fix(biometric) Incorrect error reported on Android with no device passcode set and fallback allowed

[pjf-dev]

Describe the problem

When performing biometric authentication on Android with no biometry or device credential set, but fallback credential allowed, the error biometryNotEnrolled is reported. While this error is technically correct, the expected error would be passcodeNotSet, closer matching the actual error and the behavior of other platforms.

Steps to reproduce

In my case, I tested this using the examples/api app, but general reproduction steps are as follows:

• Run a Tauri app that uses the biometric plugin on an Android device or simulator; ensure that biometry is not enrolled and no device passcode is set.
• Call the authenticate command with allowDeviceCredential set to true
• Observe the reported error is biometryNotEnrolled as opposed to passcodeNotSet

Cause

In my testing, I found that the following seem to be the cause of the issue:

• Early disabling of fallback credential if manager.isDeviceSecure returns false that prevents setting Authenticators.DEVICE_CREDENTIAL as a valid authenticator -- This is actually intended behavior and isn't the root cause as seen next
• The Android API itself reports the error as ERROR_NO_BIOMETRICS even after allowing device credential on an insecure device (manager.isDeviceSecure == false). It seems this is the intended behavior of the Android API, but nevertheless should be corrected in the biometric plugin as passcodeNotSet more accurately describes the error.

Proposed solution

Override the error code and message to ERROR_NO_DEVICE_CREDENTIAL in the event that a fallback credential is allowed, but error code ERROR_NO_BIOMETRICS was received.

Additional notes

Also corrected the Android module mapping ERROR_NO_DEVICE_CREDENTIAL to noDeviceCredential when it should be passcodeNotSet.

[pjf-dev]

Made a slight oversight in my first solution where I put ALL the code dealing with setting the BiometricManager.Authenticators on API >= 30 into a single if checked by allowDeviceCredential. This caused builder.setAllowedAuthenticators(authenticators) to only be called when fallback credentials were allowed even though we still needed to supply BiometricManager.Authenticators.BIOMETRIC_WEAK as an authenticator to the builder.

Fixed the issue by reverting most of the code and using a separate variable to hold the supplied allowDeviceCredential argument needed for determining the proper error type.

[github-actions]

Package Changes Through 8b8036f

There are 7 changes which include biometric with patch, biometric-js with patch, single-instance with patch, fs with minor, fs-js with minor, http with patch, http-js with patch

Planned Package Versions

The following package releases are the planned based on the context of changes in this pull request.

package	current	next
api-example	2.0.25	2.0.26
api-example-js	2.0.21	2.0.22
biometric	2.2.1	2.2.2
biometric-js	2.2.1	2.2.2
fs	2.2.1	2.3.0
fs-js	2.2.1	2.3.0
dialog	2.2.1	2.2.2
dialog-js	2.2.1	2.2.2
http	2.4.3	2.4.4
http-js	2.4.3	2.4.4
persisted-scope	2.2.1	2.2.2
single-instance	2.2.3	2.2.4

Add another change file through the GitHub UI by following this link.

---

Read about change files or the docs at github.com/jbolda/covector