Fix bug that filters out system providers
When setAllowedProvider is specified, currently we are filtering out all
the system providers. With this change, we will always ping the system providers
+ the providers specified in the allow list.
Bug: 277773297
Test: built locally & deployed on devive
Change-Id: I8a82f68edbd75b9a879d7e32aa32413af3a35cd9
diff --git a/services/credentials/java/com/android/server/credentials/ProviderGetSession.java b/services/credentials/java/com/android/server/credentials/ProviderGetSession.java
index 14260f0..d490cda 100644
--- a/services/credentials/java/com/android/server/credentials/ProviderGetSession.java
+++ b/services/credentials/java/com/android/server/credentials/ProviderGetSession.java
@@ -150,7 +150,7 @@
List<CredentialOption> filteredOptions = new ArrayList<>();
for (CredentialOption option : clientRequest.getCredentialOptions()) {
if (providerCapabilities.contains(option.getType())
- && isProviderAllowed(option, info.getComponentName())
+ && isProviderAllowed(option, info)
&& checkSystemProviderRequirement(option, info.isSystemProvider())) {
Slog.i(TAG, "Option of type: " + option.getType() + " meets all filtering"
+ "conditions");
@@ -167,9 +167,14 @@
return null;
}
- private static boolean isProviderAllowed(CredentialOption option, ComponentName componentName) {
+ private static boolean isProviderAllowed(CredentialOption option,
+ CredentialProviderInfo providerInfo) {
+ if (providerInfo.isSystemProvider()) {
+ // Always allow system providers , including the remote provider
+ return true;
+ }
if (!option.getAllowedProviders().isEmpty() && !option.getAllowedProviders().contains(
- componentName)) {
+ providerInfo.getComponentName())) {
Slog.i(TAG, "Provider allow list specified but does not contain this provider");
return false;
}
