I need some help understanding what the account manager offers us. I have a web service which requires a token for use. For example, if a developer wants to use my api, they would use a url like:
http://myservice.com/addfriend?name=john&token=abc
The token "abc" is retrieved by the developer using oauth. So now any developer that releases an app which uses my API will have to get their users to go through the oauth flow to get their own token for their app.
Does the android account manager solve any of this? Can developers query the account manager to see if the user has already auth'd in the past, and reuse whatever token is in that central location? I don't see how this would work, take Facebook as an example. They've created their own single-sign-on module. And they probably want to give each third party app that uses them a different token for tracking. And each third party app requests a different set of permissions. I don't know that the android account manager supports any of that.
So I'm curious why facebook would create their own sso support instead of using AccountManager to handle this. Also not sure if I have use cases for AccountManager correct here, maybe it has a totally different use case.
Thank you
May have changed since I last saw this, but
AccountManager am = AccountManager.get(this);
Account[] accounts = am.getAccountsByType("com.facebook.auth.login");
am.getAuthToken
AccountManager is the way to go for registering your account apis through there. The accounts will then show up in "Accounts & Sync" in the menu. You would use
am.addAccount(String accountType, String authTokenType, String[] requiredFeatures,
Bundle addAccountOptions, Activity activity,
AccountManagerCallback<Bundle> callback, Handler handler);
AndDev link: http://developer.android.com/reference/android/accounts/AccountManager.html
Related
I have a working solution where I search for files in Google Drive and ask for Google Drive to open them using the getWebViewLink, this generates a link like this:
https://drive.google.com/file/d/0B6cgfp1Py-7SAF&SAFgASFGZGlQWEU/view?usp=drivesdk
Then I parse the link and generate an intent like this:
Intent intent = new Intent(Intent.ACTION_VIEW, Uri.parse(link));
startActivity(intent);
This works great on devices configured with one gmail account, but if the device happens to have 2 or more gmail accounts configured then Google Drive keeps always asking which account the user wants to use to open the file.
Is there anyway to suggest in the link which account to use to Google Drive?
P.S: I tried adding the following to the link to no avail
&approval_prompt=auto
or
&user_id=myemail#gmail.com
You may refer with this related thread. It stated that the redirect loop happens to users that have both a Gmail account and a Google Apps account. There are only one set of active Docs cookies at any given time. The workarounds are to either log out of the account that you are not currently trying to use for Docs access or use different browsers for each account.
Here's another reference which might help: How can I enforce GoogleApiClient to prompt account chooser UI each time I call connect?
...you must manage the account selection yourself as you can see here (for REST) or here (for GDAA)
Hope this helps!
I am facing a problem with in app purchases/subscriptions:
If there are multiple accounts on the device, I can't get the purchases, which were made with the second account.
This can sometimes be temporarily fixed, by installing the app from the Google Play web interface, but after a while, the purchases won't appear in the query, forcing the user to reinstall.
I am using the IabHelper classes from this sample.
Doing some Google searches, I found that this bug exists since a while, but unfortunately I couldn't find out if the error is in the IabHelper classes or on Google's side.
I'd like to draw attention to Google, so they provide a proper fix for this, either in the IabHelper classes or in the Play Services or to provide information, how this should be handled.
I am using the code in an app with (at the time of writing) 900.000 active user installs and I have to trigger quite a lot of refunds, due to this.
If there is a fix for this, which I missed, please let me know.
Edit:
Sometimes it's not possible at all to retrieve the purchases, even if there is only one account on the phone.
It seems like there isn't a one way road to solve this, but let's try do this.
When the user first install the app get his/her primary email or all accounts on the device
Ask the user what email will they be using for future payment/ or which account is active for google play.
you can use this code to get the account
Pattern emailPattern = Patterns.EMAIL_ADDRESS; // API level 8+
Account[] accounts = AccountManager.get(context).getAccounts();
for (Account account : accounts) {
if (emailPattern.matcher(account.name).matches()) {
String possibleEmail = account.name;
...
}
}
Don't forget to ask for permission
<uses-permission android:name="android.permission.GET_ACCOUNTS" />
After the user selects the email, you can send a link via email to confirm this email address
Lead all the payment to that specific email.
Method 2
Use the new "Send & Receive money using Gmail" future
Create a email intent and send specific data to the email intent and make payments.
Upon success, send a code to the user email
Use the code to activate whatever purchased they make.
Method 3
Use another payment library or gateway for your in app purchase instead of Google play.
As others have noted, this is a bug with the Google Play Billing Library. If it affects you, star this issue on https://issuetracker.google.com/issues/139597485 so Google can notice it (really?) and start working on a fix.
It is sure a bug in the in-app billing service apis. This is a similar question and as mentioned in one of the answers, may be you need to introduce login mechanism and store the purchases made from an account to your server or locally on the device in an encrypted file or something similar.
I had ran into same problem couple of months later.
After hours of finding solutions and all i came up with a work around something like this,
You can use OAuth 2.0.
But you also have to manage it from your backend.
I am not a backend developer so i didnt know how exactly it does in backend but at app side i have done something like this,
You can use the first Google account allowing authentication on your serve side. OAuth 2.0 is a tool that simplifies and get developers an easy way to allow users to access your application. The OAuthHmacSigner class does manages the authentication.
signer = new OAuthHmacSigner();
signer.clientSharedSecret = Constants.CONSUMER_SECRET;
Then the Android activity uses the following code to launch the OAuth flow :
launchOauth.setOnClickListener(new View.OnClickListener() {
public void onClick(View v) {
startActivity(new Intent().setClass(v.getContext(),
PrepareRequestTokenActivity.class));
}
});
In order to get an OAuth 2.0 access token, you simply need to call:
AccountManager.getAuthToken()
I Hope this might help :)
I have two accounts, but one does not work. What I did is I went into android's settings, and then went into account preferences. I changed my main account from the one that does not work to the working one. Then I assigned the new account to be the main one for all of my applications, including google play. That worked for me. Sometimes, if it does not work for some reason, you can also go online and access the Google Play store from the internet.
Try to get dup...duplicate dot with file signature ending in .apk or .xcode
I'm not sure if this is the answer you're searching for, but perhaps setting up a shared Google Play Family Library would suffice. It works for up to 5 users sharing the same purchases (app, music, movies, etc), if desired.
(See: https://support.google.com/googleplay/answer/7007852?hl=en)
I am implementing a sync adapter for my app to sync with an appengine backend. On appengine I am using the built in User api for authentication. There is a post HERE that tells how to do it, however the app is listed under the gmail account. Ideally my app would be listed in the accounts. I don't want to ask the user for username and password, just use the existing google account for authentication. Has anyone done this before??
Update:
I've been working on this and it looks like I could implement the AuthenticationService and store the users account name and leave the password as an empty string. In the getAuthToken() methods I should be able to simple return the google auth token. Will post once I get further along...
Perhaps you have misunderstood the Android account system. When you go to Settings -> Accounts & Sync and add a new account what you see then is a list of account types. Often there is a relationship between account types and apps, for example Facebook accounts are used together with Facebook. Normally you would add a new account type if you have a different backend system for handling authentication etc.
If I understand you correctly, you use Google accounts but want it to appear as your own account type. That sounds wrong to me. You'll end up reimplementing the Google account handling, with little value. I believe it is simpler for users if you simply piggyback on what Google provides you with. Your app / service / content provider can be seen when clicking on the account. For example, after installing "Tasks" by "Team Task" (disclaimer: I'm not affiliated with that company) they add "Sync Tasks" to the list of data & sync options.
But if you really want to create your own account type, follow the sample Sample Sync Adapter. Look for the Authenticator code and related resources (e.g., manifest, activity layout, etc.).
This is indeed possible and I have implemented this with success but be warned it is a bit of a headache.
There is an excellent tutorial available called writing-an-android-sync-provider-part-1
... don't forget to check the follow up in part 2
Beyond this there is also an example in the Android SDK samples called SampleSyncAdapter which was invaluable in my development.
With a little hard work and a lot of coffee you should be able to get this working ;)
I was looking at the code for JumpNotes and there was one thing I just could not figure out.
JumpNotes: AccountList.java
public static final String[] GOOGLE_ACCOUNT_REQUIRED_SYNCABILITY_FEATURES =
new String[]{ "service_ah" };
This is used to get google accounts like so:
mAccountManager.getAccountsByTypeAndFeatures(SyncAdapter.GOOGLE_ACCOUNT_TYPE,
SyncAdapter.GOOGLE_ACCOUNT_REQUIRED_SYNCABILITY_FEATURES,
What is this feature "service_ah"? What does it mean?
Is there any way I can get the source for the authenticator service for google accounts on Android?
From Android Documentation:
Account features are authenticator-specific string tokens identifying
boolean account properties. For example, features are used to tell
whether Google accounts have a particular service (such as Google
Calendar or Google Talk) enabled. The feature names and their meanings
are published somewhere associated with the authenticator in question.
I didn't found any official documentation, but it seems that each feature is of the form service_code where code stands for a Google service.
From this (outdated) list of services, "ah" stands apparently for "Google Mashups Editor & Google App Engine"
This python Google account authentication example is not really helpful for you,but we can learn two things as below:
First, the connection on a google account is handled by GAE in two steps.
> This takes two calls, one to the ClientLogin service of Google Accounts,
and then a second to the login frontend of App Engine.
Second, We can find on line 101 the token "_ah", which means in this case that we enable cookies for automatic auth with the service next time he wants to auth (user data are stored into cookies to skip the first auth call).
So in your case "service_ah" means that you want the user to authenticate one time and then the authentication process should be automatically handled by the AccountManager.
I know that you can setup accounts in Android 2.0+ and thats great but as i have recently found out, it can create duplication.
My phone(Sprint HTC hero 2.1-upadate1) comes with HTC Sense and thats great, it also has Peep pre-installed and it asked me when i setup the phone to add a twitter account, and so i did. I can now open peep and it all works, perfect.
But I decided i wanted to try the Twitter for Android app. I installed it and it also asked me to create a twitter account, not good. I did create the new account and the app worked just like it was supposed to.
Then when i go into my accounts i can see that i have two twitter accounts(the same one). Is this something that can be avoided in the programming or is this something that can be fixed with the os?
I also noticed the same for the facebook account. Is there something in the SDK that can prevent this...or combine the accounts after the fact? or is this all completely up to the developers.
If its up to the developers then i would really like to see some code/documentation so i can avoid such things.
Accounts on Android have a notion of account 'types'; see AccountManager for details. For example, Google Accounts are of the type com.google. Peep and the Twitter for Android apps may be using different account types, and may not be using compatible authentication tokens (also see AccountManager and AbstractAccountAuthenticator). More on accounts and authenticators can be found in the SampleSyncAdapter SDK sample code.
The 'right' thing to do in my opinion is for developers to standardize on and document account types for services they're consuming, provide account authenticators for those account types, and then authenticate to said services using tokens obtained via AccountManager. There are also many opportunities to integrate deeper with contacts, sync, etc.