Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2016 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.settings.password; |
| 18 | |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 19 | import static android.app.admin.DevicePolicyManager.ACTION_SET_NEW_PASSWORD; |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 20 | import static android.app.admin.DevicePolicyManager.KEYGUARD_DISABLE_FACE; |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 21 | import static android.app.admin.DevicePolicyManager.KEYGUARD_DISABLE_FINGERPRINT; |
| 22 | import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_SOMETHING; |
Fan Zhang | 23f8d59 | 2018-08-28 15:11:40 -0700 | [diff] [blame] | 23 | |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 24 | import static com.android.internal.util.Preconditions.checkNotNull; |
| 25 | |
| 26 | import android.annotation.Nullable; |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 27 | import android.app.ActivityManager; |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 28 | import android.app.admin.DevicePolicyManager; |
| 29 | import android.content.Context; |
| 30 | import android.content.Intent; |
| 31 | import android.content.pm.PackageManager; |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 32 | import android.hardware.face.FaceManager; |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 33 | import android.hardware.fingerprint.FingerprintManager; |
| 34 | import android.os.Bundle; |
Tony Mak | e0405fc | 2016-12-14 02:57:14 +0000 | [diff] [blame] | 35 | import android.os.IBinder; |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 36 | import android.os.UserManager; |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 37 | |
Fan Zhang | 23f8d59 | 2018-08-28 15:11:40 -0700 | [diff] [blame] | 38 | import androidx.annotation.VisibleForTesting; |
| 39 | |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 40 | import com.android.internal.widget.LockPatternUtils; |
Jeff Sharkey | ab50807 | 2016-10-11 14:25:22 -0600 | [diff] [blame] | 41 | import com.android.settings.Utils; |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 42 | |
| 43 | /** |
| 44 | * Business logic for {@link SetNewPasswordActivity}. |
| 45 | * |
| 46 | * <p>On devices that supports fingerprint, this controller directs the user to configure |
| 47 | * fingerprint + a backup password if the device admin allows fingerprint for keyguard and |
| 48 | * the user has never configured a fingerprint before. |
| 49 | */ |
| 50 | final class SetNewPasswordController { |
| 51 | |
| 52 | interface Ui { |
| 53 | /** Starts the {@link ChooseLockGeneric} activity with the given extras. */ |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 54 | void launchChooseLock(Bundle chooseLockFingerprintExtras); |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 55 | } |
| 56 | |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 57 | /** |
| 58 | * Which user is setting new password. |
| 59 | */ |
| 60 | private final int mTargetUserId; |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 61 | private final PackageManager mPackageManager; |
Fan Zhang | 1b9b1a2 | 2018-03-30 16:30:31 -0700 | [diff] [blame] | 62 | @Nullable |
| 63 | private final FingerprintManager mFingerprintManager; |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 64 | @Nullable |
| 65 | private final FaceManager mFaceManager; |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 66 | private final DevicePolicyManager mDevicePolicyManager; |
| 67 | private final Ui mUi; |
| 68 | |
Tony Mak | e0405fc | 2016-12-14 02:57:14 +0000 | [diff] [blame] | 69 | public static SetNewPasswordController create(Context context, Ui ui, Intent intent, |
| 70 | IBinder activityToken) { |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 71 | // Trying to figure out which user is setting new password. If it is |
| 72 | // ACTION_SET_NEW_PARENT_PROFILE_PASSWORD or the calling user is not allowed to set |
| 73 | // separate profile challenge, it is the current user to set new password. Otherwise, |
| 74 | // it is the user who starts this activity setting new password. |
| 75 | int userId = ActivityManager.getCurrentUser(); |
| 76 | if (ACTION_SET_NEW_PASSWORD.equals(intent.getAction())) { |
Tony Mak | e0405fc | 2016-12-14 02:57:14 +0000 | [diff] [blame] | 77 | final int callingUserId = Utils.getSecureTargetUser(activityToken, |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 78 | UserManager.get(context), null, intent.getExtras()).getIdentifier(); |
| 79 | final LockPatternUtils lockPatternUtils = new LockPatternUtils(context); |
| 80 | if (lockPatternUtils.isSeparateProfileChallengeAllowed(callingUserId)) { |
| 81 | userId = callingUserId; |
| 82 | } |
| 83 | } |
| 84 | // Create a wrapper of FingerprintManager for testing, see IFingerPrintManager for details. |
| 85 | final FingerprintManager fingerprintManager = Utils.getFingerprintManagerOrNull(context); |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 86 | final FaceManager faceManager = Utils.getFaceManagerOrNull(context); |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 87 | return new SetNewPasswordController(userId, |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 88 | context.getPackageManager(), |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 89 | fingerprintManager, faceManager, |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 90 | (DevicePolicyManager) context.getSystemService(Context.DEVICE_POLICY_SERVICE), ui); |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 91 | } |
| 92 | |
| 93 | @VisibleForTesting |
| 94 | SetNewPasswordController( |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 95 | int targetUserId, |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 96 | PackageManager packageManager, |
Fan Zhang | 1b9b1a2 | 2018-03-30 16:30:31 -0700 | [diff] [blame] | 97 | FingerprintManager fingerprintManager, |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 98 | FaceManager faceManager, |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 99 | DevicePolicyManager devicePolicyManager, |
| 100 | Ui ui) { |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 101 | mTargetUserId = targetUserId; |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 102 | mPackageManager = checkNotNull(packageManager); |
| 103 | mFingerprintManager = fingerprintManager; |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 104 | mFaceManager = faceManager; |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 105 | mDevicePolicyManager = checkNotNull(devicePolicyManager); |
| 106 | mUi = checkNotNull(ui); |
| 107 | } |
| 108 | |
| 109 | /** |
| 110 | * Dispatches the set new password intent to the correct activity that handles it. |
| 111 | */ |
| 112 | public void dispatchSetNewPasswordIntent() { |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 113 | final Bundle extras; |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 114 | // TODO: handle the case with multiple biometrics, perhaps take an arg for biometric type? |
| 115 | if (mPackageManager.hasSystemFeature(PackageManager.FEATURE_FACE) |
| 116 | && mFaceManager != null |
| 117 | && mFaceManager.isHardwareDetected() |
Kevin Chyn | 76d40d3 | 2018-08-26 15:43:00 -0700 | [diff] [blame] | 118 | && !mFaceManager.hasEnrolledTemplates(mTargetUserId) |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 119 | && !isFaceDisabledByAdmin()) { |
| 120 | extras = getFaceChooseLockExtras(); |
| 121 | } else if (mPackageManager.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT) |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 122 | && mFingerprintManager != null |
| 123 | && mFingerprintManager.isHardwareDetected() |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 124 | && !mFingerprintManager.hasEnrolledFingerprints(mTargetUserId) |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 125 | && !isFingerprintDisabledByAdmin()) { |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 126 | extras = getFingerprintChooseLockExtras(); |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 127 | } else { |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 128 | extras = new Bundle(); |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 129 | } |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 130 | // No matter we show fingerprint options or not, we should tell the next activity which |
| 131 | // user is setting new password. |
| 132 | extras.putInt(Intent.EXTRA_USER_ID, mTargetUserId); |
| 133 | mUi.launchChooseLock(extras); |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 134 | } |
| 135 | |
| 136 | private Bundle getFingerprintChooseLockExtras() { |
| 137 | Bundle chooseLockExtras = new Bundle(); |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 138 | long challenge = mFingerprintManager.preEnroll(); |
| 139 | chooseLockExtras.putInt(ChooseLockGeneric.ChooseLockGenericFragment.MINIMUM_QUALITY_KEY, |
| 140 | PASSWORD_QUALITY_SOMETHING); |
| 141 | chooseLockExtras.putBoolean( |
| 142 | ChooseLockGeneric.ChooseLockGenericFragment.HIDE_DISABLED_PREFS, true); |
| 143 | chooseLockExtras.putBoolean(ChooseLockSettingsHelper.EXTRA_KEY_HAS_CHALLENGE, true); |
| 144 | chooseLockExtras.putLong(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE, challenge); |
| 145 | chooseLockExtras.putBoolean(ChooseLockSettingsHelper.EXTRA_KEY_FOR_FINGERPRINT, true); |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 146 | return chooseLockExtras; |
| 147 | } |
| 148 | |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 149 | private Bundle getFaceChooseLockExtras() { |
| 150 | Bundle chooseLockExtras = new Bundle(); |
Kevin Chyn | a8843f29 | 2018-09-25 12:08:21 -0700 | [diff] [blame] | 151 | long challenge = mFaceManager.generateChallenge(); |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 152 | chooseLockExtras.putInt(ChooseLockGeneric.ChooseLockGenericFragment.MINIMUM_QUALITY_KEY, |
| 153 | PASSWORD_QUALITY_SOMETHING); |
| 154 | chooseLockExtras.putBoolean( |
| 155 | ChooseLockGeneric.ChooseLockGenericFragment.HIDE_DISABLED_PREFS, true); |
| 156 | chooseLockExtras.putBoolean(ChooseLockSettingsHelper.EXTRA_KEY_HAS_CHALLENGE, true); |
| 157 | chooseLockExtras.putLong(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE, challenge); |
| 158 | chooseLockExtras.putBoolean(ChooseLockSettingsHelper.EXTRA_KEY_FOR_FACE, true); |
| 159 | return chooseLockExtras; |
| 160 | } |
| 161 | |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 162 | private boolean isFingerprintDisabledByAdmin() { |
Tony Mak | 8f41b9b | 2016-11-23 11:36:18 +0000 | [diff] [blame] | 163 | int disabledFeatures = |
| 164 | mDevicePolicyManager.getKeyguardDisabledFeatures(null, mTargetUserId); |
| 165 | return (disabledFeatures & KEYGUARD_DISABLE_FINGERPRINT) != 0; |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 166 | } |
Kevin Chyn | 81dc029 | 2018-06-28 14:59:38 -0700 | [diff] [blame] | 167 | |
| 168 | private boolean isFaceDisabledByAdmin() { |
| 169 | int disabledFeatures = |
| 170 | mDevicePolicyManager.getKeyguardDisabledFeatures(null, mTargetUserId); |
| 171 | return (disabledFeatures & KEYGUARD_DISABLE_FACE) != 0; |
| 172 | } |
Steven Ng | 4fdcec7 | 2016-09-26 22:13:08 +0100 | [diff] [blame] | 173 | } |