diff options
| -rw-r--r-- | api/current.xml | 69 | ||||
| -rw-r--r-- | core/java/android/accounts/AccountAuthenticatorCache.java | 8 | ||||
| -rw-r--r-- | core/java/android/accounts/AccountManager.java | 6 | ||||
| -rw-r--r-- | core/java/android/accounts/AccountManagerService.java | 26 | ||||
| -rw-r--r-- | core/java/android/accounts/AuthenticatorDescription.java | 14 | ||||
| -rwxr-xr-x | core/res/res/values/attrs.xml | 9 | ||||
| -rw-r--r-- | core/res/res/values/public.xml | 1 |
7 files changed, 121 insertions, 12 deletions
diff --git a/api/current.xml b/api/current.xml index a80a7027eb20..f915fade0d2a 100644 --- a/api/current.xml +++ b/api/current.xml @@ -3265,6 +3265,17 @@ visibility="public" > </field> +<field name="customTokens" + type="int" + transient="false" + volatile="false" + value="16843593" + static="true" + final="true" + deprecated="not deprecated" + visibility="public" +> +</field> <field name="cycles" type="int" transient="false" @@ -18308,6 +18319,28 @@ visibility="public" > </field> +<field name="KEY_CALLER_PID" + type="java.lang.String" + transient="false" + volatile="false" + value=""callerPid"" + static="true" + final="true" + deprecated="not deprecated" + visibility="public" +> +</field> +<field name="KEY_CALLER_UID" + type="java.lang.String" + transient="false" + volatile="false" + value=""callerUid"" + static="true" + final="true" + deprecated="not deprecated" + visibility="public" +> +</field> <field name="KEY_ERROR_CODE" type="java.lang.String" transient="false" @@ -18555,6 +18588,28 @@ </parameter> <parameter name="prefId" type="int"> </parameter> +<parameter name="customTokens" type="boolean"> +</parameter> +</constructor> +<constructor name="AuthenticatorDescription" + type="android.accounts.AuthenticatorDescription" + static="false" + final="false" + deprecated="not deprecated" + visibility="public" +> +<parameter name="type" type="java.lang.String"> +</parameter> +<parameter name="packageName" type="java.lang.String"> +</parameter> +<parameter name="labelId" type="int"> +</parameter> +<parameter name="iconId" type="int"> +</parameter> +<parameter name="smallIconId" type="int"> +</parameter> +<parameter name="prefId" type="int"> +</parameter> </constructor> <method name="describeContents" return="int" @@ -18615,6 +18670,16 @@ visibility="public" > </field> +<field name="customTokens" + type="boolean" + transient="false" + volatile="false" + static="false" + final="true" + deprecated="not deprecated" + visibility="public" +> +</field> <field name="iconId" type="int" transient="false" @@ -223231,7 +223296,7 @@ abstract="false" static="false" final="true" - deprecated="not deprecated" + deprecated="deprecated" visibility="public" > <constructor name="CacheManager" @@ -223322,7 +223387,7 @@ abstract="false" static="true" final="false" - deprecated="not deprecated" + deprecated="deprecated" visibility="public" > <constructor name="CacheManager.CacheResult" diff --git a/core/java/android/accounts/AccountAuthenticatorCache.java b/core/java/android/accounts/AccountAuthenticatorCache.java index 524d3f4aea19..7214c5091cc6 100644 --- a/core/java/android/accounts/AccountAuthenticatorCache.java +++ b/core/java/android/accounts/AccountAuthenticatorCache.java @@ -38,7 +38,7 @@ import java.io.IOException; * @hide */ /* package private */ class AccountAuthenticatorCache - extends RegisteredServicesCache<AuthenticatorDescription> + extends RegisteredServicesCache<AuthenticatorDescription> implements IAccountAuthenticatorCache { private static final String TAG = "Account"; private static final MySerializer sSerializer = new MySerializer(); @@ -64,11 +64,13 @@ import java.io.IOException; com.android.internal.R.styleable.AccountAuthenticator_smallIcon, 0); final int prefId = sa.getResourceId( com.android.internal.R.styleable.AccountAuthenticator_accountPreferences, 0); + final boolean customTokens = sa.getBoolean( + com.android.internal.R.styleable.AccountAuthenticator_customTokens, false); if (TextUtils.isEmpty(accountType)) { return null; } - return new AuthenticatorDescription(accountType, packageName, labelId, iconId, - smallIconId, prefId); + return new AuthenticatorDescription(accountType, packageName, labelId, iconId, + smallIconId, prefId, customTokens); } finally { sa.recycle(); } diff --git a/core/java/android/accounts/AccountManager.java b/core/java/android/accounts/AccountManager.java index fd3a0d046486..6388dc572a21 100644 --- a/core/java/android/accounts/AccountManager.java +++ b/core/java/android/accounts/AccountManager.java @@ -188,6 +188,12 @@ public class AccountManager { public static final String KEY_ERROR_CODE = "errorCode"; public static final String KEY_ERROR_MESSAGE = "errorMessage"; public static final String KEY_USERDATA = "userdata"; + /** + * Authenticators using 'customTokens' option will also get the UID of the + * caller + */ + public static final String KEY_CALLER_UID = "callerUid"; + public static final String KEY_CALLER_PID = "callerPid"; public static final String ACTION_AUTHENTICATOR_INTENT = "android.accounts.AccountAuthenticator"; diff --git a/core/java/android/accounts/AccountManagerService.java b/core/java/android/accounts/AccountManagerService.java index a815b3a0b7fd..f19b58bc8ca5 100644 --- a/core/java/android/accounts/AccountManagerService.java +++ b/core/java/android/accounts/AccountManagerService.java @@ -893,13 +893,29 @@ public class AccountManagerService if (authTokenType == null) throw new IllegalArgumentException("authTokenType is null"); checkBinderPermission(Manifest.permission.USE_CREDENTIALS); final int callerUid = Binder.getCallingUid(); - final boolean permissionGranted = permissionIsGranted(account, authTokenType, callerUid); + final int callerPid = Binder.getCallingPid(); + + AccountAuthenticatorCache.ServiceInfo<AuthenticatorDescription> authenticatorInfo = + mAuthenticatorCache.getServiceInfo( + AuthenticatorDescription.newKey(account.type)); + final boolean customTokens = + authenticatorInfo != null && authenticatorInfo.type.customTokens; + + // skip the check if customTokens + final boolean permissionGranted = customTokens || + permissionIsGranted(account, authTokenType, callerUid); + + if (customTokens) { + // let authenticator know the identity of the caller + loginOptions.putInt(AccountManager.KEY_CALLER_UID, callerUid); + loginOptions.putInt(AccountManager.KEY_CALLER_PID, callerPid); + } long identityToken = clearCallingIdentity(); try { // if the caller has permission, do the peek. otherwise go the more expensive // route of starting a Session - if (permissionGranted) { + if (!customTokens && permissionGranted) { String authToken = readAuthTokenFromCache(account, authTokenType); if (authToken != null) { Bundle result = new Bundle(); @@ -953,8 +969,10 @@ public class AccountManagerService "the type and name should not be empty"); return; } - saveAuthTokenToDatabase(new Account(name, type), - authTokenType, authToken); + if (!customTokens) { + saveAuthTokenToDatabase(new Account(name, type), + authTokenType, authToken); + } } Intent intent = result.getParcelable(AccountManager.KEY_INTENT); diff --git a/core/java/android/accounts/AuthenticatorDescription.java b/core/java/android/accounts/AuthenticatorDescription.java index c6515672edf8..5d9abb068bd8 100644 --- a/core/java/android/accounts/AuthenticatorDescription.java +++ b/core/java/android/accounts/AuthenticatorDescription.java @@ -44,9 +44,12 @@ public class AuthenticatorDescription implements Parcelable { /** The package name that can be used to lookup the resources from above. */ final public String packageName; + /** Authenticator handles its own token caching and permission screen */ + final public boolean customTokens; + /** A constructor for a full AuthenticatorDescription */ public AuthenticatorDescription(String type, String packageName, int labelId, int iconId, - int smallIconId, int prefId) { + int smallIconId, int prefId, boolean customTokens) { if (type == null) throw new IllegalArgumentException("type cannot be null"); if (packageName == null) throw new IllegalArgumentException("packageName cannot be null"); this.type = type; @@ -55,6 +58,12 @@ public class AuthenticatorDescription implements Parcelable { this.iconId = iconId; this.smallIconId = smallIconId; this.accountPreferencesId = prefId; + this.customTokens = customTokens; + } + + public AuthenticatorDescription(String type, String packageName, int labelId, int iconId, + int smallIconId, int prefId) { + this(type, packageName, labelId, iconId, smallIconId, prefId, false); } /** @@ -74,6 +83,7 @@ public class AuthenticatorDescription implements Parcelable { this.iconId = 0; this.smallIconId = 0; this.accountPreferencesId = 0; + this.customTokens = false; } private AuthenticatorDescription(Parcel source) { @@ -83,6 +93,7 @@ public class AuthenticatorDescription implements Parcelable { this.iconId = source.readInt(); this.smallIconId = source.readInt(); this.accountPreferencesId = source.readInt(); + this.customTokens = source.readByte() == 1; } /** @inheritDoc */ @@ -115,6 +126,7 @@ public class AuthenticatorDescription implements Parcelable { dest.writeInt(iconId); dest.writeInt(smallIconId); dest.writeInt(accountPreferencesId); + dest.writeByte((byte) (customTokens ? 1 : 0)); } /** Used to create the object from a parcel. */ diff --git a/core/res/res/values/attrs.xml b/core/res/res/values/attrs.xml index 98c9270c0faf..873f5392e37b 100755 --- a/core/res/res/values/attrs.xml +++ b/core/res/res/values/attrs.xml @@ -48,6 +48,7 @@ theme does not set this value, meaning it is based on whether the window is floating. --> <attr name="backgroundDimEnabled" format="boolean" /> + <!-- =========== --> <!-- Text styles --> <!-- =========== --> @@ -261,7 +262,7 @@ <!-- Flag indicating whether this is a translucent window. --> <attr name="windowIsTranslucent" format="boolean" /> <!-- Flag indicating that this window's background should be the - user's current wallpaper. --> + user's current wallpaper. --> <attr name="windowShowWallpaper" format="boolean" /> <!-- This Drawable is overlaid over the foreground of the Window's content area, usually to place a shadow below the title. --> @@ -4310,7 +4311,7 @@ If not supplied, then no activity will be launched. --> <attr name="configure" format="string" /> <!-- A preview of what the AppWidget will look like after it's configured. - If not supplied, the AppWidget's icon will be used. --> + If not supplied, the AppWidget's icon will be used. --> <attr name="previewImage" format="reference" /> <!-- The view id of the AppWidget subview which should be auto-advanced. by the widget's host. --> @@ -4421,6 +4422,10 @@ <attr name="smallIcon" format="reference"/> <!-- A preferences.xml file for authenticator-specific settings. --> <attr name="accountPreferences" format="reference"/> + <!-- Account handles its own token storage and permissions. + Default to false + --> + <attr name="customTokens" format="boolean"/> </declare-styleable> <!-- =============================== --> diff --git a/core/res/res/values/public.xml b/core/res/res/values/public.xml index 3a5b238d6d0c..7e06c861ce0e 100644 --- a/core/res/res/values/public.xml +++ b/core/res/res/values/public.xml @@ -1407,6 +1407,7 @@ <public type="attr" name="fastScrollPreviewBackgroundRight" /> <public type="attr" name="fastScrollTrackDrawable" /> <public type="attr" name="fastScrollOverlayPosition" /> + <public type="attr" name="customTokens" /> <public type="anim" name="animator_fade_in" /> <public type="anim" name="animator_fade_out" /> |