3 files changed, 63 insertions, 3 deletions

diff --git a/core/java/com/android/internal/widget/ILockSettings.aidl b/core/java/com/android/internal/widget/ILockSettings.aidl
index b2fc2bb8c89f..6b93d8336b95 100644
--- a/core/java/com/android/internal/widget/ILockSettings.aidl
+++ b/core/java/com/android/internal/widget/ILockSettings.aidl
@@ -44,4 +44,5 @@ interface ILockSettings {
     void requireStrongAuth(int strongAuthReason, int userId);
     void systemReady();
     void userPresent(int userId);
+    int getStrongAuthForUser(int userId);
 }
diff --git a/core/java/com/android/internal/widget/LockPatternUtils.java b/core/java/com/android/internal/widget/LockPatternUtils.java
index d9b63296dea9..a5485da3f0a7 100644
--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java
@@ -1452,6 +1452,32 @@ public class LockPatternUtils {
     }
 
     /**
+     * @see StrongAuthTracker#getStrongAuthForUser
+     */
+    public int getStrongAuthForUser(int userId) {
+        try {
+            return getLockSettings().getStrongAuthForUser(userId);
+        } catch (RemoteException e) {
+            Log.e(TAG, "Could not get StrongAuth", e);
+            return StrongAuthTracker.getDefaultFlags(mContext);
+        }
+    }
+
+    /**
+     * @see StrongAuthTracker#isTrustAllowedForUser
+     */
+    public boolean isTrustAllowedForUser(int userId) {
+        return getStrongAuthForUser(userId) == StrongAuthTracker.STRONG_AUTH_NOT_REQUIRED;
+    }
+
+    /**
+     * @see StrongAuthTracker#isFingerprintAllowedForUser
+     */
+    public boolean isFingerprintAllowedForUser(int userId) {
+        return (getStrongAuthForUser(userId) & ~StrongAuthTracker.ALLOWING_FINGERPRINT) == 0;
+    }
+
+    /**
      * Tracks the global strong authentication state.
      */
     public static class StrongAuthTracker {
@@ -1556,9 +1582,8 @@ public class LockPatternUtils {
         public void onStrongAuthRequiredChanged(int userId) {
         }
 
-        void handleStrongAuthRequiredChanged(@StrongAuthFlags int strongAuthFlags,
+        protected void handleStrongAuthRequiredChanged(@StrongAuthFlags int strongAuthFlags,
                 int userId) {
-
             int oldValue = getStrongAuthForUser(userId);
             if (strongAuthFlags != oldValue) {
                 if (strongAuthFlags == mDefaultStrongAuthFlags) {
@@ -1571,7 +1596,7 @@ public class LockPatternUtils {
         }
 
 
-        final IStrongAuthTracker.Stub mStub = new IStrongAuthTracker.Stub() {
+        protected final IStrongAuthTracker.Stub mStub = new IStrongAuthTracker.Stub() {
             @Override
             public void onStrongAuthRequiredChanged(@StrongAuthFlags int strongAuthFlags,
                     int userId) {
diff --git a/services/core/java/com/android/server/LockSettingsService.java b/services/core/java/com/android/server/LockSettingsService.java
index cec32291cb30..4477e8ba9809 100644
--- a/services/core/java/com/android/server/LockSettingsService.java
+++ b/services/core/java/com/android/server/LockSettingsService.java
@@ -120,6 +120,7 @@ public class LockSettingsService extends ILockSettings.Stub {
     private final Context mContext;
     private final LockSettingsStorage mStorage;
     private final LockSettingsStrongAuth mStrongAuth;
+    private final SynchronizedStrongAuthTracker mStrongAuthTracker;
 
     private LockPatternUtils mLockPatternUtils;
     private boolean mFirstCallToVold;
@@ -177,6 +178,30 @@ public class LockSettingsService extends ILockSettings.Stub {
         }
     }
 
+    private class SynchronizedStrongAuthTracker extends LockPatternUtils.StrongAuthTracker {
+        public SynchronizedStrongAuthTracker(Context context) {
+            super(context);
+        }
+
+        @Override
+        protected void handleStrongAuthRequiredChanged(int strongAuthFlags, int userId) {
+            synchronized (this) {
+                super.handleStrongAuthRequiredChanged(strongAuthFlags, userId);
+            }
+        }
+
+        @Override
+        public int getStrongAuthForUser(int userId) {
+            synchronized (this) {
+                return super.getStrongAuthForUser(userId);
+            }
+        }
+
+        void register() {
+            mStrongAuth.registerStrongAuthTracker(this.mStub);
+        }
+    }
+
     /**
      * Tie managed profile to primary profile if it is in unified mode and not tied before.
      *
@@ -245,6 +270,9 @@ public class LockSettingsService extends ILockSettings.Stub {
         mNotificationManager = (NotificationManager)
                 mContext.getSystemService(Context.NOTIFICATION_SERVICE);
         mUserManager = (UserManager) mContext.getSystemService(Context.USER_SERVICE);
+        mStrongAuthTracker = new SynchronizedStrongAuthTracker(mContext);
+        mStrongAuthTracker.register();
+
     }
 
     /**
@@ -1398,6 +1426,12 @@ public class LockSettingsService extends ILockSettings.Stub {
         mStrongAuth.reportUnlock(userId);
     }
 
+    @Override
+    public int getStrongAuthForUser(int userId) {
+        checkPasswordReadPermission(userId);
+        return mStrongAuthTracker.getStrongAuthForUser(userId);
+    }
+
     private static final String[] VALID_SETTINGS = new String[] {
         LockPatternUtils.LOCKOUT_PERMANENT_KEY,
         LockPatternUtils.LOCKOUT_ATTEMPT_DEADLINE,