Refrain from returning mutable pending intent in getShortcutIntent

Mutable PendingIntent leads to potential security vulnerabilities, this
CL makes the returning PendingIntent immutable | update current. The
recipeint cannot change the content of the PendingIntent directly, but
the owner can still update the extras of the PendingIntent.

Note: PendingIntent is internally cached in PendingIntentController, so
the owner process do have access to the PendingIntent since
LauncherAppServices called
ActivityManagerService#getPendingIntentActivityAsApp to retrieve the
PendingIntent.

Bug: 190732424
Test: atest ShortcutManagerClientApiTest
Change-Id: Ife8ad7824f061e9e20d31c96f76ceed4edb547cd