Address more review comments.

Resolve with an explicit direct boot awareness flag

# Conflicts:
#	binder/src/main/java/io/grpc/binder/internal/BinderTransport.java

Author: jdcormie

binder/src/androidTest/java/io/grpc/binder/internal/BinderClientTransportTest.java

@@ -394,7 +394,6 @@ public void testBlackHoleSecurityPolicyAuthTimeout() throws Exception {
     assertThat(transportStatus.getCode()).isEqualTo(Code.DEADLINE_EXCEEDED);
     assertThat(transportStatus.getDescription()).contains("1234");
     transportListener.awaitTermination();
-
     // If the transport gave up waiting on auth, it should cancel its request.
     assertThat(authRequest.isCancelled()).isTrue();
   }
@@ -409,14 +408,13 @@ public void testBlackHoleSecurityPolicyPreAuthTimeout() throws Exception {
             .setReadyTimeoutMillis(1_234)
             .build();
     transport.start(transportListener).run();
-    // Take the pre-auth request but don't respond to it, in order to trigger the ready timeout.
+    // Take the next authRequest but don't respond to it, in order to trigger the ready timeout.
     AuthRequest preAuthRequest = securityPolicy.takeNextAuthRequest(TIMEOUT_SECONDS, SECONDS);
 
     Status transportStatus = transportListener.awaitShutdown();
     assertThat(transportStatus.getCode()).isEqualTo(Code.DEADLINE_EXCEEDED);
     assertThat(transportStatus.getDescription()).contains("1234");
     transportListener.awaitTermination();
-
     // If the transport gave up waiting on auth, it should cancel its request.
     assertThat(preAuthRequest.isCancelled()).isTrue();
   }
@@ -492,11 +490,9 @@ public void testAsyncSecurityPolicyPreAuthSuccess() throws Exception {
   }
 
   @Test
-  public void testAsyncSecurityPolicyAuthCancelledUponExternalTermination() throws Exception {
+  public void testAsyncSecurityPolicyCancelledUponExternalTermination() throws Exception {
     SettableAsyncSecurityPolicy securityPolicy = new SettableAsyncSecurityPolicy();
-    transport = new BinderClientTransportBuilder()
-        .setPreAuthorizeServer(false)
-        .setSecurityPolicy(securityPolicy).build();
+    transport = new BinderClientTransportBuilder().setSecurityPolicy(securityPolicy).build();
     transport.start(transportListener).run();
     AuthRequest authRequest = securityPolicy.takeNextAuthRequest(TIMEOUT_SECONDS, SECONDS);
     transport.shutdownNow(Status.UNAVAILABLE); // 'authRequest' remains unanswered!
@@ -505,20 +501,6 @@ public void testAsyncSecurityPolicyAuthCancelledUponExternalTermination() throws
     assertThat(authRequest.isCancelled()).isTrue();
   }
 
-  @Test
-  public void testAsyncSecurityPolicyPreAuthCancelledUponExternalTermination() throws Exception {
-    SettableAsyncSecurityPolicy securityPolicy = new SettableAsyncSecurityPolicy();
-    transport = new BinderClientTransportBuilder()
-        .setPreAuthorizeServer(true)
-        .setSecurityPolicy(securityPolicy).build();
-    transport.start(transportListener).run();
-    AuthRequest preAuthRequest = securityPolicy.takeNextAuthRequest(TIMEOUT_SECONDS, SECONDS);
-    transport.shutdownNow(Status.UNAVAILABLE); // 'preAuthRequest' remains unanswered!
-    transportListener.awaitShutdown();
-    transportListener.awaitTermination();
-    assertThat(preAuthRequest.isCancelled()).isTrue();
-  }
-
   private static void startAndAwaitReady(
       BinderTransport.BinderClientTransport transport, TestTransportListener transportListener)
       throws Exception {

binder/src/main/java/io/grpc/binder/internal/Bindable.java

@@ -53,9 +53,9 @@ interface Observer {
    * <p>Resolving an untrusted address before binding to it lets you screen out problematic servers
    * before giving them a chance to run. However, note that the identity/existence of the resolved
    * Service can change between the time this method returns and the time you actually bind/connect
-   * to it. For example, suppose the target package gets uninstalled right after this method
-   * returns. In {@link Observer#onBound}, you should verify that the server you resolved is the
-   * same one you connected to.
+   * to it. For example, suppose the target package gets uninstalled or upgraded right after this
+   * method returns. In {@link Observer#onBound}, you should verify that the server you resolved is
+   * the same one you connected to.
    */
   @AnyThread
   ServiceInfo resolve() throws StatusException;

binder/src/main/java/io/grpc/binder/internal/BinderTransport.java

@@ -54,7 +54,6 @@
 import io.grpc.Status;
 import io.grpc.StatusException;
 import io.grpc.binder.AndroidComponentAddress;
-import io.grpc.binder.ApiConstants;
 import io.grpc.binder.AsyncSecurityPolicy;
 import io.grpc.binder.InboundParcelablePolicy;
 import io.grpc.binder.SecurityPolicy;
@@ -81,7 +80,6 @@
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.ScheduledFuture;
 import java.util.concurrent.atomic.AtomicInteger;
-import java.util.concurrent.atomic.AtomicLong;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import javax.annotation.Nullable;
@@ -589,7 +587,7 @@ public static final class BinderClientTransport extends BinderTransport
     @GuardedBy("this")
     @Nullable private ListenableFuture<Status> authResultFuture; // null before we check auth.
     @GuardedBy("this")
-    @Nullable private ListenableFuture<Status> preAuthResultFuture; // null before we check auth.
+    @Nullable private ListenableFuture<Status> preAuthResultFuture; // null before we pre-auth.
 
     /**
      * Constructs a new transport instance.

binder/src/main/java/io/grpc/binder/internal/ServiceBinding.java

@@ -26,6 +26,7 @@
 import android.content.pm.PackageManager;
 import android.content.pm.ResolveInfo;
 import android.content.pm.ServiceInfo;
+import android.os.Build;
 import android.os.IBinder;
 import android.os.UserHandle;
 import androidx.annotation.AnyThread;
@@ -301,10 +302,19 @@ private static List<ResolveInfo> queryIntentServicesAsUser(
   public ServiceInfo resolve() throws StatusException {
     checkState(sourceContext != null);
     PackageManager packageManager = sourceContext.getPackageManager();
+    int flags = 0;
+    if (Build.VERSION.SDK_INT >= 29) {
+      // Use the current locked/unlocked state of 'targetUserHandle' to filter <service> matches.
+      // Callers want to resolve 'bindIntent' the same way a follow-up call to bind() will. And
+      // if the target user is locked, bindService() ignores matches that can't presently be created
+      // due to directBootAware=false. Of course this filter races against a concurrent unlock, but
+      // that's no different than the other resolve/connect races our callers must already handle.
+      flags |= PackageManager.MATCH_DIRECT_BOOT_AUTO;
+    }
     ResolveInfo resolveInfo =
         targetUserHandle != null
-            ? resolveServiceAsUser(packageManager, bindIntent, 0, targetUserHandle)
-            : packageManager.resolveService(bindIntent, 0);
+            ? resolveServiceAsUser(packageManager, bindIntent, flags, targetUserHandle)
+            : packageManager.resolveService(bindIntent, flags);
     if (resolveInfo == null) {
       throw Status.UNIMPLEMENTED // Same status code as when bindService() returns false.
           .withDescription("resolveService(" + bindIntent + " / " + targetUserHandle + ") was null")

binder/src/test/java/io/grpc/binder/internal/ServiceBindingTest.java

@@ -335,7 +335,7 @@ public void testBindWithDeviceAdmin() throws Exception {
     allowBindDeviceAdminForUser(appContext, adminComponent, /* userId= */ 0);
     binding =
         newBuilder()
-            .setTargetUserHandle(UserHandle.getUserHandleForUid(/* userId= */ 0))
+            .setTargetUserHandle(UserHandle.getUserHandleForUid(/* uid= */ 0))
             .setTargetUserHandle(generateUserHandle(/* userId= */ 0))
             .setChannelCredentials(BinderChannelCredentials.forDevicePolicyAdmin(adminComponent))
             .build();