commit c86c3fdd9a0307b8df6e4bed70f9e514f911858b
author Fyodor Kupolov <fkupolov@google.com> Mon Apr 18 13:57:31 2016 -0700
committer Fyodor Kupolov <fkupolov@google.com> Mon Apr 18 13:57:31 2016 -0700
tree d5f2380f3c92f8d786afea8f6f302a14b276496f
parent 8dd32a56f74b896b21895ec75d58fa415caa2c70

Return null when user is locked

In getUserData, peekAuthToken return null instead of crashing when a user is
locked. As per JavaDoc authenticators are expected to handle null return values.

Bug: 28217043
Change-Id: I06d5a2965fe685cad21215958d5d94f413f77677

services/core/java/com/android/server/accounts/AccountManagerService.java

diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
index 4791818..49cf834 100644
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -828,6 +828,10 @@
                     account.type);
             throw new SecurityException(msg);
         }
+        if (!isUserUnlocked(userId)) {
+            Log.w(TAG, "User " + userId + " data is locked. callingUid " + callingUid);
+            return null;
+        }
         long identityToken = clearCallingIdentity();
         try {
             UserAccounts accounts = getUserAccounts(userId);
@@ -1788,6 +1792,11 @@
                     account.type);
             throw new SecurityException(msg);
         }
+        if (!isUserUnlocked(userId)) {
+            Log.w(TAG, "Authtoken not available - user " + userId + " data is locked. callingUid "
+                    + callingUid);
+            return null;
+        }
         long identityToken = clearCallingIdentity();
         try {
             UserAccounts accounts = getUserAccounts(userId);