Add checks for AuthManager

This commit is contained in:
mar-v-in 2014-09-18 16:43:24 +02:00
parent 3685879902
commit 84becfe18e

View File

@ -28,6 +28,8 @@ import android.os.RemoteException;
import android.util.Log; import android.util.Log;
import com.google.android.auth.IAuthManagerService; import com.google.android.auth.IAuthManagerService;
import java.util.Arrays;
public class AuthManagerServiceImpl extends IAuthManagerService.Stub { public class AuthManagerServiceImpl extends IAuthManagerService.Stub {
public static final String GOOGLE_ACCOUNT_TYPE = "com.google"; public static final String GOOGLE_ACCOUNT_TYPE = "com.google";
@ -58,8 +60,9 @@ public class AuthManagerServiceImpl extends IAuthManagerService.Stub {
@Override @Override
public Bundle getToken(String accountName, String scope, Bundle extras) throws RemoteException { public Bundle getToken(String accountName, String scope, Bundle extras) throws RemoteException {
String packageName = extras.containsKey(KEY_ANDROID_PACKAGE_NAME) ? extras.getString(KEY_ANDROID_PACKAGE_NAME) String packageName = extras.getString(KEY_ANDROID_PACKAGE_NAME, extras.getString(KEY_CLIENT_PACKAGE_NAME, null));
: extras.containsKey(KEY_CLIENT_PACKAGE_NAME) ? extras.getString(KEY_CLIENT_PACKAGE_NAME) : null; int callerUid = extras.getInt(KEY_CALLER_UID, 0);
checkPackage(packageName, callerUid, getCallingUid());
boolean notify = extras.getBoolean(KEY_HANDLE_NOTIFICATION, false); boolean notify = extras.getBoolean(KEY_HANDLE_NOTIFICATION, false);
Log.d("AuthManagerService", "getToken: account:" + accountName + " scope:" + scope + " extras:" + extras); Log.d("AuthManagerService", "getToken: account:" + accountName + " scope:" + scope + " extras:" + extras);
@ -83,6 +86,16 @@ public class AuthManagerServiceImpl extends IAuthManagerService.Stub {
} }
} }
private void checkPackage(String packageName, int callerUid, int callingUid) {
if (callerUid != callingUid) {
throw new SecurityException("callerUid [" + callerUid + "] and real calling uid [" + callingUid + "] mismatch!");
}
String[] packagesForUid = context.getPackageManager().getPackagesForUid(callerUid);
if (!Arrays.asList(packagesForUid).contains(packageName)) {
throw new SecurityException("callerUid [" + callerUid + "] is not related to packageName [" + packageName + "]");
}
}
@Override @Override
public Bundle clearToken(String token, Bundle extras) throws RemoteException { public Bundle clearToken(String token, Bundle extras) throws RemoteException {
return null; return null;