Allow to bypass Android O+ account restrictions for Google Apps (30ed2720) · Commits · e / os / GmsCore

play-services-core/src/main/java/org/microg/gms/auth/AccountContentProvider.java

+4 −1

Original line number	Diff line number	Diff line
		@@ -25,6 +25,7 @@ import android.content.pm.PackageManager;
		import android.database.Cursor;
		import android.net.Uri;
		import android.os.Binder;
		import android.os.Build;
		import android.os.Bundle;
		import android.support.annotation.Nullable;
		import android.util.Log;
		@@ -51,6 +52,7 @@ public class AccountContentProvider extends ContentProvider {
		@Nullable
		@Override
		public Bundle call(String method, String arg, Bundle extras) {
		String packageName = PackageUtils.packageFromProcessId(getContext(), Binder.getCallingPid());
		if (!PackageUtils.callerHasExtendedAccess(getContext())) {
		String[] packagesForUid = getContext().getPackageManager().getPackagesForUid(Binder.getCallingUid());
		if (packagesForUid != null && packagesForUid.length != 0)
		@@ -61,7 +63,8 @@ public class AccountContentProvider extends ContentProvider {
		}
		if (PROVIDER_METHOD_GET_ACCOUNTS.equals(method) && AuthConstants.DEFAULT_ACCOUNT_TYPE.equals(arg)) {
		Bundle result = new Bundle();
		result.putParcelableArray(PROVIDER_EXTRA_ACCOUNTS, AccountManager.get(getContext()).getAccountsByType(arg));
		AccountManager am = AccountManager.get(getContext());
		result.putParcelableArray(PROVIDER_EXTRA_ACCOUNTS, Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR2 ? am.getAccountsByTypeForPackage(arg, packageName) : am.getAccountsByType(arg));
		return result;
		} else if (PROVIDER_METHOD_CLEAR_PASSWORD.equals(method)) {
		Account a = extras.getParcelable(PROVIDER_EXTRA_CLEAR_PASSWORD);

play-services-core/src/main/java/org/microg/gms/auth/AskPermissionActivity.java

+3 −1

Original line number	Diff line number	Diff line
		@@ -25,6 +25,7 @@ import android.content.pm.ApplicationInfo;
		import android.content.pm.PackageManager;
		import android.graphics.Bitmap;
		import android.graphics.drawable.Drawable;
		import android.os.Build;
		import android.os.Bundle;
		import android.text.Html;
		import android.util.Log;
		@@ -49,6 +50,7 @@ import static android.accounts.AccountManager.KEY_ACCOUNT_NAME;
		import static android.accounts.AccountManager.KEY_ACCOUNT_TYPE;
		import static android.accounts.AccountManager.KEY_ANDROID_PACKAGE_NAME;
		import static android.accounts.AccountManager.KEY_AUTHTOKEN;
		import static android.accounts.AccountManager.KEY_CALLER_PID;
		import static android.accounts.AccountManager.KEY_CALLER_UID;
		import static android.view.View.GONE;
		import static android.view.View.VISIBLE;
		@@ -96,7 +98,7 @@ public class AskPermissionActivity extends AccountAuthenticatorActivity {

		if (getIntent().hasExtra(EXTRA_FROM_ACCOUNT_MANAGER)) fromAccountManager = true;
		int callerUid = getIntent().getIntExtra(KEY_CALLER_UID, 0);
		PackageUtils.checkPackageUid(this, packageName, callerUid);
		packageName = PackageUtils.getAndCheckPackage(this, packageName, getIntent().getIntExtra(KEY_CALLER_UID, 0), getIntent().getIntExtra(KEY_CALLER_PID, 0));
		authManager = new AuthManager(this, account.name, packageName, service);

		// receive package info

play-services-core/src/main/java/org/microg/gms/auth/AuthManager.java

+14 −0

Original line number	Diff line number	Diff line
		@@ -20,6 +20,7 @@ import android.accounts.Account;
		import android.accounts.AccountManager;
		import android.content.Context;
		import android.content.pm.PackageManager;
		import android.os.Build;
		import android.preference.PreferenceManager;
		import android.util.Log;

		@@ -35,6 +36,7 @@ public class AuthManager {
		private static final String TAG = "GmsAuthManager";
		public static final String PERMISSION_TREE_BASE = "com.google.android.googleapps.permission.GOOGLE_AUTH.";
		private static final String PREF_AUTH_TRUST_GOOGLE = "auth_manager_trust_google";
		public static final String PREF_AUTH_VISIBLE = "auth_manager_visible";
		public static final int ONE_HOUR_IN_SECONDS = 60 * 60;

		private final Context context;
		@@ -91,6 +93,10 @@ public class AuthManager {

		public void setPermitted(boolean value) {
		setUserData(buildPermKey(), value ? "1" : "0");
		if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O && value && packageName != null) {
		// Make account persistently visible as we already granted access
		accountManager.setAccountVisibility(getAccount(), packageName, AccountManager.VISIBILITY_VISIBLE);
		}
		}

		public boolean isPermitted() {
		@@ -148,6 +154,10 @@ public class AuthManager {

		public void setAuthToken(String service, String auth) {
		getAccountManager().setAuthToken(getAccount(), buildTokenKey(service), auth);
		if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O && packageName != null && auth != null) {
		// Make account persistently visible as we already granted access
		accountManager.setAccountVisibility(getAccount(), packageName, AccountManager.VISIBILITY_VISIBLE);
		}
		}

		public void storeResponse(AuthResponse response) {
		@@ -172,6 +182,10 @@ public class AuthManager {
		return PreferenceManager.getDefaultSharedPreferences(context).getBoolean(PREF_AUTH_TRUST_GOOGLE, true);
		}

		public static boolean isAuthVisible(Context context) {
		return PreferenceManager.getDefaultSharedPreferences(context).getBoolean(PREF_AUTH_VISIBLE, false);
		}

		private boolean isSystemApp() {
		try {
		int flags = context.getPackageManager().getApplicationInfo(packageName, 0).flags;

play-services-core/src/main/java/org/microg/gms/auth/AuthManagerServiceImpl.java

+11 −4

Original line number	Diff line number	Diff line
		@@ -23,6 +23,7 @@ import android.content.Context;
		import android.content.Intent;
		import android.content.pm.PackageManager;
		import android.os.Bundle;
		import android.os.Parcel;
		import android.os.RemoteException;
		import android.support.v4.app.NotificationCompat;
		import android.util.Base64;
		@@ -44,6 +45,7 @@ import java.util.List;
		import static android.accounts.AccountManager.KEY_ACCOUNT_NAME;
		import static android.accounts.AccountManager.KEY_ACCOUNT_TYPE;
		import static android.accounts.AccountManager.KEY_AUTHTOKEN;
		import static android.accounts.AccountManager.KEY_CALLER_PID;
		import static org.microg.gms.auth.AskPermissionActivity.EXTRA_CONSENT_DATA;

		public class AuthManagerServiceImpl extends IAuthManagerService.Stub {
		@@ -74,8 +76,7 @@ public class AuthManagerServiceImpl extends IAuthManagerService.Stub {
		String packageName = extras.getString(KEY_ANDROID_PACKAGE_NAME);
		if (packageName == null \|\| packageName.isEmpty())
		packageName = extras.getString(KEY_CLIENT_PACKAGE_NAME);
		int callerUid = extras.getInt(KEY_CALLER_UID, 0);
		PackageUtils.checkPackageUid(context, packageName, callerUid, getCallingUid());
		packageName = PackageUtils.getAndCheckCallingPackage(context, packageName, extras.getInt(KEY_CALLER_UID, 0), extras.getInt(KEY_CALLER_PID, 0));
		boolean notify = extras.getBoolean(KEY_HANDLE_NOTIFICATION, false);

		Log.d(TAG, "getToken: account:" + accountName + " scope:" + scope + " extras:" + extras + ", notify: " + notify);
		@@ -163,10 +164,16 @@ public class AuthManagerServiceImpl extends IAuthManagerService.Stub {
		public Bundle clearToken(String token, Bundle extras) throws RemoteException {
		String packageName = extras.getString(KEY_ANDROID_PACKAGE_NAME);
		if (packageName == null) packageName = extras.getString(KEY_CLIENT_PACKAGE_NAME);
		int callerUid = extras.getInt(KEY_CALLER_UID, 0);
		PackageUtils.checkPackageUid(context, packageName, callerUid, getCallingUid());
		packageName = PackageUtils.getAndCheckCallingPackage(context, packageName, extras.getInt(KEY_CALLER_UID, 0), extras.getInt(KEY_CALLER_PID, 0));

		Log.d(TAG, "clearToken: token:" + token + " extras:" + extras);
		return null;
		}

		@Override
		public boolean onTransact(int code, Parcel data, Parcel reply, int flags) throws RemoteException {
		if (super.onTransact(code, data, reply, flags)) return true;
		Log.d(TAG, "onTransact [unknown]: " + code + ", " + data + ", " + flags);
		return false;
		}
		}

play-services-core/src/main/java/org/microg/gms/auth/login/LoginActivity.java

+6 −1

Original line number	Diff line number	Diff line
		@@ -60,6 +60,8 @@ import org.microg.gms.people.PeopleManager;
		import java.io.IOException;
		import java.util.Locale;

		import static android.accounts.AccountManager.PACKAGE_NAME_KEY_LEGACY_NOT_VISIBLE;
		import static android.accounts.AccountManager.VISIBILITY_USER_MANAGED_VISIBLE;
		import static android.os.Build.VERSION.SDK_INT;
		import static android.os.Build.VERSION_CODES.GINGERBREAD_MR1;
		import static android.os.Build.VERSION_CODES.HONEYCOMB;
		@@ -130,9 +132,12 @@ public class LoginActivity extends AssistantActivity {
		});
		if (getIntent().hasExtra(EXTRA_TOKEN)) {
		if (getIntent().hasExtra(EXTRA_EMAIL)) {
		AccountManager accountManager = AccountManager.get(LoginActivity.this);
		AccountManager accountManager = AccountManager.get(this);
		Account account = new Account(getIntent().getStringExtra(EXTRA_EMAIL), accountType);
		accountManager.addAccountExplicitly(account, getIntent().getStringExtra(EXTRA_TOKEN), null);
		if (AuthManager.isAuthVisible(this) && SDK_INT >= Build.VERSION_CODES.O) {
		accountManager.setAccountVisibility(account, PACKAGE_NAME_KEY_LEGACY_NOT_VISIBLE, VISIBILITY_USER_MANAGED_VISIBLE);
		}
		retrieveGmsToken(account);
		} else {
		retrieveRtToken(getIntent().getStringExtra(EXTRA_TOKEN));