Security: AccountChooser shouldn't auto reveal accounts.
Bug: 9739125
Change-Id: Ib9032271def423aaafdab2505afaf6b1d3fcad06
diff --git a/api/current.txt b/api/current.txt
index 0eeb68a..8c69ab7 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -2716,7 +2716,8 @@
method public java.lang.String getUserData(android.accounts.Account, java.lang.String);
method public android.accounts.AccountManagerFuture<java.lang.Boolean> hasFeatures(android.accounts.Account, java.lang.String[], android.accounts.AccountManagerCallback<java.lang.Boolean>, android.os.Handler);
method public void invalidateAuthToken(java.lang.String, java.lang.String);
- method public static android.content.Intent newChooseAccountIntent(android.accounts.Account, java.util.ArrayList<android.accounts.Account>, java.lang.String[], boolean, java.lang.String, java.lang.String, java.lang.String[], android.os.Bundle);
+ method public static deprecated android.content.Intent newChooseAccountIntent(android.accounts.Account, java.util.List<android.accounts.Account>, java.lang.String[], boolean, java.lang.String, java.lang.String, java.lang.String[], android.os.Bundle);
+ method public static android.content.Intent newChooseAccountIntent(android.accounts.Account, java.util.List<android.accounts.Account>, java.lang.String[], java.lang.String, java.lang.String, java.lang.String[], android.os.Bundle);
method public boolean notifyAccountAuthenticated(android.accounts.Account);
method public java.lang.String peekAuthToken(android.accounts.Account, java.lang.String);
method public deprecated android.accounts.AccountManagerFuture<java.lang.Boolean> removeAccount(android.accounts.Account, android.accounts.AccountManagerCallback<java.lang.Boolean>, android.os.Handler);
diff --git a/api/system-current.txt b/api/system-current.txt
index ef03bad..57bdfe9c 100644
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -2813,7 +2813,8 @@
method public java.lang.String getUserData(android.accounts.Account, java.lang.String);
method public android.accounts.AccountManagerFuture<java.lang.Boolean> hasFeatures(android.accounts.Account, java.lang.String[], android.accounts.AccountManagerCallback<java.lang.Boolean>, android.os.Handler);
method public void invalidateAuthToken(java.lang.String, java.lang.String);
- method public static android.content.Intent newChooseAccountIntent(android.accounts.Account, java.util.ArrayList<android.accounts.Account>, java.lang.String[], boolean, java.lang.String, java.lang.String, java.lang.String[], android.os.Bundle);
+ method public static deprecated android.content.Intent newChooseAccountIntent(android.accounts.Account, java.util.List<android.accounts.Account>, java.lang.String[], boolean, java.lang.String, java.lang.String, java.lang.String[], android.os.Bundle);
+ method public static android.content.Intent newChooseAccountIntent(android.accounts.Account, java.util.List<android.accounts.Account>, java.lang.String[], java.lang.String, java.lang.String, java.lang.String[], android.os.Bundle);
method public boolean notifyAccountAuthenticated(android.accounts.Account);
method public java.lang.String peekAuthToken(android.accounts.Account, java.lang.String);
method public deprecated android.accounts.AccountManagerFuture<java.lang.Boolean> removeAccount(android.accounts.Account, android.accounts.AccountManagerCallback<java.lang.Boolean>, android.os.Handler);
diff --git a/core/java/android/accounts/AccountManager.java b/core/java/android/accounts/AccountManager.java
index aa7692b..aaf90a6 100644
--- a/core/java/android/accounts/AccountManager.java
+++ b/core/java/android/accounts/AccountManager.java
@@ -43,6 +43,7 @@
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
import java.util.concurrent.Callable;
import java.util.concurrent.CancellationException;
@@ -2259,6 +2260,9 @@
}
/**
+ * Deprecated in favor of {@link #newChooseAccountIntent(Account, List, String[], String,
+ * String, String[], Bundle)}.
+ *
* Returns an intent to an {@link Activity} that prompts the user to choose from a list of
* accounts.
* The caller will then typically start the activity by calling
@@ -2273,14 +2277,13 @@
* null, null, null);</pre>
* @param selectedAccount if specified, indicates that the {@link Account} is the currently
* selected one, according to the caller's definition of selected.
- * @param allowableAccounts an optional {@link ArrayList} of accounts that are allowed to be
+ * @param allowableAccounts an optional {@link List} of accounts that are allowed to be
* shown. If not specified then this field will not limit the displayed accounts.
* @param allowableAccountTypes an optional string array of account types. These are used
* both to filter the shown accounts and to filter the list of account types that are shown
* when adding an account. If not specified then this field will not limit the displayed
* account types when adding an account.
- * @param alwaysPromptForAccount if set the account chooser screen is always shown, otherwise
- * it is only shown when there is more than one account from which to choose
+ * @param alwaysPromptForAccount boolean that is ignored.
* @param descriptionOverrideText if non-null this string is used as the description in the
* accounts chooser screen rather than the default
* @param addAccountAuthTokenType this string is passed as the {@link #addAccount}
@@ -2291,28 +2294,77 @@
* parameter
* @return an {@link Intent} that can be used to launch the ChooseAccount activity flow.
*/
- static public Intent newChooseAccountIntent(Account selectedAccount,
- ArrayList<Account> allowableAccounts,
+ @Deprecated
+ static public Intent newChooseAccountIntent(
+ Account selectedAccount,
+ List<Account> allowableAccounts,
String[] allowableAccountTypes,
boolean alwaysPromptForAccount,
String descriptionOverrideText,
String addAccountAuthTokenType,
String[] addAccountRequiredFeatures,
Bundle addAccountOptions) {
+ return newChooseAccountIntent(
+ selectedAccount,
+ allowableAccounts,
+ allowableAccountTypes,
+ descriptionOverrideText,
+ addAccountAuthTokenType,
+ addAccountRequiredFeatures,
+ addAccountOptions);
+ }
+
+ /**
+ * Returns an intent to an {@link Activity} that prompts the user to choose from a list of
+ * accounts.
+ * The caller will then typically start the activity by calling
+ * <code>startActivityForResult(intent, ...);</code>.
+ * <p>
+ * On success the activity returns a Bundle with the account name and type specified using
+ * keys {@link #KEY_ACCOUNT_NAME} and {@link #KEY_ACCOUNT_TYPE}.
+ * <p>
+ * The most common case is to call this with one account type, e.g.:
+ * <p>
+ * <pre> newChooseAccountIntent(null, null, new String[]{"com.google"}, null, null, null,
+ * null);</pre>
+ * @param selectedAccount if specified, indicates that the {@link Account} is the currently
+ * selected one, according to the caller's definition of selected.
+ * @param allowableAccounts an optional {@link List} of accounts that are allowed to be
+ * shown. If not specified then this field will not limit the displayed accounts.
+ * @param allowableAccountTypes an optional string array of account types. These are used
+ * both to filter the shown accounts and to filter the list of account types that are shown
+ * when adding an account. If not specified then this field will not limit the displayed
+ * account types when adding an account.
+ * @param descriptionOverrideText if non-null this string is used as the description in the
+ * accounts chooser screen rather than the default
+ * @param addAccountAuthTokenType this string is passed as the {@link #addAccount}
+ * authTokenType parameter
+ * @param addAccountRequiredFeatures this string array is passed as the {@link #addAccount}
+ * requiredFeatures parameter
+ * @param addAccountOptions This {@link Bundle} is passed as the {@link #addAccount} options
+ * parameter
+ * @return an {@link Intent} that can be used to launch the ChooseAccount activity flow.
+ */
+ static public Intent newChooseAccountIntent(
+ Account selectedAccount,
+ List<Account> allowableAccounts,
+ String[] allowableAccountTypes,
+ String descriptionOverrideText,
+ String addAccountAuthTokenType,
+ String[] addAccountRequiredFeatures,
+ Bundle addAccountOptions) {
Intent intent = new Intent();
ComponentName componentName = ComponentName.unflattenFromString(
Resources.getSystem().getString(R.string.config_chooseTypeAndAccountActivity));
intent.setClassName(componentName.getPackageName(),
componentName.getClassName());
intent.putExtra(ChooseTypeAndAccountActivity.EXTRA_ALLOWABLE_ACCOUNTS_ARRAYLIST,
- allowableAccounts);
+ new ArrayList<Account>(allowableAccounts));
intent.putExtra(ChooseTypeAndAccountActivity.EXTRA_ALLOWABLE_ACCOUNT_TYPES_STRING_ARRAY,
allowableAccountTypes);
intent.putExtra(ChooseTypeAndAccountActivity.EXTRA_ADD_ACCOUNT_OPTIONS_BUNDLE,
addAccountOptions);
intent.putExtra(ChooseTypeAndAccountActivity.EXTRA_SELECTED_ACCOUNT, selectedAccount);
- intent.putExtra(ChooseTypeAndAccountActivity.EXTRA_ALWAYS_PROMPT_FOR_ACCOUNT,
- alwaysPromptForAccount);
intent.putExtra(ChooseTypeAndAccountActivity.EXTRA_DESCRIPTION_TEXT_OVERRIDE,
descriptionOverrideText);
intent.putExtra(ChooseTypeAndAccountActivity.EXTRA_ADD_ACCOUNT_AUTH_TOKEN_TYPE_STRING,
diff --git a/core/java/android/accounts/ChooseTypeAndAccountActivity.java b/core/java/android/accounts/ChooseTypeAndAccountActivity.java
index c06b462..133df2b 100644
--- a/core/java/android/accounts/ChooseTypeAndAccountActivity.java
+++ b/core/java/android/accounts/ChooseTypeAndAccountActivity.java
@@ -88,9 +88,10 @@
public static final String EXTRA_SELECTED_ACCOUNT = "selectedAccount";
/**
- * If true then display the account selection list even if there is just
- * one account to choose from. boolean.
+ * Deprecated. Providing this extra to {@link ChooseTypeAndAccountActivity}
+ * will have no effect.
*/
+ @Deprecated
public static final String EXTRA_ALWAYS_PROMPT_FOR_ACCOUNT =
"alwaysPromptForAccount";
@@ -117,7 +118,6 @@
private Set<String> mSetOfRelevantAccountTypes;
private String mSelectedAccountName = null;
private boolean mSelectedAddNewAccount = false;
- private boolean mAlwaysPromptForAccount = false;
private String mDescriptionOverride;
private ArrayList<Account> mAccounts;
@@ -188,7 +188,6 @@
mSetOfAllowableAccounts = getAllowableAccountSet(intent);
mSetOfRelevantAccountTypes = getReleventAccountTypes(intent);
- mAlwaysPromptForAccount = intent.getBooleanExtra(EXTRA_ALWAYS_PROMPT_FOR_ACCOUNT, false);
mDescriptionOverride = intent.getStringExtra(EXTRA_DESCRIPTION_TEXT_OVERRIDE);
mAccounts = getAcceptableAccountChoices(AccountManager.get(this));
@@ -218,15 +217,6 @@
} else {
startChooseAccountTypeActivity();
}
- return;
- }
-
- // if there is only one allowable account return it
- if (!mAlwaysPromptForAccount && mAccounts.size() == 1) {
- Account account = mAccounts.get(0);
- super.onCreate(savedInstanceState);
- setResultAndFinish(account.name, account.type);
- return;
}
}