Merge pull request #16082 from wordpress-mobile/issue/16065-pending-intent-mutability

Android 12: Security and privacy - Pending intents mutability

Author: ashiagr

WordPress/src/main/AndroidManifest.xml

@@ -1027,10 +1027,12 @@
                 android:resource="@xml/provider_paths"/>
         </provider>
 
-        <!-- Remove the default WorkManagerInitializer so we can use our own -->
+        <!-- Remove the default WorkManagerInitializer so we can use our own
+        Since WorkManager 2.6, App Startup is used internally within WorkManager.
+        To provide a custom initializer we need to remove the androidx.startup node.-->
         <provider
-            android:name="androidx.work.impl.WorkManagerInitializer"
-            android:authorities="${applicationId}.workmanager-init"
+            android:name="androidx.startup.InitializationProvider"
+            android:authorities="${applicationId}.androidx-startup"
             tools:node="remove" />
 
     </application>

WordPress/src/main/java/org/wordpress/android/push/GCMMessageHandler.java

@@ -100,8 +100,7 @@ public class GCMMessageHandler {
     private final ArrayMap<Integer, Bundle> mActiveNotificationsMap;
     private final NotificationHelper mNotificationHelper;
 
-    @Inject
-    GCMMessageHandler(SystemNotificationsTracker systemNotificationsTracker) {
+    @Inject GCMMessageHandler(SystemNotificationsTracker systemNotificationsTracker) {
         mActiveNotificationsMap = new ArrayMap<>();
         mNotificationHelper = new NotificationHelper(this, systemNotificationsTracker);
     }
@@ -544,27 +543,23 @@ private void addCommentApproveActionForCommentNotification(Context context, Noti
         }
 
         private PendingIntent getCommentActionPendingIntent(Context context, Intent intent) {
-            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
-                return getCommentActionPendingIntentForService(context, intent);
-            } else {
-                return getCommentActionPendingIntentForActivity(context, intent);
-            }
+            return getCommentActionPendingIntentForService(context, intent);
         }
 
         private PendingIntent getCommentActionPendingIntentForService(Context context, Intent intent) {
-            return PendingIntent.getService(context, 0, intent, PendingIntent.FLAG_CANCEL_CURRENT);
-        }
-
-        private PendingIntent getCommentActionPendingIntentForActivity(Context context, Intent intent) {
-            return PendingIntent.getActivity(context, 0, intent, PendingIntent.FLAG_CANCEL_CURRENT);
+            int flags = PendingIntent.FLAG_CANCEL_CURRENT;
+            if (Build.VERSION.SDK_INT >= 31) flags |= PendingIntent.FLAG_MUTABLE;
+
+            return PendingIntent.getService(
+                    context,
+                    0,
+                    intent,
+                    flags
+            );
         }
 
         private Intent getCommentActionReplyIntent(Context context, String noteId) {
-            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
-                return getCommentActionIntentForService(context);
-            } else {
-                return getCommentActionIntentForActivity(context, noteId);
-            }
+            return getCommentActionIntentForService(context);
         }
 
         private Intent getCommentActionIntent(Context context) {
@@ -575,18 +570,6 @@ private Intent getCommentActionIntentForService(Context context) {
             return new Intent(context, NotificationsProcessingService.class);
         }
 
-        private Intent getCommentActionIntentForActivity(Context context, String noteId) {
-            Intent intent = new Intent(context, WPMainActivity.class);
-            intent.putExtra(WPMainActivity.ARG_OPENED_FROM_PUSH, true);
-            intent.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP | Intent.FLAG_ACTIVITY_NEW_TASK
-                            | Intent.FLAG_ACTIVITY_CLEAR_TASK);
-            intent.setAction("android.intent.action.MAIN");
-            intent.addCategory("android.intent.category.LAUNCHER");
-            intent.putExtra(NotificationsListFragment.NOTE_ID_EXTRA, noteId);
-            intent.putExtra(NotificationsListFragment.NOTE_INSTANT_REPLY_EXTRA, true);
-            return intent;
-        }
-
         private Bitmap getLargeIconBitmap(Context context, String iconUrl, boolean shouldCircularizeIcon) {
             Bitmap largeIconBitmap = null;
             if (iconUrl != null) {
@@ -797,9 +780,13 @@ private void showNotificationForBuilder(NotificationCompat.Builder builder, Cont
                 builder.setCategory(NotificationCompat.CATEGORY_SOCIAL);
 
                 resultIntent.putExtra(ARG_NOTIFICATION_TYPE, notificationType);
-                PendingIntent pendingIntent = PendingIntent.getActivity(context, pushId, resultIntent,
-                        PendingIntent.FLAG_CANCEL_CURRENT
-                        | PendingIntent.FLAG_UPDATE_CURRENT);
+                PendingIntent pendingIntent = PendingIntent.getActivity(
+                        context,
+                        pushId,
+                        resultIntent,
+                        PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_UPDATE_CURRENT
+                        | PendingIntent.FLAG_IMMUTABLE
+                );
                 builder.setContentIntent(pendingIntent);
                 NotificationManagerCompat notificationManager = NotificationManagerCompat.from(context);
                 notificationManager.notify(pushId, builder.build());
@@ -992,9 +979,12 @@ private void handlePushAuth(Context context, Bundle data) {
                     .setOnlyAlertOnce(true)
                     .setPriority(NotificationCompat.PRIORITY_MAX);
 
-            PendingIntent pendingIntent =
-                    PendingIntent.getActivity(context, AUTH_PUSH_REQUEST_CODE_OPEN_DIALOG, pushAuthIntent,
-                            PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_UPDATE_CURRENT);
+            PendingIntent pendingIntent = PendingIntent.getActivity(
+                    context,
+                    AUTH_PUSH_REQUEST_CODE_OPEN_DIALOG,
+                    pushAuthIntent,
+                    PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_UPDATE_CURRENT | PendingIntent.FLAG_IMMUTABLE
+            );
             builder.setContentIntent(pendingIntent);
 
 
@@ -1013,9 +1003,12 @@ private void handlePushAuth(Context context, Bundle data) {
             authApproveIntent.setAction("android.intent.action.MAIN");
             authApproveIntent.addCategory("android.intent.category.LAUNCHER");
 
-            PendingIntent authApprovePendingIntent =
-                    PendingIntent.getActivity(context, AUTH_PUSH_REQUEST_CODE_APPROVE, authApproveIntent,
-                            PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_UPDATE_CURRENT);
+            PendingIntent authApprovePendingIntent = PendingIntent.getActivity(
+                    context,
+                    AUTH_PUSH_REQUEST_CODE_APPROVE,
+                    authApproveIntent,
+                    PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_UPDATE_CURRENT | PendingIntent.FLAG_IMMUTABLE
+            );
 
             builder.addAction(R.drawable.ic_checkmark_white_24dp, context.getText(R.string.approve),
                     authApprovePendingIntent);
@@ -1024,10 +1017,12 @@ private void handlePushAuth(Context context, Bundle data) {
             Intent authIgnoreIntent = new Intent(context, NotificationsProcessingService.class);
             authIgnoreIntent.putExtra(NotificationsProcessingService.ARG_ACTION_TYPE,
                     NotificationsProcessingService.ARG_ACTION_AUTH_IGNORE);
-            PendingIntent authIgnorePendingIntent = PendingIntent.getService(context,
+            PendingIntent authIgnorePendingIntent = PendingIntent.getService(
+                    context,
                     AUTH_PUSH_REQUEST_CODE_IGNORE,
                     authIgnoreIntent,
-                    PendingIntent.FLAG_CANCEL_CURRENT);
+                    PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_IMMUTABLE
+            );
             builder.addAction(R.drawable.ic_close_white_24dp, context.getText(R.string.ignore),
                     authIgnorePendingIntent);
 

WordPress/src/main/java/org/wordpress/android/push/NotificationsProcessingService.java

@@ -135,7 +135,8 @@ public static PendingIntent getPendingIntentForNotificationDismiss(Context conte
         intent.putExtra(ARG_NOTIFICATION_TYPE, notificationType);
         intent.addCategory(ARG_ACTION_NOTIFICATION_DISMISS);
 
-        return PendingIntent.getService(context, pushId, intent, PendingIntent.FLAG_CANCEL_CURRENT);
+        return PendingIntent
+                .getService(context, pushId, intent, PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_IMMUTABLE);
     }
 
     public static void stopService(Context context) {

WordPress/src/main/java/org/wordpress/android/ui/notifications/receivers/NotificationsPendingDraftsReceiver.java

@@ -135,15 +135,15 @@ private String getPostTitle(Context context, String postTitle) {
     private void buildSinglePendingDraftNotification(Context context, String postTitle, String formattedMessage,
                                                      int postId, boolean isPage) {
         buildSinglePendingDraftNotification(context, getResultIntentForOnePost(context, postId, isPage),
-                                    String.format(formattedMessage, getPostTitle(context, postTitle)), postId, isPage);
+                String.format(formattedMessage, getPostTitle(context, postTitle)), postId, isPage);
     }
 
     private void buildSinglePendingDraftNotificationGeneric(Context context, String postTitle, int postId,
                                                             boolean isPage) {
         buildSinglePendingDraftNotification(context, getResultIntentForOnePost(context, postId, isPage),
-                                    String.format(context.getString(R.string.pending_draft_one_generic),
-                                                  getPostTitle(context, postTitle)),
-                                    postId, isPage);
+                String.format(context.getString(R.string.pending_draft_one_generic),
+                        getPostTitle(context, postTitle)),
+                postId, isPage);
     }
 
     private PendingIntent getResultIntentForOnePost(Context context, int postId, boolean isPage) {
@@ -156,10 +156,12 @@ private PendingIntent getResultIntentForOnePost(Context context, int postId, boo
         resultIntent.putExtra(POST_ID_EXTRA, postId);
         resultIntent.putExtra(IS_PAGE_EXTRA, isPage);
         resultIntent.putExtra(ARG_NOTIFICATION_TYPE, NotificationType.PENDING_DRAFTS);
-        PendingIntent pendingIntent = PendingIntent
-                .getActivity(context, BASE_REQUEST_CODE + PendingDraftsNotificationsUtils
-                                     .makePendingDraftNotificationId(postId),
-                             resultIntent, PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_UPDATE_CURRENT);
+        PendingIntent pendingIntent = PendingIntent.getActivity(
+                context,
+                BASE_REQUEST_CODE + PendingDraftsNotificationsUtils.makePendingDraftNotificationId(postId),
+                resultIntent,
+                PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_UPDATE_CURRENT | PendingIntent.FLAG_IMMUTABLE
+        );
 
         return pendingIntent;
     }
@@ -180,8 +182,7 @@ private void buildSinglePendingDraftNotification(Context context, PendingIntent
         addDismissActionForNotification(context, builder, postId, isPage);
 
         NativeNotificationsUtils.showMessageToUserWithBuilder(builder, message, false,
-                                                              PendingDraftsNotificationsUtils
-                                                                      .makePendingDraftNotificationId(postId), context);
+                PendingDraftsNotificationsUtils.makePendingDraftNotificationId(postId), context);
         mSystemNotificationsTracker.trackShownNotification(NotificationType.PENDING_DRAFTS);
     }
 
@@ -194,52 +195,52 @@ private void addOpenDraftActionForNotification(Context context, NotificationComp
         openDraftIntent.putExtra(IS_PAGE_EXTRA, isPage);
         openDraftIntent.putExtra(ARG_NOTIFICATION_TYPE, NotificationType.PENDING_DRAFTS);
 
-        PendingIntent pendingIntent = PendingIntent
-                .getActivity(context,
-                             // need to add + 2 so the request code is different, otherwise they overlap
-                             BASE_REQUEST_CODE + 1 + PendingDraftsNotificationsUtils
-                                     .makePendingDraftNotificationId(postId),
-                             openDraftIntent,
-                             PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_UPDATE_CURRENT);
-        builder.addAction(R.drawable.ic_pencil_white_24dp, context.getText(R.string.edit),
-                          pendingIntent);
+        PendingIntent pendingIntent = PendingIntent.getActivity(
+                context,
+                // need to add + 1 so the request code is different, otherwise they overlap
+                BASE_REQUEST_CODE + 1 + PendingDraftsNotificationsUtils.makePendingDraftNotificationId(postId),
+                openDraftIntent,
+                PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_UPDATE_CURRENT | PendingIntent.FLAG_IMMUTABLE
+        );
+        builder.addAction(R.drawable.ic_pencil_white_24dp, context.getText(R.string.edit), pendingIntent);
     }
 
     private void addIgnoreActionForNotification(Context context, NotificationCompat.Builder builder, int postId,
                                                 boolean isPage) {
         // Call processing service when user taps on IGNORE - we should remember this decision for this post
         Intent ignoreIntent = new Intent(context, NotificationsProcessingService.class);
         ignoreIntent.putExtra(NotificationsProcessingService.ARG_ACTION_TYPE,
-                              NotificationsProcessingService.ARG_ACTION_DRAFT_PENDING_IGNORE);
+                NotificationsProcessingService.ARG_ACTION_DRAFT_PENDING_IGNORE);
         ignoreIntent.putExtra(POST_ID_EXTRA, postId);
         ignoreIntent.putExtra(IS_PAGE_EXTRA, isPage);
         ignoreIntent.putExtra(ARG_NOTIFICATION_TYPE, NotificationType.PENDING_DRAFTS);
-        PendingIntent ignorePendingIntent = PendingIntent
-                .getService(context,
-                            // need to add + 2 so the request code is different, otherwise they overlap
-                            BASE_REQUEST_CODE + 2
-                            + PendingDraftsNotificationsUtils.makePendingDraftNotificationId(postId),
-                            ignoreIntent, PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_UPDATE_CURRENT);
-        builder.addAction(R.drawable.ic_close_white_24dp, context.getText(R.string.ignore),
-                          ignorePendingIntent);
+        PendingIntent ignorePendingIntent = PendingIntent.getService(
+                context,
+                // need to add + 2 so the request code is different, otherwise they overlap
+                BASE_REQUEST_CODE + 2 + PendingDraftsNotificationsUtils.makePendingDraftNotificationId(postId),
+                ignoreIntent,
+                PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_UPDATE_CURRENT | PendingIntent.FLAG_IMMUTABLE
+        );
+        builder.addAction(R.drawable.ic_close_white_24dp, context.getText(R.string.ignore), ignorePendingIntent);
     }
 
     private void addDismissActionForNotification(Context context, NotificationCompat.Builder builder, int postId,
                                                  boolean isPage) {
         // Call processing service when notification is dismissed
         Intent notificationDeletedIntent = new Intent(context, NotificationsProcessingService.class);
         notificationDeletedIntent.putExtra(NotificationsProcessingService.ARG_ACTION_TYPE,
-                                           NotificationsProcessingService.ARG_ACTION_DRAFT_PENDING_DISMISS);
+                NotificationsProcessingService.ARG_ACTION_DRAFT_PENDING_DISMISS);
         notificationDeletedIntent.putExtra(POST_ID_EXTRA, postId);
         notificationDeletedIntent.putExtra(IS_PAGE_EXTRA, isPage);
         notificationDeletedIntent.putExtra(NotificationsProcessingService.ARG_NOTIFICATION_TYPE,
                 NotificationType.PENDING_DRAFTS);
-        PendingIntent dismissPendingIntent = PendingIntent
-                .getService(context,
-                            // need to add + 3 so the request code is different, otherwise they overlap
-                            BASE_REQUEST_CODE + 3
-                            + PendingDraftsNotificationsUtils.makePendingDraftNotificationId(postId),
-                            notificationDeletedIntent, PendingIntent.FLAG_CANCEL_CURRENT);
+        PendingIntent dismissPendingIntent = PendingIntent.getService(
+                context,
+                // need to add + 3 so the request code is different, otherwise they overlap
+                BASE_REQUEST_CODE + 3 + PendingDraftsNotificationsUtils.makePendingDraftNotificationId(postId),
+                notificationDeletedIntent,
+                PendingIntent.FLAG_CANCEL_CURRENT | PendingIntent.FLAG_IMMUTABLE
+        );
         builder.setDeleteIntent(dismissPendingIntent);
     }
 }