Feature/fga/biometric unlock

[ganfra]

This PR branches the biometric unlock logic.

[ganfra]

Necessary to have FragmentActivity for Biometric api

[ElementBot]

	Warnings
⚠️	gradle/libs.versions.toml#L64 - A newer version of com.google.android.material:material than 1.9.0 is available: 1.10.0
⚠️	gradle/libs.versions.toml#L102 - A newer version of androidx.compose.material3:material3 than 1.2.0-alpha09 is available: 1.2.0-alpha10

Generated by 🚫 dangerJS against c01ed83

[github-actions]

📱 Scan the QR code below to install the build (arm64 only) for this PR.

If you can't scan the QR code you can install the build via this link: https://i.diawi.com/P3chEA

[jmartinesp]

LGTM thanks! I just have a few nits and one thing we might either want to implement now or as soon as we get some errors we saw back in EA (which we might avoid if we're lucky).

Also, if biometric auth is enabled, shouldn't it be prompted by default, instead of the PIN code?

Feel free to ignore the nits or implement them in another PR.

[jmartinesp]

Nit: maybe this could be a Duration instead?

[jmartinesp]

While this will work in general, on EA we had some nasty issues with 'user not authenticated' errors. To avoid this, one possible workaround may be to create the Cipher on demand and have 2 internal authentication methods, since it seems like this is a possible workaround:

1. authenticateWithCryptoObject, should be called by default, it will do what's inside authenticate right now. If the createEncryptionCipher inside this authenticate method fails with the 'user not authenticated error', however, we go to the 2nd method.
2. authenticateWithoutCryptoObject, will call the same prompt.authenticate method without a CryptoObject, which will authenticate the user and get rid of the error, then you should be able to initialize the Cipher and use it as you'd usually do.

I'm not saying you should implement this now, but we definitely should if we see those kind of issues coming back on EXA.

[ganfra]

user not authenticated error is something different than KeyPermanentlyInvalidatedException?

[jmartinesp]

Yes, it's completely different. This error should only appear if you tried to use the Cipher before using the biometric prompt I think, but for some reason it sometimes will trigger as soon as you initialize the Cipher.

[ganfra]

Ok I see, otherwise I'll remove the flag for now...

[jmartinesp]

If you do that we might have to handle key migrations in the future, so be careful.

[ganfra]

Will handle that later if we encounter the issue, no time for now :/

[jmartinesp]

No worries, given the deadlines, I think that's the right call too

[jmartinesp]

Maybe we should rename this to 'isAuthenticatorAvailable'?

[jmartinesp]

Nit: maybe use enabled here instead of allowed? Allowed sounds like something coming from the OS to me, rather than from a user preference.

[ganfra]

It was to reflects what we show on the ui...

[ganfra]

LGTM thanks! I just have a few nits and one thing we might either want to implement now or as soon as we get some errors we saw back in EA (which we might avoid if we're lucky).

Also, if biometric auth is enabled, shouldn't it be prompted by default, instead of the PIN code?

This is the case, it automatically opens the Biometric bottom sheet, on top of the PinUnlockView

Feel free to ignore the nits or implement them in another PR.

[jmartinesp]

This is the case, it automatically opens the Biometric bottom sheet, on top of the PinUnlockView

Ah, true, it does by default. However, for me it doesn't anymore after:

1. I dismiss the biometric prompt.
2. Unlock using pin code.
3. Move the app to background.
4. After the grace period, open the app again.

It won't work automatically, I need to click on 'use biometric'. It does work fine again after restarting the app.

[ganfra]

This is the case, it automatically opens the Biometric bottom sheet, on top of the PinUnlockView

Ah, true, it does by default. However, for me it doesn't anymore after:

1. I dismiss the biometric prompt.
2. Unlock using pin code.
3. Move the app to background.
4. After the grace period, open the app again.

It won't work automatically, I need to click on 'use biometric'. It does work fine again after restarting the app.

Got it, will fix, thanks!

[codecov]

Codecov Report

Attention: 187 lines in your changes are missing coverage. Please review.

Comparison is base (5f85707) 63.64% compared to head (35410c4) 63.40%.
Report is 12 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #1702      +/-   ##
===========================================
- Coverage    63.64%   63.40%   -0.25%     
===========================================
  Files         1267     1277      +10     
  Lines        32881    33129     +248     
  Branches      6809     6854      +45     
===========================================
+ Hits         20928    21006      +78     
- Misses        8805     8959     +154     
- Partials      3148     3164      +16     

Files	Coverage Δ
...ockscreen/impl/settings/LockScreenSettingsState.kt	100.00% <100.00%> (ø)
...n/impl/settings/LockScreenSettingsStateProvider.kt	93.33% <100.00%> (+1.02%)	⬆️
...creen/impl/setup/biometric/SetupBiometricEvents.kt	100.00% <100.00%> (ø)
...screen/impl/setup/biometric/SetupBiometricState.kt	100.00% <100.00%> (ø)
...atures/lockscreen/impl/setup/pin/SetupPinEvents.kt	100.00% <ø> (ø)
...res/lockscreen/impl/setup/pin/SetupPinPresenter.kt	86.84% <ø> (ø)
...eatures/lockscreen/impl/setup/pin/SetupPinState.kt	100.00% <ø> (ø)
...lockscreen/impl/setup/pin/SetupPinStateProvider.kt	96.29% <ø> (ø)
...features/lockscreen/impl/setup/pin/SetupPinView.kt	60.00% <ø> (ø)
...ckscreen/impl/setup/pin/validation/PinValidator.kt	100.00% <ø> (ø)
... and 25 more

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information