指纹生物识别
本文介绍如何向 Windows 应用添加指纹生物识别技术,包括在用户必须同意特定操作时请求指纹身份验证,以提高应用的安全性。 例如,可在授权应用内购买或对受限资源的访问权限之前要求指纹身份验证。 指纹身份验证使用 Windows.Security.Credentials.UI 命名空间中的 UserConsentVerifier 类进行管理。
指纹生物识别的 Windows 运行时 (WinRT) API 是 Windows 软件开发工具包 (SDK) 的一部分。 这些 API 已创建用于 通用 Windows 平台 (UWP) 应用,但它们也可以在 WinUI 应用或打包的桌面应用中使用,包括 WPF 和Windows 窗体。 有关在 Windows 桌面应用中使用 WinRT API 的详细信息,请参阅在桌面应用中调用Windows 运行时 API。
检查设备以寻找指纹读取器
若要查找设备是否安装了指纹读取器,请调用 UserConsentVerifier.CheckAvailabilityAsync。 即使设备支持指纹身份验证,应用仍应当在“设置”中向用户提供相应选项,以便启用或禁用指纹身份验证。
public async System.Threading.Tasks.Task<string> CheckFingerprintAvailability()
{
string returnMessage = "";
try
{
// Check the availability of fingerprint authentication.
var ucvAvailability = await Windows.Security.Credentials.UI.UserConsentVerifier.CheckAvailabilityAsync();
switch (ucvAvailability)
{
case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.Available:
returnMessage = "Fingerprint verification is available.";
break;
case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.DeviceBusy:
returnMessage = "Biometric device is busy.";
break;
case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.DeviceNotPresent:
returnMessage = "No biometric device found.";
break;
case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.DisabledByPolicy:
returnMessage = "Biometric verification is disabled by policy.";
break;
case Windows.Security.Credentials.UI.UserConsentVerifierAvailability.NotConfiguredForUser:
returnMessage = "The user has no fingerprints registered. Please add a fingerprint to the " +
"fingerprint database and try again.";
break;
default:
returnMessage = "Fingerprints verification is currently unavailable.";
break;
}
}
catch (Exception ex)
{
returnMessage = $"Fingerprint authentication availability check failed: {ex.ToString()}";
}
return returnMessage;
}
请求同意并返回结果
- 若要请求来自指纹扫描的用户同意,请调用 UserConsentVerifier.RequestVerificationAsync 方法。 要使指纹身份验证起效,用户必须预先将指纹“签名”添加到指纹数据库中。
- 当你调用 UserConsentVerifier.RequestVerificationAsync 时,将向用户呈现一个请求指纹扫描的模式对话框。 你可以向 UserConsentVerifier.RequestVerificationAsync 方法提供一条消息,此消息将作为模式对话框的一部分显示给用户,如下图所示。
private async System.Threading.Tasks.Task<string> RequestConsent(string userMessage)
{
string returnMessage;
if (String.IsNullOrEmpty(userMessage))
{
userMessage = "Please provide fingerprint verification.";
}
try
{
// Request the logged on user's consent via fingerprint swipe.
var consentResult = await Windows.Security.Credentials.UI.UserConsentVerifier.RequestVerificationAsync(userMessage);
switch (consentResult)
{
case Windows.Security.Credentials.UI.UserConsentVerificationResult.Verified:
returnMessage = "Fingerprint verified.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.DeviceBusy:
returnMessage = "Biometric device is busy.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.DeviceNotPresent:
returnMessage = "No biometric device found.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.DisabledByPolicy:
returnMessage = "Biometric verification is disabled by policy.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.NotConfiguredForUser:
returnMessage = "The user has no fingerprints registered. Please add a fingerprint to the " +
"fingerprint database and try again.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.RetriesExhausted:
returnMessage = "There have been too many failed attempts. Fingerprint authentication canceled.";
break;
case Windows.Security.Credentials.UI.UserConsentVerificationResult.Canceled:
returnMessage = "Fingerprint authentication canceled.";
break;
default:
returnMessage = "Fingerprint authentication is currently unavailable.";
break;
}
}
catch (Exception ex)
{
returnMessage = $"Fingerprint authentication failed: {ex.ToString()}";
}
return returnMessage;
}
