Return GK_PW_HANDLE after remote LSKF verification.
Handle is returned when LSKF is set after successful verification.
It is used by SUW to add biometrics without asking for LSKF.
Bug: 272807192
Test: manual
Change-Id: I3fe6ed7fd6401421090ccd684509dfede9106076
diff --git a/src/com/android/settings/biometrics/BiometricEnrollActivity.java b/src/com/android/settings/biometrics/BiometricEnrollActivity.java
index e63a754..56c9e89 100644
--- a/src/com/android/settings/biometrics/BiometricEnrollActivity.java
+++ b/src/com/android/settings/biometrics/BiometricEnrollActivity.java
@@ -132,6 +132,11 @@
if (BiometricUtils.containsGatekeeperPasswordHandle(getIntent())) {
mGkPwHandle = BiometricUtils.getGatekeeperPasswordHandle(getIntent());
}
+ } else if (WizardManagerHelper.isAnySetupWizard(getIntent())) {
+ if (BiometricUtils.containsGatekeeperPasswordHandle(getIntent())) {
+ mGkPwHandle = BiometricUtils.getGatekeeperPasswordHandle(getIntent());
+ }
+
}
if (savedInstanceState != null) {
diff --git a/src/com/android/settings/password/ChooseLockSettingsHelper.java b/src/com/android/settings/password/ChooseLockSettingsHelper.java
index 020b725..45d973d 100644
--- a/src/com/android/settings/password/ChooseLockSettingsHelper.java
+++ b/src/com/android/settings/password/ChooseLockSettingsHelper.java
@@ -339,7 +339,7 @@
Utils.enforceSameOwner(mActivity, mUserId);
}
- if (mExternal && mReturnCredentials) {
+ if (mExternal && mReturnCredentials && !mRemoteLockscreenValidation) {
throw new IllegalArgumentException("External and ReturnCredentials specified. "
+ " External callers should never be allowed to receive credentials in"
+ " onActivityResult");
diff --git a/src/com/android/settings/password/ConfirmDeviceCredentialActivity.java b/src/com/android/settings/password/ConfirmDeviceCredentialActivity.java
index 328e440..8dbc0dc 100644
--- a/src/com/android/settings/password/ConfirmDeviceCredentialActivity.java
+++ b/src/com/android/settings/password/ConfirmDeviceCredentialActivity.java
@@ -250,12 +250,15 @@
.setRemoteLockscreenValidationSession(remoteLockscreenValidationSession)
.setRemoteLockscreenValidationServiceComponent(
remoteLockscreenValidationServiceComponent)
+ .setRequestGatekeeperPasswordHandle(true)
+ .setReturnCredentials(true) // returns only password handle.
.setHeader(mTitle) // Show the title in the header location
.setDescription(mDetails)
.setCheckboxLabel(checkboxLabel)
.setAlternateButton(alternateButton)
.setExternal(true)
.show();
+ return;
} else if (isEffectiveUserManagedProfile && isInternalActivity()) {
mCredentialMode = CREDENTIAL_MANAGED;
if (isBiometricAllowed(effectiveUserId, mUserId)) {
diff --git a/src/com/android/settings/password/ConfirmLockPassword.java b/src/com/android/settings/password/ConfirmLockPassword.java
index 427b4ff..81bd8c2 100644
--- a/src/com/android/settings/password/ConfirmLockPassword.java
+++ b/src/com/android/settings/password/ConfirmLockPassword.java
@@ -26,6 +26,10 @@
import static android.app.admin.DevicePolicyResources.Strings.Settings.WORK_PROFILE_PIN_REQUIRED;
import static android.app.admin.DevicePolicyResources.UNDEFINED;
+import static com.android.settings.biometrics.GatekeeperPasswordProvider.containsGatekeeperPasswordHandle;
+import static com.android.settings.biometrics.GatekeeperPasswordProvider.getGatekeeperPasswordHandle;
+import static com.android.settings.password.ChooseLockSettingsHelper.EXTRA_KEY_GK_PW_HANDLE;
+
import android.annotation.Nullable;
import android.app.KeyguardManager;
import android.app.RemoteLockscreenValidationResult;
@@ -614,7 +618,7 @@
saveAndFinishWorker.setListener(this);
saveAndFinishWorker.start(
mLockPatternUtils,
- /* requestGatekeeperPassword= */ false,
+ /* requestGatekeeperPassword= */ true,
mDeviceCredentialGuess,
/* currentCredential= */ null,
mEffectiveUserId);
@@ -705,8 +709,14 @@
if (mDeviceCredentialGuess != null) {
mDeviceCredentialGuess.zeroize();
}
+
+ Intent result = new Intent();
+ if (mRemoteValidation && containsGatekeeperPasswordHandle(resultData)) {
+ result.putExtra(EXTRA_KEY_GK_PW_HANDLE, getGatekeeperPasswordHandle(resultData));
+ }
+
mGlifLayout.setProgressBarShown(false);
- mCredentialCheckResultTracker.setResult(/* matched= */ true, new Intent(),
+ mCredentialCheckResultTracker.setResult(/* matched= */ true, result,
/* timeoutMs= */ 0, mEffectiveUserId);
}
}
diff --git a/src/com/android/settings/password/ConfirmLockPattern.java b/src/com/android/settings/password/ConfirmLockPattern.java
index c664daf..7c21739 100644
--- a/src/com/android/settings/password/ConfirmLockPattern.java
+++ b/src/com/android/settings/password/ConfirmLockPattern.java
@@ -22,6 +22,10 @@
import static android.app.admin.DevicePolicyResources.Strings.Settings.WORK_PROFILE_PATTERN_REQUIRED;
import static android.app.admin.DevicePolicyResources.UNDEFINED;
+import static com.android.settings.biometrics.GatekeeperPasswordProvider.containsGatekeeperPasswordHandle;
+import static com.android.settings.biometrics.GatekeeperPasswordProvider.getGatekeeperPasswordHandle;
+import static com.android.settings.password.ChooseLockSettingsHelper.EXTRA_KEY_GK_PW_HANDLE;
+
import android.annotation.Nullable;
import android.annotation.SuppressLint;
import android.app.Activity;
@@ -627,7 +631,7 @@
saveAndFinishWorker.setListener(this);
saveAndFinishWorker.start(
mLockPatternUtils,
- /* requestGatekeeperPassword= */ false,
+ /* requestGatekeeperPassword= */ true,
mDeviceCredentialGuess,
/* currentCredential= */ null,
mEffectiveUserId);
@@ -732,8 +736,14 @@
if (mDeviceCredentialGuess != null) {
mDeviceCredentialGuess.zeroize();
}
+
+ Intent result = new Intent();
+ if (mRemoteValidation && containsGatekeeperPasswordHandle(resultData)) {
+ result.putExtra(EXTRA_KEY_GK_PW_HANDLE, getGatekeeperPasswordHandle(resultData));
+ }
+
mGlifLayout.setProgressBarShown(false);
- mCredentialCheckResultTracker.setResult(/* matched= */ true, new Intent(),
+ mCredentialCheckResultTracker.setResult(/* matched= */ true, result,
/* timeoutMs= */ 0, mEffectiveUserId);
}
}