Use bugfix workflow for clear strong auth change
* Change the flag's name to reset the workflow
* Mark it as a bugfix
Bug: 320817991
Test: atest FrameworksServicesTests:LockSettingsServiceTests
Flag: android.security.clear_strong_auth_on_adding_primary_credential
Change-Id: If61f2ca2ed353474a1e2453e4e63e8c32d47fe7c
diff --git a/core/java/android/security/flags.aconfig b/core/java/android/security/flags.aconfig
index 9fd4618..0a922d6 100644
--- a/core/java/android/security/flags.aconfig
+++ b/core/java/android/security/flags.aconfig
@@ -97,10 +97,13 @@
}
flag {
- name: "clear_strong_auth_on_add_primary_credential"
+ name: "clear_strong_auth_on_adding_primary_credential"
namespace: "biometrics"
- description: "Clear StrongAuth on add credential"
+ description: "Clear StrongAuth on adding credential"
bug: "320817991"
+ metadata {
+ purpose: PURPOSE_BUGFIX
+ }
}
flag {
diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java
index a819026..07d1a65 100644
--- a/services/core/java/com/android/server/locksettings/LockSettingsService.java
+++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java
@@ -1917,7 +1917,7 @@
* Set a new LSKF for the given user/profile. Only succeeds if the synthetic password for the
* user is protected by the given {@param savedCredential}.
* <p>
- * When {@link android.security.Flags#clearStrongAuthOnAddPrimaryCredential()} is enabled and
+ * When {@link android.security.Flags#clearStrongAuthOnAddingPrimaryCredential()} is enabled and
* setting a new credential where there was none, updates the strong auth state for
* {@param userId} to <tt>STRONG_AUTH_NOT_REQUIRED</tt>.
*
@@ -1969,7 +1969,7 @@
onSyntheticPasswordUnlocked(userId, sp);
setLockCredentialWithSpLocked(credential, sp, userId);
- if (android.security.Flags.clearStrongAuthOnAddPrimaryCredential()
+ if (android.security.Flags.clearStrongAuthOnAddingPrimaryCredential()
&& savedCredential.isNone() && !credential.isNone()) {
// Clear the strong auth value, since the LSKF has just been entered and set,
// but only when the previous credential was None.
diff --git a/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTests.java b/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTests.java
index 125791a..f312a1b 100644
--- a/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTests.java
+++ b/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTests.java
@@ -17,7 +17,7 @@
package com.android.server.locksettings;
import static android.Manifest.permission.CONFIGURE_FACTORY_RESET_PROTECTION;
-import static android.security.Flags.FLAG_CLEAR_STRONG_AUTH_ON_ADD_PRIMARY_CREDENTIAL;
+import static android.security.Flags.FLAG_CLEAR_STRONG_AUTH_ON_ADDING_PRIMARY_CREDENTIAL;
import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_NONE;
import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PASSWORD;
@@ -264,7 +264,7 @@
}
@Test
- @RequiresFlagsEnabled(FLAG_CLEAR_STRONG_AUTH_ON_ADD_PRIMARY_CREDENTIAL)
+ @RequiresFlagsEnabled(FLAG_CLEAR_STRONG_AUTH_ON_ADDING_PRIMARY_CREDENTIAL)
public void setLockCredential_forPrimaryUser_clearsStrongAuthWhenFlagIsOn()
throws Exception {
setCredential(PRIMARY_USER_ID, newPassword("password"));
@@ -273,7 +273,7 @@
}
@Test
- @RequiresFlagsDisabled(FLAG_CLEAR_STRONG_AUTH_ON_ADD_PRIMARY_CREDENTIAL)
+ @RequiresFlagsDisabled(FLAG_CLEAR_STRONG_AUTH_ON_ADDING_PRIMARY_CREDENTIAL)
public void setLockCredential_forPrimaryUser_leavesStrongAuthWhenFlagIsOff()
throws Exception {
setCredential(PRIMARY_USER_ID, newPassword("password"));
@@ -312,7 +312,7 @@
}
@Test
- @RequiresFlagsEnabled(FLAG_CLEAR_STRONG_AUTH_ON_ADD_PRIMARY_CREDENTIAL)
+ @RequiresFlagsEnabled(FLAG_CLEAR_STRONG_AUTH_ON_ADDING_PRIMARY_CREDENTIAL)
public void setLockCredential_profileWithNewSeparateChallenge_clearsStrongAuthWhenFlagIsOn()
throws Exception {
mService.setSeparateProfileChallengeEnabled(MANAGED_PROFILE_USER_ID, true, null);
@@ -323,7 +323,7 @@
}
@Test
- @RequiresFlagsDisabled(FLAG_CLEAR_STRONG_AUTH_ON_ADD_PRIMARY_CREDENTIAL)
+ @RequiresFlagsDisabled(FLAG_CLEAR_STRONG_AUTH_ON_ADDING_PRIMARY_CREDENTIAL)
public void setLockCredential_profileWithNewSeparateChallenge_leavesStrongAuthWhenFlagIsOff()
throws Exception {
mService.setSeparateProfileChallengeEnabled(MANAGED_PROFILE_USER_ID, true, null);
@@ -377,7 +377,7 @@
}
@Test
- @RequiresFlagsEnabled(FLAG_CLEAR_STRONG_AUTH_ON_ADD_PRIMARY_CREDENTIAL)
+ @RequiresFlagsEnabled(FLAG_CLEAR_STRONG_AUTH_ON_ADDING_PRIMARY_CREDENTIAL)
public void setLockCredential_primaryWithUnifiedProfile_clearsStrongAuthForBothWhenFlagIsOn()
throws Exception {
final LockscreenCredential credential = newPassword("oldPassword");
@@ -393,7 +393,7 @@
}
@Test
- @RequiresFlagsDisabled(FLAG_CLEAR_STRONG_AUTH_ON_ADD_PRIMARY_CREDENTIAL)
+ @RequiresFlagsDisabled(FLAG_CLEAR_STRONG_AUTH_ON_ADDING_PRIMARY_CREDENTIAL)
public void setLockCredential_primaryWithUnifiedProfile_leavesStrongAuthForBothWhenFlagIsOff()
throws Exception {
final LockscreenCredential credential = newPassword("oldPassword");