Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c1c0d1cc authored by Svet Ganov's avatar Svet Ganov
Browse files

Use tokens instead of account access trackers 

We keep track which process saw and account to whitelist
the app for future access as an optimization to avoid
prompting the user for account access approval. Some apps
use SefeParcelable where the parcels are marshalled
which does not allow the parcel to contain IBinders.
To avoid this we are switching from account tracker remote
objects to unforgeable tokens.

bug:31162498

Change-Id: I19916b54afd0b47e57c517145aa6b1ff17154144
parent 72909f45

Android.mk

+0 −1
Original line number Diff line number Diff line
@@ -63,7 +63,6 @@ LOCAL_SRC_FILES += \ 
	core/java/android/accessibilityservice/IAccessibilityServiceClient.aidl \

	core/java/android/accounts/IAccountManager.aidl \

	core/java/android/accounts/IAccountManagerResponse.aidl \

	core/java/android/accounts/IAccountAccessTracker.aidl \

	core/java/android/accounts/IAccountAuthenticator.aidl \

	core/java/android/accounts/IAccountAuthenticatorResponse.aidl \

	core/java/android/app/IActivityContainer.aidl \

core/java/android/accounts/Account.java

+15 −11
Original line number Diff line number Diff line
@@ -18,9 +18,11 @@ package android.accounts; 


import android.annotation.NonNull;

import android.annotation.Nullable;

import android.content.Context;

import android.os.Parcelable;

import android.os.Parcel;

import android.os.RemoteException;

import android.os.ServiceManager;

import android.text.TextUtils;

import android.util.ArraySet;

import android.util.Log;
@@ -41,7 +43,7 @@ public class Account implements Parcelable { 


    public final String name;

    public final String type;

    private final @Nullable IAccountAccessTracker mAccessTracker;

    private final @Nullable String accessId;



    public boolean equals(Object o) {

        if (o == this) return true;
@@ -64,14 +66,14 @@ public class Account implements Parcelable { 
    /**

     * @hide

     */

    public Account(@NonNull Account other, @Nullable IAccountAccessTracker accessTracker) {

        this(other.name, other.type, accessTracker);

    public Account(@NonNull Account other, @NonNull String accessId) {

        this(other.name, other.type, accessId);

    }



    /**

     * @hide

     */

    public Account(String name, String type, IAccountAccessTracker accessTracker) {

    public Account(String name, String type, String accessId) {

        if (TextUtils.isEmpty(name)) {

            throw new IllegalArgumentException("the name must not be empty: " + name);

        }
@@ -80,18 +82,20 @@ public class Account implements Parcelable { 
        }

        this.name = name;

        this.type = type;

        this.mAccessTracker = accessTracker;

        this.accessId = accessId;

    }



    public Account(Parcel in) {

        this.name = in.readString();

        this.type = in.readString();

        this.mAccessTracker = IAccountAccessTracker.Stub.asInterface(in.readStrongBinder());

        if (mAccessTracker != null) {

        this.accessId = in.readString();

        if (accessId != null) {

            synchronized (sAccessedAccounts) {

                if (sAccessedAccounts.add(this)) {

                    try {

                        mAccessTracker.onAccountAccessed();

                        IAccountManager accountManager = IAccountManager.Stub.asInterface(

                                ServiceManager.getService(Context.ACCOUNT_SERVICE));

                        accountManager.onAccountAccessed(accessId);

                    } catch (RemoteException e) {

                        Log.e(TAG, "Error noting account access", e);

                    }
@@ -101,8 +105,8 @@ public class Account implements Parcelable { 
    }



    /** @hide */

    public IAccountAccessTracker getAccessTracker() {

        return mAccessTracker;

    public String getAccessId() {

        return accessId;

    }



    public int describeContents() {
@@ -112,7 +116,7 @@ public class Account implements Parcelable { 
    public void writeToParcel(Parcel dest, int flags) {

        dest.writeString(name);

        dest.writeString(type);

        dest.writeStrongInterface(mAccessTracker);

        dest.writeString(accessId);

    }



    public static final Creator<Account> CREATOR = new Creator<Account>() {

core/java/android/accounts/AccountManager.java

+7 −11
Original line number Diff line number Diff line
@@ -184,7 +184,7 @@ public class AccountManager { 
     *

     * @hide

     */

    public static final String KEY_ACCOUNT_ACCESS_TRACKER = "accountAccessTracker";

    public static final String KEY_ACCOUNT_ACCESS_ID = "accountAccessTracker";



    /**

     * Bundle key used for the auth token value in results
@@ -926,9 +926,8 @@ public class AccountManager { 
            public Account bundleToResult(Bundle bundle) throws AuthenticatorException {

                String name = bundle.getString(KEY_ACCOUNT_NAME);

                String type = bundle.getString(KEY_ACCOUNT_TYPE);

                IAccountAccessTracker tracker = IAccountAccessTracker.Stub.asInterface(

                        bundle.getBinder(KEY_ACCOUNT_ACCESS_TRACKER));

                return new Account(name, type, tracker);

                String accessId = bundle.getString(KEY_ACCOUNT_ACCESS_ID);

                return new Account(name, type, accessId);

            }

        }.start();

    }
@@ -2388,7 +2387,7 @@ public class AccountManager { 
                                    result.putString(KEY_ACCOUNT_NAME, null);

                                    result.putString(KEY_ACCOUNT_TYPE, null);

                                    result.putString(KEY_AUTHTOKEN, null);

                                    result.putBinder(KEY_ACCOUNT_ACCESS_TRACKER, null);

                                    result.putBinder(KEY_ACCOUNT_ACCESS_ID, null);

                                    try {

                                        mResponse.onResult(result);

                                    } catch (RemoteException e) {
@@ -2415,9 +2414,7 @@ public class AccountManager { 
                                            Account account = new Account(

                                                    value.getString(KEY_ACCOUNT_NAME),

                                                    value.getString(KEY_ACCOUNT_TYPE),

                                                    IAccountAccessTracker.Stub.asInterface(

                                                            value.getBinder(

                                                                    KEY_ACCOUNT_ACCESS_TRACKER)));

                                                    value.getString(KEY_ACCOUNT_ACCESS_ID));

                                            mFuture = getAuthToken(account, mAuthTokenType,

                                                    mLoginOptions,  mActivity, mMyCallback,

                                                    mHandler);
@@ -2467,9 +2464,8 @@ public class AccountManager { 
                        setException(new AuthenticatorException("account not in result"));

                        return;

                    }

                    final IAccountAccessTracker tracker = IAccountAccessTracker.Stub.asInterface(

                            result.getBinder(KEY_ACCOUNT_ACCESS_TRACKER));

                    final Account account = new Account(accountName, accountType, tracker);

                    final String accessId = result.getString(KEY_ACCOUNT_ACCESS_ID);

                    final Account account = new Account(accountName, accountType, accessId);

                    mNumAccounts = 1;

                    getAuthToken(account, mAuthTokenType, null /* options */, mActivity,

                            mMyCallback, mHandler);

core/java/android/accounts/IAccountAccessTracker.aidl

deleted100644 → 0
+0 −26
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2016 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */



package android.accounts;



/**

 * Interface to track which apps accessed an account

 *

 * @hide

 */

oneway interface IAccountAccessTracker {

    void onAccountAccessed();

}

core/java/android/accounts/IAccountManager.aidl

+2 −0
Original line number Diff line number Diff line
@@ -124,4 +124,6 @@ interface IAccountManager { 
    /* Crate an intent to request account access for package and a given user id */

    IntentSender createRequestAccountAccessIntentSenderAsUser(in Account account,

        String packageName, in UserHandle userHandle);



    void onAccountAccessed(String token);

}