Store trusted AttributionSources without token

Storing them with token means that there is a strong reference to the
token, preventing the WeakHashMap from properly purging values

This CP also includes changeID I5731ceeab5b9d0c72ce0131e2c9ba2f74558218c

Bug: 298253183
Test: manual (for WeakHashMap ejection)
      atest CtsAttributionSourceTestCases
Merged-In: I5731ceeab5b9d0c72ce0131e2c9ba2f74558218c
Change-Id: Ie92b76ec83552cebb419318c214057f1ea8455d2
(cherry picked from commit ed57878c)