diff options
| author | 2023-08-03 20:16:58 -0700 | |
|---|---|---|
| committer | 2023-08-16 08:32:59 -0700 | |
| commit | 821c428031f35e417a38a0db8f7a6523c14a7813 (patch) | |
| tree | ca80a4a779c328b6c6fe2fabda5c554ce531c411 /libs/androidfw/ZipFileRO.cpp | |
| parent | c25d75a1d351e58e93b98da51fe05d8fd3e871dd (diff) | |
Provide better API methods that can provide face/fp auth status
1. `isFingerprintAuthUsuallyAllowed` is true when fp is enrolled and is not disabled through device policy
2. `isFingerprintAuthCurrentlyAllowed` is true when `isFingerprintAuthUsuallyAllowed` is true and strong auth flags don't restrict fp auth
3. `isFaceAuthUsuallyAllowed` is true when face is enrolled, not disabled by device policy and enabled in biometricManager
4. `isFaceAuthCurrentlyAllowed` is true when `isFaceAuthUsuallyAllowed` is true and face auth is allowed in current posture and strong auth flags don't prevent face auth from running
a. If face auth is class3 then this will rely on strong biometric allowed strong auth flag
b. If face auth is not class3 then this will rely on non strong biometric allowed strong auth flag
Motivation for the change:
1. Modern arch replacement for methods like KeyguardUpdateMonitor `isUnlockingWithFingerprintAllowed` and `isUnlockingWithBiometricAllowed`
2. `KeyguardUpdateMonitor#isUnlockingWithBiometricAllowed` doesn't actually check for enrollment state, which is the root cause of the bug.
3. In all places where we check if fingerprint is enrolled, we always check if fp is enabled and if fp is allowed by strong auth flags. Same for face as well.
Bug: 293472698
Test: atest BouncerMessageRepositoryTest
Test: atest AlternateBouncerInteractorTest
Test: atest BiometricSettingsRepositoryTest
Test: atest DeviceEntryFaceAuthRepositoryTest
Change-Id: I9ae5e54aa473ff6c02d551607a3c0907585aa6a6
Diffstat (limited to 'libs/androidfw/ZipFileRO.cpp')
0 files changed, 0 insertions, 0 deletions