Java – use custom accountauthenticator with multiple applications

I have two independent Android projects. One is the implementation of abstractaccountauthenticator for managing user accounts in the device, and the other is the push application that should obtain tokens from accountauthenticator and use it

The implementation of abstractaccountauthenticator is working and adds an account when called in the "account and synchronization" section of the "Settings" menu, but when I call addaccount() from the push application, I get "permission denied: checkcomponentpermission()" and the application dies there

I can't provide a lot of source code because I can't make it public, but I assure you that they work "independently"

I have searched for examples of the correct use of AccountManager from different applications, but I can't find them Freenode also had no luck

I found that starting activities from accountauthenticator (using intent. Flag_new_task and context. Startactivity (intent)) can solve the problem, but this means that addaccount() will not return to AccountManager. I don't think it will be consistent with the development guide because it breaks the process used by AccountManager Another method is to export the acitivity. ID used when requesting user credentials But I think this may be a security issue because it should be called by the AccountManager, not externally

Thank you for any comments

PS：

>All permissions are used correctly unless I need a special permission that I don't know can work across applications. > I'll ask if I can use code snippets to display the lines I'm interested in. > The first question is posted here. I hope I haven't violated (m) any rules here (I searched here with Google, but I asked because I found it useless.) > thank you.

After going deep into Google's login service and tripping over the settings class, I found what I think should be the solution:

>Don't export things. I always think that calling your implementation, service or activity to bypass the AccountManager is a security problem. > Do not use intent on the implementation of abstractaccountauthenticator FLAG_ NEW_ Task and startactivity(), because it may cause unexpected behavior

The way to achieve this is very simple. In fact:

Intent i = new Intent( Settings.ACTION_ADD_ACCOUNT );
i.putExtra( Settings.EXTRA_AUTHORITIES,new String[] { "com.exaple.yourauth" } );
contextVar.startActivity( i );

In this way, you are asked to set up a list of possible permissions to promote the new account to the bus because you want to add extra_ The authorities parameter, a string containing the permissions to be displayed, limits the options to those you want If only one matches your extra, invoke the account manager and login activity in the appropriate way

I really hope this can help anyone around

Solution

After going deep into Google's login service and tripping over the settings class, I found what I think should be the solution:

>If you do not export something, invoke the account manager and login activities in an appropriate way

I really hope this can help anyone around