Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2014 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License |
| 15 | */ |
| 16 | |
| 17 | package android.app.trust; |
| 18 | |
Adrian Roos | c13723f | 2016-01-12 20:29:03 +0100 | [diff] [blame] | 19 | import com.android.internal.widget.LockPatternUtils; |
| 20 | |
Clara Bayarri | 00a9b89 | 2016-01-13 16:17:09 +0000 | [diff] [blame] | 21 | import android.Manifest; |
Clara Bayarri | 00a9b89 | 2016-01-13 16:17:09 +0000 | [diff] [blame] | 22 | import android.annotation.RequiresPermission; |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 23 | import android.os.Handler; |
| 24 | import android.os.IBinder; |
| 25 | import android.os.Looper; |
| 26 | import android.os.Message; |
| 27 | import android.os.RemoteException; |
| 28 | import android.util.ArrayMap; |
| 29 | import android.util.Log; |
| 30 | |
| 31 | /** |
| 32 | * See {@link com.android.server.trust.TrustManagerService} |
| 33 | * @hide |
| 34 | */ |
| 35 | public class TrustManager { |
| 36 | |
| 37 | private static final int MSG_TRUST_CHANGED = 1; |
Adrian Roos | 7861c66 | 2014-07-25 15:37:28 +0200 | [diff] [blame] | 38 | private static final int MSG_TRUST_MANAGED_CHANGED = 2; |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 39 | |
| 40 | private static final String TAG = "TrustManager"; |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 41 | private static final String DATA_FLAGS = "initiatedByUser"; |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 42 | |
| 43 | private final ITrustManager mService; |
| 44 | private final ArrayMap<TrustListener, ITrustListener> mTrustListeners; |
| 45 | |
| 46 | public TrustManager(IBinder b) { |
| 47 | mService = ITrustManager.Stub.asInterface(b); |
| 48 | mTrustListeners = new ArrayMap<TrustListener, ITrustListener>(); |
| 49 | } |
| 50 | |
| 51 | /** |
Clara Bayarri | 56878a9 | 2015-10-29 15:43:55 +0000 | [diff] [blame] | 52 | * Changes the lock status for the given user. This is only applicable to Managed Profiles, |
| 53 | * other users should be handled by Keyguard. |
| 54 | * |
Clara Bayarri | 00a9b89 | 2016-01-13 16:17:09 +0000 | [diff] [blame] | 55 | * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. |
| 56 | * |
Clara Bayarri | 56878a9 | 2015-10-29 15:43:55 +0000 | [diff] [blame] | 57 | * @param userId The id for the user to be locked/unlocked. |
| 58 | * @param locked The value for that user's locked state. |
| 59 | */ |
Clara Bayarri | 00a9b89 | 2016-01-13 16:17:09 +0000 | [diff] [blame] | 60 | @RequiresPermission(Manifest.permission.ACCESS_KEYGUARD_SECURE_STORAGE) |
Clara Bayarri | 56878a9 | 2015-10-29 15:43:55 +0000 | [diff] [blame] | 61 | public void setDeviceLockedForUser(int userId, boolean locked) { |
| 62 | try { |
| 63 | mService.setDeviceLockedForUser(userId, locked); |
| 64 | } catch (RemoteException e) { |
| 65 | onError(e); |
| 66 | } |
| 67 | } |
| 68 | |
| 69 | /** |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 70 | * Reports that user {@param userId} has tried to unlock the device. |
| 71 | * |
| 72 | * @param successful if true, the unlock attempt was successful. |
| 73 | * |
| 74 | * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. |
| 75 | */ |
| 76 | public void reportUnlockAttempt(boolean successful, int userId) { |
| 77 | try { |
| 78 | mService.reportUnlockAttempt(successful, userId); |
| 79 | } catch (RemoteException e) { |
| 80 | onError(e); |
| 81 | } |
| 82 | } |
| 83 | |
| 84 | /** |
| 85 | * Reports that the list of enabled trust agents changed for user {@param userId}. |
| 86 | * |
| 87 | * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. |
| 88 | */ |
| 89 | public void reportEnabledTrustAgentsChanged(int userId) { |
| 90 | try { |
| 91 | mService.reportEnabledTrustAgentsChanged(userId); |
| 92 | } catch (RemoteException e) { |
| 93 | onError(e); |
| 94 | } |
| 95 | } |
| 96 | |
| 97 | /** |
Adrian Roos | 481a6df | 2014-11-20 19:48:56 +0100 | [diff] [blame] | 98 | * Reports that the visibility of the keyguard has changed. |
| 99 | * |
| 100 | * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. |
| 101 | */ |
| 102 | public void reportKeyguardShowingChanged() { |
| 103 | try { |
| 104 | mService.reportKeyguardShowingChanged(); |
| 105 | } catch (RemoteException e) { |
| 106 | onError(e); |
| 107 | } |
| 108 | } |
| 109 | |
| 110 | /** |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 111 | * Registers a listener for trust events. |
| 112 | * |
| 113 | * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. |
| 114 | */ |
| 115 | public void registerTrustListener(final TrustListener trustListener) { |
| 116 | try { |
| 117 | ITrustListener.Stub iTrustListener = new ITrustListener.Stub() { |
| 118 | @Override |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 119 | public void onTrustChanged(boolean enabled, int userId, int flags) { |
Adrian Roos | 3c9a350 | 2014-08-06 19:09:45 +0200 | [diff] [blame] | 120 | Message m = mHandler.obtainMessage(MSG_TRUST_CHANGED, (enabled ? 1 : 0), userId, |
| 121 | trustListener); |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 122 | if (flags != 0) { |
| 123 | m.getData().putInt(DATA_FLAGS, flags); |
Adrian Roos | 3c9a350 | 2014-08-06 19:09:45 +0200 | [diff] [blame] | 124 | } |
| 125 | m.sendToTarget(); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 126 | } |
Adrian Roos | 7861c66 | 2014-07-25 15:37:28 +0200 | [diff] [blame] | 127 | |
| 128 | @Override |
Adrian Roos | 3c9a350 | 2014-08-06 19:09:45 +0200 | [diff] [blame] | 129 | public void onTrustManagedChanged(boolean managed, int userId) { |
Adrian Roos | 7861c66 | 2014-07-25 15:37:28 +0200 | [diff] [blame] | 130 | mHandler.obtainMessage(MSG_TRUST_MANAGED_CHANGED, (managed ? 1 : 0), userId, |
| 131 | trustListener).sendToTarget(); |
| 132 | } |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 133 | }; |
| 134 | mService.registerTrustListener(iTrustListener); |
| 135 | mTrustListeners.put(trustListener, iTrustListener); |
| 136 | } catch (RemoteException e) { |
| 137 | onError(e); |
| 138 | } |
| 139 | } |
| 140 | |
| 141 | /** |
| 142 | * Unregisters a listener for trust events. |
| 143 | * |
| 144 | * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. |
| 145 | */ |
| 146 | public void unregisterTrustListener(final TrustListener trustListener) { |
| 147 | ITrustListener iTrustListener = mTrustListeners.remove(trustListener); |
| 148 | if (iTrustListener != null) { |
| 149 | try { |
| 150 | mService.unregisterTrustListener(iTrustListener); |
| 151 | } catch (RemoteException e) { |
| 152 | onError(e); |
| 153 | } |
| 154 | } |
| 155 | } |
| 156 | |
Adrian Roos | c13723f | 2016-01-12 20:29:03 +0100 | [diff] [blame] | 157 | /** |
Adrian Roos | c8d807a | 2016-01-25 14:09:01 -0800 | [diff] [blame] | 158 | * @return whether {@param userId} has enabled and configured trust agents. Ignores short-term |
Adrian Roos | c13723f | 2016-01-12 20:29:03 +0100 | [diff] [blame] | 159 | * unavailability of trust due to {@link LockPatternUtils.StrongAuthTracker}. |
| 160 | */ |
| 161 | @RequiresPermission(android.Manifest.permission.TRUST_LISTENER) |
| 162 | public boolean isTrustUsuallyManaged(int userId) { |
| 163 | try { |
| 164 | return mService.isTrustUsuallyManaged(userId); |
| 165 | } catch (RemoteException e) { |
| 166 | return false; |
| 167 | } |
| 168 | } |
| 169 | |
| 170 | |
| 171 | |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 172 | private void onError(Exception e) { |
| 173 | Log.e(TAG, "Error while calling TrustManagerService", e); |
| 174 | } |
| 175 | |
| 176 | private final Handler mHandler = new Handler(Looper.getMainLooper()) { |
| 177 | @Override |
| 178 | public void handleMessage(Message msg) { |
| 179 | switch(msg.what) { |
| 180 | case MSG_TRUST_CHANGED: |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 181 | int flags = msg.peekData() != null ? msg.peekData().getInt(DATA_FLAGS) : 0; |
| 182 | ((TrustListener)msg.obj).onTrustChanged(msg.arg1 != 0, msg.arg2, flags); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 183 | break; |
Adrian Roos | 7861c66 | 2014-07-25 15:37:28 +0200 | [diff] [blame] | 184 | case MSG_TRUST_MANAGED_CHANGED: |
| 185 | ((TrustListener)msg.obj).onTrustManagedChanged(msg.arg1 != 0, msg.arg2); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 186 | } |
| 187 | } |
| 188 | }; |
| 189 | |
| 190 | public interface TrustListener { |
| 191 | |
| 192 | /** |
| 193 | * Reports that the trust state has changed. |
| 194 | * @param enabled if true, the system believes the environment to be trusted. |
| 195 | * @param userId the user, for which the trust changed. |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 196 | * @param flags flags specified by the trust agent when granting trust. See |
| 197 | * {@link android.service.trust.TrustAgentService#grantTrust(CharSequence, long, int) |
| 198 | * TrustAgentService.grantTrust(CharSequence, long, int)}. |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 199 | */ |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 200 | void onTrustChanged(boolean enabled, int userId, int flags); |
Adrian Roos | 7861c66 | 2014-07-25 15:37:28 +0200 | [diff] [blame] | 201 | |
| 202 | /** |
| 203 | * Reports that whether trust is managed has changed |
| 204 | * @param enabled if true, at least one trust agent is managing trust. |
| 205 | * @param userId the user, for which the state changed. |
| 206 | */ |
| 207 | void onTrustManagedChanged(boolean enabled, int userId); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 208 | } |
| 209 | } |