Add VpnManager calls to ConnectivityService

This commit adds the relevant calls to ConnectivityService for the VpnManager API to be functional Bug: 144246837 Test: VpnManagerTest updated, FrameworksNetTests passing Change-Id: I446a8595e3583a842a7f89c4f8d74526a85e311c
author: Benedict Wong <benedictwong@google.com> 2019-12-12 23:38:36 -0800
committer: Benedict Wong <benedictwong@google.com> 2020-01-30 18:55:07 -0800
commit: dc63bcc1357ddf784a6531ed0eb6b4910182d2a0 (patch)
tree: 06f4ac69104ea7f9e9f6651a6ed29dfb044ebf5e /core/java/android
parent: b4b925fc18b1fca0f14cbf082e92b92746dd1029 (diff)
1 files changed, 64 insertions, 7 deletions
diff --git a/core/java/android/net/VpnManager.java b/core/java/android/net/VpnManager.java
index f95807a14f00..e60cc81bf9d2 100644
--- a/core/java/android/net/VpnManager.java
+++ b/core/java/android/net/VpnManager.java
@@ -20,8 +20,17 @@ import static com.android.internal.util.Preconditions.checkNotNull;
 
 import android.annotation.NonNull;
 import android.annotation.Nullable;
+import android.app.Activity;
+import android.content.ComponentName;
 import android.content.Context;
 import android.content.Intent;
+import android.content.res.Resources;
+import android.os.RemoteException;
+
+import com.android.internal.net.VpnProfile;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
 
 /**
  * This class provides an interface for apps to manage platform VPN profiles
@@ -41,6 +50,15 @@ public class VpnManager {
     @NonNull private final Context mContext;
     @NonNull private final IConnectivityManager mService;
 
+    private static Intent getIntentForConfirmation() {
+        final Intent intent = new Intent();
+        final ComponentName componentName = ComponentName.unflattenFromString(
+                Resources.getSystem().getString(
+                        com.android.internal.R.string.config_customVpnConfirmDialogComponent));
+        intent.setComponent(componentName);
+        return intent;
+    }
+
     /**
      * Create an instance of the VpnManger with the given context.
      *
@@ -57,18 +75,49 @@ public class VpnManager {
     /**
      * Install a VpnProfile configuration keyed on the calling app's package name.
      *
-     * @param profile the PlatformVpnProfile provided by this package. Will override any previous
-     *     PlatformVpnProfile stored for this package.
-     * @return an intent to request user consent if needed (null otherwise).
+     * <p>This method returns {@code null} if user consent has already been granted, or an {@link
+     * Intent} to a system activity. If an intent is returned, the application should launch the
+     * activity using {@link Activity#startActivityForResult} to request user consent. The activity
+     * may pop up a dialog to require user action, and the result will come back via its {@link
+     * Activity#onActivityResult}. If the result is {@link Activity#RESULT_OK}, the user has
+     * consented, and the VPN profile can be started.
+     *
+     * @param profile the VpnProfile provided by this package. Will override any previous VpnProfile
+     *     stored for this package.
+     * @return an Intent requesting user consent to start the VPN, or null if consent is not
+     *     required based on privileges or previous user consent.
      */
     @Nullable
     public Intent provisionVpnProfile(@NonNull PlatformVpnProfile profile) {
-        throw new UnsupportedOperationException("Not yet implemented");
+        final VpnProfile internalProfile;
+
+        try {
+            internalProfile = profile.toVpnProfile();
+        } catch (GeneralSecurityException | IOException e) {
+            // Conversion to VpnProfile failed; this is an invalid profile. Both of these exceptions
+            // indicate a failure to convert a PrivateKey or X509Certificate to a Base64 encoded
+            // string as required by the VpnProfile.
+            throw new IllegalArgumentException("Failed to serialize PlatformVpnProfile", e);
+        }
+
+        try {
+            // Profile can never be null; it either gets set, or an exception is thrown.
+            if (mService.provisionVpnProfile(internalProfile, mContext.getOpPackageName())) {
+                return null;
+            }
+        } catch (RemoteException e) {
+            throw e.rethrowFromSystemServer();
+        }
+        return getIntentForConfirmation();
     }
 
     /** Delete the VPN profile configuration that was provisioned by the calling app */
     public void deleteProvisionedVpnProfile() {
-        throw new UnsupportedOperationException("Not yet implemented");
+        try {
+            mService.deleteVpnProfile(mContext.getOpPackageName());
+        } catch (RemoteException e) {
+            throw e.rethrowFromSystemServer();
+        }
     }
 
     /**
@@ -78,11 +127,19 @@ public class VpnManager {
      *     setup, or if user consent has not been granted
      */
     public void startProvisionedVpnProfile() {
-        throw new UnsupportedOperationException("Not yet implemented");
+        try {
+            mService.startVpnProfile(mContext.getOpPackageName());
+        } catch (RemoteException e) {
+            throw e.rethrowFromSystemServer();
+        }
     }
 
     /** Tear down the VPN provided by the calling app (if any) */
     public void stopProvisionedVpnProfile() {
-        throw new UnsupportedOperationException("Not yet implemented");
+        try {
+            mService.stopVpnProfile(mContext.getOpPackageName());
+        } catch (RemoteException e) {
+            throw e.rethrowFromSystemServer();
+        }
     }
 }
author	Benedict Wong <benedictwong@google.com>	2019-12-12 23:38:36 -0800
committer	Benedict Wong <benedictwong@google.com>	2020-01-30 18:55:07 -0800
commit	dc63bcc1357ddf784a6531ed0eb6b4910182d2a0 (patch)
tree	06f4ac69104ea7f9e9f6651a6ed29dfb044ebf5e /core/java/android
parent	b4b925fc18b1fca0f14cbf082e92b92746dd1029 (diff)