1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
|
package com.android.internal.widget;
import android.annotation.NonNull;
import android.os.AsyncTask;
import com.android.internal.widget.LockPatternUtils.RequestThrottledException;
/**
* Helper class to check/verify PIN/Password/Pattern asynchronously.
*/
public final class LockPatternChecker {
/**
* Interface for a callback to be invoked after security check.
*/
public interface OnCheckCallback {
/**
* Invoked as soon as possible we know that the credentials match. This will be called
* earlier than {@link #onChecked} but only if the credentials match.
*/
default void onEarlyMatched() {}
/**
* Invoked when a security check is finished.
*
* @param matched Whether the PIN/Password/Pattern matches the stored one.
* @param throttleTimeoutMs The amount of time in ms to wait before reattempting
* the call. Only non-0 if matched is false.
*/
void onChecked(boolean matched, int throttleTimeoutMs);
/**
* Called when the underlying AsyncTask was cancelled.
*/
default void onCancelled() {}
}
/**
* Interface for a callback to be invoked after security verification.
*/
public interface OnVerifyCallback {
/**
* Invoked when a security verification is finished.
*
* @param response The response, optionally containing Gatekeeper HAT or Gatekeeper Password
* @param throttleTimeoutMs The amount of time in ms to wait before reattempting
* the call. Only non-0 if the response is {@link VerifyCredentialResponse#RESPONSE_RETRY}.
*/
void onVerified(@NonNull VerifyCredentialResponse response, int throttleTimeoutMs);
}
/**
* Verify a lockscreen credential asynchronously.
*
* @param utils The LockPatternUtils instance to use.
* @param credential The credential to check.
* @param userId The user to check against the credential.
* @param flags See {@link LockPatternUtils.VerifyFlag}
* @param callback The callback to be invoked with the verification result.
*/
public static AsyncTask<?, ?, ?> verifyCredential(final LockPatternUtils utils,
final LockscreenCredential credential,
final int userId,
final @LockPatternUtils.VerifyFlag int flags,
final OnVerifyCallback callback) {
// Create a copy of the credential since checking credential is asynchrounous.
final LockscreenCredential credentialCopy = credential.duplicate();
AsyncTask<Void, Void, VerifyCredentialResponse> task =
new AsyncTask<Void, Void, VerifyCredentialResponse>() {
@Override
protected VerifyCredentialResponse doInBackground(Void... args) {
return utils.verifyCredential(credentialCopy, userId, flags);
}
@Override
protected void onPostExecute(@NonNull VerifyCredentialResponse result) {
callback.onVerified(result, result.getTimeout());
credentialCopy.zeroize();
}
@Override
protected void onCancelled() {
credentialCopy.zeroize();
}
};
task.execute();
return task;
}
/**
* Checks a lockscreen credential asynchronously.
*
* @param utils The LockPatternUtils instance to use.
* @param credential The credential to check.
* @param userId The user to check against the credential.
* @param callback The callback to be invoked with the check result.
*/
public static AsyncTask<?, ?, ?> checkCredential(final LockPatternUtils utils,
final LockscreenCredential credential,
final int userId,
final OnCheckCallback callback) {
// Create a copy of the credential since checking credential is asynchrounous.
final LockscreenCredential credentialCopy = credential.duplicate();
AsyncTask<Void, Void, Boolean> task = new AsyncTask<Void, Void, Boolean>() {
private int mThrottleTimeout;
@Override
protected Boolean doInBackground(Void... args) {
try {
return utils.checkCredential(credentialCopy, userId, callback::onEarlyMatched);
} catch (RequestThrottledException ex) {
mThrottleTimeout = ex.getTimeoutMs();
return false;
}
}
@Override
protected void onPostExecute(Boolean result) {
callback.onChecked(result, mThrottleTimeout);
credentialCopy.zeroize();
}
@Override
protected void onCancelled() {
callback.onCancelled();
credentialCopy.zeroize();
}
};
task.execute();
return task;
}
/**
* Perform a lockscreen credential verification explicitly on a managed profile with unified
* challenge, using the parent user's credential.
*
* @param utils The LockPatternUtils instance to use.
* @param credential The credential to check.
* @param userId The user to check against the credential.
* @param flags See {@link LockPatternUtils.VerifyFlag}
* @param callback The callback to be invoked with the verification result.
*/
public static AsyncTask<?, ?, ?> verifyTiedProfileChallenge(final LockPatternUtils utils,
final LockscreenCredential credential,
final int userId,
final @LockPatternUtils.VerifyFlag int flags,
final OnVerifyCallback callback) {
// Create a copy of the credential since checking credential is asynchronous.
final LockscreenCredential credentialCopy = credential.duplicate();
AsyncTask<Void, Void, VerifyCredentialResponse> task =
new AsyncTask<Void, Void, VerifyCredentialResponse>() {
@Override
protected VerifyCredentialResponse doInBackground(Void... args) {
return utils.verifyTiedProfileChallenge(credentialCopy, userId, flags);
}
@Override
protected void onPostExecute(@NonNull VerifyCredentialResponse response) {
callback.onVerified(response, response.getTimeout());
credentialCopy.zeroize();
}
@Override
protected void onCancelled() {
credentialCopy.zeroize();
}
};
task.execute();
return task;
}
}
|
