commit 6f273d49d27074107a6984ddebba4c3186bac00f
author Rafael Prado <rafaelprado@google.com> Wed Sep 25 15:23:35 2024 +0000
committer Android (Google) Code Review <android-gerrit@google.com> Wed Sep 25 15:23:35 2024 +0000
tree 7307005e7205d80c7e23c2f0e16de8e48a809a15
parent e048c46e47c1f5ad7adda0f301ecbd5504f1e99b
parent 2727b84fa2b051ce256470cb21485d4d84a0150f

Merge "Remove RESET_PASSWORD_TOKEN policy when the generated escrow token is not valid." into main

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index 407a5a6..b6a4481 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -19384,11 +19384,13 @@
                     PolicyDefinition.RESET_PASSWORD_TOKEN,
                     enforcingAdmin,
                     userId);
-            // TODO(b/369152176): Address difference in behavior regarding addEscrowToken when
-            //  compared with the else branch.
             long tokenHandle = addEscrowToken(
                     token, currentTokenHandle == null ? 0 : currentTokenHandle, userId);
             if (tokenHandle == 0) {
+                mDevicePolicyEngine.removeLocalPolicy(
+                        PolicyDefinition.RESET_PASSWORD_TOKEN,
+                        enforcingAdmin,
+                        userId);
                 return false;
             }
             mDevicePolicyEngine.setLocalPolicy(