Fenix: [Bug] unlocking passwords does not work at all on certain devices

I don't know if it's helpful but this is the logcat output after trying to authenticate:

2020-01-10 20:19:04.846 17031-17062/org.mozilla.fenix.debug D/LeakCanary: No checking for retained object: LeakCanary.Config.dumpHeap is false
2020-01-10 20:19:07.514 17031-17031/org.mozilla.fenix.debug D/App: DebugMetricController: track event: org.mozilla.fenix.components.metrics.Event$OpenLogins@727af7b
2020-01-10 20:19:07.514 17031-17031/org.mozilla.fenix.debug I/FragmentNavigator: Ignoring navigate() call: FragmentManager has already saved its state
2020-01-10 20:19:07.582 17031-17031/org.mozilla.fenix.debug D/GeckoRuntime: Lifecycle: onStart
2020-01-10 20:19:07.583 17031-17031/org.mozilla.fenix.debug D/GeckoRuntime: Lifecycle: onResume
2020-01-10 20:19:07.583 17031-17031/org.mozilla.fenix.debug D/GeckoNetworkManager: Incoming event start for state OffWithListeners -> OnWithListeners
2020-01-10 20:19:07.584 17031-17096/org.mozilla.fenix.debug W/FirefoxAccountStateMachine: Got invalid event Init for state AuthenticatedWithProfile.
2020-01-10 20:19:07.589 17031-17031/org.mozilla.fenix.debug V/FenixPerf: hot start: 9
2020-01-10 20:19:07.590 17031-17148/org.mozilla.fenix.debug I/FxaDeviceConstellation: Executing: polling for device events
2020-01-10 20:19:07.591 17031-17148/org.mozilla.fenix.debug D/fxaclient_ffi: fxa_poll_device_commands
2020-01-10 20:19:07.591 17031-17066/org.mozilla.fenix.debug I/FirefoxAccount: Executing: get access token
2020-01-10 20:19:07.591 17031-17066/org.mozilla.fenix.debug D/fxaclient_ffi: fxa_get_access_token
2020-01-10 20:19:07.600 17031-17959/org.mozilla.fenix.debug D/DecorView: onWindowFocusChangedFromViewRoot hasFocus: true, DecorView@cf5c98[App]
2020-01-10 20:19:07.607 17031-17031/org.mozilla.fenix.debug D/GeckoNetworkManager: Incoming event receivedUpdate for state OnWithListeners -> OnWithListeners
2020-01-10 20:19:07.608 17031-17031/org.mozilla.fenix.debug D/GeckoNetworkManager: New network state: UP, WIFI, WIFI
2020-01-10 20:19:08.391 17031-17066/org.mozilla.fenix.debug D/fxaclient_ffi: fxa_to_json
2020-01-10 20:19:08.392 17031-17066/org.mozilla.fenix.debug D/WrappingPersistenceCallback: Logging state to mozilla.components.service.fxa.manager.FxaAccountManager$FxaStatePersistenceCallback@ba2e43f
2020-01-10 20:19:08.392 17031-17148/org.mozilla.fenix.debug D/fxaclient_ffi: fxa_to_json
2020-01-10 20:19:08.393 17031-17148/org.mozilla.fenix.debug D/WrappingPersistenceCallback: Logging state to mozilla.components.service.fxa.manager.FxaAccountManager$FxaStatePersistenceCallback@ba2e43f
2020-01-10 20:19:08.396 17031-17066/org.mozilla.fenix.debug D/FxaStatePersistenceCallback: Persisting account state into mozilla.components.service.fxa.SecureAbove22AccountStorage@35a5e76
2020-01-10 20:19:08.397 17031-17148/org.mozilla.fenix.debug D/FxaStatePersistenceCallback: Persisting account state into mozilla.components.service.fxa.SecureAbove22AccountStorage@b865c77
2020-01-10 20:19:08.438 17031-17066/org.mozilla.fenix.debug I/FirefoxAccount: Successfully executed: get access token
2020-01-10 20:19:08.438 17031-17148/org.mozilla.fenix.debug I/FxaDeviceConstellation: Successfully executed: polling for device events
2020-01-10 20:19:08.439 17031-17031/org.mozilla.fenix.debug I/DeviceEventsIntegration: Received events, notifying listeners
2020-01-10 20:19:08.440 17031-17096/org.mozilla.fenix.debug D/fxaclient_ffi: fxa_get_token_server_endpoint_url
2020-01-10 20:19:08.441 17031-17096/org.mozilla.fenix.debug D/BgSyncManager: Requesting immediate sync, reason: mozilla.components.service.fxa.sync.SyncReason$Startup@5720190, debounce: true
2020-01-10 20:19:08.441 17031-17096/org.mozilla.fenix.debug D/WMSyncDispatcher: Immediate sync requested, reason = mozilla.components.service.fxa.sync.SyncReason$Startup@5720190, debounce = true
2020-01-10 20:19:13.530 17031-17066/org.mozilla.fenix.debug D/SyncWorker: Starting sync... Tagged as: [mozilla.components.service.fxa.sync.WorkManagerSyncWorker, Debounce, Common]
2020-01-10 20:19:13.533 17031-17097/org.mozilla.fenix.debug I/WM-WorkerWrapper: Worker result SUCCESS for Work [ id=f993bbe5-3fcc-4baa-b437-ae5e6c7ca527, tags={ mozilla.components.service.fxa.sync.WorkManagerSyncWorker, Debounce, Common } ]

FragmentManager is the culprit, because isStateSaved() returns true and thus it ignores all requests to navigate.( log entry: I/FragmentNavigator: Ignoring navigate() call: FragmentManager has already saved its state).
But this happens intermittently, every once in a while it returns false and you can navigate to saved passwords screen.
I did not find any other devices that have this behaviour, so this may require further investigation to come up with a solution that does not unnecessarily complicate the navigation,

@mcarare @ekager Since I have one of the obviously few affected devices - is there something I can do to help to debug the problem?

@mcarare @ekager

https://github.com/mozilla-mobile/fenix/blob/0fa0a848878eefce6204469b4bba19f17499a94b/app/src/main/java/org/mozilla/fenix/settings/LoginsFragment.kt#L113-L121

1. Build.VERSION.SDK_INT >= M, isHardwareAvailable and hasBiometricEnrolled is all true on the OnePlus 7T Pro that's why biometricPrompt.authenticate(promptInfo) is executed and this method doesn't work on this device. But verifyPinOrShowSetupWarning() works. Once I change the code to execute verifyPinOrShowSetupWarning() instead of biometricPrompt.authenticate(promptInfo) I can see all my logins after unlocking.

2. With biometricPrompt.authenticate(promptInfo) and verifyPinOrShowSetupWarning() I see exactly the same screen on the OnePlus 7T Pro. For comparison: With the HTC U11 both methods trigger a different screen.

Does this help?

@cadeyrn thanks for the info! Could you check if this branch fixes the issue? https://github.com/ekager/fenix/tree/biometric-test

Not sure why this would work though because if you have fingerprints set up it's likely to just do the same thing. I did a little research and looks like there are some known library issues with oneplus so that's where we can explore next.
https://issuetracker.google.com/issues/147106481

And this issue: https://issuetracker.google.com/issues/141143925

Thanks for having a look at the issue! I tested the branch, unfortunately it didn't fix the issue.

On Jan 23rd a Google rep said they had filed this issue with the manufacturer, and this will be addressed by OnePlus in a Q update. Not sure when that will be.
https://issuetracker.google.com/issues/141143925#comment5

We could put in a quick fix before release that checks for affected device hardware and then defaults to using PIN

We could put in a quick fix before release that checks for affected device hardware and then defaults to using PIN

This would be great because it can take some time until an update arrives on all affected devices. And I don't know the OnePlus update policy for older devices…

I can confirm that the workaround for OnePlus devices works on my device. Thank you!

You're welcome 🤗 Let me know when your device receives an OS update and we can retest using biometrics without the workaround

Closing this since not sure if any other devices are affected. We can revisit later

@ekager

Let me know when your device receives an OS update and we can retest using biometrics without the workaround

Today I received the update to OxygenOS 10.0.7. I checked out the latest version from master branch (with PR #8464 applied so that it compiles) and reverted your workaround. Result: I can access the passwords.

But please note: OnePlus shipped the update for the 7T Pro, there is no update (yet) for the 7T and I guess older devices are also affected.

Interesting, we can see if we have any other OnePlus devices we can test with that wouldn't get the update. Ideally, we could remove the workaround for everyone :)

CC @mcarare do you know if we have any 7T devices or older OnePlus devices to test on?

Going to reopen for visibility

@ekager
Tested on OnePlus 5T (OxygenOS 9.0.10, January 17, 2020) using fingerprint authentication on Fenix nighlty 2/18.
I can access saved logins without any crash.

@Dunexus Did you test a self compiled build with the workaround for OnePlus devices removed? It's not clear from your comment. Otherwise it's expected that it works on OnePlus devices. The question is whether the workaround is still needed or not.

@cadeyrn Oh I didn't understand there was a special build with the workaround removed.
Could you guide me to get such a build ? Or if there is an apk you could share to test it.

@Dunexus I uploaded APKs without the workaround here:
https://drive.google.com/open?id=1LH_ny88_344etbnwVOl027fEV0Y8rduC
Thanks for testing!

I installed the debug build APK, went to a website, saved a login and then Settings > Login and passwords > Saved logins > Unlock with fingerprint sensor.
The login I saved before is displayed, no crash.

QA - if we have any OnePlus test devices could we also test the APK above
https://github.com/mozilla-mobile/fenix/issues/7603#issuecomment-587720180
to see if biometrics entry to logins works correctly and we can remove the device-specific workaround?

Hi @ekager , I've just re-checked this matter on both the APKs provided by you as well as on the latest Nightly Build #20620607 from 03/02 using the following devices:
• OnePlus 6T (Android 9)
• OnePlus A3 (Android 6.0.1)

OnePlus 6T

| Build | Device Security | Logged in to Sync | Remarks | Status |
| ------------- | ------------- | ------------- | ------------- | ------------- |
| Nightly | Pattern | No | N/A | ✅ |
| Nightly | Pin | No | N/A | ✅ |
| Nightly | Password | No | N/A | ✅ |
| Nightly | Fingerprint + Pattern | No | N/A | ✅ |
| Nightly | Pattern | Yes | N/A | ✅ |
| Nightly | Pin | Yes | N/A | ✅ |
| Nightly | Password | Yes | N/A | ✅ |
| Nightly | Fingerprint + PIN | Yes | N/A | ✅ |

| Build | Device Security | Logged in to Sync | Remarks | Status |
| ------------- | ------------- | ------------- | ------------- | ------------- |
| Debug build | Pattern | No | N/A | ✅ |
| Debug build | Pin | No | N/A | ✅ |
| Debug build | Password | No | N/A | ✅ |
| Debug build | Fingerprint + Pattern | No | The Pattern alternative prompt isn't displayed | ✅ |
| Debug build | Pattern | Yes | N/A | ✅ |
| Debug build | Pin | Yes | N/A | ✅ |
| Debug build | Password | Yes | N/A | ✅ |
| Debug build | Fingerprint + PIN | Yes | The PIN alternative prompt displayed after a couple of attempts (credentials displayed properly) | ✅ |

OnePlus 3A

| Build | Device Security | Logged in to Sync | Remarks | Status |
| ------------- | ------------- | ------------- | ------------- | ------------- |
| Nightly | Pattern | No | N/A | ✅ |
| Nightly | Pin | No | N/A | ✅ |
| Nightly | Password | No | N/A | ✅ |
| Nightly | Fingerprint + PIN | No | N/A | ✅ |
| Nightly | Pattern | Yes | N/A | ✅ |
| Nightly | Pin | Yes | N/A | ✅ |
| Nightly | Password | Yes | N/A | ✅ |
| Nightly | Fingerprint + Password | Yes | N/A | ✅ |

| Build | Device Security | Logged in to Sync | Remarks | Status |
| ------------- | ------------- | ------------- | ------------- | ------------- |
| Debug build | Pattern | No | N/A | ✅ |
| Debug build | Pin | No | N/A | ✅ |
| Debug build | Password | No | N/A | ✅ |
| Debug build | Fingerprint + Password | No | The Password alternative prompt displayed after a couple of attempts (credentials displayed properly) | ✅ |
| Debug build | Pattern | Yes | N/A | ✅ |
| Debug build | Pin | Yes | N/A | ✅ |
| Debug build | Password | Yes | N/A | ✅ |
| Debug build | Fingerprint + PIN | Yes | The PIN alternative prompt displayed after a couple of attempts (credentials displayed properly) | ✅ |

As a conclusion, in all the above mentioned scenarios the Login credentials were properly displayed regardless of the type of device security used, and no crashes encountered while testing.

Please review and share your thoughts. ☺️
I'll remove the QA needed label until further notice.

Thanks @AndiAJ ! I'm going to revert the temporary work around in https://github.com/mozilla-mobile/fenix/pull/8910

Closing, the workaround has been removed.