Removing old confirm device credential logic
Test: Verified that confirm device credential still works
in the biometricpromptdemo app
Bug: 140128468
Change-Id: I28fc3c0dc16677ad953284ffa9670d7abd34cd40
diff --git a/core/java/android/app/KeyguardManager.java b/core/java/android/app/KeyguardManager.java
index 9b667a1..b1565ab 100644
--- a/core/java/android/app/KeyguardManager.java
+++ b/core/java/android/app/KeyguardManager.java
@@ -87,12 +87,6 @@
"android.app.action.CONFIRM_FRP_CREDENTIAL";
/**
- * @hide
- */
- public static final String EXTRA_BIOMETRIC_PROMPT_BUNDLE =
- "android.app.extra.BIOMETRIC_PROMPT_BUNDLE";
-
- /**
* A CharSequence dialog title to show to the user when used with a
* {@link #ACTION_CONFIRM_DEVICE_CREDENTIAL}.
* @hide
diff --git a/core/java/android/hardware/biometrics/BiometricManager.java b/core/java/android/hardware/biometrics/BiometricManager.java
index d8110f3..cbe8a05 100644
--- a/core/java/android/hardware/biometrics/BiometricManager.java
+++ b/core/java/android/hardware/biometrics/BiometricManager.java
@@ -201,55 +201,5 @@
}
}
- /**
- * TODO(b/123378871): Remove when moved.
- * @hide
- */
- @RequiresPermission(USE_BIOMETRIC_INTERNAL)
- public void onConfirmDeviceCredentialSuccess() {
- if (mService != null) {
- try {
- mService.onConfirmDeviceCredentialSuccess();
- } catch (RemoteException e) {
- throw e.rethrowFromSystemServer();
- }
- } else {
- Slog.w(TAG, "onConfirmDeviceCredentialSuccess(): Service not connected");
- }
- }
-
- /**
- * TODO(b/123378871): Remove when moved.
- * @hide
- */
- @RequiresPermission(USE_BIOMETRIC_INTERNAL)
- public void onConfirmDeviceCredentialError(int error, String message) {
- if (mService != null) {
- try {
- mService.onConfirmDeviceCredentialError(error, message);
- } catch (RemoteException e) {
- throw e.rethrowFromSystemServer();
- }
- } else {
- Slog.w(TAG, "onConfirmDeviceCredentialError(): Service not connected");
- }
- }
-
- /**
- * TODO(b/123378871): Remove when moved.
- * @hide
- */
- @RequiresPermission(USE_BIOMETRIC_INTERNAL)
- public void registerCancellationCallback(IBiometricConfirmDeviceCredentialCallback callback) {
- if (mService != null) {
- try {
- mService.registerCancellationCallback(callback);
- } catch (RemoteException e) {
- throw e.rethrowFromSystemServer();
- }
- } else {
- Slog.w(TAG, "registerCancellationCallback(): Service not connected");
- }
- }
}
diff --git a/core/java/android/hardware/biometrics/BiometricPrompt.java b/core/java/android/hardware/biometrics/BiometricPrompt.java
index fb6b231..301856d 100644
--- a/core/java/android/hardware/biometrics/BiometricPrompt.java
+++ b/core/java/android/hardware/biometrics/BiometricPrompt.java
@@ -82,11 +82,6 @@
* @hide
*/
public static final String KEY_ALLOW_DEVICE_CREDENTIAL = "allow_device_credential";
- /**
- * @hide
- */
- public static final String KEY_FROM_CONFIRM_DEVICE_CREDENTIAL
- = "from_confirm_device_credential";
/**
* Error/help message will show for this amount of time.
@@ -298,17 +293,6 @@
}
/**
- * TODO(123378871): Remove when moved.
- * @return
- * @hide
- */
- @RequiresPermission(USE_BIOMETRIC_INTERNAL)
- @NonNull public Builder setFromConfirmDeviceCredential() {
- mBundle.putBoolean(KEY_FROM_CONFIRM_DEVICE_CREDENTIAL, true);
- return this;
- }
-
- /**
* Creates a {@link BiometricPrompt}.
* @return a {@link BiometricPrompt}
* @throws IllegalArgumentException if any of the required fields are not set.
@@ -532,8 +516,7 @@
public void authenticateUser(@NonNull CancellationSignal cancel,
@NonNull @CallbackExecutor Executor executor,
@NonNull AuthenticationCallback callback,
- int userId,
- IBiometricConfirmDeviceCredentialCallback confirmDeviceCredentialCallback) {
+ int userId) {
if (cancel == null) {
throw new IllegalArgumentException("Must supply a cancellation signal");
}
@@ -543,8 +526,7 @@
if (callback == null) {
throw new IllegalArgumentException("Must supply a callback");
}
- authenticateInternal(null /* crypto */, cancel, executor, callback, userId,
- confirmDeviceCredentialCallback);
+ authenticateInternal(null /* crypto */, cancel, executor, callback, userId);
}
/**
@@ -595,8 +577,7 @@
if (mBundle.getBoolean(KEY_ALLOW_DEVICE_CREDENTIAL)) {
throw new IllegalArgumentException("Device credential not supported with crypto");
}
- authenticateInternal(crypto, cancel, executor, callback, mContext.getUserId(),
- null /* confirmDeviceCredentialCallback */);
+ authenticateInternal(crypto, cancel, executor, callback, mContext.getUserId());
}
/**
@@ -638,8 +619,7 @@
if (callback == null) {
throw new IllegalArgumentException("Must supply a callback");
}
- authenticateInternal(null /* crypto */, cancel, executor, callback, mContext.getUserId(),
- null /* confirmDeviceCredentialCallback */);
+ authenticateInternal(null /* crypto */, cancel, executor, callback, mContext.getUserId());
}
private void cancelAuthentication() {
@@ -656,8 +636,7 @@
@NonNull CancellationSignal cancel,
@NonNull @CallbackExecutor Executor executor,
@NonNull AuthenticationCallback callback,
- int userId,
- IBiometricConfirmDeviceCredentialCallback confirmDeviceCredentialCallback) {
+ int userId) {
try {
if (cancel.isCanceled()) {
Log.w(TAG, "Authentication already canceled");
@@ -672,7 +651,7 @@
final long sessionId = crypto != null ? crypto.getOpId() : 0;
if (BiometricManager.hasBiometrics(mContext)) {
mService.authenticate(mToken, sessionId, userId, mBiometricServiceReceiver,
- mContext.getOpPackageName(), mBundle, confirmDeviceCredentialCallback);
+ mContext.getOpPackageName(), mBundle);
} else {
mExecutor.execute(() -> {
callback.onAuthenticationError(BiometricPrompt.BIOMETRIC_ERROR_HW_NOT_PRESENT,
diff --git a/core/java/android/hardware/biometrics/IBiometricConfirmDeviceCredentialCallback.aidl b/core/java/android/hardware/biometrics/IBiometricConfirmDeviceCredentialCallback.aidl
deleted file mode 100644
index 8b35852..0000000
--- a/core/java/android/hardware/biometrics/IBiometricConfirmDeviceCredentialCallback.aidl
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * Copyright (C) 2019 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.hardware.biometrics;
-
-/**
- * Communication channel between ConfirmDeviceCredential / ConfirmLock* and BiometricService.
- * @hide
- */
-interface IBiometricConfirmDeviceCredentialCallback {
- // Invoked when authentication should be canceled.
- oneway void cancel();
-}
\ No newline at end of file
diff --git a/core/java/android/hardware/biometrics/IBiometricService.aidl b/core/java/android/hardware/biometrics/IBiometricService.aidl
index f0a0b2f..6a3bf38 100644
--- a/core/java/android/hardware/biometrics/IBiometricService.aidl
+++ b/core/java/android/hardware/biometrics/IBiometricService.aidl
@@ -17,7 +17,6 @@
package android.hardware.biometrics;
import android.os.Bundle;
-import android.hardware.biometrics.IBiometricConfirmDeviceCredentialCallback;
import android.hardware.biometrics.IBiometricEnabledOnKeyguardCallback;
import android.hardware.biometrics.IBiometricServiceReceiver;
@@ -31,10 +30,8 @@
interface IBiometricService {
// Requests authentication. The service choose the appropriate biometric to use, and show
// the corresponding BiometricDialog.
- // TODO(b/123378871): Remove callback when moved.
void authenticate(IBinder token, long sessionId, int userId,
- IBiometricServiceReceiver receiver, String opPackageName, in Bundle bundle,
- IBiometricConfirmDeviceCredentialCallback callback);
+ IBiometricServiceReceiver receiver, String opPackageName, in Bundle bundle);
// Cancel authentication for the given sessionId
void cancelAuthentication(IBinder token, String opPackageName);
@@ -57,16 +54,4 @@
// Reset the lockout when user authenticates with strong auth (e.g. PIN, pattern or password)
void resetLockout(in byte [] token);
-
- // TODO(b/123378871): Remove when moved.
- // CDCA needs to send results to BiometricService if it was invoked using BiometricPrompt's
- // setAllowDeviceCredential method, since there's no way for us to intercept onActivityResult.
- // CDCA is launched from BiometricService (startActivityAsUser) instead of *ForResult.
- void onConfirmDeviceCredentialSuccess();
- // TODO(b/123378871): Remove when moved.
- void onConfirmDeviceCredentialError(int error, String message);
- // TODO(b/123378871): Remove when moved.
- // When ConfirmLock* is invoked from BiometricPrompt, it needs to register a callback so that
- // it can receive the cancellation signal.
- void registerCancellationCallback(IBiometricConfirmDeviceCredentialCallback callback);
}
diff --git a/services/core/java/com/android/server/biometrics/BiometricService.java b/services/core/java/com/android/server/biometrics/BiometricService.java
index 3d341ef..a3cdd22 100644
--- a/services/core/java/com/android/server/biometrics/BiometricService.java
+++ b/services/core/java/com/android/server/biometrics/BiometricService.java
@@ -26,11 +26,9 @@
import android.app.ActivityManager;
import android.app.IActivityManager;
-import android.app.KeyguardManager;
import android.app.UserSwitchObserver;
import android.content.ContentResolver;
import android.content.Context;
-import android.content.Intent;
import android.content.pm.PackageManager;
import android.database.ContentObserver;
import android.hardware.biometrics.BiometricAuthenticator;
@@ -38,7 +36,6 @@
import android.hardware.biometrics.BiometricPrompt;
import android.hardware.biometrics.BiometricSourceType;
import android.hardware.biometrics.BiometricsProtoEnums;
-import android.hardware.biometrics.IBiometricConfirmDeviceCredentialCallback;
import android.hardware.biometrics.IBiometricEnabledOnKeyguardCallback;
import android.hardware.biometrics.IBiometricService;
import android.hardware.biometrics.IBiometricServiceReceiver;
@@ -95,11 +92,7 @@
private static final int MSG_ON_READY_FOR_AUTHENTICATION = 8;
private static final int MSG_AUTHENTICATE = 9;
private static final int MSG_CANCEL_AUTHENTICATION = 10;
- private static final int MSG_ON_CONFIRM_DEVICE_CREDENTIAL_SUCCESS = 11;
- private static final int MSG_ON_CONFIRM_DEVICE_CREDENTIAL_ERROR = 12;
- private static final int MSG_REGISTER_CANCELLATION_CALLBACK = 13;
- private static final int MSG_ON_AUTHENTICATION_TIMED_OUT = 14;
-
+ private static final int MSG_ON_AUTHENTICATION_TIMED_OUT = 11;
private static final int[] FEATURE_ID = {
TYPE_FINGERPRINT,
TYPE_IRIS,
@@ -132,19 +125,15 @@
*/
static final int STATE_AUTH_PENDING_CONFIRM = 5;
/**
- * Biometric authentication was canceled, but the device is now showing ConfirmDeviceCredential
- */
- static final int STATE_BIOMETRIC_AUTH_CANCELED_SHOWING_CDC = 6;
- /**
* Biometric authenticated, waiting for SysUI to finish animation
*/
- static final int STATE_AUTHENTICATED_PENDING_SYSUI = 7;
+ static final int STATE_AUTHENTICATED_PENDING_SYSUI = 6;
/**
* Biometric error, waiting for SysUI to finish animation
*/
- static final int STATE_ERROR_PENDING_SYSUI = 8;
+ static final int STATE_ERROR_PENDING_SYSUI = 7;
- final class AuthSession implements IBinder.DeathRecipient {
+ final class AuthSession {
// Map of Authenticator/Cookie pairs. We expect to receive the cookies back from
// <Biometric>Services before we can start authenticating. Pairs that have been returned
// are moved to mModalitiesMatched.
@@ -184,14 +173,10 @@
// Timestamp when hardware authentication occurred
private long mAuthenticatedTimeMs;
- // TODO(b/123378871): Remove when moved.
- private IBiometricConfirmDeviceCredentialCallback mConfirmDeviceCredentialCallback;
-
AuthSession(HashMap<Integer, Integer> modalities, IBinder token, long sessionId,
int userId, IBiometricServiceReceiver receiver, String opPackageName,
Bundle bundle, int callingUid, int callingPid, int callingUserId,
- int modality, boolean requireConfirmation,
- IBiometricConfirmDeviceCredentialCallback callback) {
+ int modality, boolean requireConfirmation) {
mModalitiesWaiting = modalities;
mToken = token;
mSessionId = sessionId;
@@ -204,25 +189,12 @@
mCallingUserId = callingUserId;
mModality = modality;
mRequireConfirmation = requireConfirmation;
- mConfirmDeviceCredentialCallback = callback;
-
- if (isFromConfirmDeviceCredential()) {
- try {
- token.linkToDeath(this, 0 /* flags */);
- } catch (RemoteException e) {
- Slog.e(TAG, "Unable to link to death", e);
- }
- }
}
boolean isCrypto() {
return mSessionId != 0;
}
- boolean isFromConfirmDeviceCredential() {
- return mBundle.getBoolean(BiometricPrompt.KEY_FROM_CONFIRM_DEVICE_CREDENTIAL, false);
- }
-
boolean containsCookie(int cookie) {
if (mModalitiesWaiting != null && mModalitiesWaiting.containsValue(cookie)) {
return true;
@@ -233,24 +205,6 @@
return false;
}
- // TODO(b/123378871): Remove when moved.
- @Override
- public void binderDied() {
- mHandler.post(() -> {
- Slog.e(TAG, "Binder died, killing ConfirmDeviceCredential");
- if (mConfirmDeviceCredentialCallback == null) {
- Slog.e(TAG, "Callback is null");
- return;
- }
-
- try {
- mConfirmDeviceCredentialCallback.cancel();
- mConfirmDeviceCredentialCallback = null;
- } catch (RemoteException e) {
- Slog.e(TAG, "Unable to send cancel", e);
- }
- });
- }
}
private final Injector mInjector;
@@ -284,14 +238,6 @@
@VisibleForTesting
AuthSession mPendingAuthSession;
- // TODO(b/123378871): Remove when moved.
- // When BiometricPrompt#setAllowDeviceCredentials is set to true, we need to store the
- // client (app) receiver. BiometricService internally launches CDCA which invokes
- // BiometricService to start authentication (normal path). When auth is success/rejected,
- // CDCA will use an aidl method to poke BiometricService - the result will then be forwarded
- // to this receiver.
- private IBiometricServiceReceiver mConfirmDeviceCredentialReceiver;
-
@VisibleForTesting
final Handler mHandler = new Handler(Looper.getMainLooper()) {
@Override
@@ -361,8 +307,7 @@
(Bundle) args.arg5 /* bundle */,
args.argi2 /* callingUid */,
args.argi3 /* callingPid */,
- args.argi4 /* callingUserId */,
- (IBiometricConfirmDeviceCredentialCallback) args.arg6 /* callback */);
+ args.argi4 /* callingUserId */);
args.recycle();
break;
}
@@ -376,26 +321,6 @@
break;
}
- case MSG_ON_CONFIRM_DEVICE_CREDENTIAL_SUCCESS: {
- handleOnConfirmDeviceCredentialSuccess();
- break;
- }
-
- case MSG_ON_CONFIRM_DEVICE_CREDENTIAL_ERROR: {
- SomeArgs args = (SomeArgs) msg.obj;
- handleOnConfirmDeviceCredentialError(
- args.argi1 /* error */,
- (String) args.arg1 /* errorMsg */);
- args.recycle();
- break;
- }
-
- case MSG_REGISTER_CANCELLATION_CALLBACK: {
- handleRegisterCancellationCallback(
- (IBiometricConfirmDeviceCredentialCallback) msg.obj /* callback */);
- break;
- }
-
case MSG_ON_AUTHENTICATION_TIMED_OUT: {
handleAuthenticationTimedOut((String) msg.obj /* errorMessage */);
break;
@@ -642,18 +567,12 @@
@Override // Binder call
public void authenticate(IBinder token, long sessionId, int userId,
- IBiometricServiceReceiver receiver, String opPackageName, Bundle bundle,
- IBiometricConfirmDeviceCredentialCallback callback)
+ IBiometricServiceReceiver receiver, String opPackageName, Bundle bundle)
throws RemoteException {
final int callingUid = Binder.getCallingUid();
final int callingPid = Binder.getCallingPid();
final int callingUserId = UserHandle.getCallingUserId();
- // TODO(b/123378871): Remove when moved.
- if (callback != null) {
- checkInternalPermission();
- }
-
// In the BiometricServiceBase, check do the AppOps and foreground check.
if (userId == callingUserId) {
// Check the USE_BIOMETRIC permission here.
@@ -670,12 +589,6 @@
return;
}
- final boolean isFromConfirmDeviceCredential =
- bundle.getBoolean(BiometricPrompt.KEY_FROM_CONFIRM_DEVICE_CREDENTIAL, false);
- if (isFromConfirmDeviceCredential) {
- checkInternalPermission();
- }
-
// Check the usage of this in system server. Need to remove this check if it becomes
// a public API.
final boolean useDefaultTitle =
@@ -689,39 +602,6 @@
}
}
- // Launch CDC instead if necessary. CDC will return results through an AIDL call, since
- // we can't get activity results. Store the receiver somewhere so we can forward the
- // result back to the client.
- // TODO(b/123378871): Remove when moved.
- if (bundle.getBoolean(BiometricPrompt.KEY_ALLOW_DEVICE_CREDENTIAL)) {
- mHandler.post(() -> {
- final KeyguardManager kgm = getContext().getSystemService(
- KeyguardManager.class);
- if (!kgm.isDeviceSecure()) {
- try {
- receiver.onError(
- BiometricConstants.BIOMETRIC_ERROR_NO_DEVICE_CREDENTIAL,
- getContext().getString(
- R.string.biometric_error_device_not_secured));
- } catch (RemoteException e) {
- Slog.e(TAG, "Remote exception", e);
- }
- return;
- }
- mConfirmDeviceCredentialReceiver = receiver;
- // Use this so we don't need to duplicate logic..
- final Intent intent = kgm.createConfirmDeviceCredentialIntent(null /* title */,
- null /* description */, userId);
- // Then give it the bundle to do magic behavior..
- intent.putExtra(KeyguardManager.EXTRA_BIOMETRIC_PROMPT_BUNDLE, bundle);
- // Create a new task with this activity located at the root.
- intent.setFlags(
- Intent.FLAG_ACTIVITY_MULTIPLE_TASK | Intent.FLAG_ACTIVITY_NEW_DOCUMENT);
- getContext().startActivityAsUser(intent, UserHandle.CURRENT);
- });
- return;
- }
-
SomeArgs args = SomeArgs.obtain();
args.arg1 = token;
args.arg2 = sessionId;
@@ -732,41 +612,11 @@
args.argi2 = callingUid;
args.argi3 = callingPid;
args.argi4 = callingUserId;
- args.arg6 = callback;
mHandler.obtainMessage(MSG_AUTHENTICATE, args).sendToTarget();
}
@Override // Binder call
- public void onConfirmDeviceCredentialSuccess() {
- checkInternalPermission();
-
- mHandler.sendEmptyMessage(MSG_ON_CONFIRM_DEVICE_CREDENTIAL_SUCCESS);
- }
-
- @Override // Binder call
- public void onConfirmDeviceCredentialError(int error, String message) {
- checkInternalPermission();
-
- SomeArgs args = SomeArgs.obtain();
- args.argi1 = error;
- args.arg1 = message;
- mHandler.obtainMessage(MSG_ON_CONFIRM_DEVICE_CREDENTIAL_ERROR, args).sendToTarget();
- }
-
- @Override // Binder call
- public void registerCancellationCallback(
- IBiometricConfirmDeviceCredentialCallback callback) {
- // TODO(b/123378871): Remove when moved.
- // This callback replaces the one stored in the current session. If the session is null
- // we can ignore this, since it means ConfirmDeviceCredential was launched by something
- // else (not BiometricPrompt)
- checkInternalPermission();
-
- mHandler.obtainMessage(MSG_REGISTER_CANCELLATION_CALLBACK, callback).sendToTarget();
- }
-
- @Override // Binder call
public void cancelAuthentication(IBinder token, String opPackageName)
throws RemoteException {
checkPermission();
@@ -1254,49 +1104,6 @@
}
}
- private void handleOnConfirmDeviceCredentialSuccess() {
- if (mConfirmDeviceCredentialReceiver == null) {
- Slog.w(TAG, "handleOnConfirmDeviceCredentialSuccess null!");
- return;
- }
- try {
- mConfirmDeviceCredentialReceiver.onAuthenticationSucceeded();
- if (mCurrentAuthSession != null) {
- mCurrentAuthSession = null;
- }
- } catch (RemoteException e) {
- Slog.e(TAG, "RemoteException", e);
- }
- mConfirmDeviceCredentialReceiver = null;
- }
-
- private void handleOnConfirmDeviceCredentialError(int error, String message) {
- if (mConfirmDeviceCredentialReceiver == null) {
- Slog.w(TAG, "handleOnConfirmDeviceCredentialError null! Error: "
- + error + " " + message);
- return;
- }
- try {
- mConfirmDeviceCredentialReceiver.onError(error, message);
- if (mCurrentAuthSession != null) {
- mCurrentAuthSession = null;
- }
- } catch (RemoteException e) {
- Slog.e(TAG, "RemoteException", e);
- }
- mConfirmDeviceCredentialReceiver = null;
- }
-
- private void handleRegisterCancellationCallback(
- IBiometricConfirmDeviceCredentialCallback callback) {
- if (mCurrentAuthSession == null) {
- Slog.d(TAG, "Current auth session null");
- return;
- }
- Slog.d(TAG, "Updating cancel callback");
- mCurrentAuthSession.mConfirmDeviceCredentialCallback = callback;
- }
-
private void handleOnError(int cookie, int error, String message) {
Slog.d(TAG, "handleOnError: " + error + " cookie: " + cookie);
// Errors can either be from the current auth session or the pending auth session.
@@ -1311,18 +1118,9 @@
mCurrentAuthSession.mErrorEscrow = error;
mCurrentAuthSession.mErrorStringEscrow = message;
- if (mCurrentAuthSession.isFromConfirmDeviceCredential()) {
- // If we were invoked by ConfirmDeviceCredential, do not delete the current
- // auth session since we still need to respond to cancel signal while
- if (DEBUG) Slog.d(TAG, "From CDC, transition to CANCELED_SHOWING_CDC state");
-
- // Send the error to ConfirmDeviceCredential so that it goes to Pin/Pattern/Pass
- // screen
- mCurrentAuthSession.mClientReceiver.onError(error, message);
- mCurrentAuthSession.mState = STATE_BIOMETRIC_AUTH_CANCELED_SHOWING_CDC;
- mStatusBarService.hideBiometricDialog();
- } else if (mCurrentAuthSession.mState == STATE_AUTH_STARTED) {
+ if (mCurrentAuthSession.mState == STATE_AUTH_STARTED) {
mCurrentAuthSession.mState = STATE_ERROR_PENDING_SYSUI;
+
if (error == BiometricConstants.BIOMETRIC_ERROR_CANCELED) {
mStatusBarService.hideBiometricDialog();
} else {
@@ -1439,8 +1237,7 @@
mCurrentAuthSession.mCallingUid,
mCurrentAuthSession.mCallingPid,
mCurrentAuthSession.mCallingUserId,
- mCurrentAuthSession.mModality,
- mCurrentAuthSession.mConfirmDeviceCredentialCallback);
+ mCurrentAuthSession.mModality);
}
private void handleOnReadyForAuthentication(int cookie, boolean requireConfirmation,
@@ -1498,8 +1295,7 @@
private void handleAuthenticate(IBinder token, long sessionId, int userId,
IBiometricServiceReceiver receiver, String opPackageName, Bundle bundle,
- int callingUid, int callingPid, int callingUserId,
- IBiometricConfirmDeviceCredentialCallback callback) {
+ int callingUid, int callingPid, int callingUserId) {
mHandler.post(() -> {
final Pair<Integer, Integer> result = checkAndGetBiometricModality(userId);
@@ -1535,7 +1331,7 @@
// Start preparing for authentication. Authentication starts when
// all modalities requested have invoked onReadyForAuthentication.
authenticateInternal(token, sessionId, userId, receiver, opPackageName, bundle,
- callingUid, callingPid, callingUserId, modality, callback);
+ callingUid, callingPid, callingUserId, modality);
});
}
@@ -1550,8 +1346,7 @@
*/
private void authenticateInternal(IBinder token, long sessionId, int userId,
IBiometricServiceReceiver receiver, String opPackageName, Bundle bundle,
- int callingUid, int callingPid, int callingUserId, int modality,
- IBiometricConfirmDeviceCredentialCallback callback) {
+ int callingUid, int callingPid, int callingUserId, int modality) {
try {
boolean requireConfirmation = bundle.getBoolean(
BiometricPrompt.KEY_REQUIRE_CONFIRMATION, true /* default */);
@@ -1571,7 +1366,7 @@
authenticators.put(modality, cookie);
mPendingAuthSession = new AuthSession(authenticators, token, sessionId, userId,
receiver, opPackageName, bundle, callingUid, callingPid, callingUserId,
- modality, requireConfirmation, callback);
+ modality, requireConfirmation);
mPendingAuthSession.mState = STATE_AUTH_CALLED;
// No polymorphism :(
if ((modality & TYPE_FINGERPRINT) != 0) {
@@ -1598,20 +1393,7 @@
return;
}
- if (mCurrentAuthSession != null
- && mCurrentAuthSession.mState == STATE_BIOMETRIC_AUTH_CANCELED_SHOWING_CDC) {
- if (DEBUG) Slog.d(TAG, "Cancel received while ConfirmDeviceCredential showing");
- try {
- mCurrentAuthSession.mConfirmDeviceCredentialCallback.cancel();
- } catch (RemoteException e) {
- Slog.e(TAG, "Unable to cancel ConfirmDeviceCredential", e);
- }
-
- // TODO(b/123378871): Remove when moved. Piggy back on this for now to clean up.
- handleOnConfirmDeviceCredentialError(BiometricConstants.BIOMETRIC_ERROR_CANCELED,
- getContext().getString(R.string.biometric_error_canceled));
- } else if (mCurrentAuthSession != null
- && mCurrentAuthSession.mState != STATE_AUTH_STARTED) {
+ if (mCurrentAuthSession != null && mCurrentAuthSession.mState != STATE_AUTH_STARTED) {
// We need to check the current authenticators state. If we're pending confirm
// or idle, we need to dismiss the dialog and send an ERROR_CANCELED to the client,
// since we won't be getting an onError from the driver.
@@ -1629,19 +1411,7 @@
Slog.e(TAG, "Remote exception", e);
}
} else {
- boolean fromCDC = false;
- if (mCurrentAuthSession != null) {
- fromCDC = mCurrentAuthSession.mBundle.getBoolean(
- BiometricPrompt.KEY_FROM_CONFIRM_DEVICE_CREDENTIAL, false);
- }
-
- if (fromCDC) {
- if (DEBUG) Slog.d(TAG, "Cancelling from CDC");
- cancelInternal(token, opPackageName, false /* fromClient */);
- } else {
- cancelInternal(token, opPackageName, true /* fromClient */);
- }
-
+ cancelInternal(token, opPackageName, true /* fromClient */);
}
}
diff --git a/services/tests/servicestests/src/com/android/server/biometrics/BiometricServiceTest.java b/services/tests/servicestests/src/com/android/server/biometrics/BiometricServiceTest.java
index ccf3a90..669780e 100644
--- a/services/tests/servicestests/src/com/android/server/biometrics/BiometricServiceTest.java
+++ b/services/tests/servicestests/src/com/android/server/biometrics/BiometricServiceTest.java
@@ -55,6 +55,9 @@
import android.os.IBinder;
import android.security.KeyStore;
+import androidx.test.InstrumentationRegistry;
+import androidx.test.filters.SmallTest;
+
import com.android.internal.R;
import com.android.internal.statusbar.IStatusBarService;
@@ -66,9 +69,6 @@
import java.util.List;
-import androidx.test.InstrumentationRegistry;
-import androidx.test.filters.SmallTest;
-
@SmallTest
public class BiometricServiceTest {
@@ -727,8 +727,7 @@
0 /* userId */,
receiver,
TEST_PACKAGE_NAME /* packageName */,
- createTestBiometricPromptBundle(requireConfirmation),
- null /* IBiometricConfirmDeviceCredentialCallback */);
+ createTestBiometricPromptBundle(requireConfirmation));
}
private static Bundle createTestBiometricPromptBundle(boolean requireConfirmation) {