diff options
| author | Jim Miller <jaggies@google.com> | 2014-08-26 17:12:29 -0700 |
|---|---|---|
| committer | Jim Miller <jaggies@google.com> | 2014-11-05 18:17:56 -0800 |
| commit | e303bf443532c2ad756260133f00747bcff11e69 (patch) | |
| tree | 35c58c456a33e6a83ea5cad631811683b5861641 /core/java/android/service | |
| parent | 12b239e6d39ad5a35f68e7bcd5f644a793b5cb74 (diff) | |
| download | frameworks_base-e303bf443532c2ad756260133f00747bcff11e69.zip frameworks_base-e303bf443532c2ad756260133f00747bcff11e69.tar.gz frameworks_base-e303bf443532c2ad756260133f00747bcff11e69.tar.bz2 | |
Update TrustAgentService API after review
This change incorporates API council feedback and enables the
TrustAgent whitelisting API.
It also contains a minor cleanup of DPM's use of UserHandle
to eliminate unnecessary object creation.
Fixes bug 17008504
Change-Id: I63cc50169fde54b34406845818bcaf6aadc1a3db
Diffstat (limited to 'core/java/android/service')
3 files changed, 61 insertions, 37 deletions
diff --git a/core/java/android/service/trust/ITrustAgentService.aidl b/core/java/android/service/trust/ITrustAgentService.aidl index bd80a3f..bb0c2b2 100644 --- a/core/java/android/service/trust/ITrustAgentService.aidl +++ b/core/java/android/service/trust/ITrustAgentService.aidl @@ -15,7 +15,7 @@ */ package android.service.trust; -import android.os.Bundle; +import android.os.PersistableBundle; import android.service.trust.ITrustAgentServiceCallback; /** @@ -25,6 +25,6 @@ import android.service.trust.ITrustAgentServiceCallback; interface ITrustAgentService { oneway void onUnlockAttempt(boolean successful); oneway void onTrustTimeout(); + oneway void onConfigure(in List<PersistableBundle> options, IBinder token); oneway void setCallback(ITrustAgentServiceCallback callback); - oneway void setTrustAgentFeaturesEnabled(in Bundle options, IBinder token); } diff --git a/core/java/android/service/trust/ITrustAgentServiceCallback.aidl b/core/java/android/service/trust/ITrustAgentServiceCallback.aidl index b107bcc..76b2be0 100644 --- a/core/java/android/service/trust/ITrustAgentServiceCallback.aidl +++ b/core/java/android/service/trust/ITrustAgentServiceCallback.aidl @@ -27,5 +27,5 @@ oneway interface ITrustAgentServiceCallback { void grantTrust(CharSequence message, long durationMs, boolean initiatedByUser); void revokeTrust(); void setManagingTrust(boolean managingTrust); - void onSetTrustAgentFeaturesEnabledCompleted(boolean result, IBinder token); + void onConfigureCompleted(boolean result, IBinder token); } diff --git a/core/java/android/service/trust/TrustAgentService.java b/core/java/android/service/trust/TrustAgentService.java index 3ef5b37..00d60c0 100644 --- a/core/java/android/service/trust/TrustAgentService.java +++ b/core/java/android/service/trust/TrustAgentService.java @@ -29,11 +29,14 @@ import android.os.Bundle; import android.os.Handler; import android.os.IBinder; import android.os.Message; +import android.os.PersistableBundle; import android.os.RemoteException; import android.os.SystemClock; import android.util.Log; import android.util.Slog; +import java.util.List; + /** * A service that notifies the system about whether it believes the environment of the device * to be trusted. @@ -86,16 +89,46 @@ public class TrustAgentService extends Service { */ public static final String TRUST_AGENT_META_DATA = "android.service.trust.trustagent"; + private static final int MSG_UNLOCK_ATTEMPT = 1; + private static final int MSG_CONFIGURE = 2; + private static final int MSG_TRUST_TIMEOUT = 3; + /** - * A white list of features that the given trust agent should support when otherwise disabled - * by device policy. - * @hide + * Container class for a list of configuration options and helper methods */ - public static final String KEY_FEATURES = "trust_agent_features"; + public static final class Configuration { + public final List<PersistableBundle> options; + public Configuration(List<PersistableBundle> opts) { + options = opts; + } - private static final int MSG_UNLOCK_ATTEMPT = 1; - private static final int MSG_SET_TRUST_AGENT_FEATURES_ENABLED = 2; - private static final int MSG_TRUST_TIMEOUT = 3; + /** + * Very basic method to determine if all bundles have the given feature, regardless + * of type. + * @param option String to search for. + * @return true if found in all bundles. + */ + public boolean hasOption(String option) { + if (options == null || options.size() == 0) return false; + final int N = options.size(); + for (int i = 0; i < N; i++) { + if (!options.get(i).containsKey(option)) return false; + } + return true; + } + } + + /** + * Class containing raw data for a given configuration request. + */ + private static final class ConfigurationData { + final IBinder token; + final List<PersistableBundle> options; + ConfigurationData(List<PersistableBundle> opts, IBinder t) { + options = opts; + token = t; + } + } private ITrustAgentServiceCallback mCallback; @@ -112,13 +145,12 @@ public class TrustAgentService extends Service { case MSG_UNLOCK_ATTEMPT: onUnlockAttempt(msg.arg1 != 0); break; - case MSG_SET_TRUST_AGENT_FEATURES_ENABLED: - Bundle features = msg.peekData(); - IBinder token = (IBinder) msg.obj; - boolean result = onSetTrustAgentFeaturesEnabled(features); + case MSG_CONFIGURE: + ConfigurationData data = (ConfigurationData) msg.obj; + boolean result = onConfigure(new Configuration(data.options)); try { synchronized (mLock) { - mCallback.onSetTrustAgentFeaturesEnabledCompleted(result, token); + mCallback.onConfigureCompleted(result, data.token); } } catch (RemoteException e) { onError("calling onSetTrustAgentFeaturesEnabledCompleted()"); @@ -171,23 +203,16 @@ public class TrustAgentService extends Service { } /** - * Called when device policy wants to restrict features in the agent in response to - * {@link DevicePolicyManager#setTrustAgentFeaturesEnabled(ComponentName, ComponentName, java.util.List) }. - * Agents that support this feature should overload this method and return 'true'. + * Called when device policy admin wants to enable specific options for agent in response to + * {@link DevicePolicyManager#setKeyguardDisabledFeatures(ComponentName, int)} and + * {@link DevicePolicyManager#setTrustAgentConfiguration(ComponentName, ComponentName, + * PersistableBundle)}. + * <p>Agents that support configuration options should overload this method and return 'true'. * - * The list of options can be obtained by calling - * options.getStringArrayList({@link #KEY_FEATURES}). Presence of a feature string in the list - * means it should be enabled ("white-listed"). Absence of the feature means it should be - * disabled. An empty list means all features should be disabled. - * - * This function is only called if {@link DevicePolicyManager#KEYGUARD_DISABLE_TRUST_AGENTS} is - * set. - * - * @param options Option feature bundle. - * @return true if the {@link TrustAgentService} supports this feature. - * @hide + * @param options bundle containing all options or null if none. + * @return true if the {@link TrustAgentService} supports configuration options. */ - public boolean onSetTrustAgentFeaturesEnabled(Bundle options) { + public boolean onConfigure(Configuration options) { return false; } @@ -295,6 +320,12 @@ public class TrustAgentService extends Service { } @Override /* Binder API */ + public void onConfigure(List<PersistableBundle> args, IBinder token) { + mHandler.obtainMessage(MSG_CONFIGURE, new ConfigurationData(args, token)) + .sendToTarget(); + } + + @Override /* Binder API */ public void setCallback(ITrustAgentServiceCallback callback) { synchronized (mLock) { mCallback = callback; @@ -313,13 +344,6 @@ public class TrustAgentService extends Service { } } } - - @Override /* Binder API */ - public void setTrustAgentFeaturesEnabled(Bundle features, IBinder token) { - Message msg = mHandler.obtainMessage(MSG_SET_TRUST_AGENT_FEATURES_ENABLED, token); - msg.setData(features); - msg.sendToTarget(); - } } } |