Fixed
Status Update
No update yet.
Comments
vk...@google.com
al...@gmail.com
Removing from wednesday's list for now since there have been no reports.
vk...@google.com
Project: platform/frameworks/support
Branch: androidx-master-dev
commit d02b8afc951f6a9e0fc8e24e19e56a06f1f60fac
Author: Curtis Belmonte <curtislb@google.com>
Date: Wed Sep 11 14:33:54 2019
Tolerate null result in BiometricPrompt fragments
The AndroidX BiometricPrompt API for onAuthenticationSucceeded requires
a non-null AuthenticationResult, so we construct one from the platform
BiometricPrompt or FingerprintManagerCompat result in BiometricFragment
and FingerprintHelperFragment, respectively, when calling this method.
However, the platform API does not guarantee that the result it provides
will be non-null, in which case the current implementation would crash.
This commit fixes the issue by creating an AuthenticationResult with
null crypto when handling a null result in either of these places. It
also adds unit tests to verify the new behavior.
Test: ./gradlew biometric:connectedAndroidTest
Fixes: 138862251
Change-Id: I540dd3b4ebdf100553b4fac609f3d928ec69ebfb
A biometric/src/androidTest/java/androidx/biometric/BiometricFragmentTest.java
A biometric/src/androidTest/java/androidx/biometric/FingerprintHelperFragmentTest.java
M biometric/src/main/java/androidx/biometric/BiometricFragment.java
M biometric/src/main/java/androidx/biometric/FingerprintHelperFragment.java
https://android-review.googlesource.com/1122743
https://goto.google.com/android-sha1/d02b8afc951f6a9e0fc8e24e19e56a06f1f60fac
Branch: androidx-master-dev
commit d02b8afc951f6a9e0fc8e24e19e56a06f1f60fac
Author: Curtis Belmonte <curtislb@google.com>
Date: Wed Sep 11 14:33:54 2019
Tolerate null result in BiometricPrompt fragments
The AndroidX BiometricPrompt API for onAuthenticationSucceeded requires
a non-null AuthenticationResult, so we construct one from the platform
BiometricPrompt or FingerprintManagerCompat result in BiometricFragment
and FingerprintHelperFragment, respectively, when calling this method.
However, the platform API does not guarantee that the result it provides
will be non-null, in which case the current implementation would crash.
This commit fixes the issue by creating an AuthenticationResult with
null crypto when handling a null result in either of these places. It
also adds unit tests to verify the new behavior.
Test: ./gradlew biometric:connectedAndroidTest
Fixes: 138862251
Change-Id: I540dd3b4ebdf100553b4fac609f3d928ec69ebfb
A biometric/src/androidTest/java/androidx/biometric/BiometricFragmentTest.java
A biometric/src/androidTest/java/androidx/biometric/FingerprintHelperFragmentTest.java
M biometric/src/main/java/androidx/biometric/BiometricFragment.java
M biometric/src/main/java/androidx/biometric/FingerprintHelperFragment.java
vk...@google.com
sh...@gmail.com
Before supporting this from new biometricprompt jetpack or AOSP, are we need to use deprecated createConfirmDeviceCredentialIntent API to support devices with no biometric sensor?
al...@gmail.com
Actually, I found AOSP already has all the pieces in place to support authentication via BiometricPrompt even with no hardware, by falling back to CDC. It just needs BiometricService to be started, which is currently prevented if no hardware is present.
I pushed a patch to AOSP gerrit for review:https://android-review.googlesource.com/c/platform/frameworks/base/+/1243108
I pushed a patch to AOSP gerrit for review:
cu...@google.com
cu...@google.com
ap...@google.com
Project: platform/frameworks/support
Branch: androidx-master-dev
commit cdfdb2f65f62c72e2da0d86819c2af462a097723
Author: Curtis Belmonte <curtislb@google.com>
Date: Mon Sep 21 15:12:54 2020
Fall back to credential on biometric lockout for API <29
On Android 10 (API level 29) and above, the framework BiometricPrompt
will fall back to device credential authentication (if allowed) when
biometric authentication is (temporarily or permanently) locked out.
This commit adds this fallback behavior to the AndroidX BiometricPrompt
on devices with API level 28 and below.
Test: ./gradlew biometric:biometric:test
Test: ./gradlew biometric:biometric:connectedAndroidTest
Test: ./gradlew biometric:integration-tests:testapp:connectedAndroidTest
Test: Biometric integration test app on API 27-30:
1. Select options for BIOMETRIC_WEAK and DEVICE_CREDENTIAL
2. Press "authenticate" to show the prompt
3. Present an incorrect biometric 5 times in quick succession
4. Ensure the confirm device credential UI is shown and works correctly
Fixes: 149579143
Change-Id: Id4c810bb6578686776594d77068e2be17372cd16
M biometric/biometric/src/main/java/androidx/biometric/BiometricFragment.java
M biometric/biometric/src/main/java/androidx/biometric/ErrorUtils.java
M biometric/biometric/src/test/java/androidx/biometric/ErrorUtilsTest.java
https://android-review.googlesource.com/1433463
Branch: androidx-master-dev
commit cdfdb2f65f62c72e2da0d86819c2af462a097723
Author: Curtis Belmonte <curtislb@google.com>
Date: Mon Sep 21 15:12:54 2020
Fall back to credential on biometric lockout for API <29
On Android 10 (API level 29) and above, the framework BiometricPrompt
will fall back to device credential authentication (if allowed) when
biometric authentication is (temporarily or permanently) locked out.
This commit adds this fallback behavior to the AndroidX BiometricPrompt
on devices with API level 28 and below.
Test: ./gradlew biometric:biometric:test
Test: ./gradlew biometric:biometric:connectedAndroidTest
Test: ./gradlew biometric:integration-tests:testapp:connectedAndroidTest
Test: Biometric integration test app on API 27-30:
1. Select options for BIOMETRIC_WEAK and DEVICE_CREDENTIAL
2. Press "authenticate" to show the prompt
3. Present an incorrect biometric 5 times in quick succession
4. Ensure the confirm device credential UI is shown and works correctly
Fixes: 149579143
Change-Id: Id4c810bb6578686776594d77068e2be17372cd16
M biometric/biometric/src/main/java/androidx/biometric/BiometricFragment.java
M biometric/biometric/src/main/java/androidx/biometric/ErrorUtils.java
M biometric/biometric/src/test/java/androidx/biometric/ErrorUtilsTest.java
Description
That is an issue because apps will start using it as their default authentication method. This includes the AOSP Settings app, which uses BiometricPrompt to authenticate the user when generating a WiFi QR-Code to share (Wi-Fi DPP). When trying to do so on a locked device with no biometric hardware, simply nothing happens.
I propose that BiometricPrompt should fall back to asking for pin/password/pattern.
Alternatively, a new API could be introduced for prompting the user to authenticate, which would call BiometricPrompt if hardware is present, else direclty show a PIN/password/pattern insertion activity.