Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2727b84f authored by Rafael Prado's avatar Rafael Prado
Browse files

Remove RESET_PASSWORD_TOKEN policy when the generated escrow token is not valid. 

Flag: android.app.admin.flags.reset_password_with_token_coexistence
Test: adb shell aflags enable
android.app.admin.flags.reset_password_with_token_coexistence && btest -s sw android.devicepolicy.cts.ResetPasswordWithTokenTest
Bug: 369152176

Change-Id: I7997957fd0440c7a4746eabc7b3ed36c0d9937be
parent 50e83ba8

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+4 −2
Original line number Diff line number Diff line
@@ -19384,11 +19384,13 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 
                    PolicyDefinition.RESET_PASSWORD_TOKEN,

                    enforcingAdmin,

                    userId);

            // TODO(b/369152176): Address difference in behavior regarding addEscrowToken when

            //  compared with the else branch.

            long tokenHandle = addEscrowToken(

                    token, currentTokenHandle == null ? 0 : currentTokenHandle, userId);

            if (tokenHandle == 0) {

                mDevicePolicyEngine.removeLocalPolicy(

                        PolicyDefinition.RESET_PASSWORD_TOKEN,

                        enforcingAdmin,

                        userId);

                return false;

            }

            mDevicePolicyEngine.setLocalPolicy(