canUseFingerprint = canUseFingerprint

                    && ParentalConsentHelper.hasFingerprintConsent(mParentalOptions);

        }

        // This will need to be updated if the device has sensors other than BIOMETRIC_STRONG

        if (!setupWizard && authenticators == BiometricManager.Authenticators.DEVICE_CREDENTIAL) {

            launchCredentialOnlyEnroll();

        } else if (mHasFeatureFace && mHasFeatureFingerprint) {

        } else if (canUseFace && canUseFingerprint) {

            if (mParentalOptionsRequired && mGkPwHandle != null) {

                launchFaceAndFingerprintEnroll();

            } else {

                setOrConfirmCredentialsNow();

            }

        } else if (mHasFeatureFingerprint) {

        } else if (canUseFingerprint) {

            launchFingerprintOnlyEnroll();

        } else if (mHasFeatureFace) {

        } else if (canUseFace) {

            launchFaceOnlyEnroll();

        } else { // no modalities available

            if (mParentalOptionsRequired) {

                Log.d(TAG, "No consent for any modality: skipping enrollment");

                setResult(RESULT_OK, newResultIntent());

            } else {

                Log.e(TAG, "Unknown state, finishing (was SUW: " + setupWizard + ")");

            }

            finish();

        }

    }

        if (mParentalConsentHelper != null) {

            handleOnActivityResultWhileConsenting(requestCode, resultCode, data);

        } else {

            handleOnActivityResultWhileEnrollingMultiple(requestCode, resultCode, data);

            handleOnActivityResultWhileEnrolling(requestCode, resultCode, data);

        }

    }

                    final boolean isStillPrompting = mParentalConsentHelper.launchNext(

                            this, REQUEST_CHOOSE_OPTIONS, resultCode, data);

                    if (!isStillPrompting) {

                        Log.d(TAG, "Enrollment options set, requesting handoff");

                        launchHandoffToParent();

                    }

                } else {

                    Log.d(TAG, "Unknown or cancelled parental consent");

                    setResult(RESULT_CANCELED);

                    finish();

                }

                break;

            case REQUEST_HANDOFF_PARENT:

                if (resultCode == RESULT_OK) {

                    Log.d(TAG, "Enrollment options set, starting enrollment");

                        Log.d(TAG, "Enrollment consent options set, starting enrollment");

                        mParentalOptions = mParentalConsentHelper.getConsentResult();

                        mParentalConsentHelper = null;

                        startEnroll();

                    }

                } else {

                    Log.d(TAG, "Unknown or cancelled handoff");

                    Log.d(TAG, "Unknown or cancelled parental consent");

                    setResult(RESULT_CANCELED);

                    finish();

                }

    }

    // handles responses while multi biometric enrollment is pending

    private void handleOnActivityResultWhileEnrollingMultiple(

    private void handleOnActivityResultWhileEnrolling(

            int requestCode, int resultCode, Intent data) {

        if (mMultiBiometricEnrollHelper == null) {

        if (requestCode == REQUEST_HANDOFF_PARENT) {

            Log.d(TAG, "Enrollment complete, requesting handoff, result: " + resultCode);

            setResult(RESULT_OK, newResultIntent());

            finish();

        } else if (mMultiBiometricEnrollHelper == null) {

            overridePendingTransition(R.anim.sud_slide_next_in, R.anim.sud_slide_next_out);

            switch (requestCode) {

                        finish();

                    }

                    break;

                case REQUEST_SINGLE_ENROLL:

                    finishOrLaunchHandToParent(resultCode);

                    break;

                default:

                    Log.w(TAG, "Unknown enrolling requestCode: " + requestCode + ", finishing");

                    finish();

            }

        } else {

            mMultiBiometricEnrollHelper.onActivityResult(requestCode, resultCode, data);

            Log.d(TAG, "RequestCode: " + requestCode + " resultCode: " + resultCode);

            BiometricUtils.removeGatekeeperPasswordHandle(this, mGkPwHandle);

            finishOrLaunchHandToParent(resultCode);

        }

    }

    private void finishOrLaunchHandToParent(int resultCode) {

        if (mParentalOptionsRequired) {

            launchHandoffToParent();

        } else {

            setResult(resultCode);

            finish();

        }

    }

    private Intent newResultIntent() {

        final Intent intent = new Intent();

        final Bundle consentStatus = mParentalOptions.deepCopy();

        intent.putExtra(EXTRA_PARENTAL_CONSENT_STATUS, consentStatus);

        Log.v(TAG, "Result consent status: " + consentStatus);

        return intent;

    }

    private static boolean isSuccessfulConfirmOrChooseCredential(int requestCode, int resultCode) {

        final boolean okChoose = requestCode == REQUEST_CHOOSE_LOCK

                && resultCode == ChooseLockPattern.RESULT_FINISHED;

        super.onStop();

        if (mConfirmingCredentials

                || mMultiBiometricEnrollHelper != null

                || mParentalConsentHelper != null) {

                || mParentalOptionsRequired

                || mMultiBiometricEnrollHelper != null) {

            return;

        }

        }

    }

    private void setOrConfirmCredentialsNow() {

        if (!mConfirmingCredentials) {

            mConfirmingCredentials = true;

        }

    }

    /**

     * This should only be used to launch enrollment for single-sensor devices, which use

     * FLAG_ACTIVITY_FORWARD_RESULT path.

     *

     * @param intent Enrollment activity that should be started (e.g. FaceEnrollIntroduction.class,

     *               etc).

     */

    private void launchSingleSensorEnrollActivity(@NonNull Intent intent) {

        intent.setFlags(Intent.FLAG_ACTIVITY_FORWARD_RESULT);

    // This should only be used to launch enrollment for single-sensor devices.

    private void launchSingleSensorEnrollActivity(@NonNull Intent intent, int requestCode) {

        byte[] hardwareAuthToken = null;

        if (this instanceof InternalActivity) {

            hardwareAuthToken = getIntent().getByteArrayExtra(

                    ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);

        }

        BiometricUtils.launchEnrollForResult(this, intent, 0 /* requestCode */, hardwareAuthToken,

        BiometricUtils.launchEnrollForResult(this, intent, requestCode, hardwareAuthToken,

                mGkPwHandle, mUserId);

    }

        // If only device credential was specified, ask the user to only set that up.

        intent = new Intent(this, ChooseLockGeneric.class);

        intent.putExtra(ChooseLockGeneric.ChooseLockGenericFragment.HIDE_INSECURE_OPTIONS, true);

        launchSingleSensorEnrollActivity(intent);

        launchSingleSensorEnrollActivity(intent, 0 /* requestCode */);

    }

    private void launchFingerprintOnlyEnroll() {

        } else {

            intent = BiometricUtils.getFingerprintIntroIntent(this, getIntent());

        }

        launchSingleSensorEnrollActivity(intent);

        launchSingleSensorEnrollActivity(intent, REQUEST_SINGLE_ENROLL);

    }

    private void launchFaceOnlyEnroll() {

        final Intent intent = BiometricUtils.getFaceIntroIntent(this, getIntent());

        launchSingleSensorEnrollActivity(intent);

        launchSingleSensorEnrollActivity(intent, REQUEST_SINGLE_ENROLL);

    }

    private void launchFaceAndFingerprintEnroll() {

import android.content.Intent;

import android.hardware.face.FaceManager;

import android.hardware.fingerprint.FingerprintManager;

import android.util.Log;

import androidx.annotation.NonNull;

import androidx.fragment.app.FragmentActivity;

                    hardwareAuthToken, mGkPwHandle, mUserId);

        }));

    }

    void onActivityResult(int requestCode, int resultCode, Intent data) {

        Log.d(TAG, "RequestCode: " + requestCode + " resultCode: " + resultCode);

        BiometricUtils.removeGatekeeperPasswordHandle(mActivity, mGkPwHandle);

        mActivity.setResult(resultCode);

        mActivity.finish();

    }

}

    private static final String KEY_FACE_CONSENT = "face";

    private static final String KEY_FINGERPRINT_CONSENT = "fingerprint";

    private static final String KEY_IRIS_CONSENT = "iris";

    private final boolean mRequireFace;

    private final boolean mRequireFingerprint;

        result.putBoolean(KEY_FACE_CONSENT, mConsentFace != null ? mConsentFace : false);

        result.putBoolean(KEY_FINGERPRINT_CONSENT,

                mConsentFingerprint != null ? mConsentFingerprint : false);

        result.putBoolean(KEY_IRIS_CONSENT, false);

        return result;

    }