Loading services/core/java/com/android/server/accounts/AccountManagerService.java +16 −2 Original line number Original line Diff line number Diff line Loading @@ -2237,8 +2237,13 @@ public class AccountManagerService } } } } new Session(accounts, response, account.type, expectActivityLaunch, new Session( false /* stripAuthTokenFromResult */, account.name, accounts, response, account.type, expectActivityLaunch, false /* stripAuthTokenFromResult */, account.name, false /* authDetailsRequired */) { false /* authDetailsRequired */) { @Override @Override protected String toDebugString(long now) { protected String toDebugString(long now) { Loading Loading @@ -2310,6 +2315,15 @@ public class AccountManagerService Intent intent = result.getParcelable(AccountManager.KEY_INTENT); Intent intent = result.getParcelable(AccountManager.KEY_INTENT); if (intent != null && notifyOnAuthFailure && !customTokens) { if (intent != null && notifyOnAuthFailure && !customTokens) { /* * Make sure that the supplied intent is owned by the authenticator * giving it to the system. Otherwise a malicious authenticator could * have users launching arbitrary activities by tricking users to * interact with malicious notifications. */ checkKeyIntent( Binder.getCallingUid(), intent); doNotification(mAccounts, doNotification(mAccounts, account, result.getString(AccountManager.KEY_AUTH_FAILED_MESSAGE), account, result.getString(AccountManager.KEY_AUTH_FAILED_MESSAGE), intent, accounts.userId); intent, accounts.userId); Loading Loading
services/core/java/com/android/server/accounts/AccountManagerService.java +16 −2 Original line number Original line Diff line number Diff line Loading @@ -2237,8 +2237,13 @@ public class AccountManagerService } } } } new Session(accounts, response, account.type, expectActivityLaunch, new Session( false /* stripAuthTokenFromResult */, account.name, accounts, response, account.type, expectActivityLaunch, false /* stripAuthTokenFromResult */, account.name, false /* authDetailsRequired */) { false /* authDetailsRequired */) { @Override @Override protected String toDebugString(long now) { protected String toDebugString(long now) { Loading Loading @@ -2310,6 +2315,15 @@ public class AccountManagerService Intent intent = result.getParcelable(AccountManager.KEY_INTENT); Intent intent = result.getParcelable(AccountManager.KEY_INTENT); if (intent != null && notifyOnAuthFailure && !customTokens) { if (intent != null && notifyOnAuthFailure && !customTokens) { /* * Make sure that the supplied intent is owned by the authenticator * giving it to the system. Otherwise a malicious authenticator could * have users launching arbitrary activities by tricking users to * interact with malicious notifications. */ checkKeyIntent( Binder.getCallingUid(), intent); doNotification(mAccounts, doNotification(mAccounts, account, result.getString(AccountManager.KEY_AUTH_FAILED_MESSAGE), account, result.getString(AccountManager.KEY_AUTH_FAILED_MESSAGE), intent, accounts.userId); intent, accounts.userId); Loading
