From 4126113587b0133cac4b72997e963b6ac6b0b589 Mon Sep 17 00:00:00 2001 From: Hao Dong Date: Fri, 11 Oct 2024 03:54:02 +0000 Subject: Fix settings activity showing background bp when createConfirmDeviceCredentialIntent() API is used. If the app uses createConfirmDeviceCredentialIntent(), ConfirmDeviceCredentialActivity is the top activity which has "settings" as package name. Then if the app switches to settings, since previous foreground check only checks package name, biometric prompt isn't cancelled. This CL adds a class name check for this case. Flag: EXEMPT bugfix Bug: 339532378 Test: manual test with sample app on emulator Test: atest BiometricActivityTests#testConfirmDeviceCredentialActivityDismiss_whenSwitchToSettings Change-Id: I722e285cd15869799b9fadd2324014cf3c6d44ad Merged-In: I722e285cd15869799b9fadd2324014cf3c6d44ad Merged-In: I26d8f4713573ab18ef3f83813aaef52ede910b8d --- .../hardware/biometrics/BiometricPrompt.java | 14 +++++ .../android/hardware/biometrics/PromptInfo.java | 20 ++++++ .../systemui/biometrics/AuthContainerView.java | 5 ++ .../systemui/biometrics/AuthController.java | 71 ++++++++++++++++------ .../android/systemui/biometrics/AuthDialog.java | 6 ++ 5 files changed, 97 insertions(+), 19 deletions(-) diff --git a/core/java/android/hardware/biometrics/BiometricPrompt.java b/core/java/android/hardware/biometrics/BiometricPrompt.java index 35c36679a4c1..751970eb8b4d 100644 --- a/core/java/android/hardware/biometrics/BiometricPrompt.java +++ b/core/java/android/hardware/biometrics/BiometricPrompt.java @@ -432,6 +432,20 @@ public class BiometricPrompt implements BiometricAuthenticator, BiometricConstan return this; } + /** + * Set the class name of ConfirmDeviceCredentialActivity. + * + * @return This builder. + * @hide + */ + @NonNull + @RequiresPermission(anyOf = {TEST_BIOMETRIC, USE_BIOMETRIC_INTERNAL}) + public Builder setClassNameIfItIsConfirmDeviceCredentialActivity() { + mPromptInfo.setClassNameIfItIsConfirmDeviceCredentialActivity( + mContext.getClass().getName()); + return this; + } + /** * Creates a {@link BiometricPrompt}. * diff --git a/core/java/android/hardware/biometrics/PromptInfo.java b/core/java/android/hardware/biometrics/PromptInfo.java index 2742f0effde6..601ba38a7bb7 100644 --- a/core/java/android/hardware/biometrics/PromptInfo.java +++ b/core/java/android/hardware/biometrics/PromptInfo.java @@ -47,6 +47,7 @@ public class PromptInfo implements Parcelable { private boolean mAllowBackgroundAuthentication; private boolean mIgnoreEnrollmentState; private boolean mIsForLegacyFingerprintManager = false; + private String mClassNameIfItIsConfirmDeviceCredentialActivity = null; public PromptInfo() { @@ -70,6 +71,7 @@ public class PromptInfo implements Parcelable { mAllowBackgroundAuthentication = in.readBoolean(); mIgnoreEnrollmentState = in.readBoolean(); mIsForLegacyFingerprintManager = in.readBoolean(); + mClassNameIfItIsConfirmDeviceCredentialActivity = in.readString(); } public static final Creator CREATOR = new Creator() { @@ -108,6 +110,7 @@ public class PromptInfo implements Parcelable { dest.writeBoolean(mAllowBackgroundAuthentication); dest.writeBoolean(mIgnoreEnrollmentState); dest.writeBoolean(mIsForLegacyFingerprintManager); + dest.writeString(mClassNameIfItIsConfirmDeviceCredentialActivity); } public boolean containsTestConfigurations() { @@ -119,6 +122,8 @@ public class PromptInfo implements Parcelable { return true; } else if (mAllowBackgroundAuthentication) { return true; + } else if (mClassNameIfItIsConfirmDeviceCredentialActivity != null) { + return true; } return false; } @@ -213,6 +218,13 @@ public class PromptInfo implements Parcelable { mAllowedSensorIds.add(sensorId); } + /** + * Set the class name of ConfirmDeviceCredentialActivity. + */ + void setClassNameIfItIsConfirmDeviceCredentialActivity(String className) { + mClassNameIfItIsConfirmDeviceCredentialActivity = className; + } + // Getters public CharSequence getTitle() { @@ -290,4 +302,12 @@ public class PromptInfo implements Parcelable { public boolean isForLegacyFingerprintManager() { return mIsForLegacyFingerprintManager; } + + /** + * Get the class name of ConfirmDeviceCredentialActivity. Returns null if the direct caller is + * not ConfirmDeviceCredentialActivity. + */ + public String getClassNameIfItIsConfirmDeviceCredentialActivity() { + return mClassNameIfItIsConfirmDeviceCredentialActivity; + } } diff --git a/packages/SystemUI/src/com/android/systemui/biometrics/AuthContainerView.java b/packages/SystemUI/src/com/android/systemui/biometrics/AuthContainerView.java index 3f61d3c6af9a..56cae3301546 100644 --- a/packages/SystemUI/src/com/android/systemui/biometrics/AuthContainerView.java +++ b/packages/SystemUI/src/com/android/systemui/biometrics/AuthContainerView.java @@ -681,6 +681,11 @@ public class AuthContainerView extends LinearLayout return mConfig.mOpPackageName; } + @Override + public String getClassNameIfItIsConfirmDeviceCredentialActivity() { + return mConfig.mPromptInfo.getClassNameIfItIsConfirmDeviceCredentialActivity(); + } + @Override public void animateToCredentialUI() { mBiometricView.startTransitionToCredentialUI(); diff --git a/packages/SystemUI/src/com/android/systemui/biometrics/AuthController.java b/packages/SystemUI/src/com/android/systemui/biometrics/AuthController.java index 4cad6a66b2ca..f23eb00e5fa2 100644 --- a/packages/SystemUI/src/com/android/systemui/biometrics/AuthController.java +++ b/packages/SystemUI/src/com/android/systemui/biometrics/AuthController.java @@ -25,6 +25,7 @@ import android.app.ActivityManager; import android.app.ActivityTaskManager; import android.app.TaskStackListener; import android.content.BroadcastReceiver; +import android.content.ComponentName; import android.content.Context; import android.content.Intent; import android.content.IntentFilter; @@ -184,25 +185,18 @@ public class AuthController extends SystemUI implements CommandQueue.Callbacks, private void cancelIfOwnerIsNotInForeground() { if (mCurrentDialog != null) { try { - final String clientPackage = mCurrentDialog.getOpPackageName(); - Log.w(TAG, "Task stack changed, current client: " + clientPackage); - final List runningTasks = - mActivityTaskManager.getTasks(1); - if (!runningTasks.isEmpty()) { - final String topPackage = runningTasks.get(0).topActivity.getPackageName(); - if (!topPackage.contentEquals(clientPackage) - && !Utils.isSystem(mContext, clientPackage)) { - Log.e(TAG, "Evicting client due to: " + topPackage); - mCurrentDialog.dismissWithoutCallback(true /* animate */); - mCurrentDialog = null; - mOrientationListener.disable(); - - if (mReceiver != null) { - mReceiver.onDialogDismissed( - BiometricPrompt.DISMISSED_REASON_USER_CANCEL, - null /* credentialAttestation */); - mReceiver = null; - } + if (isOwnerInBackground()) { + Log.w(TAG, "Evicting client due to top activity is not : " + + mCurrentDialog.getOpPackageName()); + mCurrentDialog.dismissWithoutCallback(true /* animate */); + mCurrentDialog = null; + mOrientationListener.disable(); + + if (mReceiver != null) { + mReceiver.onDialogDismissed( + BiometricPrompt.DISMISSED_REASON_USER_CANCEL, + null /* credentialAttestation */); + mReceiver = null; } } } catch (RemoteException e) { @@ -211,6 +205,45 @@ public class AuthController extends SystemUI implements CommandQueue.Callbacks, } } + private boolean isOwnerInBackground() { + if (mCurrentDialog != null) { + final String clientPackage = mCurrentDialog.getOpPackageName(); + + final List runningTasks = + mActivityTaskManager.getTasks(1); + if (runningTasks == null || runningTasks.isEmpty()) { + Log.w(TAG, "No running tasks reported"); + return false; + } + + final boolean isSystemApp = Utils.isSystem(mContext, clientPackage); + + final ComponentName topActivity = runningTasks.get(0).topActivity; + final String topPackage = topActivity.getPackageName(); + final boolean topPackageEqualsToClient = + topPackage == null + || topActivity.getPackageName().contentEquals(clientPackage); + + // b/339532378: If it's ConfirmDeviceCredentialActivity, we need to check further on + // class name. + final String clientClassNameForCDCA = + mCurrentDialog.getClassNameIfItIsConfirmDeviceCredentialActivity(); + final boolean isClientCDCA = clientClassNameForCDCA != null; + final String topClassName = topActivity.getClassName(); + final boolean isCDCAWithWrongTopClass = + isClientCDCA + && !(topClassName == null + || topClassName.contentEquals(clientClassNameForCDCA)); + + final boolean isInBackground = + !(isSystemApp || topPackageEqualsToClient) || isCDCAWithWrongTopClass; + + Log.w(TAG, "isInBackground " + isInBackground); + return isInBackground; + } + return false; + } + /** * Adds a callback. See {@link Callback}. */ diff --git a/packages/SystemUI/src/com/android/systemui/biometrics/AuthDialog.java b/packages/SystemUI/src/com/android/systemui/biometrics/AuthDialog.java index fa5213e94081..dd4eb99cc2c7 100644 --- a/packages/SystemUI/src/com/android/systemui/biometrics/AuthDialog.java +++ b/packages/SystemUI/src/com/android/systemui/biometrics/AuthDialog.java @@ -147,6 +147,12 @@ public interface AuthDialog { */ String getOpPackageName(); + /** + * Get the class name of ConfirmDeviceCredentialActivity. Returns null if the direct caller is + * not ConfirmDeviceCredentialActivity. + */ + String getClassNameIfItIsConfirmDeviceCredentialActivity(); + /** * Animate to credential UI. Typically called after biometric is locked out. */ -- cgit v1.2.3-59-g8ed1b