SecurityException using Chuck from AbstractAccountAuthenticator

[thirtythreeforty]

I get the following SecurityException when using Chuck from a custom authenticator implementation:

java.lang.SecurityException: Permission Denial: writing com.readystatesoftware.chuck.internal.data.ChuckContentProvider uri content://com.myapp.debug.chuck.provider/transaction from pid=0, uid=1000 requires the provider be exported, or grantUriPermission()
    at android.content.ContentProvider.enforceWritePermissionInner(ContentProvider.java:707)
    at android.content.ContentProvider$Transport.enforceWritePermission(ContentProvider.java:517)
    at android.content.ContentProvider$Transport.insert(ContentProvider.java:262)
    at android.content.ContentResolver.insert(ContentResolver.java:1539)
    at com.readystatesoftware.chuck.ChuckInterceptor.create(ChuckInterceptor.java:225)
    at com.readystatesoftware.chuck.ChuckInterceptor.intercept(ChuckInterceptor.java:167)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:45)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
    at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
    at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:125)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
    at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:200)
    at okhttp3.RealCall.execute(RealCall.java:77)
    at retrofit2.OkHttpCall.execute(OkHttpCall.java:180)
    at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall.execute(ExecutorCallAdapterFactory.java:91)
    at com.myapp.sync.MyappAuthenticator.obtainAuthToken(MyappAuthenticator.kt:118)
    at com.myapp.sync.MyappAuthenticator.getAuthToken(MyappAuthenticator.kt:70)
    at android.accounts.AbstractAccountAuthenticator$Transport.getAuthToken(AbstractAccountAuthenticator.java:244)
    at android.accounts.IAccountAuthenticator$Stub.onTransact(IAccountAuthenticator.java:113)
    at android.os.Binder.execTransact(Binder.java:674)

If I had to guess, the authenticator is running with the permissions of the AccountManager (uid=1000 strikes me as the user's account, not the app's).

Obviously, this breaks the HTTP calls; the request is never made.

[thirtythreeforty]

I can fix this by calling Binder#clearCallingIdentity at the start of my authenticator method implementation. I'm of the opinion that Chuck should do this because it is an implementation detail that Chuck uses a ContentProvider.