1 /* 2 * Copyright (C) 2010 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.app.admin; 18 19 import android.accounts.AccountManager; 20 import android.annotation.SdkConstant; 21 import android.annotation.SdkConstant.SdkConstantType; 22 import android.annotation.SystemApi; 23 import android.app.Service; 24 import android.content.BroadcastReceiver; 25 import android.content.ComponentName; 26 import android.content.Context; 27 import android.content.Intent; 28 import android.net.Uri; 29 import android.os.Bundle; 30 import android.security.KeyChain; 31 32 /** 33 * Base class for implementing a device administration component. This 34 * class provides a convenience for interpreting the raw intent actions 35 * that are sent by the system. 36 * 37 * <p>The callback methods, like the base 38 * {@link BroadcastReceiver#onReceive(Context, Intent) BroadcastReceiver.onReceive()} 39 * method, happen on the main thread of the process. Thus long running 40 * operations must be done on another thread. Note that because a receiver 41 * is done once returning from its receive function, such long-running operations 42 * should probably be done in a {@link Service}. 43 * 44 * <p>When publishing your DeviceAdmin subclass as a receiver, it must 45 * handle {@link #ACTION_DEVICE_ADMIN_ENABLED} and require the 46 * {@link android.Manifest.permission#BIND_DEVICE_ADMIN} permission. A typical 47 * manifest entry would look like:</p> 48 * 49 * {@sample development/samples/ApiDemos/AndroidManifest.xml device_admin_declaration} 50 * 51 * <p>The meta-data referenced here provides addition information specific 52 * to the device administrator, as parsed by the {@link DeviceAdminInfo} class. 53 * A typical file would be:</p> 54 * 55 * {@sample development/samples/ApiDemos/res/xml/device_admin_sample.xml meta_data} 56 * 57 * <div class="special reference"> 58 * <h3>Developer Guides</h3> 59 * <p>For more information about device administration, read the 60 * <a href="{@docRoot}guide/topics/admin/device-admin.html">Device Administration</a> 61 * developer guide.</p> 62 * </div> 63 */ 64 public class DeviceAdminReceiver extends BroadcastReceiver { 65 private static String TAG = "DevicePolicy"; 66 private static boolean localLOGV = false; 67 68 /** 69 * This is the primary action that a device administrator must implement to be 70 * allowed to manage a device. This will be set to the receiver 71 * when the user enables it for administration. You will generally 72 * handle this in {@link DeviceAdminReceiver#onEnabled(Context, Intent)}. To be 73 * supported, the receiver must also require the 74 * {@link android.Manifest.permission#BIND_DEVICE_ADMIN} permission so 75 * that other applications can not abuse it. 76 */ 77 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 78 public static final String ACTION_DEVICE_ADMIN_ENABLED 79 = "android.app.action.DEVICE_ADMIN_ENABLED"; 80 81 /** 82 * Action sent to a device administrator when the user has requested to 83 * disable it, but before this has actually been done. This gives you 84 * a chance to supply a message to the user about the impact of 85 * disabling your admin, by setting the extra field 86 * {@link #EXTRA_DISABLE_WARNING} in the result Intent. If not set, 87 * no warning will be displayed. If set, the given text will be shown 88 * to the user before they disable your admin. 89 */ 90 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 91 public static final String ACTION_DEVICE_ADMIN_DISABLE_REQUESTED 92 = "android.app.action.DEVICE_ADMIN_DISABLE_REQUESTED"; 93 94 /** 95 * A CharSequence that can be shown to the user informing them of the 96 * impact of disabling your admin. 97 * 98 * @see #ACTION_DEVICE_ADMIN_DISABLE_REQUESTED 99 */ 100 public static final String EXTRA_DISABLE_WARNING = "android.app.extra.DISABLE_WARNING"; 101 102 /** 103 * Action sent to a device administrator when the user has disabled 104 * it. Upon return, the application no longer has access to the 105 * protected device policy manager APIs. You will generally 106 * handle this in {@link DeviceAdminReceiver#onDisabled(Context, Intent)}. Note 107 * that this action will be 108 * sent the receiver regardless of whether it is explicitly listed in 109 * its intent filter. 110 */ 111 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 112 public static final String ACTION_DEVICE_ADMIN_DISABLED 113 = "android.app.action.DEVICE_ADMIN_DISABLED"; 114 115 /** 116 * Action sent to a device administrator when the user has changed the 117 * password of their device. You can at this point check the characteristics 118 * of the new password with {@link DevicePolicyManager#isActivePasswordSufficient() 119 * DevicePolicyManager.isActivePasswordSufficient()}. 120 * You will generally 121 * handle this in {@link DeviceAdminReceiver#onPasswordChanged}. 122 * 123 * <p>The calling device admin must have requested 124 * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to receive 125 * this broadcast. 126 */ 127 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 128 public static final String ACTION_PASSWORD_CHANGED 129 = "android.app.action.ACTION_PASSWORD_CHANGED"; 130 131 /** 132 * Action sent to a device administrator when the user has failed at 133 * attempted to enter the password. You can at this point check the 134 * number of failed password attempts there have been with 135 * {@link DevicePolicyManager#getCurrentFailedPasswordAttempts 136 * DevicePolicyManager.getCurrentFailedPasswordAttempts()}. You will generally 137 * handle this in {@link DeviceAdminReceiver#onPasswordFailed}. 138 * 139 * <p>The calling device admin must have requested 140 * {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} to receive 141 * this broadcast. 142 */ 143 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 144 public static final String ACTION_PASSWORD_FAILED 145 = "android.app.action.ACTION_PASSWORD_FAILED"; 146 147 /** 148 * Action sent to a device administrator when the user has successfully 149 * entered their password, after failing one or more times. 150 * 151 * <p>The calling device admin must have requested 152 * {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} to receive 153 * this broadcast. 154 */ 155 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 156 public static final String ACTION_PASSWORD_SUCCEEDED 157 = "android.app.action.ACTION_PASSWORD_SUCCEEDED"; 158 159 /** 160 * Action periodically sent to a device administrator when the device password 161 * is expiring. 162 * 163 * <p>The calling device admin must have requested 164 * {@link DeviceAdminInfo#USES_POLICY_EXPIRE_PASSWORD} to receive 165 * this broadcast. 166 */ 167 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 168 public static final String ACTION_PASSWORD_EXPIRING 169 = "android.app.action.ACTION_PASSWORD_EXPIRING"; 170 171 /** 172 * Action sent to a device administrator to notify that the device is entering 173 * lock task mode. The extra {@link #EXTRA_LOCK_TASK_PACKAGE} 174 * will describe the package using lock task mode. 175 * 176 * <p>The calling device admin must be the device owner or profile 177 * owner to receive this broadcast. 178 * 179 * @see DevicePolicyManager#isLockTaskPermitted(String) 180 */ 181 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 182 public static final String ACTION_LOCK_TASK_ENTERING 183 = "android.app.action.LOCK_TASK_ENTERING"; 184 185 /** 186 * Action sent to a device administrator to notify that the device is exiting 187 * lock task mode. 188 * 189 * <p>The calling device admin must be the device owner or profile 190 * owner to receive this broadcast. 191 * 192 * @see DevicePolicyManager#isLockTaskPermitted(String) 193 */ 194 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 195 public static final String ACTION_LOCK_TASK_EXITING 196 = "android.app.action.LOCK_TASK_EXITING"; 197 198 /** 199 * A string containing the name of the package entering lock task mode. 200 * 201 * @see #ACTION_LOCK_TASK_ENTERING 202 */ 203 public static final String EXTRA_LOCK_TASK_PACKAGE = 204 "android.app.extra.LOCK_TASK_PACKAGE"; 205 206 /** 207 * Broadcast Action: This broadcast is sent to indicate that provisioning of a managed profile 208 * or managed device has completed successfully. 209 * 210 * <p>The broadcast is limited to the profile that will be managed by the application that 211 * requested provisioning. In the device owner case the profile is the primary user. 212 * The broadcast will also be limited to the {@link DeviceAdminReceiver} component 213 * specified in the original intent or NFC bump that started the provisioning process 214 * (see {@link DevicePolicyManager#ACTION_PROVISION_MANAGED_PROFILE 215 * DevicePolicyManager.ACTION_PROVISION_MANAGED_PROFILE}). 216 * 217 * <p>A device admin application which listens to this intent can find out if the device was 218 * provisioned for the device owner or profile owner case by calling respectively 219 * {@link android.app.admin.DevicePolicyManager#isDeviceOwnerApp} and 220 * {@link android.app.admin.DevicePolicyManager#isProfileOwnerApp}. You will generally handle 221 * this in {@link DeviceAdminReceiver#onProfileProvisioningComplete}. 222 * 223 * <p>Input: Nothing.</p> 224 * <p>Output: Nothing</p> 225 */ 226 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 227 public static final String ACTION_PROFILE_PROVISIONING_COMPLETE = 228 "android.app.action.PROFILE_PROVISIONING_COMPLETE"; 229 230 /** 231 * @hide 232 * Broadcast Action: This broadcast is sent to indicate that the system is ready for the device 233 * initializer to perform user setup tasks. This is only applicable to devices managed by a 234 * device owner app. 235 * 236 * <p>The broadcast will be limited to the {@link DeviceAdminReceiver} component specified in 237 * the device initializer field of the original intent or NFC bump that started the provisioning 238 * process. You will generally handle this in 239 * {@link DeviceAdminReceiver#onReadyForUserInitialization}. 240 * 241 * <p>Input: Nothing.</p> 242 * <p>Output: Nothing</p> 243 */ 244 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 245 public static final String ACTION_READY_FOR_USER_INITIALIZATION = 246 "android.app.action.READY_FOR_USER_INITIALIZATION"; 247 248 /** @hide */ 249 public static final String ACTION_CHOOSE_PRIVATE_KEY_ALIAS = "android.app.action.CHOOSE_PRIVATE_KEY_ALIAS"; 250 251 /** @hide */ 252 public static final String EXTRA_CHOOSE_PRIVATE_KEY_SENDER_UID = "android.app.extra.CHOOSE_PRIVATE_KEY_SENDER_UID"; 253 254 /** @hide */ 255 public static final String EXTRA_CHOOSE_PRIVATE_KEY_URI = "android.app.extra.CHOOSE_PRIVATE_KEY_URI"; 256 257 /** @hide */ 258 public static final String EXTRA_CHOOSE_PRIVATE_KEY_ALIAS = "android.app.extra.CHOOSE_PRIVATE_KEY_ALIAS"; 259 260 /** @hide */ 261 public static final String EXTRA_CHOOSE_PRIVATE_KEY_RESPONSE = "android.app.extra.CHOOSE_PRIVATE_KEY_RESPONSE"; 262 263 /** 264 * Broadcast action: notify device owner that there is a pending system update. 265 * @hide 266 */ 267 @SdkConstant(SdkConstantType.BROADCAST_INTENT_ACTION) 268 public static final String ACTION_NOTIFY_PENDING_SYSTEM_UPDATE = "android.app.action.NOTIFY_PENDING_SYSTEM_UPDATE"; 269 270 /** 271 * A long type extra for {@link #onSystemUpdatePending} recording the system time as given by 272 * {@link System#currentTimeMillis()} when the current pending system update is first available. 273 * @hide 274 */ 275 public static final String EXTRA_SYSTEM_UPDATE_RECEIVED_TIME = "android.app.extra.SYSTEM_UPDATE_RECEIVED_TIME"; 276 277 /** 278 * Name under which a DevicePolicy component publishes information 279 * about itself. This meta-data must reference an XML resource containing 280 * a device-admin tag. 281 */ 282 // TO DO: describe syntax. 283 public static final String DEVICE_ADMIN_META_DATA = "android.app.device_admin"; 284 285 private DevicePolicyManager mManager; 286 private ComponentName mWho; 287 288 /** 289 * Retrieve the DevicePolicyManager interface for this administrator to work 290 * with the system. 291 */ getManager(Context context)292 public DevicePolicyManager getManager(Context context) { 293 if (mManager != null) { 294 return mManager; 295 } 296 mManager = (DevicePolicyManager)context.getSystemService( 297 Context.DEVICE_POLICY_SERVICE); 298 return mManager; 299 } 300 301 /** 302 * Retrieve the ComponentName describing who this device administrator is, for 303 * use in {@link DevicePolicyManager} APIs that require the administrator to 304 * identify itself. 305 */ getWho(Context context)306 public ComponentName getWho(Context context) { 307 if (mWho != null) { 308 return mWho; 309 } 310 mWho = new ComponentName(context, getClass()); 311 return mWho; 312 } 313 314 /** 315 * Called after the administrator is first enabled, as a result of 316 * receiving {@link #ACTION_DEVICE_ADMIN_ENABLED}. At this point you 317 * can use {@link DevicePolicyManager} to set your desired policies. 318 * 319 * <p> If the admin is activated by a device owner, then the intent 320 * may contain private extras that are relevant to user setup. 321 * {@see DevicePolicyManager#createAndInitializeUser(ComponentName, String, String, 322 * ComponentName, Intent)} 323 * 324 * @param context The running context as per {@link #onReceive}. 325 * @param intent The received intent as per {@link #onReceive}. 326 */ onEnabled(Context context, Intent intent)327 public void onEnabled(Context context, Intent intent) { 328 } 329 330 /** 331 * Called when the user has asked to disable the administrator, as a result of 332 * receiving {@link #ACTION_DEVICE_ADMIN_DISABLE_REQUESTED}, giving you 333 * a chance to present a warning message to them. The message is returned 334 * as the result; if null is returned (the default implementation), no 335 * message will be displayed. 336 * @param context The running context as per {@link #onReceive}. 337 * @param intent The received intent as per {@link #onReceive}. 338 * @return Return the warning message to display to the user before 339 * being disabled; if null is returned, no message is displayed. 340 */ onDisableRequested(Context context, Intent intent)341 public CharSequence onDisableRequested(Context context, Intent intent) { 342 return null; 343 } 344 345 /** 346 * Called prior to the administrator being disabled, as a result of 347 * receiving {@link #ACTION_DEVICE_ADMIN_DISABLED}. Upon return, you 348 * can no longer use the protected parts of the {@link DevicePolicyManager} 349 * API. 350 * @param context The running context as per {@link #onReceive}. 351 * @param intent The received intent as per {@link #onReceive}. 352 */ onDisabled(Context context, Intent intent)353 public void onDisabled(Context context, Intent intent) { 354 } 355 356 /** 357 * Called after the user has changed their password, as a result of 358 * receiving {@link #ACTION_PASSWORD_CHANGED}. At this point you 359 * can use {@link DevicePolicyManager#getCurrentFailedPasswordAttempts() 360 * DevicePolicyManager.getCurrentFailedPasswordAttempts()} 361 * to retrieve the active password characteristics. 362 * @param context The running context as per {@link #onReceive}. 363 * @param intent The received intent as per {@link #onReceive}. 364 */ onPasswordChanged(Context context, Intent intent)365 public void onPasswordChanged(Context context, Intent intent) { 366 } 367 368 /** 369 * Called after the user has failed at entering their current password, as a result of 370 * receiving {@link #ACTION_PASSWORD_FAILED}. At this point you 371 * can use {@link DevicePolicyManager} to retrieve the number of failed 372 * password attempts. 373 * @param context The running context as per {@link #onReceive}. 374 * @param intent The received intent as per {@link #onReceive}. 375 */ onPasswordFailed(Context context, Intent intent)376 public void onPasswordFailed(Context context, Intent intent) { 377 } 378 379 /** 380 * Called after the user has succeeded at entering their current password, 381 * as a result of receiving {@link #ACTION_PASSWORD_SUCCEEDED}. This will 382 * only be received the first time they succeed after having previously 383 * failed. 384 * @param context The running context as per {@link #onReceive}. 385 * @param intent The received intent as per {@link #onReceive}. 386 */ onPasswordSucceeded(Context context, Intent intent)387 public void onPasswordSucceeded(Context context, Intent intent) { 388 } 389 390 /** 391 * Called periodically when the password is about to expire or has expired. It will typically 392 * be called at these times: on device boot, once per day before the password expires, 393 * and at the time when the password expires. 394 * 395 * <p>If the password is not updated by the user, this method will continue to be called 396 * once per day until the password is changed or the device admin disables password expiration. 397 * 398 * <p>The admin will typically post a notification requesting the user to change their password 399 * in response to this call. The actual password expiration time can be obtained by calling 400 * {@link DevicePolicyManager#getPasswordExpiration(ComponentName) } 401 * 402 * <p>The admin should be sure to take down any notifications it posted in response to this call 403 * when it receives {@link DeviceAdminReceiver#onPasswordChanged(Context, Intent) }. 404 * 405 * @param context The running context as per {@link #onReceive}. 406 * @param intent The received intent as per {@link #onReceive}. 407 */ onPasswordExpiring(Context context, Intent intent)408 public void onPasswordExpiring(Context context, Intent intent) { 409 } 410 411 /** 412 * Called when provisioning of a managed profile or managed device has completed successfully. 413 * 414 * <p> As a prerequisite for the execution of this callback the {@link DeviceAdminReceiver} has 415 * to declare an intent filter for {@link #ACTION_PROFILE_PROVISIONING_COMPLETE}. 416 * Its component must also be specified in the {@link DevicePolicyManager#EXTRA_DEVICE_ADMIN} 417 * of the {@link DevicePolicyManager#ACTION_PROVISION_MANAGED_PROFILE} intent that started the 418 * managed provisioning. 419 * 420 * <p>When provisioning of a managed profile is complete, the managed profile is hidden until 421 * the profile owner calls {DevicePolicyManager#setProfileEnabled(ComponentName admin)}. 422 * Typically a profile owner will enable the profile when it has finished any additional setup 423 * such as adding an account by using the {@link AccountManager} and calling apis to bring the 424 * profile into the desired state. 425 * 426 * <p> Note that provisioning completes without waiting for any server interactions, so the 427 * profile owner needs to wait for data to be available if required (e.g. android device ids or 428 * other data that is set as a result of server interactions). 429 * 430 * @param context The running context as per {@link #onReceive}. 431 * @param intent The received intent as per {@link #onReceive}. 432 */ onProfileProvisioningComplete(Context context, Intent intent)433 public void onProfileProvisioningComplete(Context context, Intent intent) { 434 } 435 436 /** 437 * Called during provisioning of a managed device to allow the device initializer to perform 438 * user setup steps. Only device initializers should override this method. 439 * 440 * <p> Called when the DeviceAdminReceiver receives an 441 * android.app.action.ACTION_READY_FOR_USER_INITIALIZATION broadcast. As a prerequisite for the 442 * execution of this callback the {@link DeviceAdminReceiver} has 443 * to declare an intent filter for android.app.action.ACTION_READY_FOR_USER_INITIALIZATION. Only 444 * the component specified in the device initializer component name field of the 445 * original intent or NFC bump that started the provisioning process will receive this callback. 446 * 447 * <p>It is not assumed that the device initializer is finished when it returns from 448 * this call, as it may do additional setup asynchronously. The device initializer must enable 449 * the current user when it has finished any additional setup (such as adding an account by 450 * using the {@link AccountManager}) in order for the user to be functional. 451 * 452 * @param context The running context as per {@link #onReceive}. 453 * @param intent The received intent as per {@link #onReceive}. 454 */ 455 @SystemApi onReadyForUserInitialization(Context context, Intent intent)456 public void onReadyForUserInitialization(Context context, Intent intent) { 457 } 458 459 /** 460 * Called when a device is entering lock task mode. 461 * 462 * @param context The running context as per {@link #onReceive}. 463 * @param intent The received intent as per {@link #onReceive}. 464 * @param pkg If entering, the authorized package using lock task mode, otherwise null. 465 */ onLockTaskModeEntering(Context context, Intent intent, String pkg)466 public void onLockTaskModeEntering(Context context, Intent intent, String pkg) { 467 } 468 469 /** 470 * Called when a device is exiting lock task mode. 471 * 472 * @param context The running context as per {@link #onReceive}. 473 * @param intent The received intent as per {@link #onReceive}. 474 */ onLockTaskModeExiting(Context context, Intent intent)475 public void onLockTaskModeExiting(Context context, Intent intent) { 476 } 477 478 /** 479 * Allows this receiver to select the alias for a private key and certificate pair for 480 * authentication. If this method returns null, the default {@link android.app.Activity} will be 481 * shown that lets the user pick a private key and certificate pair. 482 * 483 * @param context The running context as per {@link #onReceive}. 484 * @param intent The received intent as per {@link #onReceive}. 485 * @param uid The uid asking for the private key and certificate pair. 486 * @param uri The URI to authenticate, may be null. 487 * @param alias The alias preselected by the client, or null. 488 * @return The private key alias to return and grant access to. 489 * @see KeyChain#choosePrivateKeyAlias 490 */ onChoosePrivateKeyAlias(Context context, Intent intent, int uid, Uri uri, String alias)491 public String onChoosePrivateKeyAlias(Context context, Intent intent, int uid, Uri uri, 492 String alias) { 493 return null; 494 } 495 496 /** 497 * Allows the receiver to be notified when information about a pending system update is 498 * available from the system update service. The same pending system update can trigger multiple 499 * calls to this method, so it is necessary to examine the incoming parameters for details about 500 * the update. 501 * <p> 502 * This callback is only applicable to device owners. 503 * 504 * @param context The running context as per {@link #onReceive}. 505 * @param intent The received intent as per {@link #onReceive}. 506 * @param receivedTime The time as given by {@link System#currentTimeMillis()} indicating when 507 * the current pending update was first available. -1 if no pending update is available. 508 */ onSystemUpdatePending(Context context, Intent intent, long receivedTime)509 public void onSystemUpdatePending(Context context, Intent intent, long receivedTime) { 510 } 511 512 /** 513 * Intercept standard device administrator broadcasts. Implementations 514 * should not override this method; it is better to implement the 515 * convenience callbacks for each action. 516 */ 517 @Override onReceive(Context context, Intent intent)518 public void onReceive(Context context, Intent intent) { 519 String action = intent.getAction(); 520 521 if (ACTION_PASSWORD_CHANGED.equals(action)) { 522 onPasswordChanged(context, intent); 523 } else if (ACTION_PASSWORD_FAILED.equals(action)) { 524 onPasswordFailed(context, intent); 525 } else if (ACTION_PASSWORD_SUCCEEDED.equals(action)) { 526 onPasswordSucceeded(context, intent); 527 } else if (ACTION_DEVICE_ADMIN_ENABLED.equals(action)) { 528 onEnabled(context, intent); 529 } else if (ACTION_DEVICE_ADMIN_DISABLE_REQUESTED.equals(action)) { 530 CharSequence res = onDisableRequested(context, intent); 531 if (res != null) { 532 Bundle extras = getResultExtras(true); 533 extras.putCharSequence(EXTRA_DISABLE_WARNING, res); 534 } 535 } else if (ACTION_DEVICE_ADMIN_DISABLED.equals(action)) { 536 onDisabled(context, intent); 537 } else if (ACTION_PASSWORD_EXPIRING.equals(action)) { 538 onPasswordExpiring(context, intent); 539 } else if (ACTION_PROFILE_PROVISIONING_COMPLETE.equals(action)) { 540 onProfileProvisioningComplete(context, intent); 541 } else if (ACTION_CHOOSE_PRIVATE_KEY_ALIAS.equals(action)) { 542 int uid = intent.getIntExtra(EXTRA_CHOOSE_PRIVATE_KEY_SENDER_UID, -1); 543 Uri uri = intent.getParcelableExtra(EXTRA_CHOOSE_PRIVATE_KEY_URI); 544 String alias = intent.getStringExtra(EXTRA_CHOOSE_PRIVATE_KEY_ALIAS); 545 String chosenAlias = onChoosePrivateKeyAlias(context, intent, uid, uri, alias); 546 setResultData(chosenAlias); 547 } else if (ACTION_LOCK_TASK_ENTERING.equals(action)) { 548 String pkg = intent.getStringExtra(EXTRA_LOCK_TASK_PACKAGE); 549 onLockTaskModeEntering(context, intent, pkg); 550 } else if (ACTION_LOCK_TASK_EXITING.equals(action)) { 551 onLockTaskModeExiting(context, intent); 552 } else if (ACTION_READY_FOR_USER_INITIALIZATION.equals(action)) { 553 onReadyForUserInitialization(context, intent); 554 } else if (ACTION_NOTIFY_PENDING_SYSTEM_UPDATE.equals(action)) { 555 long receivedTime = intent.getLongExtra(EXTRA_SYSTEM_UPDATE_RECEIVED_TIME, -1); 556 onSystemUpdatePending(context, intent, receivedTime); 557 } 558 } 559 } 560