[flexiglass] Report lockout attempts to the trust manager.
Fix: 314963951
Bug: 314757822
Bug: 306559035
Bug: 315118723
Test: Added unit tests.
Test: Existing unit tests still pass.
Flag: ACONFIG com.android.systemui.scene_container DEVELOPMENT
Change-Id: Ib315bc55f3370c3d8778d50b52968f038f1ae6e3
diff --git a/packages/SystemUI/multivalentTests/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractorTest.kt b/packages/SystemUI/multivalentTests/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractorTest.kt
index 2a02164..97a4588 100644
--- a/packages/SystemUI/multivalentTests/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractorTest.kt
+++ b/packages/SystemUI/multivalentTests/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractorTest.kt
@@ -82,6 +82,7 @@
assertThat(underTest.authenticate(FakeAuthenticationRepository.DEFAULT_PIN))
.isEqualTo(AuthenticationResult.SUCCEEDED)
assertThat(throttling).isNull()
+ assertThat(utils.authenticationRepository.lockoutStartedReportCount).isEqualTo(0)
}
@Test
@@ -137,6 +138,7 @@
assertThat(underTest.authenticate("password".toList()))
.isEqualTo(AuthenticationResult.SUCCEEDED)
assertThat(throttling).isNull()
+ assertThat(utils.authenticationRepository.lockoutStartedReportCount).isEqualTo(0)
}
@Test
@@ -202,6 +204,7 @@
)
.isEqualTo(AuthenticationResult.SKIPPED)
assertThat(throttling).isNull()
+ assertThat(utils.authenticationRepository.lockoutStartedReportCount).isEqualTo(0)
}
@Test
@@ -345,6 +348,7 @@
underTest.authenticate(listOf(5, 6, 7)) // Wrong PIN
}
assertThat(throttling).isNotNull()
+ assertThat(utils.authenticationRepository.lockoutStartedReportCount).isEqualTo(1)
// Throttling disabled auto-confirm.
assertThat(isAutoConfirmEnabled).isFalse()
@@ -363,6 +367,8 @@
// Auto-confirm is re-enabled.
assertThat(isAutoConfirmEnabled).isTrue()
+
+ assertThat(utils.authenticationRepository.lockoutStartedReportCount).isEqualTo(1)
}
@Test
@@ -389,6 +395,7 @@
remainingSeconds = FakeAuthenticationRepository.THROTTLE_DURATION_SECONDS,
)
)
+ assertThat(utils.authenticationRepository.lockoutStartedReportCount).isEqualTo(1)
// Correct PIN, but throttled, so doesn't attempt it:
assertThat(underTest.authenticate(FakeAuthenticationRepository.DEFAULT_PIN))
diff --git a/packages/SystemUI/src/com/android/systemui/authentication/data/repository/AuthenticationRepository.kt b/packages/SystemUI/src/com/android/systemui/authentication/data/repository/AuthenticationRepository.kt
index bd84b28..2eeb8d5 100644
--- a/packages/SystemUI/src/com/android/systemui/authentication/data/repository/AuthenticationRepository.kt
+++ b/packages/SystemUI/src/com/android/systemui/authentication/data/repository/AuthenticationRepository.kt
@@ -138,6 +138,9 @@
/** Reports an authentication attempt. */
suspend fun reportAuthenticationAttempt(isSuccessful: Boolean)
+ /** Reports that the user has entered a temporary device lockout (throttling). */
+ suspend fun reportLockoutStarted(durationMs: Int)
+
/** Returns the current number of failed authentication attempts. */
suspend fun getFailedAuthenticationAttemptCount(): Int
@@ -252,6 +255,12 @@
}
}
+ override suspend fun reportLockoutStarted(durationMs: Int) {
+ return withContext(backgroundDispatcher) {
+ lockPatternUtils.reportPasswordLockout(durationMs, selectedUserId)
+ }
+ }
+
override suspend fun getFailedAuthenticationAttemptCount(): Int {
return withContext(backgroundDispatcher) {
lockPatternUtils.getCurrentFailedPasswordAttempts(selectedUserId)
diff --git a/packages/SystemUI/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractor.kt b/packages/SystemUI/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractor.kt
index 7f8f887..9d33270 100644
--- a/packages/SystemUI/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractor.kt
+++ b/packages/SystemUI/src/com/android/systemui/authentication/domain/interactor/AuthenticationInteractor.kt
@@ -217,16 +217,17 @@
// Check if we need to throttle and, if so, kick off the throttle countdown:
if (!authenticationResult.isSuccessful && authenticationResult.throttleDurationMs > 0) {
- repository.setThrottleDuration(
- durationMs = authenticationResult.throttleDurationMs,
- )
- repository.hasThrottlingOccurred.value = true
+ repository.apply {
+ setThrottleDuration(durationMs = authenticationResult.throttleDurationMs)
+ reportLockoutStarted(durationMs = authenticationResult.throttleDurationMs)
+ hasThrottlingOccurred.value = true
+ }
startThrottlingCountdown()
}
if (authenticationResult.isSuccessful) {
- // Since authentication succeeded, we should refresh throttling to make sure that our
- // state is completely reflecting the upstream source of truth.
+ // Since authentication succeeded, refresh throttling to make sure the state is
+ // completely reflecting the upstream source of truth.
refreshThrottling()
repository.hasThrottlingOccurred.value = false
diff --git a/packages/SystemUI/tests/utils/src/com/android/systemui/authentication/data/repository/FakeAuthenticationRepository.kt b/packages/SystemUI/tests/utils/src/com/android/systemui/authentication/data/repository/FakeAuthenticationRepository.kt
index 4642b47..b741f1e 100644
--- a/packages/SystemUI/tests/utils/src/com/android/systemui/authentication/data/repository/FakeAuthenticationRepository.kt
+++ b/packages/SystemUI/tests/utils/src/com/android/systemui/authentication/data/repository/FakeAuthenticationRepository.kt
@@ -74,6 +74,8 @@
private var credentialOverride: List<Any>? = null
private var securityMode: SecurityMode = DEFAULT_AUTHENTICATION_METHOD.toSecurityMode()
+ var lockoutStartedReportCount = 0
+
override suspend fun getAuthenticationMethod(): AuthenticationMethodModel {
return authenticationMethod.value
}
@@ -92,6 +94,10 @@
authenticationChallengeResult.emit(isSuccessful)
}
+ override suspend fun reportLockoutStarted(durationMs: Int) {
+ lockoutStartedReportCount++
+ }
+
override suspend fun getPinLength(): Int {
return (credentialOverride ?: DEFAULT_PIN).size
}
