> represent?
AFAIK, it is a account specific value. Your implementation of
AbstractAccountAuthenticator can enforce any or no restrictions or
conventions on its use. Note, this is only my read, your mileage may
vary.
> Anyway, I'm curious about how to test the use of this API in an end-to-
> end fashion. One very tricky aspect of the account manager is its
> ability to query the user before granting access to a particular
> account. I can't seem to find any mention of how to "un-grant"
> permission for a particular application to use an account. Does
> anyone know how this is done?
Agreed, it is tricky. I've investigated and AFAIK there is no way for
your implementation of AbstractAccountAuthenticator to determine who
is calling it. I looked and Binder.getCallingUid() and
Binder.getCallingPid() are not populated with the caller's values,
CallingUid is always 1000
That leaves two options:
- some convention of your own device imposed on authTokenType
- passing options Bundle to getAuthToken() that your authenticator
can interrogate
As far as un-granting, perhaps you could either
- return authTokens of limited lifetime
- call AccountManager.removeAccount
See:
http://developer.android.com/reference/android/accounts/AccountManager.html#getAuthToken(android.accounts.Account,
java.lang.String, android.os.Bundle, android.app.Activity,
android.accounts.AccountManagerCallback<android.os.Bundle>,
android.os.Handler)
http://developer.android.com/reference/android/accounts/AbstractAccountAuthenticator.html#getAuthToken(android.accounts.AccountAuthenticatorResponse,
android.accounts.Account, java.lang.String, android.os.Bundle)
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
No comments:
Post a Comment