From 4443159caf1759c35d91ded084d1a2167eea7c12 Mon Sep 17 00:00:00 2001
From: Kevin Chyn <kchyn@google.com>
Date: Fri, 23 Jul 2021 16:24:36 -0700
Subject: 12/n: Send bypassEnabled to AuthenticationClient

Adds this flag via FaceManager#authenticate (instead of other other
potential ways, such as reading the settings/config values from
system_server directly). This allows for a single source of truth.

Stores this flag in AuthenticationClient, which can then be retrieved
from the CoexCoordinator.

Also removes unnecessary FaceManager#authenticate method, as keyguard
is really the only supported client

Bug: 193089985
Test: atest KeyguardUpdateMonitorTest
Test: atest com.android.server.biometrics
Change-Id: I647c2e5926d1bb964b12dc580d2cd2178c30a790
---
 core/java/android/hardware/face/FaceManager.java  | 31 +++--------------------
 core/java/android/hardware/face/IFaceService.aidl |  2 +-
 2 files changed, 5 insertions(+), 28 deletions(-)

(limited to 'core/java')

diff --git a/core/java/android/hardware/face/FaceManager.java b/core/java/android/hardware/face/FaceManager.java
index 12557f9b73eb..b18c1d081f7c 100644
--- a/core/java/android/hardware/face/FaceManager.java
+++ b/core/java/android/hardware/face/FaceManager.java
@@ -168,31 +168,6 @@ public class FaceManager implements BiometricAuthenticator, BiometricFaceConstan
         mHandler = new MyHandler(context);
     }
 
-    /**
-     * Request authentication of a crypto object. This call operates the face recognition hardware
-     * and starts capturing images. It terminates when
-     * {@link AuthenticationCallback#onAuthenticationError(int, CharSequence)} or
-     * {@link AuthenticationCallback#onAuthenticationSucceeded(AuthenticationResult)} is called, at
-     * which point the object is no longer valid. The operation can be canceled by using the
-     * provided cancel object.
-     *
-     * @param crypto   object associated with the call or null if none required.
-     * @param cancel   an object that can be used to cancel authentication
-     * @param callback an object to receive authentication events
-     * @param handler  an optional handler to handle callback events
-     * @throws IllegalArgumentException if the crypto operation is not supported or is not backed
-     *                                  by
-     *                                  <a href="{@docRoot}training/articles/keystore.html">Android
-     *                                  Keystore facility</a>.
-     * @throws IllegalStateException    if the crypto primitive is not initialized.
-     * @hide
-     */
-    @RequiresPermission(USE_BIOMETRIC_INTERNAL)
-    public void authenticate(@Nullable CryptoObject crypto, @Nullable CancellationSignal cancel,
-            @NonNull AuthenticationCallback callback, @Nullable Handler handler) {
-        authenticate(crypto, cancel, callback, handler, mContext.getUserId());
-    }
-
     /**
      * Use the provided handler thread for events.
      */
@@ -224,8 +199,10 @@ public class FaceManager implements BiometricAuthenticator, BiometricFaceConstan
      * @throws IllegalStateException    if the crypto primitive is not initialized.
      * @hide
      */
+    @RequiresPermission(USE_BIOMETRIC_INTERNAL)
     public void authenticate(@Nullable CryptoObject crypto, @Nullable CancellationSignal cancel,
-            @NonNull AuthenticationCallback callback, @Nullable Handler handler, int userId) {
+            @NonNull AuthenticationCallback callback, @Nullable Handler handler, int userId,
+            boolean isKeyguardBypassEnabled) {
         if (callback == null) {
             throw new IllegalArgumentException("Must supply an authentication callback");
         }
@@ -247,7 +224,7 @@ public class FaceManager implements BiometricAuthenticator, BiometricFaceConstan
                 final long operationId = crypto != null ? crypto.getOpId() : 0;
                 Trace.beginSection("FaceManager#authenticate");
                 mService.authenticate(mToken, operationId, userId, mServiceReceiver,
-                        mContext.getOpPackageName());
+                        mContext.getOpPackageName(), isKeyguardBypassEnabled);
             } catch (RemoteException e) {
                 Slog.w(TAG, "Remote exception while authenticating: ", e);
                 if (callback != null) {
diff --git a/core/java/android/hardware/face/IFaceService.aidl b/core/java/android/hardware/face/IFaceService.aidl
index 270d662a02a0..65578a628994 100644
--- a/core/java/android/hardware/face/IFaceService.aidl
+++ b/core/java/android/hardware/face/IFaceService.aidl
@@ -46,7 +46,7 @@ interface IFaceService {
 
     // Authenticate the given sessionId with a face
     void authenticate(IBinder token, long operationId, int userId, IFaceServiceReceiver receiver,
-            String opPackageName);
+            String opPackageName, boolean isKeyguardBypassEnabled);
 
     // Uses the face hardware to detect for the presence of a face, without giving details
     // about accept/reject/lockout.
-- 
cgit v1.2.3