Migrate the rest of ResetPasswordTokenTest
Background
* Use new CTS testing infra
* go/migrating-enterprise-tests
* go/bedstead
Changes
* Migrate tests for DPM.setPasswordQuality
* Migrate all the different restrictions for
PASSWORD_QUALITY_COMPLEX e.g. minLength, minLetters
* Migrate tests for DPM.setRequiredPasswordComplexity
* Remove old class ResetPasswordTokenTest
Bug: 197760890
Test: atest android.devicepolicy.cts.ResetPasswordWithTokenTest
atest com.android.cts.devicepolicy.MixedDeviceOwnerTest#testResetPasswordWithToken
atest com.android.cts.devicepolicy.MixedProfileOwnerTest#testResetPasswordWithToken
atest com.android.cts.devicepolicy.MixedManagedProfileOwnerTest#testResetPasswordWithToken
Change-Id: I82743e01e994aa938f4388a19ba0d0e056b0ad20
diff --git a/hostsidetests/devicepolicy/app/DeviceAndProfileOwner/src/com/android/cts/deviceandprofileowner/ResetPasswordWithTokenTest.java b/hostsidetests/devicepolicy/app/DeviceAndProfileOwner/src/com/android/cts/deviceandprofileowner/ResetPasswordWithTokenTest.java
deleted file mode 100644
index a3e0075..0000000
--- a/hostsidetests/devicepolicy/app/DeviceAndProfileOwner/src/com/android/cts/deviceandprofileowner/ResetPasswordWithTokenTest.java
+++ /dev/null
@@ -1,559 +0,0 @@
-/*
- * Copyright (C) 2017 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.android.cts.deviceandprofileowner;
-
-import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_HIGH;
-import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_LOW;
-import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_MEDIUM;
-import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_NONE;
-import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC;
-import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC;
-import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_COMPLEX;
-import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC;
-import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_SOMETHING;
-import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
-
-import android.app.admin.DevicePolicyManager;
-
-import androidx.test.InstrumentationRegistry;
-
-public class ResetPasswordWithTokenTest extends BaseDeviceAdminTest {
-
- private static final String SHORT_PASSWORD = "1234";
- private static final byte[] TOKEN0 = "abcdefghijklmnopqrstuvwxyz0123456789".getBytes();
- private static final String ARG_ALLOW_FAILURE = "allowFailure";
-
- private boolean mShouldRun;
-
- @Override
- protected void setUp() throws Exception {
- super.setUp();
- Boolean allowFailure = Boolean.parseBoolean(
- InstrumentationRegistry.getArguments().getString(ARG_ALLOW_FAILURE));
- mShouldRun = setUpResetPasswordToken(allowFailure);
- }
-
- @Override
- protected void tearDown() throws Exception {
- if (mShouldRun) {
- cleanUpResetPasswordToken();
- }
- resetComplexPasswordRestrictions();
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT,
- PASSWORD_QUALITY_UNSPECIFIED);
- mDevicePolicyManager.setRequiredPasswordComplexity(PASSWORD_COMPLEXITY_NONE);
- super.tearDown();
- }
-
- public void testPasswordQuality_something() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT,
- PASSWORD_QUALITY_SOMETHING);
- assertEquals(PASSWORD_QUALITY_SOMETHING,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- assertPasswordSufficiency(false);
-
- String caseDescription = "initial";
- assertPasswordSucceeds("1234", caseDescription);
- assertPasswordSucceeds("abcd", caseDescription); // can't change.
- assertPasswordSucceeds("abcd1234", caseDescription);
- }
-
- public void testPasswordQuality_numeric() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT, PASSWORD_QUALITY_NUMERIC);
- assertEquals(PASSWORD_QUALITY_NUMERIC,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- assertPasswordSufficiency(false); // failure
-
- String caseDescription = "initial";
- assertPasswordSucceeds("1234", caseDescription);
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordSucceeds("abcd1234", caseDescription);
-
- mDevicePolicyManager.setPasswordMinimumLength(ADMIN_RECEIVER_COMPONENT, 10);
- caseDescription = "minimum password length = 10";
- assertEquals(10, mDevicePolicyManager.getPasswordMinimumLength(ADMIN_RECEIVER_COMPONENT));
- assertPasswordSufficiency(false);
-
- assertPasswordFails("1234", caseDescription);
- assertPasswordFails("abcd", caseDescription);
- assertPasswordFails("abcd1234", caseDescription);
-
- mDevicePolicyManager.setPasswordMinimumLength(ADMIN_RECEIVER_COMPONENT, 4);
- caseDescription = "minimum password length = 4";
- assertEquals(4, mDevicePolicyManager.getPasswordMinimumLength(
- ADMIN_RECEIVER_COMPONENT));
- assertPasswordSufficiency(true);
-
- assertPasswordSucceeds("1234", caseDescription);
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordSucceeds("abcd1234", caseDescription);
- }
-
- public void testPasswordQuality_alphabetic() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT,
- PASSWORD_QUALITY_ALPHABETIC);
- assertEquals(PASSWORD_QUALITY_ALPHABETIC,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- assertPasswordSufficiency(false);
-
- String caseDescription = "initial";
- assertPasswordFails("1234", caseDescription); // can't change
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordSucceeds("abcd1234", caseDescription);
-
- mDevicePolicyManager.setPasswordMinimumLength(ADMIN_RECEIVER_COMPONENT, 10);
- caseDescription = "minimum password length = 10";
- assertEquals(10, mDevicePolicyManager.getPasswordMinimumLength(ADMIN_RECEIVER_COMPONENT));
- assertPasswordSufficiency(false);
-
- assertPasswordFails("1234", caseDescription);
- assertPasswordFails("abcd", caseDescription);
- assertPasswordFails("abcd1234", caseDescription);
-
- mDevicePolicyManager.setPasswordMinimumLength(ADMIN_RECEIVER_COMPONENT, 4);
- caseDescription = "minimum password length = 4";
- assertEquals(4, mDevicePolicyManager.getPasswordMinimumLength(
- ADMIN_RECEIVER_COMPONENT));
- assertPasswordSufficiency(true);
-
- assertPasswordFails("1234", caseDescription);
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordSucceeds("abcd1234", caseDescription);
- }
-
- public void testPasswordQuality_alphanumeric() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT,
- PASSWORD_QUALITY_ALPHANUMERIC);
- assertEquals(PASSWORD_QUALITY_ALPHANUMERIC,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- assertPasswordSufficiency(false);
-
- String caseDescription = "initial";
- assertPasswordFails("1234", caseDescription);
- assertPasswordFails("abcd", caseDescription);
- assertPasswordSucceeds("abcd1234", caseDescription);
-
- mDevicePolicyManager.setPasswordMinimumLength(ADMIN_RECEIVER_COMPONENT, 10);
- caseDescription = "minimum password length = 10";
- assertEquals(10, mDevicePolicyManager.getPasswordMinimumLength(ADMIN_RECEIVER_COMPONENT));
- assertPasswordSufficiency(false);
-
- assertPasswordFails("1234", caseDescription);
- assertPasswordFails("abcd", caseDescription);
- assertPasswordFails("abcd1234", caseDescription);
-
- mDevicePolicyManager.setPasswordMinimumLength(ADMIN_RECEIVER_COMPONENT, 4);
- caseDescription = "minimum password length = 4";
- assertEquals(4, mDevicePolicyManager.getPasswordMinimumLength(
- ADMIN_RECEIVER_COMPONENT));
- assertPasswordSufficiency(true);
-
- assertPasswordFails("1234", caseDescription);
- assertPasswordFails("abcd", caseDescription);
- assertPasswordSucceeds("abcd1234", caseDescription);
- }
-
- public void testPasswordQuality_complexUpperCase() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT, PASSWORD_QUALITY_COMPLEX);
- assertEquals(PASSWORD_QUALITY_COMPLEX,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- resetComplexPasswordRestrictions();
-
- String caseDescription = "minimum UpperCase=0";
- assertPasswordSucceeds("abc1", caseDescription);
- assertPasswordSucceeds("aBc1", caseDescription);
- assertPasswordSucceeds("ABC1", caseDescription);
- assertPasswordSucceeds("ABCD", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumUpperCase(ADMIN_RECEIVER_COMPONENT, 1);
- assertEquals(1, mDevicePolicyManager.getPasswordMinimumUpperCase(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum UpperCase=1";
- assertPasswordFails("abc1", caseDescription);
- assertPasswordSucceeds("aBc1", caseDescription);
- assertPasswordSucceeds("ABC1", caseDescription);
- assertPasswordSucceeds("ABCD", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumUpperCase(ADMIN_RECEIVER_COMPONENT, 3);
- assertEquals(3, mDevicePolicyManager.getPasswordMinimumUpperCase(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum UpperCase=3";
- assertPasswordFails("abc1", caseDescription);
- assertPasswordFails("aBC1", caseDescription);
- assertPasswordSucceeds("ABC1", caseDescription);
- assertPasswordSucceeds("ABCD", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
- }
-
- public void testPasswordQuality_complexLowerCase() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT, PASSWORD_QUALITY_COMPLEX);
- assertEquals(PASSWORD_QUALITY_COMPLEX,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- resetComplexPasswordRestrictions();
-
- String caseDescription = "minimum LowerCase=0";
- assertPasswordSucceeds("ABCD", caseDescription);
- assertPasswordSucceeds("aBC1", caseDescription);
- assertPasswordSucceeds("abc1", caseDescription);
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumLowerCase(ADMIN_RECEIVER_COMPONENT, 1);
- assertEquals(1, mDevicePolicyManager.getPasswordMinimumLowerCase(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum LowerCase=1";
- assertPasswordFails("ABCD", caseDescription);
- assertPasswordSucceeds("aBC1", caseDescription);
- assertPasswordSucceeds("abc1", caseDescription);
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumLowerCase(ADMIN_RECEIVER_COMPONENT, 3);
- assertEquals(3, mDevicePolicyManager.getPasswordMinimumLowerCase(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum LowerCase=3";
- assertPasswordFails("ABCD", caseDescription);
- assertPasswordFails("aBC1", caseDescription);
- assertPasswordSucceeds("abc1", caseDescription);
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
- }
-
- public void testPasswordQuality_complexLetters() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT, PASSWORD_QUALITY_COMPLEX);
- assertEquals(PASSWORD_QUALITY_COMPLEX,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- resetComplexPasswordRestrictions();
-
- String caseDescription = "minimum Letters=0";
- assertPasswordFails("1234", caseDescription); // Numeric PIN not allowed
- assertPasswordSucceeds("a123", caseDescription);
- assertPasswordSucceeds("abc1", caseDescription);
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumLetters(ADMIN_RECEIVER_COMPONENT, 1);
- assertEquals(1, mDevicePolicyManager.getPasswordMinimumLetters(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum Letters=1";
- assertPasswordFails("1234", caseDescription);
- assertPasswordSucceeds("a123", caseDescription);
- assertPasswordSucceeds("abc1", caseDescription);
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumLetters(ADMIN_RECEIVER_COMPONENT, 3);
- assertEquals(3, mDevicePolicyManager.getPasswordMinimumLetters(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum Letters=3";
- assertPasswordFails("1234", caseDescription);
- assertPasswordFails("a123", caseDescription);
- assertPasswordSucceeds("abc1", caseDescription);
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
- }
-
- public void testPasswordQuality_complexNumeric() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT, PASSWORD_QUALITY_COMPLEX);
- assertEquals(PASSWORD_QUALITY_COMPLEX,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- resetComplexPasswordRestrictions();
-
- String caseDescription = "minimum Numeric=0";
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordSucceeds("1abc", caseDescription);
- assertPasswordSucceeds("123a", caseDescription);
- assertPasswordFails("1234", caseDescription); // Numeric PIN not allowed
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumNumeric(ADMIN_RECEIVER_COMPONENT, 1);
- assertEquals(1, mDevicePolicyManager.getPasswordMinimumNumeric(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum Numeric=1";
- assertPasswordFails("abcd", caseDescription);
- assertPasswordSucceeds("1abc", caseDescription);
- assertPasswordSucceeds("123a", caseDescription);
- assertPasswordFails("1234", caseDescription); // Numeric PIN not allowed
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumNumeric(ADMIN_RECEIVER_COMPONENT, 3);
- assertEquals(3, mDevicePolicyManager.getPasswordMinimumNumeric(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum Numeric=3";
- assertPasswordFails("abcd", caseDescription);
- assertPasswordFails("1abc", caseDescription);
- assertPasswordSucceeds("123a", caseDescription);
- assertPasswordFails("1234", caseDescription); // Numeric PIN not allowed
- assertPasswordFails("123", caseDescription); // too short
- }
-
- public void testPasswordComplexity_settingComplexityClearsQuality() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT, PASSWORD_QUALITY_COMPLEX);
- mDevicePolicyManager.setRequiredPasswordComplexity(PASSWORD_COMPLEXITY_MEDIUM);
- assertEquals(PASSWORD_QUALITY_UNSPECIFIED,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- assertEquals(PASSWORD_COMPLEXITY_MEDIUM,
- mDevicePolicyManager.getRequiredPasswordComplexity());
- }
-
- public void testPasswordComplexity_settingQualityResetsComplexity() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setRequiredPasswordComplexity(PASSWORD_COMPLEXITY_MEDIUM);
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT, PASSWORD_QUALITY_COMPLEX);
- assertEquals(PASSWORD_QUALITY_COMPLEX,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- assertEquals(PASSWORD_COMPLEXITY_NONE,
- mDevicePolicyManager.getRequiredPasswordComplexity());
- }
-
- public void testPasswordComplexity_Low() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setRequiredPasswordComplexity(PASSWORD_COMPLEXITY_LOW);
- assertEquals(PASSWORD_COMPLEXITY_LOW,
- mDevicePolicyManager.getRequiredPasswordComplexity());
-
- String caseDescription = "low quality password";
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordFails("123", caseDescription);
- assertEquals(PASSWORD_COMPLEXITY_LOW, mDevicePolicyManager.getPasswordComplexity());
- assertPasswordSucceeds("1a2b3c4d", caseDescription);
- assertEquals(PASSWORD_COMPLEXITY_HIGH, mDevicePolicyManager.getPasswordComplexity());
- assertPasswordSucceeds("162534", caseDescription); // 6 digits.
- assertEquals(PASSWORD_COMPLEXITY_MEDIUM, mDevicePolicyManager.getPasswordComplexity());
- }
-
- public void testPasswordComplexity_Medium() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setRequiredPasswordComplexity(PASSWORD_COMPLEXITY_MEDIUM);
- assertEquals(PASSWORD_QUALITY_UNSPECIFIED,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- assertEquals(PASSWORD_COMPLEXITY_MEDIUM,
- mDevicePolicyManager.getRequiredPasswordComplexity());
-
- String caseDescription = "medium quality password";
- assertPasswordSucceeds("axtd", caseDescription);
- assertPasswordSucceeds("1axc", caseDescription);
- assertPasswordSucceeds("1363", caseDescription);
- assertPasswordFails("4444", caseDescription);
- assertEquals(PASSWORD_COMPLEXITY_MEDIUM, mDevicePolicyManager.getPasswordComplexity());
- assertPasswordSucceeds("1axc352ae63", caseDescription);
- assertEquals(PASSWORD_COMPLEXITY_HIGH, mDevicePolicyManager.getPasswordComplexity());
- assertPasswordFails("1234", caseDescription); // repeating pattern
- assertEquals(PASSWORD_COMPLEXITY_HIGH, mDevicePolicyManager.getPasswordComplexity());
- }
-
- public void testPasswordComplexity_High() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setRequiredPasswordComplexity(PASSWORD_COMPLEXITY_HIGH);
- assertEquals(PASSWORD_COMPLEXITY_HIGH,
- mDevicePolicyManager.getRequiredPasswordComplexity());
-
- String caseDescription = "high quality password";
- assertPasswordFails("abcd", caseDescription);
- assertPasswordFails("123", caseDescription);
- assertPasswordSucceeds("1a2b3c4d5e", caseDescription);
- assertEquals(PASSWORD_COMPLEXITY_HIGH, mDevicePolicyManager.getPasswordComplexity());
- assertPasswordFails("162534", caseDescription); // Only 6 digits.
- }
-
- public void testPasswordQuality_complexSymbols() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT, PASSWORD_QUALITY_COMPLEX);
- assertEquals(PASSWORD_QUALITY_COMPLEX,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- resetComplexPasswordRestrictions();
-
- String caseDescription = "minimum Symbols=0";
- assertPasswordSucceeds("abcd", caseDescription);
- assertPasswordSucceeds("_bc1", caseDescription);
- assertPasswordSucceeds("@#!1", caseDescription);
- assertPasswordSucceeds("_@#!", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumSymbols(ADMIN_RECEIVER_COMPONENT, 1);
- assertEquals(1, mDevicePolicyManager.getPasswordMinimumSymbols(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum Symbols=1";
- assertPasswordFails("abcd", caseDescription);
- assertPasswordSucceeds("_bc1", caseDescription);
- assertPasswordSucceeds("@#!1", caseDescription);
- assertPasswordSucceeds("_@#!", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumSymbols(ADMIN_RECEIVER_COMPONENT, 3);
- assertEquals(3, mDevicePolicyManager.getPasswordMinimumSymbols(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum Symbols=3";
- assertPasswordFails("abcd", caseDescription);
- assertPasswordFails("_bc1", caseDescription);
- assertPasswordSucceeds("@#!1", caseDescription);
- assertPasswordSucceeds("_@#!", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
- }
-
- public void testPasswordQuality_complexNonLetter() {
- if (!mShouldRun) {
- return;
- }
-
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT, PASSWORD_QUALITY_COMPLEX);
- assertEquals(PASSWORD_QUALITY_COMPLEX,
- mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT));
- resetComplexPasswordRestrictions();
-
- String caseDescription = "minimum NonLetter=0";
- assertPasswordSucceeds("Abcd", caseDescription);
- assertPasswordSucceeds("_bcd", caseDescription);
- assertPasswordSucceeds("3bcd", caseDescription);
- assertPasswordSucceeds("_@3c", caseDescription);
- assertPasswordSucceeds("_25!", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumNonLetter(ADMIN_RECEIVER_COMPONENT, 1);
- assertEquals(1, mDevicePolicyManager.getPasswordMinimumNonLetter(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum NonLetter=1";
- assertPasswordFails("Abcd", caseDescription);
- assertPasswordSucceeds("_bcd", caseDescription);
- assertPasswordSucceeds("3bcd", caseDescription);
- assertPasswordSucceeds("_@3c", caseDescription);
- assertPasswordSucceeds("_25!", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
-
- mDevicePolicyManager.setPasswordMinimumNonLetter(ADMIN_RECEIVER_COMPONENT, 3);
- assertEquals(3, mDevicePolicyManager.getPasswordMinimumNonLetter(ADMIN_RECEIVER_COMPONENT));
- caseDescription = "minimum NonLetter=3";
- assertPasswordFails("Abcd", caseDescription);
- assertPasswordFails("_bcd", caseDescription);
- assertPasswordFails("3bcd", caseDescription);
- assertPasswordSucceeds("_@3c", caseDescription);
- assertPasswordSucceeds("_25!", caseDescription);
- assertPasswordFails("123", caseDescription); // too short
- }
-
- private boolean setUpResetPasswordToken(boolean acceptFailure) {
- // set up a token
- assertFalse(mDevicePolicyManager.isResetPasswordTokenActive(ADMIN_RECEIVER_COMPONENT));
-
- try {
- // On devices with password token disabled, calling this method will throw
- // a security exception. If that's anticipated, then return early without failing.
- assertTrue(mDevicePolicyManager.setResetPasswordToken(ADMIN_RECEIVER_COMPONENT,
- TOKEN0));
- } catch (SecurityException e) {
- if (acceptFailure &&
- e.getMessage().equals("Escrow token is disabled on the current user")) {
- return false;
- } else {
- throw e;
- }
- }
- assertTrue(mDevicePolicyManager.isResetPasswordTokenActive(ADMIN_RECEIVER_COMPONENT));
- return true;
- }
-
- private void cleanUpResetPasswordToken() {
- // First remove device lock
- mDevicePolicyManager.setPasswordQuality(ADMIN_RECEIVER_COMPONENT,
- DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED);
- mDevicePolicyManager.setRequiredPasswordComplexity(PASSWORD_COMPLEXITY_NONE);
- assertTrue(mDevicePolicyManager.resetPasswordWithToken(ADMIN_RECEIVER_COMPONENT, null,
- TOKEN0, 0));
-
- // Then remove token and check it succeeds
- assertTrue(mDevicePolicyManager.clearResetPasswordToken(ADMIN_RECEIVER_COMPONENT));
- assertFalse(mDevicePolicyManager.isResetPasswordTokenActive(ADMIN_RECEIVER_COMPONENT));
- assertFalse(mDevicePolicyManager.resetPasswordWithToken(ADMIN_RECEIVER_COMPONENT,
- SHORT_PASSWORD, TOKEN0, 0));
- }
-
- private void assertPasswordFails(String password, String restriction) {
- try {
- boolean passwordResetResult = mDevicePolicyManager.resetPasswordWithToken(
- ADMIN_RECEIVER_COMPONENT, password, TOKEN0, /* flags= */0);
- assertFalse("Password '" + password + "' should have failed on " + restriction,
- passwordResetResult);
- } catch (IllegalArgumentException e) {
- // yesss, we have failed!
- }
- }
-
- private void assertPasswordSucceeds(String password, String restriction) {
- boolean passwordResetResult = mDevicePolicyManager.resetPasswordWithToken(
- ADMIN_RECEIVER_COMPONENT, password, TOKEN0, /* flags= */0);
- assertTrue("Password '" + password + "' failed on " + restriction, passwordResetResult);
- assertPasswordSufficiency(true);
- }
-
- private void resetComplexPasswordRestrictions() {
- final int quality = mDevicePolicyManager.getPasswordQuality(ADMIN_RECEIVER_COMPONENT);
- if (quality < PASSWORD_QUALITY_NUMERIC) {
- return;
- }
- mDevicePolicyManager.setPasswordMinimumLength(ADMIN_RECEIVER_COMPONENT, 0);
- if (quality < PASSWORD_QUALITY_COMPLEX) {
- return;
- }
- mDevicePolicyManager.setPasswordMinimumUpperCase(ADMIN_RECEIVER_COMPONENT, 0);
- mDevicePolicyManager.setPasswordMinimumLowerCase(ADMIN_RECEIVER_COMPONENT, 0);
- mDevicePolicyManager.setPasswordMinimumLetters(ADMIN_RECEIVER_COMPONENT, 0);
- mDevicePolicyManager.setPasswordMinimumNumeric(ADMIN_RECEIVER_COMPONENT, 0);
- mDevicePolicyManager.setPasswordMinimumSymbols(ADMIN_RECEIVER_COMPONENT, 0);
- mDevicePolicyManager.setPasswordMinimumNonLetter(ADMIN_RECEIVER_COMPONENT, 0);
- }
-}
\ No newline at end of file
diff --git a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceAndProfileOwnerTest.java b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceAndProfileOwnerTest.java
index 0b59df3..0e61081 100644
--- a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceAndProfileOwnerTest.java
+++ b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/DeviceAndProfileOwnerTest.java
@@ -1225,21 +1225,6 @@
executeDeviceTestMethod(".ResetPasswordTest", "testResetPasswordDeprecated");
}
- @LockSettingsTest
- @Test
- public void testResetPasswordWithToken() throws Exception {
- assumeHasSecureLockScreenFeature();
-
- // If ResetPasswordWithTokenTest for managed profile is executed before device owner and
- // primary user profile owner tests, password reset token would have been disabled for
- // the primary user, so executing ResetPasswordWithTokenTest on user 0 would fail. We allow
- // this and do not fail the test in this case.
- // This is the default test for MixedDeviceOwnerTest and MixedProfileOwnerTest,
- // MixedManagedProfileOwnerTest overrides this method to execute the same test more strictly
- // without allowing failures.
- executeResetPasswordWithTokenTests(/* allowFailures */ true);
- }
-
@Test
public void testPasswordSufficientInitially() throws Exception {
executeDeviceTestClass(".PasswordSufficientInitiallyTest");
@@ -1324,12 +1309,6 @@
executeDeviceTestClass(".SetSystemSettingTest");
}
- protected void executeResetPasswordWithTokenTests(boolean allowFailures)
- throws Exception {
- runDeviceTestsAsUser(DEVICE_ADMIN_PKG, ".ResetPasswordWithTokenTest", null, mUserId,
- Collections.singletonMap(ARG_ALLOW_FAILURE, String.valueOf(allowFailures)));
- }
-
@Test
public void testClearApplicationData_testPkg() throws Exception {
installAppAsUser(INTENT_RECEIVER_APK, mUserId);
diff --git a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/MixedDeviceOwnerTest.java b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/MixedDeviceOwnerTest.java
index 0538d22..c59101c 100644
--- a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/MixedDeviceOwnerTest.java
+++ b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/MixedDeviceOwnerTest.java
@@ -512,13 +512,6 @@
@Override
@Test
@IgnoreOnHeadlessSystemUserMode(reason = "Headless system user doesn't have credentials")
- public void testResetPasswordWithToken() throws Exception {
- super.testResetPasswordWithToken();
- }
-
- @Override
- @Test
- @IgnoreOnHeadlessSystemUserMode(reason = "Headless system user doesn't have credentials")
public void testResetPasswordDeprecated() throws Exception {
super.testResetPasswordDeprecated();
}
diff --git a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/MixedManagedProfileOwnerTest.java b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/MixedManagedProfileOwnerTest.java
index 07f7efd..3ae4b6e 100644
--- a/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/MixedManagedProfileOwnerTest.java
+++ b/hostsidetests/devicepolicy/src/com/android/cts/devicepolicy/MixedManagedProfileOwnerTest.java
@@ -203,18 +203,6 @@
}
@Override
- @LockSettingsTest
- @Test
- public void testResetPasswordWithToken() throws Exception {
- assumeHasSecureLockScreenFeature();
-
- // Execute the test method that's guaranteed to succeed. See also test in base class
- // which are tolerant to failure and executed by MixedDeviceOwnerTest and
- // MixedProfileOwnerTest
- executeResetPasswordWithTokenTests(/* allowFailures */ false);
- }
-
- @Override
@Test
public void testSetSystemSetting() {
// Managed profile owner cannot set currently allowlisted system settings.
diff --git a/tests/devicepolicy/src/android/devicepolicy/cts/ResetPasswordWithTokenTest.java b/tests/devicepolicy/src/android/devicepolicy/cts/ResetPasswordWithTokenTest.java
index 290f750..13e2bce 100644
--- a/tests/devicepolicy/src/android/devicepolicy/cts/ResetPasswordWithTokenTest.java
+++ b/tests/devicepolicy/src/android/devicepolicy/cts/ResetPasswordWithTokenTest.java
@@ -16,7 +16,16 @@
package android.devicepolicy.cts;
+import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_HIGH;
+import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_LOW;
+import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_MEDIUM;
+import static android.app.admin.DevicePolicyManager.PASSWORD_COMPLEXITY_NONE;
+import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC;
+import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC;
import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_COMPLEX;
+import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC;
+import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_SOMETHING;
+import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
import static com.android.bedstead.metricsrecorder.truth.MetricQueryBuilderSubject.assertThat;
import static com.android.bedstead.remotedpc.RemoteDpc.DPC_COMPONENT_NAME;
@@ -26,7 +35,6 @@
import static org.junit.Assume.assumeTrue;
import android.app.KeyguardManager;
-import android.app.admin.DevicePolicyManager;
import android.content.Context;
import android.stats.devicepolicy.EventId;
@@ -44,12 +52,25 @@
import org.junit.Test;
import org.junit.runner.RunWith;
+// TODO(b/191640667): Parameterize the length limit tests with multiple limits
@RunWith(BedsteadJUnit4.class)
public class ResetPasswordWithTokenTest {
private static final String NOT_COMPLEX_PASSWORD = "1234";
private static final String VALID_PASSWORD = NOT_COMPLEX_PASSWORD;
- private static final String COMPLEX_PASSWORD_WITH_1_SYMBOL = "abc123.";
+ private static final String NUMERIC_PASSWORD_LENGTH_3 = "123";
+ private static final String NUMERIC_PASSWORD_REPEATING_LENGTH_4 = "4444";
+ private static final String NUMERIC_PASSWORD_RANDOM_LENGTH_4 = "3829";
+ private static final String NUMERIC_PASSWORD_LENGTH_4 = NOT_COMPLEX_PASSWORD;
+ private static final String NUMERIC_PASSWORD_LENGTH_6 = "264828";
+ private static final String ALPHABETIC_PASSWORD_LENGTH_4 = "abcd";
+ private static final String ALPHABETIC_PASSWORD_ALL_UPPERCASE_LENGTH_4 = "ABCD";
+ private static final String ALPHANUMERIC_PASSWORD_LENGTH_4 = "12ab";
+ private static final String ALPHANUMERIC_PASSWORD_WITH_UPPERCASE_LENGTH_4 = "abC1";
+ private static final String ALPHANUMERIC_PASSWORD_LENGTH_8 = "1a2b3c4e";
+ private static final String COMPLEX_PASSWORD_WITH_SYMBOL_LENGTH_4 = "12a_";
+ private static final String COMPLEX_PASSWORD_WITH_SYMBOL_LENGTH_7 = "abc123.";
+
private static final byte[] TOKEN = "abcdefghijklmnopqrstuvwxyz0123456789".getBytes();
private static final byte[] BAD_TOKEN = "abcdefghijklmnopqrstuvwxyz012345678*".getBytes();
@@ -165,7 +186,7 @@
// Password can be set as it satisfies the password restriction
assertThat(sDeviceState.dpc().devicePolicyManager().resetPasswordWithToken(
- DPC_COMPONENT_NAME, COMPLEX_PASSWORD_WITH_1_SYMBOL, TOKEN,
+ DPC_COMPONENT_NAME, COMPLEX_PASSWORD_WITH_SYMBOL_LENGTH_7, TOKEN,
/* flags = */ 0)).isTrue();
} finally {
removeAllPasswordRestrictions();
@@ -220,8 +241,8 @@
public void isActivePasswordSufficient_passwordSatisfiesRestriction_true() {
assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
try {
- sDeviceState.dpc().devicePolicyManager().resetPasswordWithToken(
- DPC_COMPONENT_NAME, COMPLEX_PASSWORD_WITH_1_SYMBOL, TOKEN, /* flags = */ 0);
+ sDeviceState.dpc().devicePolicyManager().resetPasswordWithToken(DPC_COMPONENT_NAME,
+ COMPLEX_PASSWORD_WITH_SYMBOL_LENGTH_7, TOKEN, /* flags = */ 0);
// Add complex password restriction
sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
DPC_COMPONENT_NAME, PASSWORD_QUALITY_COMPLEX);
@@ -247,8 +268,8 @@
PASSWORD_QUALITY_COMPLEX);
sDeviceState.dpc().devicePolicyManager().setPasswordMinimumSymbols(
DPC_COMPONENT_NAME, 1);
- sDeviceState.dpc().devicePolicyManager().resetPasswordWithToken(
- DPC_COMPONENT_NAME, COMPLEX_PASSWORD_WITH_1_SYMBOL, TOKEN, /* flags = */ 0);
+ sDeviceState.dpc().devicePolicyManager().resetPasswordWithToken(DPC_COMPONENT_NAME,
+ COMPLEX_PASSWORD_WITH_SYMBOL_LENGTH_7, TOKEN, /* flags = */ 0);
// Set a slightly stronger password restriction
sDeviceState.dpc().devicePolicyManager().setPasswordMinimumSymbols(
DPC_COMPONENT_NAME, 2);
@@ -262,11 +283,573 @@
}
}
+ @Test
+ @Postsubmit(reason = "new test")
+ @CanSetPolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordQuality_success() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_SOMETHING);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager().getPasswordQuality(
+ DPC_COMPONENT_NAME)).isEqualTo(PASSWORD_QUALITY_SOMETHING);
+ } finally {
+ removeAllPasswordRestrictions();
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordQuality_something_passwordWithAMinLengthOfFourRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_SOMETHING);
+
+ assertPasswordSucceeds(NUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordSucceeds(ALPHABETIC_PASSWORD_LENGTH_4);
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(NUMERIC_PASSWORD_LENGTH_3); // Password too short
+ assertPasswordFails(/* password = */ null);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordQuality_numeric_passwordWithAtLeastOneNumberOrLetterRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_NUMERIC);
+
+ assertPasswordSucceeds(NUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordSucceeds(ALPHABETIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(NUMERIC_PASSWORD_LENGTH_3); // Password too short
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordQuality_alphabetic_passwordWithAtLeastOneLetterRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_ALPHABETIC);
+
+ assertPasswordSucceeds(ALPHABETIC_PASSWORD_LENGTH_4);
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(NUMERIC_PASSWORD_LENGTH_4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordQuality_alphanumeric_passwordWithBothALetterAndANumberRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_ALPHANUMERIC);
+
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(NUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(ALPHABETIC_PASSWORD_LENGTH_4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordQuality_complex_passwordWithAMinLengthOfFourRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_COMPLEX);
+
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordSucceeds(ALPHABETIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(NUMERIC_PASSWORD_LENGTH_3); // Password too short
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @CanSetPolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumLength_success() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager()
+ .setPasswordMinimumLength(DPC_COMPONENT_NAME, 4);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager()
+ .getPasswordMinimumLength(DPC_COMPONENT_NAME)).isEqualTo(4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumLength_six_passwordWithAMinLengthOfSixRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ // The restriction is only imposed if PASSWORD_QUALITY_COMPLEX is set
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_COMPLEX);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumLength(
+ DPC_COMPONENT_NAME, 6);
+
+ assertPasswordSucceeds(COMPLEX_PASSWORD_WITH_SYMBOL_LENGTH_7);
+ assertPasswordFails(COMPLEX_PASSWORD_WITH_SYMBOL_LENGTH_4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @CanSetPolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumUpperCase_success() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager()
+ .setPasswordMinimumUpperCase(DPC_COMPONENT_NAME, 1);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager()
+ .getPasswordMinimumUpperCase(DPC_COMPONENT_NAME)).isEqualTo(1);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumUpperCase_one_passwordWithAtLeastOneUpperCaseLetterRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ // The restriction is only imposed if PASSWORD_QUALITY_COMPLEX is set
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_COMPLEX);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumUpperCase(
+ DPC_COMPONENT_NAME, 1);
+
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_WITH_UPPERCASE_LENGTH_4);
+ assertPasswordFails(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @CanSetPolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumLowerCase_success() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager()
+ .setPasswordMinimumLowerCase(DPC_COMPONENT_NAME, 1);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager()
+ .getPasswordMinimumLowerCase(DPC_COMPONENT_NAME)).isEqualTo(1);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumLowerCase_one_passwordWithAtLeaseOneLowerCaseLetterRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ // The restriction is only imposed if PASSWORD_QUALITY_COMPLEX is set
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_COMPLEX);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumLowerCase(
+ DPC_COMPONENT_NAME, 1);
+
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(ALPHABETIC_PASSWORD_ALL_UPPERCASE_LENGTH_4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @CanSetPolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumLetters_success() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager()
+ .setPasswordMinimumLetters(DPC_COMPONENT_NAME, 1);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager()
+ .getPasswordMinimumLetters(DPC_COMPONENT_NAME)).isEqualTo(1);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumLetters_one_passwordWithAtLeastOneLetterRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ // The restriction is only imposed if PASSWORD_QUALITY_COMPLEX is set
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_COMPLEX);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumLetters(
+ DPC_COMPONENT_NAME, 1);
+
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(NUMERIC_PASSWORD_LENGTH_4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @CanSetPolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumNumeric_success() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager()
+ .setPasswordMinimumNumeric(DPC_COMPONENT_NAME, 1);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager()
+ .getPasswordMinimumNumeric(DPC_COMPONENT_NAME)).isEqualTo(1);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumNumeric_one_passwordWithAtLeastOneNumberRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ // The restriction is only imposed if PASSWORD_QUALITY_COMPLEX is set
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_COMPLEX);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumNumeric(
+ DPC_COMPONENT_NAME, 1);
+
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(ALPHABETIC_PASSWORD_LENGTH_4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @CanSetPolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumSymbols_success() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager()
+ .setPasswordMinimumSymbols(DPC_COMPONENT_NAME, 1);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager()
+ .getPasswordMinimumSymbols(DPC_COMPONENT_NAME)).isEqualTo(1);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumSymbols_one_passwordWithAtLeastOneSymbolRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ // The restriction is only imposed if PASSWORD_QUALITY_COMPLEX is set
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_COMPLEX);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumSymbols(
+ DPC_COMPONENT_NAME, 1);
+
+ assertPasswordSucceeds(COMPLEX_PASSWORD_WITH_SYMBOL_LENGTH_4);
+ assertPasswordFails(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(ALPHABETIC_PASSWORD_LENGTH_4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @CanSetPolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumNonLetter_success() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager()
+ .setPasswordMinimumNonLetter(DPC_COMPONENT_NAME, 1);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager()
+ .getPasswordMinimumNonLetter(DPC_COMPONENT_NAME)).isEqualTo(1);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordMinimumNonLetter_one_passwordWithAtLeastOneNonLetterRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ // The restriction is only imposed if PASSWORD_QUALITY_COMPLEX is set
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_COMPLEX);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumNonLetter(
+ DPC_COMPONENT_NAME, 1);
+
+ assertPasswordSucceeds(COMPLEX_PASSWORD_WITH_SYMBOL_LENGTH_4);
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(ALPHABETIC_PASSWORD_LENGTH_4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setRequiredPasswordComplexity_passwordQualityAlreadySet_clearsPasswordQuality() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_COMPLEX);
+ sDeviceState.dpc().devicePolicyManager().setRequiredPasswordComplexity(
+ PASSWORD_COMPLEXITY_MEDIUM);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager().getPasswordQuality(
+ DPC_COMPONENT_NAME)).isEqualTo(PASSWORD_QUALITY_UNSPECIFIED);
+ assertThat(sDeviceState.dpc().devicePolicyManager().getRequiredPasswordComplexity())
+ .isEqualTo(PASSWORD_COMPLEXITY_MEDIUM);
+ } finally {
+ removeAllPasswordRestrictions();
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setPasswordQuality_passwordComplexityAlreadySet_clearsPasswordComplexity() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setRequiredPasswordComplexity(
+ PASSWORD_COMPLEXITY_MEDIUM);
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(DPC_COMPONENT_NAME,
+ PASSWORD_QUALITY_COMPLEX);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager().getPasswordQuality(
+ DPC_COMPONENT_NAME)).isEqualTo(PASSWORD_QUALITY_COMPLEX);
+ assertThat(sDeviceState.dpc().devicePolicyManager().getRequiredPasswordComplexity())
+ .isEqualTo(PASSWORD_COMPLEXITY_NONE);
+ } finally {
+ removeAllPasswordRestrictions();
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @CanSetPolicyTest(policy = ResetPasswordWithToken.class)
+ public void setRequiredPasswordComplexity_success() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setRequiredPasswordComplexity(
+ PASSWORD_COMPLEXITY_MEDIUM);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager().getRequiredPasswordComplexity())
+ .isEqualTo(PASSWORD_COMPLEXITY_MEDIUM);
+ } finally {
+ removeAllPasswordRestrictions();
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setRequiredPasswordComplexity_low_passwordThatMeetsLowPasswordBandRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setRequiredPasswordComplexity(
+ PASSWORD_COMPLEXITY_LOW);
+
+ assertPasswordSucceeds(NUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordFails(NUMERIC_PASSWORD_LENGTH_3); // Password too short
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setRequiredPasswordComplexity_medium_passwordThatMeetsMediumPasswordBandRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setRequiredPasswordComplexity(
+ PASSWORD_COMPLEXITY_MEDIUM);
+
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_4);
+ assertPasswordSucceeds(NUMERIC_PASSWORD_RANDOM_LENGTH_4);
+ assertPasswordFails(NUMERIC_PASSWORD_REPEATING_LENGTH_4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void setRequiredPasswordComplexity_high_passwordThatMeetsHighPasswordBandRequired() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().setRequiredPasswordComplexity(
+ PASSWORD_COMPLEXITY_HIGH);
+
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_8);
+ assertPasswordFails(NUMERIC_PASSWORD_LENGTH_6);
+ assertPasswordFails(ALPHABETIC_PASSWORD_LENGTH_4);
+ } finally {
+ removeAllPasswordRestrictions();
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void getPasswordComplexity_passwordThatMeetsLowPasswordBand_lowPasswordComplexity() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ // Set password that meets low password band
+ assertPasswordSucceeds(NUMERIC_PASSWORD_LENGTH_4);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager().getPasswordComplexity())
+ .isEqualTo(PASSWORD_COMPLEXITY_LOW);
+ } finally {
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void getPasswordComplexity_passwordThatMeetsMediumPasswordBand_mediumPasswordComplexity() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ // Set password that meets medium password band
+ assertPasswordSucceeds(NUMERIC_PASSWORD_LENGTH_6);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager().getPasswordComplexity())
+ .isEqualTo(PASSWORD_COMPLEXITY_MEDIUM);
+ } finally {
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void getPasswordComplexity_passwordThatMeetsHighPasswordBand_highPasswordComplexity() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ // Set password that meets high password band
+ assertPasswordSucceeds(ALPHANUMERIC_PASSWORD_LENGTH_8);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager().getPasswordComplexity())
+ .isEqualTo(PASSWORD_COMPLEXITY_HIGH);
+ } finally {
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ @Test
+ @Postsubmit(reason = "new test")
+ @PositivePolicyTest(policy = ResetPasswordWithToken.class)
+ public void clearResetPasswordToken_passwordTokenIsResetAndUnableToSetNewPassword() {
+ assumeTrue(RESET_PASSWORD_TOKEN_DISABLED, canSetResetPasswordToken(TOKEN));
+ try {
+ sDeviceState.dpc().devicePolicyManager().clearResetPasswordToken(DPC_COMPONENT_NAME);
+
+ assertThat(sDeviceState.dpc().devicePolicyManager().isResetPasswordTokenActive(
+ DPC_COMPONENT_NAME)).isFalse();
+ assertThat(sDeviceState.dpc().devicePolicyManager().resetPasswordWithToken(
+ DPC_COMPONENT_NAME, VALID_PASSWORD, TOKEN, /* flags = */ 0)).isFalse();
+ } finally {
+ removePasswordAndToken(TOKEN);
+ }
+ }
+
+ private void assertPasswordSucceeds(String password) {
+ assertThat(sDeviceState.dpc().devicePolicyManager().resetPasswordWithToken(
+ DPC_COMPONENT_NAME, password, TOKEN, /* flags = */ 0)).isTrue();
+ assertThat(sDeviceState.dpc().devicePolicyManager().isActivePasswordSufficient()).isTrue();
+ }
+
+ private void assertPasswordFails(String password) {
+ assertThat(sDeviceState.dpc().devicePolicyManager().resetPasswordWithToken(
+ DPC_COMPONENT_NAME, password, TOKEN, /* flags = */ 0)).isFalse();
+ }
+
private void removeAllPasswordRestrictions() {
- sDeviceState.dpc().devicePolicyManager().setPasswordQuality(DPC_COMPONENT_NAME,
- DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED);
+ sDeviceState.dpc().devicePolicyManager().setPasswordQuality(
+ DPC_COMPONENT_NAME, PASSWORD_QUALITY_UNSPECIFIED);
+ sDeviceState.dpc().devicePolicyManager().setRequiredPasswordComplexity(
+ PASSWORD_COMPLEXITY_NONE);
sDeviceState.dpc().devicePolicyManager().setPasswordMinimumLength(DPC_COMPONENT_NAME, 0);
sDeviceState.dpc().devicePolicyManager().setPasswordMinimumSymbols(DPC_COMPONENT_NAME, 0);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumNonLetter(DPC_COMPONENT_NAME, 0);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumNumeric(DPC_COMPONENT_NAME, 0);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumLetters(DPC_COMPONENT_NAME, 0);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumLowerCase(DPC_COMPONENT_NAME, 0);
+ sDeviceState.dpc().devicePolicyManager().setPasswordMinimumUpperCase(DPC_COMPONENT_NAME, 0);
}
private void removePasswordAndToken(byte[] token) {