2014-08-22 20:08:44 +00:00
|
|
|
/*
|
2017-06-12 22:30:41 +00:00
|
|
|
* Copyright (C) 2013-2017 microG Project Team
|
2014-08-22 20:08:44 +00:00
|
|
|
*
|
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
|
*
|
2015-01-28 14:29:50 +00:00
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
2014-08-22 20:08:44 +00:00
|
|
|
*
|
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
|
* limitations under the License.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
package org.microg.gms.auth;
|
|
|
|
|
|
2015-06-22 21:26:35 +00:00
|
|
|
import android.accounts.Account;
|
2015-10-04 00:16:01 +00:00
|
|
|
import android.app.NotificationManager;
|
|
|
|
|
import android.app.PendingIntent;
|
2014-08-22 20:08:44 +00:00
|
|
|
import android.content.Context;
|
|
|
|
|
import android.content.Intent;
|
2015-10-04 00:16:01 +00:00
|
|
|
import android.content.pm.PackageManager;
|
2014-08-22 20:08:44 +00:00
|
|
|
import android.os.Bundle;
|
|
|
|
|
import android.os.RemoteException;
|
2018-01-02 00:45:43 +00:00
|
|
|
import android.support.v4.app.NotificationCompat;
|
2015-03-09 23:06:49 +00:00
|
|
|
import android.util.Base64;
|
2014-08-22 20:08:44 +00:00
|
|
|
import android.util.Log;
|
2015-02-03 22:08:55 +00:00
|
|
|
|
2014-08-22 20:08:44 +00:00
|
|
|
import com.google.android.auth.IAuthManagerService;
|
2015-10-04 00:16:01 +00:00
|
|
|
import com.google.android.gms.R;
|
2015-02-10 02:33:30 +00:00
|
|
|
import com.google.android.gms.auth.AccountChangeEventsRequest;
|
|
|
|
|
import com.google.android.gms.auth.AccountChangeEventsResponse;
|
2015-12-03 07:55:47 +00:00
|
|
|
import com.google.android.gms.auth.TokenData;
|
|
|
|
|
import com.google.android.gms.common.api.Scope;
|
2014-08-22 20:08:44 +00:00
|
|
|
|
2015-03-06 19:08:47 +00:00
|
|
|
import org.microg.gms.common.PackageUtils;
|
2014-09-18 14:43:24 +00:00
|
|
|
|
2015-06-23 17:22:19 +00:00
|
|
|
import java.io.IOException;
|
2015-12-03 07:55:47 +00:00
|
|
|
import java.util.ArrayList;
|
|
|
|
|
import java.util.List;
|
2015-06-23 17:22:19 +00:00
|
|
|
|
2015-03-09 23:06:49 +00:00
|
|
|
import static android.accounts.AccountManager.KEY_ACCOUNT_NAME;
|
|
|
|
|
import static android.accounts.AccountManager.KEY_ACCOUNT_TYPE;
|
|
|
|
|
import static android.accounts.AccountManager.KEY_AUTHTOKEN;
|
|
|
|
|
import static org.microg.gms.auth.AskPermissionActivity.EXTRA_CONSENT_DATA;
|
|
|
|
|
|
2014-08-22 20:08:44 +00:00
|
|
|
public class AuthManagerServiceImpl extends IAuthManagerService.Stub {
|
2015-03-01 13:54:31 +00:00
|
|
|
private static final String TAG = "GmsAuthManagerSvc";
|
2015-02-10 02:33:30 +00:00
|
|
|
|
2014-08-22 20:08:44 +00:00
|
|
|
public static final String KEY_AUTHORITY = "authority";
|
|
|
|
|
public static final String KEY_CALLBACK_INTENT = "callback_intent";
|
|
|
|
|
public static final String KEY_CALLER_UID = "callerUid";
|
2015-03-24 21:21:35 +00:00
|
|
|
public static final String KEY_ANDROID_PACKAGE_NAME = "androidPackageName";
|
2014-08-22 20:08:44 +00:00
|
|
|
public static final String KEY_CLIENT_PACKAGE_NAME = "clientPackageName";
|
|
|
|
|
public static final String KEY_HANDLE_NOTIFICATION = "handle_notification";
|
|
|
|
|
public static final String KEY_REQUEST_ACTIONS = "request_visible_actions";
|
|
|
|
|
public static final String KEY_REQUEST_VISIBLE_ACTIVITIES = "request_visible_actions";
|
|
|
|
|
public static final String KEY_SUPPRESS_PROGRESS_SCREEN = "suppressProgressScreen";
|
|
|
|
|
public static final String KEY_SYNC_EXTRAS = "sync_extras";
|
|
|
|
|
|
|
|
|
|
public static final String KEY_ERROR = "Error";
|
|
|
|
|
public static final String KEY_USER_RECOVERY_INTENT = "userRecoveryIntent";
|
|
|
|
|
|
2015-03-09 23:06:49 +00:00
|
|
|
private final Context context;
|
2014-08-22 20:08:44 +00:00
|
|
|
|
|
|
|
|
public AuthManagerServiceImpl(Context context) {
|
|
|
|
|
this.context = context;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public Bundle getToken(String accountName, String scope, Bundle extras) throws RemoteException {
|
2015-03-23 21:30:41 +00:00
|
|
|
String packageName = extras.getString(KEY_ANDROID_PACKAGE_NAME);
|
2015-03-24 21:21:35 +00:00
|
|
|
if (packageName == null || packageName.isEmpty())
|
|
|
|
|
packageName = extras.getString(KEY_CLIENT_PACKAGE_NAME);
|
2014-09-18 14:43:24 +00:00
|
|
|
int callerUid = extras.getInt(KEY_CALLER_UID, 0);
|
2015-03-06 19:08:47 +00:00
|
|
|
PackageUtils.checkPackageUid(context, packageName, callerUid, getCallingUid());
|
2014-08-22 20:08:44 +00:00
|
|
|
boolean notify = extras.getBoolean(KEY_HANDLE_NOTIFICATION, false);
|
|
|
|
|
|
2015-02-10 14:31:13 +00:00
|
|
|
Log.d(TAG, "getToken: account:" + accountName + " scope:" + scope + " extras:" + extras + ", notify: " + notify);
|
2015-10-03 20:47:05 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* TODO: This scope seems to be invalid (according to https://developers.google.com/oauthplayground/),
|
|
|
|
|
* but is used in some applications anyway. Removing it is unlikely a good solution, but works for now.
|
|
|
|
|
*/
|
|
|
|
|
scope = scope.replace("https://www.googleapis.com/auth/identity.plus.page.impersonation ", "");
|
|
|
|
|
|
2015-03-09 23:06:49 +00:00
|
|
|
AuthManager authManager = new AuthManager(context, accountName, packageName, scope);
|
2015-12-03 07:55:47 +00:00
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
result.putString(KEY_ACCOUNT_NAME, accountName);
|
|
|
|
|
result.putString(KEY_ACCOUNT_TYPE, authManager.getAccountType());
|
2015-03-09 23:06:49 +00:00
|
|
|
try {
|
|
|
|
|
AuthResponse res = authManager.requestAuth(false);
|
|
|
|
|
if (res.auth != null) {
|
2015-12-03 07:55:47 +00:00
|
|
|
Log.d(TAG, "getToken: " + res);
|
2015-03-24 21:21:35 +00:00
|
|
|
result.putString(KEY_AUTHTOKEN, res.auth);
|
2015-12-03 07:55:47 +00:00
|
|
|
Bundle details = new Bundle();
|
|
|
|
|
details.putParcelable("TokenData", new TokenData(res.auth, res.expiry, scope.startsWith("oauth2:"), getScopes(scope)));
|
|
|
|
|
result.putBundle("tokenDetails", details);
|
2015-03-09 23:06:49 +00:00
|
|
|
result.putString(KEY_ERROR, "OK");
|
2015-02-10 14:31:13 +00:00
|
|
|
} else {
|
2015-03-24 21:21:35 +00:00
|
|
|
result.putString(KEY_ERROR, "NeedPermission");
|
2015-03-09 23:06:49 +00:00
|
|
|
Intent i = new Intent(context, AskPermissionActivity.class);
|
|
|
|
|
i.putExtras(extras);
|
|
|
|
|
i.putExtra(KEY_ANDROID_PACKAGE_NAME, packageName);
|
2015-03-12 15:49:25 +00:00
|
|
|
i.putExtra(KEY_ACCOUNT_TYPE, authManager.getAccountType());
|
2015-03-09 23:06:49 +00:00
|
|
|
i.putExtra(KEY_ACCOUNT_NAME, accountName);
|
|
|
|
|
i.putExtra(KEY_AUTHTOKEN, scope);
|
2015-04-12 19:33:29 +00:00
|
|
|
try {
|
|
|
|
|
if (res.consentDataBase64 != null)
|
|
|
|
|
i.putExtra(EXTRA_CONSENT_DATA, Base64.decode(res.consentDataBase64, Base64.URL_SAFE));
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
Log.w(TAG, "Can't decode consent data: ", e);
|
|
|
|
|
}
|
2015-10-04 00:16:01 +00:00
|
|
|
if (notify) {
|
|
|
|
|
NotificationManager nm = (NotificationManager) context.getSystemService(Context.NOTIFICATION_SERVICE);
|
|
|
|
|
nm.notify(packageName.hashCode(), new NotificationCompat.Builder(context)
|
|
|
|
|
.setContentIntent(PendingIntent.getActivity(context, 0, i, 0))
|
|
|
|
|
.setContentTitle(context.getString(R.string.auth_notification_title))
|
|
|
|
|
.setContentText(context.getString(R.string.auth_notification_content, getPackageLabel(packageName, context.getPackageManager())))
|
|
|
|
|
.setSmallIcon(android.R.drawable.stat_notify_error)
|
|
|
|
|
.build());
|
|
|
|
|
}
|
2015-03-24 21:21:35 +00:00
|
|
|
result.putParcelable(KEY_USER_RECOVERY_INTENT, i);
|
2015-02-10 14:31:13 +00:00
|
|
|
}
|
2015-06-23 17:22:19 +00:00
|
|
|
} catch (IOException e) {
|
2015-03-09 23:06:49 +00:00
|
|
|
Log.w(TAG, e);
|
2015-06-23 17:22:19 +00:00
|
|
|
result.putString(KEY_ERROR, "NetworkError");
|
2014-08-22 20:08:44 +00:00
|
|
|
}
|
2015-12-03 07:55:47 +00:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private List<Scope> getScopes(String scope) {
|
|
|
|
|
if (!scope.startsWith("oauth2:")) return null;
|
|
|
|
|
String[] strings = scope.substring(7).split(" ");
|
|
|
|
|
List<Scope> res = new ArrayList<Scope>();
|
|
|
|
|
for (String string : strings) {
|
|
|
|
|
res.add(new Scope(string));
|
|
|
|
|
}
|
|
|
|
|
return res;
|
2014-08-22 20:08:44 +00:00
|
|
|
}
|
|
|
|
|
|
2015-10-04 00:16:01 +00:00
|
|
|
private static CharSequence getPackageLabel(String packageName, PackageManager pm) {
|
|
|
|
|
try {
|
|
|
|
|
return pm.getApplicationLabel(pm.getApplicationInfo(packageName, 0));
|
|
|
|
|
} catch (PackageManager.NameNotFoundException e) {
|
|
|
|
|
return packageName;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-02-10 02:33:30 +00:00
|
|
|
@Override
|
|
|
|
|
public AccountChangeEventsResponse getChangeEvents(AccountChangeEventsRequest request) {
|
|
|
|
|
return new AccountChangeEventsResponse();
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-22 21:26:35 +00:00
|
|
|
@Override
|
|
|
|
|
public Bundle getTokenWithAccount(Account account, String scope, Bundle extras) throws RemoteException {
|
|
|
|
|
return getToken(account.name, scope, extras);
|
|
|
|
|
}
|
|
|
|
|
|
2014-08-22 20:08:44 +00:00
|
|
|
@Override
|
|
|
|
|
public Bundle clearToken(String token, Bundle extras) throws RemoteException {
|
2015-03-24 21:21:35 +00:00
|
|
|
String packageName = extras.getString(KEY_ANDROID_PACKAGE_NAME);
|
|
|
|
|
if (packageName == null) packageName = extras.getString(KEY_CLIENT_PACKAGE_NAME);
|
2015-03-23 21:30:41 +00:00
|
|
|
int callerUid = extras.getInt(KEY_CALLER_UID, 0);
|
|
|
|
|
PackageUtils.checkPackageUid(context, packageName, callerUid, getCallingUid());
|
|
|
|
|
|
|
|
|
|
Log.d(TAG, "clearToken: token:" + token + " extras:" + extras);
|
2014-08-22 20:08:44 +00:00
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
}
|
