Prompt to save PIN to device password manager.

Fixes an issue where the system auto-fill could overwrite the Signal backup key saved to the device password manager with the Signal PIN. The PIN confirmation screen now explicitly uses `CredentialManager` to save the `Signal PIN` under a separate username from the `Signal Backups` key, allowing both credentials to be stored and auto-filled correctly. - Add `com.google.android.libraries.identity.googleid` dependency so `CredentialManager` works on Android < 14. - Prompt to save Signal PIN to credential manager after PIN is created/edited.
2026-04-22 01:40:07 +01:00 · 2025-07-08 11:53:01 -04:00
parent ef874c4091
commit 6d58e89c18
11 changed files with 181 additions and 125 deletions
--- a/app/src/main/java/org/thoughtcrime/securesms/components/settings/app/backups/remote/BackupKeyCredentialManagerHandler.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/components/settings/app/backups/remote/BackupKeyCredentialManagerHandler.kt
@@ -5,15 +5,10 @@

 package org.thoughtcrime.securesms.components.settings.app.backups.remote

-import android.content.Context
-import android.content.Intent
-import android.net.Uri
-import android.os.Build
-import android.provider.Settings
-import android.view.autofill.AutofillManager
-import androidx.core.content.getSystemService
 import org.signal.core.util.logging.Log
 import org.signal.core.util.logging.logW
+import org.thoughtcrime.securesms.util.storage.CredentialManagerError
+import org.thoughtcrime.securesms.util.storage.CredentialManagerResult

 /**
 * Handles the process of storing a backup key to the device password manager.
@@ -21,37 +16,6 @@ import org.signal.core.util.logging.logW
 interface BackupKeyCredentialManagerHandler {
  companion object {
    private val TAG = Log.tag(BackupKeyCredentialManagerHandler::class)
-
-    val isCredentialManagerSupported: Boolean = Build.VERSION.SDK_INT >= 19
-
-    /**
-     * Returns an [Intent] that can be used to launch the device's password manager settings.
-     */
-    fun getCredentialManagerSettingsIntent(context: Context): Intent? {
-      if (Build.VERSION.SDK_INT >= 34) {
-        val intent = Intent(
-          Settings.ACTION_CREDENTIAL_PROVIDER,
-          Uri.fromParts("package", context.packageName, null)
-        )
-
-        if (intent.resolveActivity(context.packageManager) != null) {
-          return intent
-        }
-      }
-
-      if (Build.VERSION.SDK_INT >= 26) {
-        val isAutofillSupported = context.getSystemService<AutofillManager>()?.isAutofillSupported() == true
-        if (isAutofillSupported) {
-          val intent = Intent(
-            Settings.ACTION_REQUEST_SET_AUTOFILL_SERVICE,
-            Uri.fromParts("package", context.packageName, null)
-          )
-          return intent.takeIf { it.resolveActivity(context.packageManager) != null }
-        }
-      }
-
-      return null
-    }
  }

  /** Updates the [BackupKeySaveState]. Implementers must update their associated state to match [newState]. */
@@ -108,23 +72,3 @@ sealed interface BackupKeySaveState {
  data object Success : BackupKeySaveState
  data class Error(val errorType: CredentialManagerError) : BackupKeySaveState
 }
-
-sealed interface CredentialManagerResult {
-  data object Success : CredentialManagerResult
-  data object UserCanceled : CredentialManagerResult
-
-  /** The backup key save operation was interrupted and should be retried. */
-  data class Interrupted(val exception: Exception) : CredentialManagerResult
-}
-
-sealed class CredentialManagerError : CredentialManagerResult {
-  abstract val exception: Exception
-
-  /** No password manager is configured on the device. */
-  data class MissingCredentialManager(override val exception: Exception) : CredentialManagerError()
-
-  /** The user has added this app to the "never save" list in the smart lock for passwords settings. **/
-  data class SavePromptDisabled(override val exception: Exception) : CredentialManagerError()
-
-  data class Unexpected(override val exception: Exception) : CredentialManagerError()
-}
--- a/app/src/main/java/org/thoughtcrime/securesms/components/settings/app/backups/remote/BackupKeyDisplayFragment.kt
+++ b/app/src/main/java/org/thoughtcrime/securesms/components/settings/app/backups/remote/BackupKeyDisplayFragment.kt
@@ -13,6 +13,7 @@ import org.thoughtcrime.securesms.backup.v2.ui.subscription.MessageBackupsKeyRec
 import org.thoughtcrime.securesms.compose.ComposeFragment
 import org.thoughtcrime.securesms.keyvalue.SignalStore
 import org.thoughtcrime.securesms.util.Util
+import org.thoughtcrime.securesms.util.storage.AndroidCredentialRepository
 import org.thoughtcrime.securesms.util.viewModel

 /**
@@ -29,7 +30,7 @@ class BackupKeyDisplayFragment : ComposeFragment() {
  @Composable
  override fun FragmentContent() {
    val state by viewModel.uiState.collectAsStateWithLifecycle()
-    val passwordManagerSettingsIntent = BackupKeyCredentialManagerHandler.getCredentialManagerSettingsIntent(requireContext())
+    val passwordManagerSettingsIntent = AndroidCredentialRepository.getCredentialManagerSettingsIntent(requireContext())

    MessageBackupsKeyRecordScreen(
      backupKey = SignalStore.account.accountEntropyPool.displayValue,