Merge "Delay framework lockout request until all biometrics report lockout." into sc-dev

2021-06-25 21:22:35 +00:00
parent ee82ff1fdb f603aea110
commit d3574030f5
2 changed files with 62 additions and 6 deletions
--- a/packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java
+++ b/packages/SystemUI/src/com/android/keyguard/KeyguardUpdateMonitor.java
@@ -784,8 +784,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab
        }

        if (msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT) {
-            mLockPatternUtils.requireStrongAuth(STRONG_AUTH_REQUIRED_AFTER_LOCKOUT,
-                    getCurrentUser());
+            mFingerprintLockedOutPermanent = true;
+            requireStrongAuthIfAllLockedOut();
        }

        if (msgId == FingerprintManager.FINGERPRINT_ERROR_LOCKOUT
@@ -806,6 +806,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab

    private void handleFingerprintLockoutReset() {
        mFingerprintLockedOut = false;
+        mFingerprintLockedOutPermanent = false;
        updateFingerprintListeningState();
    }

@@ -966,8 +967,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab
        }

        if (msgId == FaceManager.FACE_ERROR_LOCKOUT_PERMANENT) {
-            mLockPatternUtils.requireStrongAuth(STRONG_AUTH_REQUIRED_AFTER_LOCKOUT,
-                    getCurrentUser());
+            mFaceLockedOutPermanent = true;
+            requireStrongAuthIfAllLockedOut();
        }

        for (int i = 0; i < mCallbacks.size(); i++) {
@@ -980,6 +981,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab
    }

    private void handleFaceLockoutReset() {
+        mFaceLockedOutPermanent = false;
        updateFaceListeningState();
    }

@@ -1055,6 +1057,18 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab
                || isSimPinSecure());
    }

+    private void requireStrongAuthIfAllLockedOut() {
+        final boolean faceLock =
+                mFaceLockedOutPermanent || !shouldListenForFace();
+        final boolean fpLock =
+                mFingerprintLockedOutPermanent || !shouldListenForFingerprint(isUdfpsEnrolled());
+
+        if (faceLock && fpLock) {
+            Log.d(TAG, "All biometrics locked out - requiring strong auth");
+            mLockPatternUtils.requireStrongAuth(STRONG_AUTH_REQUIRED_AFTER_LOCKOUT,
+                    getCurrentUser());
+        }
+    }

    public boolean getUserCanSkipBouncer(int userId) {
        return getUserHasTrust(userId) || getUserUnlockedWithBiometric(userId);
@@ -1338,7 +1352,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab
                handleFingerprintAuthenticated(userId, isStrongBiometric);
            };

-    private final FingerprintManager.AuthenticationCallback mFingerprintAuthenticationCallback
+    @VisibleForTesting
+    final FingerprintManager.AuthenticationCallback mFingerprintAuthenticationCallback
            = new AuthenticationCallback() {
                private boolean mPlayedAcquiredHaptic;

@@ -1408,7 +1423,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab
            };

    @VisibleForTesting
-    FaceManager.AuthenticationCallback mFaceAuthenticationCallback
+    final FaceManager.AuthenticationCallback mFaceAuthenticationCallback
            = new FaceManager.AuthenticationCallback() {

        @Override
@@ -1445,6 +1460,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener, Dumpab
    private FaceManager mFaceManager;
    private List<FaceSensorPropertiesInternal> mFaceSensorProperties;
    private boolean mFingerprintLockedOut;
+    private boolean mFingerprintLockedOutPermanent;
+    private boolean mFaceLockedOutPermanent;
    private TelephonyManager mTelephonyManager;

    /**
--- a/packages/SystemUI/tests/src/com/android/keyguard/KeyguardUpdateMonitorTest.java
+++ b/packages/SystemUI/tests/src/com/android/keyguard/KeyguardUpdateMonitorTest.java
@@ -641,6 +641,45 @@ public class KeyguardUpdateMonitorTest extends SysuiTestCase {
        verify(mFaceManager, never()).authenticate(any(), any(), any(), any());
    }

+    @Test
+    public void testFaceAndFingerprintLockout_onlyFace() {
+        mKeyguardUpdateMonitor.dispatchStartedWakingUp();
+        mTestableLooper.processAllMessages();
+        mKeyguardUpdateMonitor.onKeyguardVisibilityChanged(true);
+
+        mKeyguardUpdateMonitor.mFaceAuthenticationCallback
+                .onAuthenticationError(FaceManager.FACE_ERROR_LOCKOUT_PERMANENT, "");
+
+        verify(mLockPatternUtils, never()).requireStrongAuth(anyInt(), anyInt());
+    }
+
+    @Test
+    public void testFaceAndFingerprintLockout_onlyFingerprint() {
+        mKeyguardUpdateMonitor.dispatchStartedWakingUp();
+        mTestableLooper.processAllMessages();
+        mKeyguardUpdateMonitor.onKeyguardVisibilityChanged(true);
+
+        mKeyguardUpdateMonitor.mFingerprintAuthenticationCallback
+                .onAuthenticationError(FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT, "");
+
+        verify(mLockPatternUtils, never()).requireStrongAuth(anyInt(), anyInt());
+    }
+
+
+    @Test
+    public void testFaceAndFingerprintLockout() {
+        mKeyguardUpdateMonitor.dispatchStartedWakingUp();
+        mTestableLooper.processAllMessages();
+        mKeyguardUpdateMonitor.onKeyguardVisibilityChanged(true);
+
+        mKeyguardUpdateMonitor.mFaceAuthenticationCallback
+                .onAuthenticationError(FaceManager.FACE_ERROR_LOCKOUT_PERMANENT, "");
+        mKeyguardUpdateMonitor.mFingerprintAuthenticationCallback
+                .onAuthenticationError(FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT, "");
+
+        verify(mLockPatternUtils).requireStrongAuth(anyInt(), anyInt());
+    }
+
    @Test
    public void testGetUserCanSkipBouncer_whenFace() {
        int user = KeyguardUpdateMonitor.getCurrentUser();