[flexiglass] Ignore passwords shorter than 4 chars.
Fix: 306517554
Test: unit tests added
Test: manually verified that entering more than 10 incorrect, short
passwords is ignored and throttling didn't kick off.
Flag: ACONFIG com.android.systemui.scene_container DEVELOPMENT
Change-Id: I7de5c3d5d7691555bc5acb7d9628f63e04718f9f
diff --git a/packages/SystemUI/src/com/android/systemui/authentication/data/repository/AuthenticationRepository.kt b/packages/SystemUI/src/com/android/systemui/authentication/data/repository/AuthenticationRepository.kt
index 7769dd9..d4331db 100644
--- a/packages/SystemUI/src/com/android/systemui/authentication/data/repository/AuthenticationRepository.kt
+++ b/packages/SystemUI/src/com/android/systemui/authentication/data/repository/AuthenticationRepository.kt
@@ -108,6 +108,9 @@
/** The minimal length of a pattern. */
val minPatternLength: Int
+ /** The minimal length of a password. */
+ val minPasswordLength: Int
+
/** Whether the "enhanced PIN privacy" setting is enabled for the current user. */
val isPinEnhancedPrivacyEnabled: StateFlow<Boolean>
@@ -215,6 +218,8 @@
override val minPatternLength: Int = LockPatternUtils.MIN_LOCK_PATTERN_SIZE
+ override val minPasswordLength: Int = LockPatternUtils.MIN_LOCK_PASSWORD_SIZE
+
override val isPinEnhancedPrivacyEnabled: StateFlow<Boolean> =
refreshingFlow(
initialValue = true,
diff --git a/packages/SystemUI/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractor.kt b/packages/SystemUI/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractor.kt
index 5eefbf5..c297486 100644
--- a/packages/SystemUI/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractor.kt
+++ b/packages/SystemUI/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractor.kt
@@ -200,9 +200,8 @@
// We're being throttled, the UI layer should not have called this; skip the
// attempt.
isThrottled.value -> true
- // The pattern is too short; skip the attempt.
- authMethod == AuthenticationMethodModel.Pattern &&
- input.size < repository.minPatternLength -> true
+ // The input is too short; skip the attempt.
+ input.isTooShort(authMethod) -> true
// Auto-confirm attempt when the feature is not enabled; skip the attempt.
tryAutoConfirm && !isAutoConfirmEnabled.value -> true
// Auto-confirm should skip the attempt if the pin entered is too short.
@@ -247,6 +246,14 @@
}
}
+ private fun List<Any>.isTooShort(authMethod: AuthenticationMethodModel): Boolean {
+ return when (authMethod) {
+ AuthenticationMethodModel.Pattern -> size < repository.minPatternLength
+ AuthenticationMethodModel.Password -> size < repository.minPasswordLength
+ else -> false
+ }
+ }
+
/** Starts refreshing the throttling state every second. */
private suspend fun startThrottlingCountdown() {
cancelThrottlingCountdown()
diff --git a/packages/SystemUI/tests/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractorTest.kt b/packages/SystemUI/tests/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractorTest.kt
index 7439db2..56d3d26 100644
--- a/packages/SystemUI/tests/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractorTest.kt
+++ b/packages/SystemUI/tests/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractorTest.kt
@@ -455,4 +455,22 @@
assertThat(hintedPinLength).isNull()
}
+
+ @Test
+ fun authenticate_withTooShortPassword() =
+ testScope.runTest {
+ utils.authenticationRepository.setAuthenticationMethod(
+ AuthenticationMethodModel.Password
+ )
+ assertThat(
+ underTest.authenticate(
+ buildList {
+ repeat(utils.authenticationRepository.minPasswordLength - 1) { time ->
+ add("$time")
+ }
+ }
+ )
+ )
+ .isEqualTo(AuthenticationResult.SKIPPED)
+ }
}
diff --git a/packages/SystemUI/tests/src/com/android/systemui/bouncer/domain/interactor/BouncerInteractorTest.kt b/packages/SystemUI/tests/src/com/android/systemui/bouncer/domain/interactor/BouncerInteractorTest.kt
index 6ead0e9..f980f00 100644
--- a/packages/SystemUI/tests/src/com/android/systemui/bouncer/domain/interactor/BouncerInteractorTest.kt
+++ b/packages/SystemUI/tests/src/com/android/systemui/bouncer/domain/interactor/BouncerInteractorTest.kt
@@ -159,6 +159,19 @@
underTest.resetMessage()
assertThat(message).isEqualTo(MESSAGE_ENTER_YOUR_PASSWORD)
+ // Too short input.
+ assertThat(
+ underTest.authenticate(
+ buildList {
+ repeat(utils.authenticationRepository.minPasswordLength - 1) { time ->
+ add("$time")
+ }
+ }
+ )
+ )
+ .isEqualTo(AuthenticationResult.SKIPPED)
+ assertThat(message).isEqualTo(MESSAGE_WRONG_PASSWORD)
+
// Correct input.
assertThat(underTest.authenticate("password".toList()))
.isEqualTo(AuthenticationResult.SUCCEEDED)
diff --git a/packages/SystemUI/tests/utils/src/com/android/systemui/authentication/data/repository/FakeAuthenticationRepository.kt b/packages/SystemUI/tests/utils/src/com/android/systemui/authentication/data/repository/FakeAuthenticationRepository.kt
index af1930e..475ce87 100644
--- a/packages/SystemUI/tests/utils/src/com/android/systemui/authentication/data/repository/FakeAuthenticationRepository.kt
+++ b/packages/SystemUI/tests/utils/src/com/android/systemui/authentication/data/repository/FakeAuthenticationRepository.kt
@@ -60,6 +60,8 @@
override val minPatternLength: Int = 4
+ override val minPasswordLength: Int = 4
+
private val _isPinEnhancedPrivacyEnabled = MutableStateFlow(false)
override val isPinEnhancedPrivacyEnabled: StateFlow<Boolean> =
_isPinEnhancedPrivacyEnabled.asStateFlow()