com/android/internal/widget/LockSettingsInternal.java - platform/prebuilts/fullsdk/sources/android-30 - Git at Google

 /*
  * Copyright (C) 2018 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package com.android.internal.widget;

 import android.annotation.Nullable;
 import android.app.admin.PasswordMetrics;

 /**
  * LockSettingsService local system service interface.
  *
  * @hide Only for use within the system server.
  */
 public abstract class LockSettingsInternal {

     /**
      * Create an escrow token for the current user, which can later be used to unlock FBE
      * or change user password.
      *
      * After adding, if the user currently has lockscreen password, he will need to perform a
      * confirm credential operation in order to activate the token for future use.
      * Once the token is activated, the callback that is passed here is called.   If the user
      * has no secure lockscreen, then the token is activated immediately.
      *
      * @return a unique 64-bit token handle which is needed to refer to this token later.
      */
     public abstract long addEscrowToken(byte[] token, int userId,
             LockPatternUtils.EscrowTokenStateChangeCallback callback);

     /**
      * Remove an escrow token.
      *
      * @return true if the given handle refers to a valid token previously returned from
      * {@link #addEscrowToken}, whether it's active or not. return false otherwise.
      */
     public abstract boolean removeEscrowToken(long handle, int userId);

     /**
      * Check if the given escrow token is active or not. Only active token can be used to call
      * {@link #setLockCredentialWithToken} and {@link #unlockUserWithToken}
      */
     public abstract boolean isEscrowTokenActive(long handle, int userId);

     /**
      * Set the lock credential.
      *
      * @return true if password is set.
      */
     public abstract boolean setLockCredentialWithToken(LockscreenCredential credential,
             long tokenHandle, byte[] token, int userId);

     public abstract boolean unlockUserWithToken(long tokenHandle, byte[] token, int userId);

     /**
      * Returns PasswordMetrics object corresponding to the given user's lockscreen password.
      * If the user has a password but its metrics isn't known yet (for example if the device
      * has not been unlocked since boot), this method will return {@code null}.
      * If the user has no password, a default PasswordMetrics (PASSWORD_QUALITY_UNSPECIFIED)
      * will be returned.
      *
      * Calling this method on a managed profile user with unified challenge is undefined.
      *
      * @param userHandle the user for whom to provide metrics.
      * @return the user password metrics.
      */
     public abstract @Nullable PasswordMetrics getUserPasswordMetrics(int userHandle);

     /**
      * Prepare for reboot escrow. This triggers the strong auth to be required. After the escrow
      * is complete as indicated by calling to the listener registered with {@link
      * #setRebootEscrowListener}, then {@link #armRebootEscrow()} should be called before
      * rebooting to apply the update.
      */
     public abstract void prepareRebootEscrow();

     /**
      * Registers a listener for when the RebootEscrow HAL has stored its data needed for rebooting
      * for an OTA.
      *
      * @see RebootEscrowListener
      * @param listener
      */
     public abstract void setRebootEscrowListener(RebootEscrowListener listener);

     /**
      * Requests that any data needed for rebooting is cleared from the RebootEscrow HAL.
      */
     public abstract void clearRebootEscrow();

     /**
      * Should be called immediately before rebooting for an update. This depends on {@link
      * #prepareRebootEscrow()} having been called and the escrow completing.
      *
      * @return true if the arming worked
      */
     public abstract boolean armRebootEscrow();


     /**
      * Refreshes pending strong auth timeout with the latest admin requirement set by device policy.
      */
     public abstract void refreshStrongAuthTimeout(int userId);
 }
	/*
	* Copyright (C) 2018 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package com.android.internal.widget;

	import android.annotation.Nullable;
	import android.app.admin.PasswordMetrics;

	/**
	* LockSettingsService local system service interface.
	*
	* @hide Only for use within the system server.
	*/
	public abstract class LockSettingsInternal {

	/**
	* Create an escrow token for the current user, which can later be used to unlock FBE
	* or change user password.
	*
	* After adding, if the user currently has lockscreen password, he will need to perform a
	* confirm credential operation in order to activate the token for future use.
	* Once the token is activated, the callback that is passed here is called. If the user
	* has no secure lockscreen, then the token is activated immediately.
	*
	* @return a unique 64-bit token handle which is needed to refer to this token later.
	*/
	public abstract long addEscrowToken(byte[] token, int userId,
	LockPatternUtils.EscrowTokenStateChangeCallback callback);

	/**
	* Remove an escrow token.
	*
	* @return true if the given handle refers to a valid token previously returned from
	* {@link #addEscrowToken}, whether it's active or not. return false otherwise.
	*/
	public abstract boolean removeEscrowToken(long handle, int userId);

	/**
	* Check if the given escrow token is active or not. Only active token can be used to call
	* {@link #setLockCredentialWithToken} and {@link #unlockUserWithToken}
	*/
	public abstract boolean isEscrowTokenActive(long handle, int userId);

	/**
	* Set the lock credential.
	*
	* @return true if password is set.
	*/
	public abstract boolean setLockCredentialWithToken(LockscreenCredential credential,
	long tokenHandle, byte[] token, int userId);

	public abstract boolean unlockUserWithToken(long tokenHandle, byte[] token, int userId);

	/**
	* Returns PasswordMetrics object corresponding to the given user's lockscreen password.
	* If the user has a password but its metrics isn't known yet (for example if the device
	* has not been unlocked since boot), this method will return {@code null}.
	* If the user has no password, a default PasswordMetrics (PASSWORD_QUALITY_UNSPECIFIED)
	* will be returned.
	*
	* Calling this method on a managed profile user with unified challenge is undefined.
	*
	* @param userHandle the user for whom to provide metrics.
	* @return the user password metrics.
	*/
	public abstract @Nullable PasswordMetrics getUserPasswordMetrics(int userHandle);

	/**
	* Prepare for reboot escrow. This triggers the strong auth to be required. After the escrow
	* is complete as indicated by calling to the listener registered with {@link
	* #setRebootEscrowListener}, then {@link #armRebootEscrow()} should be called before
	* rebooting to apply the update.
	*/
	public abstract void prepareRebootEscrow();

	/**
	* Registers a listener for when the RebootEscrow HAL has stored its data needed for rebooting
	* for an OTA.
	*
	* @see RebootEscrowListener
	* @param listener
	*/
	public abstract void setRebootEscrowListener(RebootEscrowListener listener);

	/**
	* Requests that any data needed for rebooting is cleared from the RebootEscrow HAL.
	*/
	public abstract void clearRebootEscrow();

	/**
	* Should be called immediately before rebooting for an update. This depends on {@link
	* #prepareRebootEscrow()} having been called and the escrow completing.
	*
	* @return true if the arming worked
	*/
	public abstract boolean armRebootEscrow();


	/**
	* Refreshes pending strong auth timeout with the latest admin requirement set by device policy.
	*/
	public abstract void refreshStrongAuthTimeout(int userId);
	}