Fixing Token refresh issue in SDK

vijaye · vijaye · commit fc4785c2f62f · 2012-02-17T15:21:48.000-08:00
Summary: The TokenRefresh intent is exposed as a service, but we were validating it as an activity. Fixign that and refactoring code. This code should have never worked. Note that without the FB app the refresh token feature will not work. If that is necessary, it's not part of this diff. Test Plan: Verify that hackbook can login & refresh token on the emulator. Reviewers: mmarucheck, yariv, ttung, raghuc1, trvish, pfung Reviewed By: mmarucheck CC: gregschechte, jacl, lshepard Differential Revision: https://phabricator.fb.com/D410960 Task ID: 926377
diff --git a/facebook/src/com/facebook/android/Facebook.java b/facebook/src/com/facebook/android/Facebook.java
@@ -237,7 +237,7 @@ private boolean startSingleSignOn(Activity activity, String applicationId,
         // Verify that the application whose package name is
         // com.facebook.katana.ProxyAuth
         // has the expected FB app signature.
-        if (!validateAppSignatureForIntent(activity, intent)) {
+        if (!validateActivityIntent(activity, intent)) {
             return false;
         }
 
@@ -254,24 +254,59 @@ private boolean startSingleSignOn(Activity activity, String applicationId,
     }
 
     /**
-     * Query the signature for the application that would be invoked by the
-     * given intent and verify that it matches the FB application's signature.
+     * Helper to validate an activity intent by resolving and checking the
+     * provider's package signature.
      *
      * @param context
      * @param intent
-     * @param validSignature
-     * @return true if the app's signature matches the expected signature.
+     * @return true if the service intent resolution happens successfully and the
+     * 	signatures match.
      */
-    private boolean validateAppSignatureForIntent(Context context,
-            Intent intent) {
+    private boolean validateActivityIntent(Context context, Intent intent) {
+        ResolveInfo resolveInfo =
+            context.getPackageManager().resolveActivity(intent, 0);
+        if (resolveInfo == null) {
+            return false;
+        }
 
+        return validateAppSignatureForPackage(
+            context,
+            resolveInfo.activityInfo.packageName);
+    }
+
+
+    /**
+     * Helper to validate a service intent by resolving and checking the
+     * provider's package signature.
+     *
+     * @param context
+     * @param intent
+     * @return true if the service intent resolution happens successfully and the
+     * 	signatures match.
+     */
+    private boolean validateServiceIntent(Context context, Intent intent) {
         ResolveInfo resolveInfo =
-                context.getPackageManager().resolveActivity(intent, 0);
+            context.getPackageManager().resolveService(intent, 0);
         if (resolveInfo == null) {
             return false;
         }
 
-        String packageName = resolveInfo.activityInfo.packageName;
+        return validateAppSignatureForPackage(
+            context,
+            resolveInfo.serviceInfo.packageName);
+    }
+
+    /**
+     * Query the signature for the application that would be invoked by the
+     * given intent and verify that it matches the FB application's signature.
+     *
+     * @param context
+     * @param packageName
+     * @return true if the app's signature matches the expected signature.
+     */
+    private boolean validateAppSignatureForPackage(Context context,
+        String packageName) {
+
         PackageInfo packageInfo;
         try {
             packageInfo = context.getPackageManager().getPackageInfo(
@@ -382,7 +417,7 @@ public void authorizeCallback(int requestCode, int resultCode, Intent data) {
                         if (description != null) {
                             error = error + ":" + description;
                         }
-                    	Log.d("Facebook-authorize", "Login failed: " + error);
+                        Log.d("Facebook-authorize", "Login failed: " + error);
                         mAuthDialogListener.onFacebookError(
                           new FacebookError(error));
                     }
@@ -453,7 +488,7 @@ public boolean extendAccessToken(Context context, ServiceListener serviceListene
         // Verify that the application whose package name is
         // com.facebook.katana
         // has the expected FB app signature.
-        if (!validateAppSignatureForIntent(context, intent)) {
+        if (!validateServiceIntent(context, intent)) {
             return false;
         }
 
