/**
* Clear device password.
*
* @param code - Operation code.
* @param requestMode - Request mode(Normal mode or policy bundle mode).
*/
public void clearPassword(String code) {
ComponentName demoDeviceAdmin = new ComponentName(context, AgentDeviceAdminReceiver.class);
resultBuilder.build(code);
devicePolicyManager.setPasswordQuality(
demoDeviceAdmin, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED);
devicePolicyManager.setPasswordMinimumLength(demoDeviceAdmin, DEFAULT_PASSWORD_LENGTH);
devicePolicyManager.resetPassword(
resources.getString(R.string.shared_pref_default_string),
DevicePolicyManager.RESET_PASSWORD_REQUIRE_ENTRY);
devicePolicyManager.lockNow();
devicePolicyManager.setPasswordQuality(
demoDeviceAdmin, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED);
}
void updatePolicies() {
SharedPreferences prefs = getSamplePreferences(this);
final int pwQuality =
prefs.getInt(PREF_PASSWORD_QUALITY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED);
final int pwLength = prefs.getInt(PREF_PASSWORD_LENGTH, 0);
final int maxFailedPw = prefs.getInt(PREF_MAX_FAILED_PW, 0);
boolean active = mDPM.isAdminActive(mDeviceAdminSample);
if (active) {
mDPM.setPasswordQuality(mDeviceAdminSample, pwQuality);
mDPM.setPasswordMinimumLength(mDeviceAdminSample, pwLength);
mDPM.setMaximumFailedPasswordsForWipe(mDeviceAdminSample, maxFailedPw);
}
}
/**
* Set the requested security level based on the aggregate set of requests. If the set is empty,
* we release our device administration. If the set is non-empty, we only proceed if we are
* already active as an admin.
*/
public void setActivePolicies() {
DevicePolicyManager dpm = getDPM();
// compute aggregate set of policies
Policy aggregatePolicy = getAggregatePolicy();
// if empty set, detach from policy manager
if (aggregatePolicy == Policy.NO_POLICY) {
if (DebugUtils.DEBUG) {
LogUtils.d(TAG, "setActivePolicies: none, remove admin");
}
dpm.removeActiveAdmin(mAdminName);
} else if (isActiveAdmin()) {
if (DebugUtils.DEBUG) {
LogUtils.d(TAG, "setActivePolicies: " + aggregatePolicy);
}
// set each policy in the policy manager
// password mode & length
dpm.setPasswordQuality(mAdminName, aggregatePolicy.getDPManagerPasswordQuality());
dpm.setPasswordMinimumLength(mAdminName, aggregatePolicy.mPasswordMinLength);
// screen lock time
dpm.setMaximumTimeToLock(mAdminName, aggregatePolicy.mMaxScreenLockTime * 1000);
// local wipe (failed passwords limit)
dpm.setMaximumFailedPasswordsForWipe(mAdminName, aggregatePolicy.mPasswordMaxFails);
// password expiration (days until a password expires). API takes mSec.
dpm.setPasswordExpirationTimeout(
mAdminName, aggregatePolicy.getDPManagerPasswordExpirationTimeout());
// password history length (number of previous passwords that may not be reused)
dpm.setPasswordHistoryLength(mAdminName, aggregatePolicy.mPasswordHistory);
// password minimum complex characters.
// Note, in Exchange, "complex chars" simply means "non alpha", but in the DPM,
// setting the quality to complex also defaults min symbols=1 and min numeric=1.
// We always / safely clear minSymbols & minNumeric to zero (there is no policy
// configuration in which we explicitly require a minimum number of digits or symbols.)
dpm.setPasswordMinimumSymbols(mAdminName, 0);
dpm.setPasswordMinimumNumeric(mAdminName, 0);
dpm.setPasswordMinimumNonLetter(mAdminName, aggregatePolicy.mPasswordComplexChars);
// Device capabilities
try {
// If we are running in a managed policy, it is a securityException to even
// call setCameraDisabled(), if is disabled is false. We have to swallow
// the exception here.
dpm.setCameraDisabled(mAdminName, aggregatePolicy.mDontAllowCamera);
} catch (SecurityException e) {
LogUtils.d(TAG, "SecurityException in setCameraDisabled, nothing changed");
}
// encryption required
dpm.setStorageEncryption(mAdminName, aggregatePolicy.mRequireEncryption);
}
}
/**
* Set device password policy.
*
* @param code - Operation code.
* @param data - Data required (Password policy parameters).
* @param requestMode - Request mode(Normal mode or policy bundle mode).
*/
public void setPasswordPolicy(String code, String data) {
ComponentName demoDeviceAdmin = new ComponentName(context, AgentDeviceAdminReceiver.class);
int attempts, length, history, specialChars;
String alphanumeric, complex;
boolean isAlphanumeric, isComplex;
long timout;
resultBuilder.build(code);
try {
JSONObject policyData = new JSONObject(data);
if (!policyData.isNull(resources.getString(R.string.policy_password_max_failed_attempts))
&& policyData.get(resources.getString(R.string.policy_password_max_failed_attempts))
!= null) {
attempts =
Integer.parseInt(
(String)
policyData.get(
resources.getString(R.string.policy_password_max_failed_attempts)));
devicePolicyManager.setMaximumFailedPasswordsForWipe(demoDeviceAdmin, attempts);
}
if (!policyData.isNull(resources.getString(R.string.policy_password_min_length))
&& policyData.get(resources.getString(R.string.policy_password_min_length)) != null) {
length =
Integer.parseInt(
(String) policyData.get(resources.getString(R.string.policy_password_min_length)));
devicePolicyManager.setPasswordMinimumLength(demoDeviceAdmin, length);
}
if (!policyData.isNull(resources.getString(R.string.policy_password_pin_history))
&& policyData.get(resources.getString(R.string.policy_password_pin_history)) != null) {
history =
Integer.parseInt(
(String) policyData.get(resources.getString(R.string.policy_password_pin_history)));
devicePolicyManager.setPasswordHistoryLength(demoDeviceAdmin, history);
}
if (!policyData.isNull(resources.getString(R.string.policy_password_min_complex_chars))
&& policyData.get(resources.getString(R.string.policy_password_min_complex_chars))
!= null) {
specialChars =
Integer.parseInt(
(String)
policyData.get(
resources.getString(R.string.policy_password_min_complex_chars)));
devicePolicyManager.setPasswordMinimumSymbols(demoDeviceAdmin, specialChars);
}
if (!policyData.isNull(resources.getString(R.string.policy_password_require_alphanumeric))
&& policyData.get(resources.getString(R.string.policy_password_require_alphanumeric))
!= null) {
if (policyData.get(resources.getString(R.string.policy_password_require_alphanumeric))
instanceof String) {
alphanumeric =
(String)
policyData.get(
resources.getString(R.string.policy_password_require_alphanumeric));
if (alphanumeric.equals(resources.getString(R.string.shared_pref_default_status))) {
devicePolicyManager.setPasswordQuality(
demoDeviceAdmin, DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC);
}
} else if (policyData.get(
resources.getString(R.string.policy_password_require_alphanumeric))
instanceof Boolean) {
isAlphanumeric =
policyData.getBoolean(
resources.getString(R.string.policy_password_require_alphanumeric));
if (isAlphanumeric) {
devicePolicyManager.setPasswordQuality(
demoDeviceAdmin, DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC);
}
}
}
if (!policyData.isNull(resources.getString(R.string.policy_password_allow_simple))
&& policyData.get(resources.getString(R.string.policy_password_allow_simple)) != null) {
if (policyData.get(resources.getString(R.string.policy_password_allow_simple))
instanceof String) {
complex =
(String) policyData.get(resources.getString(R.string.policy_password_allow_simple));
if (!complex.equals(resources.getString(R.string.shared_pref_default_status))) {
devicePolicyManager.setPasswordQuality(
demoDeviceAdmin, DevicePolicyManager.PASSWORD_QUALITY_COMPLEX);
}
} else if (policyData.get(resources.getString(R.string.policy_password_allow_simple))
instanceof Boolean) {
isComplex =
policyData.getBoolean(resources.getString(R.string.policy_password_allow_simple));
if (!isComplex) {
devicePolicyManager.setPasswordQuality(
demoDeviceAdmin, DevicePolicyManager.PASSWORD_QUALITY_COMPLEX);
}
}
}
if (!policyData.isNull(resources.getString(R.string.policy_password_pin_age_in_days))
&& policyData.get(resources.getString(R.string.policy_password_pin_age_in_days))
!= null) {
int daysOfExp =
Integer.parseInt(
(String)
policyData.get(resources.getString(R.string.policy_password_pin_age_in_days)));
timout = (long) (daysOfExp * DAY_MILLISECONDS_MULTIPLIER);
devicePolicyManager.setPasswordExpirationTimeout(demoDeviceAdmin, timout);
}
} catch (JSONException e) {
Log.e(TAG, "Invalid JSON format." + e);
}
}
/** Revokes screen lock password policy on the device. */
private void revokePasswordPolicy() {
devicePolicyManager.setPasswordQuality(
deviceAdmin, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED);
}