Google Git
Sign in
android / platform / frameworks / base / fecfd55^! / .
commitfecfd550edeca422c0d9f32a9c0abe73398a1ff1[log] [tgz]
authorHongming Jin <hongmingjin@google.com>Fri Jul 29 14:29:54 2016 -0700
committerThe Android Automerger <android-build@android.com>Tue Sep 27 00:15:58 2016 -0700
tree4ddc10eaa47e4cd7d6647291bca96a728cd3723c
parent16024ea7c4bae08c972cf6b3734029aad33e8870 [diff]
Only return password for account session flow if the caller is signed
with system key and have get_password permission.

Bug: 30455516
Change-Id: I78484c59e4de1dff685ab91a0a8e7a756fffd9bf
(cherry picked from commit 9342e137c68e9d31e61b774f7a6583ed5f8353f9)

diff --git a/core/java/android/accounts/AccountManager.java b/core/java/android/accounts/AccountManager.java
index 7465ed9..d3551b7 100644
--- a/core/java/android/accounts/AccountManager.java
+++ b/core/java/android/accounts/AccountManager.java

@@ -2676,8 +2676,6 @@
      *         <ul>
      *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for
      *         adding the the to the device later.
-     *         <li>{@link #KEY_PASSWORD} - optional, the password or password
-     *         hash of the account.
      *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check
      *         status of the account
      *         </ul>
@@ -2765,8 +2763,6 @@
      *         <ul>
      *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for
      *         updating the local credentials on device later.
-     *         <li>{@link #KEY_PASSWORD} - optional, the password or password
-     *         hash of the account
      *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check
      *         status of the account
      *         </ul>

diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
index f7bd04b..747ddc2 100644
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java

@@ -2671,10 +2671,9 @@
         boolean isPasswordForwardingAllowed = isPermitted(
                 callerPkg, uid, Manifest.permission.GET_PASSWORD);
 
-        int usrId = UserHandle.getCallingUserId();
         long identityToken = clearCallingIdentity();
         try {
-            UserAccounts accounts = getUserAccounts(usrId);
+            UserAccounts accounts = getUserAccounts(userId);
             logRecordWithUid(accounts, DebugDbHelper.ACTION_CALLED_START_ACCOUNT_ADD,
                     TABLE_ACCOUNTS, uid);
             new StartAccountSession(
@@ -2735,10 +2734,6 @@
                 checkKeyIntent(
                         Binder.getCallingUid(),
                         intent);
-                // Omit passwords if the caller isn't permitted to see them.
-                if (!mIsPasswordForwardingAllowed) {
-                    result.remove(AccountManager.KEY_PASSWORD);
-                }
             }
             IAccountManagerResponse response;
             if (mExpectActivityLaunch && result != null
@@ -2768,6 +2763,11 @@
                 return;
             }
 
+            // Omit passwords if the caller isn't permitted to see them.
+            if (!mIsPasswordForwardingAllowed) {
+                result.remove(AccountManager.KEY_PASSWORD);
+            }
+
             // Strip auth token from result.
             result.remove(AccountManager.KEY_AUTHTOKEN);