services/tests/servicestests/src/com/android/server/biometrics/AuthenticationStatsCollectorTest.java - platform/frameworks/base - Git at Google

 /*
  * Copyright (C) 2023 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package com.android.server.biometrics;

 import static com.android.server.biometrics.AuthenticationStatsCollector.MAXIMUM_ENROLLMENT_NOTIFICATIONS;

 import static com.google.common.truth.Truth.assertThat;

 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.anyInt;
 import static org.mockito.ArgumentMatchers.anySet;
 import static org.mockito.ArgumentMatchers.anyString;
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.never;
 import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;

 import static java.util.Collections.emptySet;

 import android.content.Context;
 import android.content.SharedPreferences;
 import android.content.pm.PackageManager;
 import android.content.res.Resources;
 import android.hardware.face.FaceManager;
 import android.hardware.fingerprint.FingerprintManager;
 import android.platform.test.annotations.Presubmit;

 import androidx.test.filters.SmallTest;

 import com.android.internal.R;
 import com.android.server.biometrics.sensors.BiometricNotification;

 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.mockito.Mock;
 import org.mockito.junit.MockitoJUnit;
 import org.mockito.junit.MockitoRule;

 import java.io.File;

 @Presubmit
 @SmallTest
 public class AuthenticationStatsCollectorTest {

     @Rule
     public MockitoRule mockitoRule = MockitoJUnit.rule();

     private AuthenticationStatsCollector mAuthenticationStatsCollector;
     private static final float FRR_THRESHOLD = 0.2f;
     private static final int USER_ID_1 = 1;

     @Mock
     private Context mContext;
     @Mock
     private Resources mResources;
     @Mock
     private PackageManager mPackageManager;
     @Mock
     private FingerprintManager mFingerprintManager;
     @Mock
     private FaceManager mFaceManager;
     @Mock
     private SharedPreferences mSharedPreferences;
     @Mock
     private BiometricNotification mBiometricNotification;

     @Before
     public void setUp() {

         when(mContext.getResources()).thenReturn(mResources);
         when(mResources.getFraction(eq(R.fraction.config_biometricNotificationFrrThreshold),
                 anyInt(), anyInt())).thenReturn(FRR_THRESHOLD);

         when(mContext.getPackageManager()).thenReturn(mPackageManager);

         when(mContext.getSystemServiceName(FingerprintManager.class))
                 .thenReturn(Context.FINGERPRINT_SERVICE);
         when(mContext.getSystemService(Context.FINGERPRINT_SERVICE))
                 .thenReturn(mFingerprintManager);
         when(mContext.getSystemServiceName(FaceManager.class)).thenReturn(Context.FACE_SERVICE);
         when(mContext.getSystemService(Context.FACE_SERVICE)).thenReturn(mFaceManager);

         when(mContext.getSharedPreferences(any(File.class), anyInt()))
                 .thenReturn(mSharedPreferences);
         when(mSharedPreferences.getStringSet(anyString(), anySet())).thenReturn(emptySet());

         mAuthenticationStatsCollector = new AuthenticationStatsCollector(mContext,
                 0 /* modality */, mBiometricNotification);
     }


     @Test
     public void authenticate_authenticationSucceeded_mapShouldBeUpdated() {
         // Assert that the user doesn't exist in the map initially.
         assertThat(mAuthenticationStatsCollector.getAuthenticationStatsForUser(USER_ID_1)).isNull();

         mAuthenticationStatsCollector.authenticate(USER_ID_1, true /* authenticated */);

         AuthenticationStats authenticationStats =
                 mAuthenticationStatsCollector.getAuthenticationStatsForUser(USER_ID_1);
         assertThat(authenticationStats.getUserId()).isEqualTo(USER_ID_1);
         assertThat(authenticationStats.getTotalAttempts()).isEqualTo(1);
         assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
         assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(0);
     }

     @Test
     public void authenticate_authenticationFailed_mapShouldBeUpdated() {
         // Assert that the user doesn't exist in the map initially.
         assertThat(mAuthenticationStatsCollector.getAuthenticationStatsForUser(USER_ID_1)).isNull();

         mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

         AuthenticationStats authenticationStats =
                 mAuthenticationStatsCollector.getAuthenticationStatsForUser(USER_ID_1);

         assertThat(authenticationStats.getUserId()).isEqualTo(USER_ID_1);
         assertThat(authenticationStats.getTotalAttempts()).isEqualTo(1);
         assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(1);
         assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(0);
     }

     /**
      * Our current use case does not need the counters to update after the notification
      * limit is reached. If we need these counters to continue counting in the future,
      * a separate privacy review must be done.
      */
     @Test
     public void authenticate_notificationExceeded_mapMustNotBeUpdated() {

         mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
                 new AuthenticationStats(USER_ID_1, 400 /* totalAttempts */,
                         40 /* rejectedAttempts */,
                         MAXIMUM_ENROLLMENT_NOTIFICATIONS /* enrollmentNotifications */,
                         0 /* modality */));

         mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

         AuthenticationStats authenticationStats =
                 mAuthenticationStatsCollector.getAuthenticationStatsForUser(USER_ID_1);

         assertThat(authenticationStats.getUserId()).isEqualTo(USER_ID_1);
         // Assert that counters haven't been updated.
         assertThat(authenticationStats.getTotalAttempts()).isEqualTo(400);
         assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(40);
         assertThat(authenticationStats.getEnrollmentNotifications())
                 .isEqualTo(MAXIMUM_ENROLLMENT_NOTIFICATIONS);
     }

     @Test
     public void authenticate_frrNotExceeded_notificationNotExceeded_shouldNotSendNotification() {

         mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
                 new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
                         40 /* rejectedAttempts */, 0 /* enrollmentNotifications */,
                         0 /* modality */));

         mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

         // Assert that no notification should be sent.
         verify(mBiometricNotification, never()).sendFaceEnrollNotification(any());
         verify(mBiometricNotification, never()).sendFpEnrollNotification(any());
         // Assert that data has been reset.
         AuthenticationStats authenticationStats = mAuthenticationStatsCollector
                 .getAuthenticationStatsForUser(USER_ID_1);
         assertThat(authenticationStats.getTotalAttempts()).isEqualTo(0);
         assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
         assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(0);
         assertThat(authenticationStats.getFrr()).isWithin(0f).of(-1.0f);
     }

     @Test
     public void authenticate_frrExceeded_notificationExceeded_shouldNotSendNotification() {

         mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
                 new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
                         400 /* rejectedAttempts */,
                         MAXIMUM_ENROLLMENT_NOTIFICATIONS /* enrollmentNotifications */,
                         0 /* modality */));

         mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

         // Assert that no notification should be sent.
         verify(mBiometricNotification, never()).sendFaceEnrollNotification(any());
         verify(mBiometricNotification, never()).sendFpEnrollNotification(any());
         // Assert that data hasn't been reset.
         AuthenticationStats authenticationStats = mAuthenticationStatsCollector
                 .getAuthenticationStatsForUser(USER_ID_1);
         assertThat(authenticationStats.getTotalAttempts()).isEqualTo(500);
         assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(400);
         assertThat(authenticationStats.getEnrollmentNotifications())
                 .isEqualTo(MAXIMUM_ENROLLMENT_NOTIFICATIONS);
         assertThat(authenticationStats.getFrr()).isWithin(0f).of(0.8f);
     }

     @Test
     public void authenticate_frrExceeded_bothBiometricsEnrolled_shouldNotSendNotification() {

         mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
                 new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
                         400 /* rejectedAttempts */, 0 /* enrollmentNotifications */,
                         0 /* modality */));

         when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT))
                 .thenReturn(true);
         when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FACE)).thenReturn(true);
         when(mFingerprintManager.hasEnrolledTemplates(anyInt())).thenReturn(true);
         when(mFaceManager.hasEnrolledTemplates(anyInt())).thenReturn(true);

         mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

         // Assert that no notification should be sent.
         verify(mBiometricNotification, never()).sendFaceEnrollNotification(any());
         verify(mBiometricNotification, never()).sendFpEnrollNotification(any());
         // Assert that data has been reset.
         AuthenticationStats authenticationStats = mAuthenticationStatsCollector
                 .getAuthenticationStatsForUser(USER_ID_1);
         assertThat(authenticationStats.getTotalAttempts()).isEqualTo(0);
         assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
         assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(0);
         assertThat(authenticationStats.getFrr()).isWithin(0f).of(-1.0f);
     }

     @Test
     public void authenticate_frrExceeded_singleModality_shouldNotSendNotification() {

         mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
                 new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
                         400 /* rejectedAttempts */, 0 /* enrollmentNotifications */,
                         0 /* modality */));

         when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT))
                 .thenReturn(true);
         when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FACE)).thenReturn(false);
         when(mFingerprintManager.hasEnrolledTemplates(anyInt())).thenReturn(true);

         mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

         // Assert that no notification should be sent.
         verify(mBiometricNotification, never()).sendFaceEnrollNotification(any());
         verify(mBiometricNotification, never()).sendFpEnrollNotification(any());
         // Assert that data has been reset.
         AuthenticationStats authenticationStats = mAuthenticationStatsCollector
                 .getAuthenticationStatsForUser(USER_ID_1);
         assertThat(authenticationStats.getTotalAttempts()).isEqualTo(0);
         assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
         assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(0);
         assertThat(authenticationStats.getFrr()).isWithin(0f).of(-1.0f);
     }

     @Test
     public void authenticate_frrExceeded_faceEnrolled_shouldSendFpNotification() {
         mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
                 new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
                         400 /* rejectedAttempts */, 0 /* enrollmentNotifications */,
                         0 /* modality */));

         when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT))
                 .thenReturn(true);
         when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FACE)).thenReturn(true);
         when(mFingerprintManager.hasEnrolledTemplates(anyInt())).thenReturn(false);
         when(mFaceManager.hasEnrolledTemplates(anyInt())).thenReturn(true);

         mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

         // Assert that fingerprint enrollment notification should be sent.
         verify(mBiometricNotification, times(1))
                 .sendFpEnrollNotification(mContext);
         verify(mBiometricNotification, never()).sendFaceEnrollNotification(any());
         // Assert that data has been reset.
         AuthenticationStats authenticationStats = mAuthenticationStatsCollector
                 .getAuthenticationStatsForUser(USER_ID_1);
         assertThat(authenticationStats.getTotalAttempts()).isEqualTo(0);
         assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
         assertThat(authenticationStats.getFrr()).isWithin(0f).of(-1.0f);
         // Assert that notification count has been updated.
         assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(1);
     }

     @Test
     public void authenticate_frrExceeded_fpEnrolled_shouldSendFaceNotification() {
         mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
                 new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
                         400 /* rejectedAttempts */, 0 /* enrollmentNotifications */,
                         0 /* modality */));

         when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT))
                 .thenReturn(true);
         when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FACE)).thenReturn(true);
         when(mFingerprintManager.hasEnrolledTemplates(anyInt())).thenReturn(true);
         when(mFaceManager.hasEnrolledTemplates(anyInt())).thenReturn(false);

         mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

         // Assert that fingerprint enrollment notification should be sent.
         verify(mBiometricNotification, times(1))
                 .sendFaceEnrollNotification(mContext);
         verify(mBiometricNotification, never()).sendFpEnrollNotification(any());
         // Assert that data has been reset.
         AuthenticationStats authenticationStats = mAuthenticationStatsCollector
                 .getAuthenticationStatsForUser(USER_ID_1);
         assertThat(authenticationStats.getTotalAttempts()).isEqualTo(0);
         assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
         assertThat(authenticationStats.getFrr()).isWithin(0f).of(-1.0f);
         // Assert that notification count has been updated.
         assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(1);
     }
 }
	/*
	* Copyright (C) 2023 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package com.android.server.biometrics;

	import static com.android.server.biometrics.AuthenticationStatsCollector.MAXIMUM_ENROLLMENT_NOTIFICATIONS;

	import static com.google.common.truth.Truth.assertThat;

	import static org.mockito.ArgumentMatchers.any;
	import static org.mockito.ArgumentMatchers.anyInt;
	import static org.mockito.ArgumentMatchers.anySet;
	import static org.mockito.ArgumentMatchers.anyString;
	import static org.mockito.ArgumentMatchers.eq;
	import static org.mockito.Mockito.never;
	import static org.mockito.Mockito.times;
	import static org.mockito.Mockito.verify;
	import static org.mockito.Mockito.when;

	import static java.util.Collections.emptySet;

	import android.content.Context;
	import android.content.SharedPreferences;
	import android.content.pm.PackageManager;
	import android.content.res.Resources;
	import android.hardware.face.FaceManager;
	import android.hardware.fingerprint.FingerprintManager;
	import android.platform.test.annotations.Presubmit;

	import androidx.test.filters.SmallTest;

	import com.android.internal.R;
	import com.android.server.biometrics.sensors.BiometricNotification;

	import org.junit.Before;
	import org.junit.Rule;
	import org.junit.Test;
	import org.mockito.Mock;
	import org.mockito.junit.MockitoJUnit;
	import org.mockito.junit.MockitoRule;

	import java.io.File;

	@Presubmit
	@SmallTest
	public class AuthenticationStatsCollectorTest {

	@Rule
	public MockitoRule mockitoRule = MockitoJUnit.rule();

	private AuthenticationStatsCollector mAuthenticationStatsCollector;
	private static final float FRR_THRESHOLD = 0.2f;
	private static final int USER_ID_1 = 1;

	@Mock
	private Context mContext;
	@Mock
	private Resources mResources;
	@Mock
	private PackageManager mPackageManager;
	@Mock
	private FingerprintManager mFingerprintManager;
	@Mock
	private FaceManager mFaceManager;
	@Mock
	private SharedPreferences mSharedPreferences;
	@Mock
	private BiometricNotification mBiometricNotification;

	@Before
	public void setUp() {

	when(mContext.getResources()).thenReturn(mResources);
	when(mResources.getFraction(eq(R.fraction.config_biometricNotificationFrrThreshold),
	anyInt(), anyInt())).thenReturn(FRR_THRESHOLD);

	when(mContext.getPackageManager()).thenReturn(mPackageManager);

	when(mContext.getSystemServiceName(FingerprintManager.class))
	.thenReturn(Context.FINGERPRINT_SERVICE);
	when(mContext.getSystemService(Context.FINGERPRINT_SERVICE))
	.thenReturn(mFingerprintManager);
	when(mContext.getSystemServiceName(FaceManager.class)).thenReturn(Context.FACE_SERVICE);
	when(mContext.getSystemService(Context.FACE_SERVICE)).thenReturn(mFaceManager);

	when(mContext.getSharedPreferences(any(File.class), anyInt()))
	.thenReturn(mSharedPreferences);
	when(mSharedPreferences.getStringSet(anyString(), anySet())).thenReturn(emptySet());

	mAuthenticationStatsCollector = new AuthenticationStatsCollector(mContext,
	0 /* modality */, mBiometricNotification);
	}


	@Test
	public void authenticate_authenticationSucceeded_mapShouldBeUpdated() {
	// Assert that the user doesn't exist in the map initially.
	assertThat(mAuthenticationStatsCollector.getAuthenticationStatsForUser(USER_ID_1)).isNull();

	mAuthenticationStatsCollector.authenticate(USER_ID_1, true /* authenticated */);

	AuthenticationStats authenticationStats =
	mAuthenticationStatsCollector.getAuthenticationStatsForUser(USER_ID_1);
	assertThat(authenticationStats.getUserId()).isEqualTo(USER_ID_1);
	assertThat(authenticationStats.getTotalAttempts()).isEqualTo(1);
	assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
	assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(0);
	}

	@Test
	public void authenticate_authenticationFailed_mapShouldBeUpdated() {
	// Assert that the user doesn't exist in the map initially.
	assertThat(mAuthenticationStatsCollector.getAuthenticationStatsForUser(USER_ID_1)).isNull();

	mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

	AuthenticationStats authenticationStats =
	mAuthenticationStatsCollector.getAuthenticationStatsForUser(USER_ID_1);

	assertThat(authenticationStats.getUserId()).isEqualTo(USER_ID_1);
	assertThat(authenticationStats.getTotalAttempts()).isEqualTo(1);
	assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(1);
	assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(0);
	}

	/**
	* Our current use case does not need the counters to update after the notification
	* limit is reached. If we need these counters to continue counting in the future,
	* a separate privacy review must be done.
	*/
	@Test
	public void authenticate_notificationExceeded_mapMustNotBeUpdated() {

	mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
	new AuthenticationStats(USER_ID_1, 400 /* totalAttempts */,
	40 /* rejectedAttempts */,
	MAXIMUM_ENROLLMENT_NOTIFICATIONS /* enrollmentNotifications */,
	0 /* modality */));

	mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

	AuthenticationStats authenticationStats =
	mAuthenticationStatsCollector.getAuthenticationStatsForUser(USER_ID_1);

	assertThat(authenticationStats.getUserId()).isEqualTo(USER_ID_1);
	// Assert that counters haven't been updated.
	assertThat(authenticationStats.getTotalAttempts()).isEqualTo(400);
	assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(40);
	assertThat(authenticationStats.getEnrollmentNotifications())
	.isEqualTo(MAXIMUM_ENROLLMENT_NOTIFICATIONS);
	}

	@Test
	public void authenticate_frrNotExceeded_notificationNotExceeded_shouldNotSendNotification() {

	mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
	new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
	40 /* rejectedAttempts /, 0 / enrollmentNotifications */,
	0 /* modality */));

	mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

	// Assert that no notification should be sent.
	verify(mBiometricNotification, never()).sendFaceEnrollNotification(any());
	verify(mBiometricNotification, never()).sendFpEnrollNotification(any());
	// Assert that data has been reset.
	AuthenticationStats authenticationStats = mAuthenticationStatsCollector
	.getAuthenticationStatsForUser(USER_ID_1);
	assertThat(authenticationStats.getTotalAttempts()).isEqualTo(0);
	assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
	assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(0);
	assertThat(authenticationStats.getFrr()).isWithin(0f).of(-1.0f);
	}

	@Test
	public void authenticate_frrExceeded_notificationExceeded_shouldNotSendNotification() {

	mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
	new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
	400 /* rejectedAttempts */,
	MAXIMUM_ENROLLMENT_NOTIFICATIONS /* enrollmentNotifications */,
	0 /* modality */));

	mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

	// Assert that no notification should be sent.
	verify(mBiometricNotification, never()).sendFaceEnrollNotification(any());
	verify(mBiometricNotification, never()).sendFpEnrollNotification(any());
	// Assert that data hasn't been reset.
	AuthenticationStats authenticationStats = mAuthenticationStatsCollector
	.getAuthenticationStatsForUser(USER_ID_1);
	assertThat(authenticationStats.getTotalAttempts()).isEqualTo(500);
	assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(400);
	assertThat(authenticationStats.getEnrollmentNotifications())
	.isEqualTo(MAXIMUM_ENROLLMENT_NOTIFICATIONS);
	assertThat(authenticationStats.getFrr()).isWithin(0f).of(0.8f);
	}

	@Test
	public void authenticate_frrExceeded_bothBiometricsEnrolled_shouldNotSendNotification() {

	mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
	new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
	400 /* rejectedAttempts /, 0 / enrollmentNotifications */,
	0 /* modality */));

	when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT))
	.thenReturn(true);
	when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FACE)).thenReturn(true);
	when(mFingerprintManager.hasEnrolledTemplates(anyInt())).thenReturn(true);
	when(mFaceManager.hasEnrolledTemplates(anyInt())).thenReturn(true);

	mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

	// Assert that no notification should be sent.
	verify(mBiometricNotification, never()).sendFaceEnrollNotification(any());
	verify(mBiometricNotification, never()).sendFpEnrollNotification(any());
	// Assert that data has been reset.
	AuthenticationStats authenticationStats = mAuthenticationStatsCollector
	.getAuthenticationStatsForUser(USER_ID_1);
	assertThat(authenticationStats.getTotalAttempts()).isEqualTo(0);
	assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
	assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(0);
	assertThat(authenticationStats.getFrr()).isWithin(0f).of(-1.0f);
	}

	@Test
	public void authenticate_frrExceeded_singleModality_shouldNotSendNotification() {

	mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
	new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
	400 /* rejectedAttempts /, 0 / enrollmentNotifications */,
	0 /* modality */));

	when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT))
	.thenReturn(true);
	when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FACE)).thenReturn(false);
	when(mFingerprintManager.hasEnrolledTemplates(anyInt())).thenReturn(true);

	mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

	// Assert that no notification should be sent.
	verify(mBiometricNotification, never()).sendFaceEnrollNotification(any());
	verify(mBiometricNotification, never()).sendFpEnrollNotification(any());
	// Assert that data has been reset.
	AuthenticationStats authenticationStats = mAuthenticationStatsCollector
	.getAuthenticationStatsForUser(USER_ID_1);
	assertThat(authenticationStats.getTotalAttempts()).isEqualTo(0);
	assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
	assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(0);
	assertThat(authenticationStats.getFrr()).isWithin(0f).of(-1.0f);
	}

	@Test
	public void authenticate_frrExceeded_faceEnrolled_shouldSendFpNotification() {
	mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
	new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
	400 /* rejectedAttempts /, 0 / enrollmentNotifications */,
	0 /* modality */));

	when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT))
	.thenReturn(true);
	when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FACE)).thenReturn(true);
	when(mFingerprintManager.hasEnrolledTemplates(anyInt())).thenReturn(false);
	when(mFaceManager.hasEnrolledTemplates(anyInt())).thenReturn(true);

	mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

	// Assert that fingerprint enrollment notification should be sent.
	verify(mBiometricNotification, times(1))
	.sendFpEnrollNotification(mContext);
	verify(mBiometricNotification, never()).sendFaceEnrollNotification(any());
	// Assert that data has been reset.
	AuthenticationStats authenticationStats = mAuthenticationStatsCollector
	.getAuthenticationStatsForUser(USER_ID_1);
	assertThat(authenticationStats.getTotalAttempts()).isEqualTo(0);
	assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
	assertThat(authenticationStats.getFrr()).isWithin(0f).of(-1.0f);
	// Assert that notification count has been updated.
	assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(1);
	}

	@Test
	public void authenticate_frrExceeded_fpEnrolled_shouldSendFaceNotification() {
	mAuthenticationStatsCollector.setAuthenticationStatsForUser(USER_ID_1,
	new AuthenticationStats(USER_ID_1, 500 /* totalAttempts */,
	400 /* rejectedAttempts /, 0 / enrollmentNotifications */,
	0 /* modality */));

	when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FINGERPRINT))
	.thenReturn(true);
	when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_FACE)).thenReturn(true);
	when(mFingerprintManager.hasEnrolledTemplates(anyInt())).thenReturn(true);
	when(mFaceManager.hasEnrolledTemplates(anyInt())).thenReturn(false);

	mAuthenticationStatsCollector.authenticate(USER_ID_1, false /* authenticated */);

	// Assert that fingerprint enrollment notification should be sent.
	verify(mBiometricNotification, times(1))
	.sendFaceEnrollNotification(mContext);
	verify(mBiometricNotification, never()).sendFpEnrollNotification(any());
	// Assert that data has been reset.
	AuthenticationStats authenticationStats = mAuthenticationStatsCollector
	.getAuthenticationStatsForUser(USER_ID_1);
	assertThat(authenticationStats.getTotalAttempts()).isEqualTo(0);
	assertThat(authenticationStats.getRejectedAttempts()).isEqualTo(0);
	assertThat(authenticationStats.getFrr()).isWithin(0f).of(-1.0f);
	// Assert that notification count has been updated.
	assertThat(authenticationStats.getEnrollmentNotifications()).isEqualTo(1);
	}
	}