From 8b8036feabb05da153a55f659846f59e6707c9fb Mon Sep 17 00:00:00 2001 From: pjf-dev <28768673+pjf-dev@users.noreply.github.com> Date: Sat, 19 Apr 2025 19:10:00 -0400 Subject: [PATCH] Rework original solution due to overlooking authenticators logic on API >= `Build.VERSION_CODES.R` --- .../src/main/java/BiometricActivity.kt | 48 +++++++++---------- 1 file changed, 22 insertions(+), 26 deletions(-) diff --git a/plugins/biometric/android/src/main/java/BiometricActivity.kt b/plugins/biometric/android/src/main/java/BiometricActivity.kt index bc6205db..4f118775 100644 --- a/plugins/biometric/android/src/main/java/BiometricActivity.kt +++ b/plugins/biometric/android/src/main/java/BiometricActivity.kt @@ -38,38 +38,39 @@ class BiometricActivity : AppCompatActivity() { var title = intent.getStringExtra(BiometricPlugin.TITLE) val subtitle = intent.getStringExtra(BiometricPlugin.SUBTITLE) val description = intent.getStringExtra(BiometricPlugin.REASON) - allowDeviceCredential = intent.getBooleanExtra(BiometricPlugin.DEVICE_CREDENTIAL, false) - + val allowDeviceCredentialArg = intent.getBooleanExtra(BiometricPlugin.DEVICE_CREDENTIAL, false) // Android docs say we should check if the device is secure before enabling device credential fallback val manager = getSystemService( Context.KEYGUARD_SERVICE ) as KeyguardManager - if (allowDeviceCredential && manager.isDeviceSecure) { - if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) { - var authenticators = BiometricManager.Authenticators.BIOMETRIC_WEAK - if (allowDeviceCredential) { - authenticators = authenticators or BiometricManager.Authenticators.DEVICE_CREDENTIAL - } - builder.setAllowedAuthenticators(authenticators) - } else { - @Suppress("DEPRECATION") - builder.setDeviceCredentialAllowed(allowDeviceCredential) + val allowDeviceCredential = allowDeviceCredentialArg && manager.isDeviceSecure; + + if (title.isNullOrEmpty()) { + title = "Authenticate" + } + + builder.setTitle(title).setSubtitle(subtitle).setDescription(description) + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) { + var authenticators = BiometricManager.Authenticators.BIOMETRIC_WEAK + if (allowDeviceCredential) { + authenticators = authenticators or BiometricManager.Authenticators.DEVICE_CREDENTIAL } + builder.setAllowedAuthenticators(authenticators) } else { - // From the Android docs: - // You can't call setNegativeButtonText() and setAllowedAuthenticators(... or DEVICE_CREDENTIAL) - // at the same time on a BiometricPrompt.PromptInfo.Builder instance. + @Suppress("DEPRECATION") + builder.setDeviceCredentialAllowed(allowDeviceCredential) + } + + // From the Android docs: + // You can't call setNegativeButtonText() and setAllowedAuthenticators(... or DEVICE_CREDENTIAL) + // at the same time on a BiometricPrompt.PromptInfo.Builder instance. + if (!allowDeviceCredential) { val negativeButtonText = intent.getStringExtra(BiometricPlugin.CANCEL_TITLE) builder.setNegativeButtonText( if (negativeButtonText.isNullOrEmpty()) "Cancel" else negativeButtonText ) } - if (title.isNullOrEmpty()) { - title = "Authenticate" - } - builder.setTitle(title).setSubtitle(subtitle).setDescription(description) - builder.setConfirmationRequired( intent.getBooleanExtra(BiometricPlugin.CONFIRMATION_REQUIRED, true) ) @@ -85,8 +86,7 @@ class BiometricActivity : AppCompatActivity() { var errorCode = errorCode var errorMessage = errorMessage // override error to properly report no device credential if needed - if (allowDeviceCredential - && errorCode == BiometricPrompt.ERROR_NO_BIOMETRICS) { + if (allowDeviceCredentialArg && errorCode == BiometricPrompt.ERROR_NO_BIOMETRICS) { errorCode = BiometricPrompt.ERROR_NO_DEVICE_CREDENTIAL errorMessage = "No device credential set" } @@ -127,8 +127,4 @@ class BiometricActivity : AppCompatActivity() { setResult(Activity.RESULT_OK, intent) finish() } - - companion object { - var allowDeviceCredential = false - } } \ No newline at end of file