Delegate existence of account check to Authenticator.

Current AccountManager code for getAuthToken checks if the account in the request exists. If the account does not exist then it throws an exception which leads to a runtime exception being thrown by AccountManager in the client. In perticular, Checkin client code hits this issue when accounts are deleted by user. As the exception is thrown from the getAuthToken method call and is a RuntimeException it is not caught by the client. Futhermore, Checkin runs in one of the important processes and this exception makes the process crash. This cl, does the following: 1) Delegates the account exists check to Authentictor which in turn would cause an AuthenticatorException which is a checked exception. 2) Replaces some of the runtime exceptions thrown by AccountManagerService with calling AccountManagerResponse.onError() which causes more graceful failure on the client. 3) Correctly passes on the error returned by Authenticator to AccountManager. Earlier if Authenticator returned an error code to the AccountManager, it ignored the error and returned null token to the client which was incorrect. Bug: 10856295 Change-Id: Ie250fec601d46f6dfecd74677b478bfd4e9dcfad
2013-11-07 00:14:25 -08:00
parent fed822cb8e
commit 09e7e0ef8b
1 changed files with 49 additions and 11 deletions
--- a/services/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/java/com/android/server/accounts/AccountManagerService.java
@ -190,10 +190,10 @@ public class AccountManagerService
        private final HashMap<String, Account[]> accountCache =
                new LinkedHashMap<String, Account[]>();
        /** protected by the {@link #cacheLock} */
-        private HashMap<Account, HashMap<String, String>> userDataCache =
+        private final HashMap<Account, HashMap<String, String>> userDataCache =
                new HashMap<Account, HashMap<String, String>>();
        /** protected by the {@link #cacheLock} */
-        private HashMap<Account, HashMap<String, String>> authTokenCache =
+        private final HashMap<Account, HashMap<String, String>> authTokenCache =
                new HashMap<Account, HashMap<String, String>>();
        UserAccounts(Context context, int userId) {
@ -475,6 +475,7 @@ public class AccountManagerService
        validateAccountsInternal(getUserAccounts(userId), false /* invalidateAuthenticatorCache */);
    }
    @Override
    public String getPassword(Account account) {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
            Log.v(TAG, "getPassword: " + account
@ -514,6 +515,7 @@ public class AccountManagerService
        }
    }
    @Override
    public String getUserData(Account account, String key) {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
            Log.v(TAG, "getUserData: " + account
@ -533,6 +535,7 @@ public class AccountManagerService
        }
    }
    @Override
    public AuthenticatorDescription[] getAuthenticatorTypes() {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
            Log.v(TAG, "getAuthenticatorTypes: "
@ -763,6 +766,7 @@ public class AccountManagerService
        return db.insert(TABLE_EXTRAS, EXTRAS_KEY, values);
    }
    @Override
    public void hasFeatures(IAccountManagerResponse response,
            Account account, String[] features) {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
@ -840,6 +844,7 @@ public class AccountManagerService
        }
    }
    @Override
    public void removeAccount(IAccountManagerResponse response, Account account) {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
            Log.v(TAG, "removeAccount: " + account
@ -1049,6 +1054,7 @@ public class AccountManagerService
        }
    }
    @Override
    public String peekAuthToken(Account account, String authTokenType) {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
            Log.v(TAG, "peekAuthToken: " + account
@ -1068,6 +1074,7 @@ public class AccountManagerService
        }
    }
    @Override
    public void setAuthToken(Account account, String authTokenType, String authToken) {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
            Log.v(TAG, "setAuthToken: " + account
@ -1087,6 +1094,7 @@ public class AccountManagerService
        }
    }
    @Override
    public void setPassword(Account account, String password) {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
            Log.v(TAG, "setAuthToken: " + account
@ -1135,6 +1143,7 @@ public class AccountManagerService
        mContext.sendBroadcastAsUser(ACCOUNTS_CHANGED_INTENT, new UserHandle(userId));
    }
    @Override
    public void clearPassword(Account account) {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
            Log.v(TAG, "clearPassword: " + account
@ -1152,6 +1161,7 @@ public class AccountManagerService
        }
    }
    @Override
    public void setUserData(Account account, String key, String value) {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
            Log.v(TAG, "setUserData: " + account
@ -1225,6 +1235,7 @@ public class AccountManagerService
        }
    }
    @Override
    public void getAuthTokenLabel(IAccountManagerResponse response, final String accountType,
                                  final String authTokenType)
            throws RemoteException {
@ -1271,6 +1282,7 @@ public class AccountManagerService
        }
    }
    @Override
    public void getAuthToken(IAccountManagerResponse response, final Account account,
            final String authTokenType, final boolean notifyOnAuthFailure,
            final boolean expectActivityLaunch, Bundle loginOptionsIn) {
@ -1284,8 +1296,22 @@ public class AccountManagerService
                    + ", pid " + Binder.getCallingPid());
        }
        if (response == null) throw new IllegalArgumentException("response is null");
-        if (account == null) throw new IllegalArgumentException("account is null");
+        try {
-        if (authTokenType == null) throw new IllegalArgumentException("authTokenType is null");
+            if (account == null) {
                Slog.w(TAG, "getAuthToken called with null account");
                response.onError(AccountManager.ERROR_CODE_BAD_ARGUMENTS, "account is null");
                return;
            }
            if (authTokenType == null) {
                Slog.w(TAG, "getAuthToken called with null authTokenType");
                response.onError(AccountManager.ERROR_CODE_BAD_ARGUMENTS, "authTokenType is null");
                return;
            }
        } catch (RemoteException e) {
            Slog.w(TAG, "Failed to report error back to the client." + e);
            return;
        }
        checkBinderPermission(Manifest.permission.USE_CREDENTIALS);
        final UserAccounts accounts = getUserAccountsForCaller();
        final RegisteredServicesCache.ServiceInfo<AuthenticatorDescription> authenticatorInfo;
@ -1294,11 +1320,6 @@ public class AccountManagerService
        final boolean customTokens =
            authenticatorInfo != null && authenticatorInfo.type.customTokens;
        // Check to see that the app is authorized to access the account, in case it's a
        // restricted account.
        if (!ArrayUtils.contains(getAccounts((String) null), account)) {
            throw new IllegalArgumentException("no such account");
        }
        // skip the check if customTokens
        final int callerUid = Binder.getCallingUid();
        final boolean permissionGranted = customTokens ||
@ -1472,6 +1493,7 @@ public class AccountManagerService
        return id;
    }
    @Override
    public void addAccount(final IAccountManagerResponse response, final String accountType,
            final String authTokenType, final String[] requiredFeatures,
            final boolean expectActivityLaunch, final Bundle optionsIn) {
@ -1582,6 +1604,7 @@ public class AccountManagerService
        }
    }
    @Override
    public void updateCredentials(IAccountManagerResponse response, final Account account,
            final String authTokenType, final boolean expectActivityLaunch,
            final Bundle loginOptions) {
@ -1620,6 +1643,7 @@ public class AccountManagerService
        }
    }
    @Override
    public void editProperties(IAccountManagerResponse response, final String accountType,
            final boolean expectActivityLaunch) {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
@ -1657,7 +1681,7 @@ public class AccountManagerService
        private volatile Account[] mAccountsOfType = null;
        private volatile ArrayList<Account> mAccountsWithFeatures = null;
        private volatile int mCurrentAccount = 0;
-        private int mCallingUid;
+        private final int mCallingUid;
        public GetAccountsByTypeAndFeatureSession(UserAccounts accounts,
                IAccountManagerResponse response, String type, String[] features, int callingUid) {
@ -1941,6 +1965,7 @@ public class AccountManagerService
        return getAccountsAsUser(type, UserHandle.getCallingUserId(), packageName, packageUid);
    }
    @Override
    public void getAccountsByFeatures(IAccountManagerResponse response,
            String type, String[] features) {
        if (Log.isLoggable(TAG, Log.VERBOSE)) {
@ -2069,6 +2094,7 @@ public class AccountManagerService
            unbind();
        }
        @Override
        public void binderDied() {
            mResponse = null;
            close();
@ -2112,6 +2138,7 @@ public class AccountManagerService
            mMessageHandler.removeMessages(MESSAGE_TIMED_OUT, this);
        }
        @Override
        public void onServiceConnected(ComponentName name, IBinder service) {
            mAuthenticator = IAccountAuthenticator.Stub.asInterface(service);
            try {
@ -2122,6 +2149,7 @@ public class AccountManagerService
            }
        }
        @Override
        public void onServiceDisconnected(ComponentName name) {
            mAuthenticator = null;
            IAccountManagerResponse response = getResponseAndClose();
@ -2217,8 +2245,15 @@ public class AccountManagerService
                            Log.v(TAG, getClass().getSimpleName()
                                    + " calling onResult() on response " + response);
                        }
                        if ((result.getInt(AccountManager.KEY_ERROR_CODE, -1) > 0) &&
                                (intent == null)) {
                            // All AccountManager error codes are greater than 0
                            response.onError(result.getInt(AccountManager.KEY_ERROR_CODE),
                                    result.getString(AccountManager.KEY_ERROR_MESSAGE));
                        } else {
                            response.onResult(result);
                        }
                    }
                } catch (RemoteException e) {
                    // if the caller is dead then there is no one to care about remote exceptions
                    if (Log.isLoggable(TAG, Log.VERBOSE)) {
@ -2228,10 +2263,12 @@ public class AccountManagerService
            }
        }
        @Override
        public void onRequestContinued() {
            mNumRequestContinued++;
        }
        @Override
        public void onError(int errorCode, String errorMessage) {
            mNumErrors++;
            IAccountManagerResponse response = getResponseAndClose();
@ -2731,6 +2768,7 @@ public class AccountManagerService
        return true;
    }
    @Override
    public void updateAppPermission(Account account, String authTokenType, int uid, boolean value)
            throws RemoteException {
        final int callingUid = getCallingUid();