Resolve API review on getting media key session

This CL also fixes a bug introduced by previous CLs which added the
public APIs: An app can bypass the security checks by giving other
app's enabled notification listener.
It is done by adding package name verifications which were missing.

Bug: 195657150
Test: Passed MediaSessionManager(Host)Test
Change-Id: Id8d001744203bbbf18bdcb98da2a135a7e8e0509