LockScreen : refact some code and add secureFlag
This commit is contained in:
ganfra
@@ -32,6 +32,7 @@ import androidx.core.view.WindowCompat
|
||||
import com.bumble.appyx.core.integration.NodeHost
|
||||
import com.bumble.appyx.core.integrationpoint.NodeActivity
|
||||
import com.bumble.appyx.core.plugin.NodeReadyObserver
|
||||
import io.element.android.features.lockscreen.api.handleSecureFlag
|
||||
import io.element.android.libraries.architecture.bindings
|
||||
import io.element.android.libraries.core.log.logger.LoggerTag
|
||||
import io.element.android.libraries.designsystem.utils.snackbar.LocalSnackbarDispatcher
|
||||
@@ -53,6 +54,7 @@ class MainActivity : NodeActivity() {
|
||||
installSplashScreen()
|
||||
super.onCreate(savedInstanceState)
|
||||
appBindings = bindings()
|
||||
appBindings.lockScreenService().handleSecureFlag(this)
|
||||
WindowCompat.setDecorFitsSystemWindows(window, false)
|
||||
setContent {
|
||||
MainContent(appBindings)
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
package io.element.android.x.di
|
||||
|
||||
import com.squareup.anvil.annotations.ContributesTo
|
||||
import io.element.android.features.lockscreen.api.LockScreenService
|
||||
import io.element.android.features.rageshake.api.reporter.BugReporter
|
||||
import io.element.android.libraries.designsystem.utils.snackbar.SnackbarDispatcher
|
||||
import io.element.android.libraries.di.AppScope
|
||||
@@ -27,4 +28,5 @@ interface AppBindings {
|
||||
fun snackbarDispatcher(): SnackbarDispatcher
|
||||
fun tracingService(): TracingService
|
||||
fun bugReporter(): BugReporter
|
||||
fun lockScreenService(): LockScreenService
|
||||
}
|
||||
|
||||
@@ -120,7 +120,7 @@ class DefaultFtueState @Inject constructor(
|
||||
|
||||
private fun shouldDisplayLockscreenSetup(): Boolean {
|
||||
return runBlocking {
|
||||
lockScreenService.isSetupRequired()
|
||||
lockScreenService.isSetupRequired().first()
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -57,6 +57,7 @@ class DefaultFtueStateTests {
|
||||
val analyticsService = FakeAnalyticsService()
|
||||
val migrationScreenStore = InMemoryMigrationScreenStore()
|
||||
val permissionStateProvider = FakePermissionStateProvider(permissionGranted = true)
|
||||
val lockScreenService = FakeLockScreenService()
|
||||
val coroutineScope = CoroutineScope(coroutineContext + SupervisorJob())
|
||||
|
||||
val state = createState(
|
||||
@@ -64,13 +65,15 @@ class DefaultFtueStateTests {
|
||||
welcomeState = welcomeState,
|
||||
analyticsService = analyticsService,
|
||||
migrationScreenStore = migrationScreenStore,
|
||||
permissionStateProvider = permissionStateProvider
|
||||
permissionStateProvider = permissionStateProvider,
|
||||
lockScreenService = lockScreenService,
|
||||
)
|
||||
|
||||
welcomeState.setWelcomeScreenShown()
|
||||
analyticsService.setDidAskUserConsent()
|
||||
migrationScreenStore.setMigrationScreenShown(A_SESSION_ID)
|
||||
permissionStateProvider.setPermissionGranted()
|
||||
lockScreenService.setIsPinSetup(true)
|
||||
state.updateState()
|
||||
|
||||
assertThat(state.shouldDisplayFlow.value).isFalse()
|
||||
@@ -85,6 +88,7 @@ class DefaultFtueStateTests {
|
||||
val analyticsService = FakeAnalyticsService()
|
||||
val migrationScreenStore = InMemoryMigrationScreenStore()
|
||||
val permissionStateProvider = FakePermissionStateProvider(permissionGranted = false)
|
||||
val lockScreenService = FakeLockScreenService()
|
||||
val coroutineScope = CoroutineScope(coroutineContext + SupervisorJob())
|
||||
|
||||
val state = createState(
|
||||
@@ -92,7 +96,8 @@ class DefaultFtueStateTests {
|
||||
welcomeState = welcomeState,
|
||||
analyticsService = analyticsService,
|
||||
migrationScreenStore = migrationScreenStore,
|
||||
permissionStateProvider = permissionStateProvider
|
||||
permissionStateProvider = permissionStateProvider,
|
||||
lockScreenService = lockScreenService,
|
||||
)
|
||||
val steps = mutableListOf<FtueStep?>()
|
||||
|
||||
@@ -108,7 +113,11 @@ class DefaultFtueStateTests {
|
||||
steps.add(state.getNextStep(steps.lastOrNull()))
|
||||
permissionStateProvider.setPermissionGranted()
|
||||
|
||||
// Fourth step, analytics opt in
|
||||
// Fourth step, notifications opt in
|
||||
steps.add(state.getNextStep(steps.lastOrNull()))
|
||||
lockScreenService.setIsPinSetup(true)
|
||||
|
||||
// Fifth step, analytics opt in
|
||||
steps.add(state.getNextStep(steps.lastOrNull()))
|
||||
analyticsService.setDidAskUserConsent()
|
||||
|
||||
@@ -119,6 +128,7 @@ class DefaultFtueStateTests {
|
||||
FtueStep.MigrationScreen,
|
||||
FtueStep.WelcomeScreen,
|
||||
FtueStep.NotificationsOptIn,
|
||||
FtueStep.LockscreenSetup,
|
||||
FtueStep.AnalyticsOptIn,
|
||||
null, // Final state
|
||||
)
|
||||
@@ -133,18 +143,20 @@ class DefaultFtueStateTests {
|
||||
val analyticsService = FakeAnalyticsService()
|
||||
val migrationScreenStore = InMemoryMigrationScreenStore()
|
||||
val permissionStateProvider = FakePermissionStateProvider(permissionGranted = false)
|
||||
|
||||
val lockScreenService = FakeLockScreenService()
|
||||
val state = createState(
|
||||
coroutineScope = coroutineScope,
|
||||
analyticsService = analyticsService,
|
||||
migrationScreenStore = migrationScreenStore,
|
||||
permissionStateProvider = permissionStateProvider,
|
||||
lockScreenService = lockScreenService,
|
||||
)
|
||||
|
||||
// Skip first 3 steps
|
||||
// Skip first 4 steps
|
||||
migrationScreenStore.setMigrationScreenShown(A_SESSION_ID)
|
||||
state.setWelcomeScreenShown()
|
||||
permissionStateProvider.setPermissionGranted()
|
||||
lockScreenService.setIsPinSetup(true)
|
||||
|
||||
assertThat(state.getNextStep()).isEqualTo(FtueStep.AnalyticsOptIn)
|
||||
|
||||
@@ -160,18 +172,21 @@ class DefaultFtueStateTests {
|
||||
val coroutineScope = CoroutineScope(coroutineContext + SupervisorJob())
|
||||
val analyticsService = FakeAnalyticsService()
|
||||
val migrationScreenStore = InMemoryMigrationScreenStore()
|
||||
val lockScreenService = FakeLockScreenService()
|
||||
|
||||
val state = createState(
|
||||
sdkIntVersion = Build.VERSION_CODES.M,
|
||||
coroutineScope = coroutineScope,
|
||||
analyticsService = analyticsService,
|
||||
migrationScreenStore = migrationScreenStore,
|
||||
lockScreenService = lockScreenService,
|
||||
)
|
||||
|
||||
migrationScreenStore.setMigrationScreenShown(A_SESSION_ID)
|
||||
assertThat(state.getNextStep()).isEqualTo(FtueStep.WelcomeScreen)
|
||||
|
||||
state.setWelcomeScreenShown()
|
||||
lockScreenService.setIsPinSetup(true)
|
||||
|
||||
assertThat(state.getNextStep()).isEqualTo(FtueStep.AnalyticsOptIn)
|
||||
|
||||
analyticsService.setDidAskUserConsent()
|
||||
|
||||
@@ -16,7 +16,14 @@
|
||||
|
||||
package io.element.android.features.lockscreen.api
|
||||
|
||||
import android.os.Build
|
||||
import android.view.WindowManager
|
||||
import androidx.activity.ComponentActivity
|
||||
import androidx.lifecycle.lifecycleScope
|
||||
import kotlinx.coroutines.flow.Flow
|
||||
import kotlinx.coroutines.flow.StateFlow
|
||||
import kotlinx.coroutines.flow.launchIn
|
||||
import kotlinx.coroutines.flow.onEach
|
||||
|
||||
interface LockScreenService {
|
||||
/**
|
||||
@@ -28,5 +35,33 @@ interface LockScreenService {
|
||||
* Check if setting up the lock screen is required.
|
||||
* @return true if the lock screen is mandatory and not setup yet, false otherwise.
|
||||
*/
|
||||
suspend fun isSetupRequired(): Boolean
|
||||
fun isSetupRequired(): Flow<Boolean>
|
||||
|
||||
/**
|
||||
* Check if pin is setup.
|
||||
* @return true if the pin is setup, false otherwise.
|
||||
*/
|
||||
fun isPinSetup(): Flow<Boolean>
|
||||
}
|
||||
|
||||
/**
|
||||
* Makes sure the secure flag is set on the activity if the pin is setup.
|
||||
* @param activity the activity to set the flag on.
|
||||
*/
|
||||
fun LockScreenService.handleSecureFlag(activity: ComponentActivity) {
|
||||
isPinSetup()
|
||||
.onEach { isPinSetup ->
|
||||
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU) {
|
||||
activity.setRecentsScreenshotEnabled(!isPinSetup)
|
||||
} else {
|
||||
if (isPinSetup) {
|
||||
activity.window.setFlags(
|
||||
WindowManager.LayoutParams.FLAG_SECURE,
|
||||
WindowManager.LayoutParams.FLAG_SECURE
|
||||
)
|
||||
} else {
|
||||
activity.window.clearFlags(WindowManager.LayoutParams.FLAG_SECURE)
|
||||
}
|
||||
}
|
||||
}.launchIn(activity.lifecycleScope)
|
||||
}
|
||||
|
||||
@@ -35,8 +35,12 @@ import io.element.android.services.appnavstate.api.AppForegroundStateService
|
||||
import kotlinx.coroutines.CoroutineScope
|
||||
import kotlinx.coroutines.Job
|
||||
import kotlinx.coroutines.delay
|
||||
import kotlinx.coroutines.flow.Flow
|
||||
import kotlinx.coroutines.flow.MutableStateFlow
|
||||
import kotlinx.coroutines.flow.StateFlow
|
||||
import kotlinx.coroutines.flow.combine
|
||||
import kotlinx.coroutines.flow.first
|
||||
import kotlinx.coroutines.flow.map
|
||||
import kotlinx.coroutines.launch
|
||||
import javax.inject.Inject
|
||||
import kotlin.time.Duration
|
||||
@@ -113,14 +117,23 @@ class DefaultLockScreenService @Inject constructor(
|
||||
}
|
||||
}
|
||||
|
||||
override suspend fun isSetupRequired(): Boolean {
|
||||
return lockScreenConfig.isPinMandatory
|
||||
&& featureFlagService.isFeatureEnabled(FeatureFlags.PinUnlock)
|
||||
&& !pinCodeManager.isPinCodeAvailable()
|
||||
override fun isPinSetup(): Flow<Boolean> {
|
||||
return combine(
|
||||
featureFlagService.isFeatureEnabledFlow(FeatureFlags.PinUnlock),
|
||||
pinCodeManager.hasPinCode()
|
||||
) { isEnabled, hasPinCode ->
|
||||
isEnabled && hasPinCode
|
||||
}
|
||||
}
|
||||
|
||||
override fun isSetupRequired(): Flow<Boolean> {
|
||||
return isPinSetup().map { isPinSetup ->
|
||||
!isPinSetup && lockScreenConfig.isPinMandatory
|
||||
}
|
||||
}
|
||||
|
||||
private fun CoroutineScope.lockIfNeeded(gracePeriod: Duration = Duration.ZERO) = launch {
|
||||
if (featureFlagService.isFeatureEnabled(FeatureFlags.PinUnlock) && pinCodeManager.isPinCodeAvailable()) {
|
||||
if (isPinSetup().first()) {
|
||||
delay(gracePeriod)
|
||||
_lockScreenState.value = LockScreenLockState.Locked
|
||||
}
|
||||
|
||||
@@ -23,6 +23,7 @@ import io.element.android.libraries.cryptography.api.EncryptionResult
|
||||
import io.element.android.libraries.cryptography.api.SecretKeyRepository
|
||||
import io.element.android.libraries.di.AppScope
|
||||
import io.element.android.libraries.di.SingleIn
|
||||
import kotlinx.coroutines.flow.Flow
|
||||
import java.util.concurrent.CopyOnWriteArrayList
|
||||
import javax.inject.Inject
|
||||
|
||||
@@ -46,7 +47,7 @@ class DefaultPinCodeManager @Inject constructor(
|
||||
callbacks.remove(callback)
|
||||
}
|
||||
|
||||
override suspend fun isPinCodeAvailable(): Boolean {
|
||||
override fun hasPinCode(): Flow<Boolean> {
|
||||
return lockScreenStore.hasPinCode()
|
||||
}
|
||||
|
||||
|
||||
@@ -16,6 +16,8 @@
|
||||
|
||||
package io.element.android.features.lockscreen.impl.pin
|
||||
|
||||
import kotlinx.coroutines.flow.Flow
|
||||
|
||||
/**
|
||||
* This interface is the main interface to manage the pin code.
|
||||
* Implementation should take care of encrypting the pin code and storing it.
|
||||
@@ -55,7 +57,7 @@ interface PinCodeManager {
|
||||
/**
|
||||
* @return true if a pin code is available.
|
||||
*/
|
||||
suspend fun isPinCodeAvailable(): Boolean
|
||||
fun hasPinCode(): Flow<Boolean>
|
||||
|
||||
/**
|
||||
* @return the size of the saved pin code.
|
||||
|
||||
@@ -42,6 +42,7 @@ import io.element.android.libraries.architecture.BackstackNode
|
||||
import io.element.android.libraries.architecture.animation.rememberDefaultTransitionHandler
|
||||
import io.element.android.libraries.architecture.createNode
|
||||
import io.element.android.libraries.di.SessionScope
|
||||
import kotlinx.coroutines.flow.first
|
||||
import kotlinx.coroutines.launch
|
||||
import kotlinx.parcelize.Parcelize
|
||||
|
||||
@@ -90,9 +91,11 @@ class LockScreenSettingsFlowNode @AssistedInject constructor(
|
||||
}
|
||||
}
|
||||
|
||||
init {
|
||||
override fun onBuilt() {
|
||||
super.onBuilt()
|
||||
lifecycleScope.launch {
|
||||
if (pinCodeManager.isPinCodeAvailable()) {
|
||||
val hasPinCode = pinCodeManager.hasPinCode().first()
|
||||
if (hasPinCode) {
|
||||
backstack.newRoot(NavTarget.Unlock)
|
||||
} else {
|
||||
backstack.newRoot(NavTarget.Setup)
|
||||
|
||||
@@ -17,11 +17,10 @@
|
||||
package io.element.android.features.lockscreen.impl.settings
|
||||
|
||||
import androidx.compose.runtime.Composable
|
||||
import androidx.compose.runtime.LaunchedEffect
|
||||
import androidx.compose.runtime.collectAsState
|
||||
import androidx.compose.runtime.getValue
|
||||
import androidx.compose.runtime.mutableIntStateOf
|
||||
import androidx.compose.runtime.mutableStateOf
|
||||
import androidx.compose.runtime.produceState
|
||||
import androidx.compose.runtime.remember
|
||||
import androidx.compose.runtime.setValue
|
||||
import io.element.android.appconfig.LockScreenConfig
|
||||
@@ -43,23 +42,15 @@ class LockScreenSettingsPresenter @Inject constructor(
|
||||
|
||||
@Composable
|
||||
override fun present(): LockScreenSettingsState {
|
||||
var triggerComputation by remember {
|
||||
mutableIntStateOf(0)
|
||||
}
|
||||
var showRemovePinOption by remember {
|
||||
mutableStateOf(false)
|
||||
}
|
||||
var showToggleBiometric by remember {
|
||||
mutableStateOf(false)
|
||||
val showRemovePinOption by produceState(initialValue = false) {
|
||||
pinCodeManager.hasPinCode().collect { hasPinCode ->
|
||||
value = !lockScreenConfig.isPinMandatory && hasPinCode
|
||||
}
|
||||
}
|
||||
val isBiometricEnabled by lockScreenStore.isBiometricUnlockAllowed().collectAsState(initial = false)
|
||||
var showRemovePinConfirmation by remember {
|
||||
mutableStateOf(false)
|
||||
}
|
||||
LaunchedEffect(triggerComputation) {
|
||||
showRemovePinOption = !lockScreenConfig.isPinMandatory && pinCodeManager.isPinCodeAvailable()
|
||||
showToggleBiometric = biometricUnlockManager.isDeviceSecured
|
||||
}
|
||||
|
||||
fun handleEvents(event: LockScreenSettingsEvents) {
|
||||
when (event) {
|
||||
@@ -69,7 +60,6 @@ class LockScreenSettingsPresenter @Inject constructor(
|
||||
if (showRemovePinConfirmation) {
|
||||
showRemovePinConfirmation = false
|
||||
pinCodeManager.deletePinCode()
|
||||
triggerComputation++
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -86,7 +76,7 @@ class LockScreenSettingsPresenter @Inject constructor(
|
||||
showRemovePinOption = showRemovePinOption,
|
||||
isBiometricEnabled = isBiometricEnabled,
|
||||
showRemovePinConfirmation = showRemovePinConfirmation,
|
||||
showToggleBiometric = showToggleBiometric,
|
||||
showToggleBiometric = biometricUnlockManager.isDeviceSecured,
|
||||
eventSink = ::handleEvents
|
||||
)
|
||||
}
|
||||
|
||||
@@ -16,6 +16,8 @@
|
||||
|
||||
package io.element.android.features.lockscreen.impl.storage
|
||||
|
||||
import kotlinx.coroutines.flow.Flow
|
||||
|
||||
/**
|
||||
* Should be implemented by any class that provides access to the encrypted PIN code.
|
||||
* All methods are suspending in case there are async IO operations involved.
|
||||
@@ -39,5 +41,6 @@ interface EncryptedPinCodeStorage {
|
||||
/**
|
||||
* Returns whether the PIN code is stored or not.
|
||||
*/
|
||||
suspend fun hasPinCode(): Boolean
|
||||
fun hasPinCode(): Flow<Boolean>
|
||||
|
||||
}
|
||||
|
||||
@@ -85,10 +85,10 @@ class PreferencesLockScreenStore @Inject constructor(
|
||||
}
|
||||
}
|
||||
|
||||
override suspend fun hasPinCode(): Boolean {
|
||||
override fun hasPinCode(): Flow<Boolean> {
|
||||
return context.dataStore.data.map { preferences ->
|
||||
preferences[pinCodeKey] != null
|
||||
}.first()
|
||||
}
|
||||
}
|
||||
|
||||
override fun isBiometricUnlockAllowed(): Flow<Boolean> {
|
||||
|
||||
@@ -16,6 +16,7 @@
|
||||
|
||||
package io.element.android.features.lockscreen.impl.pin
|
||||
|
||||
import app.cash.turbine.test
|
||||
import com.google.common.truth.Truth.assertThat
|
||||
import io.element.android.features.lockscreen.impl.pin.storage.InMemoryLockScreenStore
|
||||
import io.element.android.libraries.cryptography.impl.AESEncryptionDecryptionService
|
||||
@@ -32,10 +33,13 @@ class DefaultPinCodeManagerTest {
|
||||
|
||||
@Test
|
||||
fun `given a pin code when create and delete assert no pin code left`() = runTest {
|
||||
pinCodeManager.createPinCode("1234")
|
||||
assertThat(pinCodeManager.isPinCodeAvailable()).isTrue()
|
||||
pinCodeManager.deletePinCode()
|
||||
assertThat(pinCodeManager.isPinCodeAvailable()).isFalse()
|
||||
pinCodeManager.hasPinCode().test {
|
||||
assertThat(awaitItem()).isFalse()
|
||||
pinCodeManager.createPinCode("1234")
|
||||
assertThat(awaitItem()).isTrue()
|
||||
pinCodeManager.deletePinCode()
|
||||
assertThat(awaitItem()).isFalse()
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -24,7 +24,12 @@ private const val DEFAULT_REMAINING_ATTEMPTS = 3
|
||||
|
||||
class InMemoryLockScreenStore : LockScreenStore {
|
||||
|
||||
private val hasPinCode = MutableStateFlow(false)
|
||||
private var pinCode: String? = null
|
||||
set(value) {
|
||||
field = value
|
||||
hasPinCode.value = value != null
|
||||
}
|
||||
private var remainingAttempts: Int = DEFAULT_REMAINING_ATTEMPTS
|
||||
private var isBiometricUnlockAllowed = MutableStateFlow(false)
|
||||
|
||||
@@ -52,8 +57,8 @@ class InMemoryLockScreenStore : LockScreenStore {
|
||||
pinCode = null
|
||||
}
|
||||
|
||||
override suspend fun hasPinCode(): Boolean {
|
||||
return pinCode != null
|
||||
override fun hasPinCode(): Flow<Boolean> {
|
||||
return hasPinCode
|
||||
}
|
||||
|
||||
override fun isBiometricUnlockAllowed(): Flow<Boolean> {
|
||||
|
||||
@@ -18,21 +18,27 @@ package io.element.android.features.lockscreen.test
|
||||
|
||||
import io.element.android.features.lockscreen.api.LockScreenLockState
|
||||
import io.element.android.features.lockscreen.api.LockScreenService
|
||||
import kotlinx.coroutines.flow.Flow
|
||||
import kotlinx.coroutines.flow.MutableStateFlow
|
||||
import kotlinx.coroutines.flow.StateFlow
|
||||
import kotlinx.coroutines.flow.map
|
||||
|
||||
class FakeLockScreenService : LockScreenService {
|
||||
|
||||
private var isSetupRequired: Boolean = false
|
||||
private var isPinSetup = MutableStateFlow(false)
|
||||
private val _lockState: MutableStateFlow<LockScreenLockState> = MutableStateFlow(LockScreenLockState.Locked)
|
||||
override val lockState: StateFlow<LockScreenLockState> = _lockState
|
||||
|
||||
override suspend fun isSetupRequired(): Boolean {
|
||||
return isSetupRequired
|
||||
override fun isSetupRequired(): Flow<Boolean> {
|
||||
return isPinSetup.map { !it }
|
||||
}
|
||||
|
||||
fun setIsSetupRequired(isSetupRequired: Boolean) {
|
||||
this.isSetupRequired = isSetupRequired
|
||||
fun setIsPinSetup(isPinSetup: Boolean) {
|
||||
this.isPinSetup.value = isPinSetup
|
||||
}
|
||||
|
||||
override fun isPinSetup(): Flow<Boolean> {
|
||||
return isPinSetup
|
||||
}
|
||||
|
||||
fun setLockState(lockState: LockScreenLockState) {
|
||||
|
||||
Reference in New Issue
Block a user