summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author Dmitry Dementyev <dementyev@google.com> 2024-12-19 11:02:42 -0800
committer Dmitry Dementyev <dementyev@google.com> 2024-12-27 11:09:24 -0800
commitfb41e444fd13d26477175c6154491d49e736d11e (patch)
tree65dfb522c172e4efaa2f46dd8a8c68e2dccf9996
parent39e7bb09fcd4d0c1efa49cf4476fc3254ec53750 (diff)
Check account type returned by AbstractAccountAuthenticator.
AccountManagerService already knows which account is used during AbstractAccountAuthenticator.getAuthToken. KEY_ACCOUNT_NAME and KEY_ACCOUNT_TYPE in the response look unnecessary, but we can't change API at this moment. Bug: 364269936 Test: manual Flag: EXEMPT bugfix Change-Id: Ifc62866f4feaca43abc32bc542b97f3741953f56
Diffstat
-rw-r--r--services/core/java/com/android/server/accounts/AccountManagerService.java6
1 files changed, 6 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
index 5f434ee267d4..5b83a02de8b2 100644
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -3070,6 +3070,12 @@ public class AccountManagerService
"the type and name should not be empty");
return;
}
+ if (!type.equals(mAccountType)) {
+ onError(AccountManager.ERROR_CODE_INVALID_RESPONSE,
+ "incorrect account type");
+ return;
+ }
+
Account resultAccount = new Account(name, type);
if (!customTokens) {
saveAuthTokenToDatabase(
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2026-01-06 19:28:27 +0000