Allows AccountManager to start exported activities.

Use correct check to let Authenticators run GrantCredentialsPermissionActivity and CantAddAccountActivity. Bug: 18864662, 35847616 Test: manual Change-Id: Id46f2f80e91b9be34e4de36f13a445b92425c1e9
author: Dmitry Dementyev <dementyev@google.com> 2017-03-14 13:13:35 -0700
committer: Dmitry Dementyev <dementyev@google.com> 2017-03-14 15:09:37 -0700
commit: d5210bab63f29a8cf98f6bd7ca3ccce9d412ecf5 (patch)
tree: 6eb564f25533ce6ea8a74179876c526b1b5758e1
parent: 521d92bcdfdc41e887217032c8067c8a6c4be715 (diff)
1 files changed, 11 insertions, 7 deletions
diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
index ea9b65198e4b..0f1710f89e97 100644
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -4363,7 +4363,7 @@ public class AccountManagerService
          * security policy.
          *
          * In particular we want to make sure that the Authenticator doesn't try to trick users
-         * into launching aribtrary intents on the device via by tricking to click authenticator
+         * into launching arbitrary intents on the device via by tricking to click authenticator
          * supplied entries in the system Settings app.
          */
         protected void checkKeyIntent(
@@ -4375,12 +4375,9 @@ public class AccountManagerService
                 ResolveInfo resolveInfo = pm.resolveActivityAsUser(intent, 0, mAccounts.userId);
                 ActivityInfo targetActivityInfo = resolveInfo.activityInfo;
                 int targetUid = targetActivityInfo.applicationInfo.uid;
-                if (!GrantCredentialsPermissionActivity.class.getName().equals(
-                        targetActivityInfo.getClass().getName())
-                        && !CantAddAccountActivity.class
-                                .equals(targetActivityInfo.getClass().getName())
-                        && PackageManager.SIGNATURE_MATCH != pm.checkSignatures(authUid,
-                                targetUid)) {
+                if (!isExportedSystemActivity(targetActivityInfo)
+                        && (PackageManager.SIGNATURE_MATCH != pm.checkSignatures(authUid,
+                                targetUid))) {
                     String pkgName = targetActivityInfo.packageName;
                     String activityName = targetActivityInfo.name;
                     String tmpl = "KEY_INTENT resolved to an Activity (%s) in a package (%s) that "
@@ -4393,6 +4390,13 @@ public class AccountManagerService
             }
         }
 
+        private boolean isExportedSystemActivity(ActivityInfo activityInfo) {
+            String className = activityInfo.name;
+            return "android".equals(activityInfo.packageName) &&
+                    (GrantCredentialsPermissionActivity.class.getName().equals(className)
+                    || CantAddAccountActivity.class.getName().equals(className));
+        }
+
         private void close() {
             synchronized (mSessions) {
                 if (mSessions.remove(toString()) == null) {
author	Dmitry Dementyev <dementyev@google.com>	2017-03-14 13:13:35 -0700
committer	Dmitry Dementyev <dementyev@google.com>	2017-03-14 15:09:37 -0700
commit	d5210bab63f29a8cf98f6bd7ca3ccce9d412ecf5 (patch)
tree	6eb564f25533ce6ea8a74179876c526b1b5758e1
parent	521d92bcdfdc41e887217032c8067c8a6c4be715 (diff)