[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[polyclefsoftware]

On Jan 6, 3:01 pm, Mariano Kamp  wrote:
> > It turns out that the reason the authToken from the AccountManager
> > wasn't working was because it was expired. It was dated Dec. 9th,
> > which is probably the day I first got my authentication code working.
> > I guess it cached the authToken and has been using the same one ever
> > since.
>
> How do you know it was dated and that it was from the 9th?
> Anyway, I don't think that is the case for me. I did all my testing on the
> same day and always got a token, but that token doesn't seem to be valid.

The dev was somehow about to reverse engineer the authToken I provided
him. Presumably there's a tool for doing this...I don't know how he
did it.

> I acquire a token like this:
>
> String token = accountManager.blockingGetAuthToken(acct, "ah", false);
>
> and then try something like this:
>
> curl --header "Cookie: SID=" --header "Accept-Encoding:
> gzip" 
> "http://www.google.com/reader/atom/user/-/state/com.google/reading-list"; -D
> header | tidy -i -xml | mate
>
> And this usually returns an xml file, but only if I pass in an auth token
> from the ClientLogin. But not this time.
>
> I get those headers then:
>
> HTTP/1.1 302 Moved Temporarily
> Content-Type: text/html; charset=UTF-8
> Location:https://www.google.com/accounts/ServiceLogin?hl=en&nui=1&service=read...
> 
> Date: Wed, 06 Jan 2010 20:42:00 GMT
> Expires: Wed, 06 Jan 2010 20:42:00 GMT
> Cache-Control: private, max-age=0
> X-Content-Type-Options: nosniff
> X-XSS-Protection: 0
> X-Frame-Options: SAMEORIGIN
> Content-Length: 1381
> Server: GFE/2.0
>
> And this message in the content stream:
>
> 302 Redirection
> 
>       body {font-family: arial,sans-serif}
>       div.nav {margin-top: 1ex}
>       div.nav A {font-size: 10pt; font-family: arial,sans-serif}
>       span.nav {font-size: 10pt; font-family: arial,sans-serif; font-weight:
> bold}
>       div.nav A,span.big {font-size: 12pt; color: #cc}
>       div.nav A {font-size: 10pt; color: black}
>       A.l:link {color: #6f6f6f}
>       
>  cellspacing="0" width="100%">
>  size="10">Go face="times" color="#f3c518" size="10">o color="#0039b6" size="10">g size="10">l size="10">e  
>  
>
>  color="#ff">Error
>  
> Redirection
> Further action needs to be taken by your user agent in order to fulfill the
> request.
> 
>  bgcolor="#3366cc"> height="4">
>
>   Following the "expired" logic this should work, right?:
>
> String oldToken = accountManager.peekAuthToken(acct, "ah");
> if (oldToken != null) {
>   System.out.println("oldToken="+oldToken);
>   accountManager.invalidateAuthToken("com.google",oldToken);
>   System.out.println("invalidated.");}
>
> String sid = accountManager.blockingGetAuthToken(acct, "ah", false);
>
>   But it doesn't. Same effect. And also these two additional permissions
> (four in total then) are also needed then:

Yeah, that's basically what I did to get my code working again. I
grabbed the current token, invalidated it, and grabbed another one. It
worked for me.

I'm sorry, man. Not sure what to tell you. There might have been some
change on the Google Reader side that's mucking things up for you. Is
there a dedicated group for Google Reader? I also posted my question
on Stack Overflow, which is the Google-officially-endorsed resource
for Android questions. I didn't get a response, but you might try
there as well.

Good luck and post back here if you figure it out.
-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

Re: [android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[Mariano Kamp]

>
> It turns out that the reason the authToken from the AccountManager
> wasn't working was because it was expired. It was dated Dec. 9th,
> which is probably the day I first got my authentication code working.
> I guess it cached the authToken and has been using the same one ever
> since.
>
How do you know it was dated and that it was from the 9th?
Anyway, I don't think that is the case for me. I did all my testing on the
same day and always got a token, but that token doesn't seem to be valid.

I acquire a token like this:

String token = accountManager.blockingGetAuthToken(acct, "ah", false);

and then try something like this:

curl --header "Cookie: SID=" --header "Accept-Encoding:
gzip" "
http://www.google.com/reader/atom/user/-/state/com.google/reading-list"; -D
header | tidy -i -xml | mate

And this usually returns an xml file, but only if I pass in an auth token
from the ClientLogin. But not this time.

I get those headers then:

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
Location:
https://www.google.com/accounts/ServiceLogin?hl=en&nui=1&service=reader&continue=

Date: Wed, 06 Jan 2010 20:42:00 GMT
Expires: Wed, 06 Jan 2010 20:42:00 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Content-Length: 1381
Server: GFE/2.0

And this message in the content stream:

302 Redirection

  body {font-family: arial,sans-serif}
  div.nav {margin-top: 1ex}
  div.nav A {font-size: 10pt; font-family: arial,sans-serif}
  span.nav {font-size: 10pt; font-family: arial,sans-serif; font-weight:
bold}
  div.nav A,span.big {font-size: 12pt; color: #cc}
  div.nav A {font-size: 10pt; color: black}
  A.l:link {color: #6f6f6f}
  

Google  
 


Error
 
Redirection
Further action needs to be taken by your user agent in order to fulfill the
request.



  Following the "expired" logic this should work, right?:

String oldToken = accountManager.peekAuthToken(acct, "ah");
if (oldToken != null) {
  System.out.println("oldToken="+oldToken);
  accountManager.invalidateAuthToken("com.google",oldToken);
  System.out.println("invalidated.");
}
String sid = accountManager.blockingGetAuthToken(acct, "ah", false);

  But it doesn't. Same effect. And also these two additional permissions
(four in total then) are also needed then:






> So now the questions are: How do I clear out the cached authToken? How
> often would I need to do this? Is there a way of getting a new
> authToken that isn't going to require that the user agree to a system
> prompt every time?
>
> I'm going to try the invalidateAuthToken and updateUserCredentials
> methods. If the user is going to be prompted every time the authToken
> needs to be refreshed, using the authToken from AccountManager simply
> isn't going to be a worthwhile solution to authenticating a Google
> Service.
>
> --
> You received this message because you are subscribed to the Google
> Groups "Android Developers" group.
> To post to this group, send email to android-developers@googlegroups.com
> To unsubscribe from this group, send email to
> android-developers+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/android-developers?hl=en
>
-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[polyclefsoftware]

Well, an Android dev in Google's online office hours helped me
troubleshoot this today.

It turns out that the reason the authToken from the AccountManager
wasn't working was because it was expired. It was dated Dec. 9th,
which is probably the day I first got my authentication code working.
I guess it cached the authToken and has been using the same one ever
since.

So now the questions are: How do I clear out the cached authToken? How
often would I need to do this? Is there a way of getting a new
authToken that isn't going to require that the user agree to a system
prompt every time?

I'm going to try the invalidateAuthToken and updateUserCredentials
methods. If the user is going to be prompted every time the authToken
needs to be refreshed, using the authToken from AccountManager simply
isn't going to be a worthwhile solution to authenticating a Google
Service.
-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[Mariano Kamp]

Rory,

where did you get the "ah" information from? Is there any
documentation on the actual Google service behind this?

I checked the Android 2.0 Calendar and Contacts app and they only seem
to use a homegrown mechanism. Maybe better luck with Android 2.1?

Cheers,
Mariano

On Dec 3 2009, 9:59 pm, RoryD  wrote:
> On Nov 9, 5:00 pm, Nerdrow  wrote:
>
> > I don't know the authTokenType to pass as an input parameter.
>
> It looks like "ah" does the trick for authTokenType!
>
> If you specify true for notifyAuthFail, you'll get a notification
> posted saying "Permission Requested" that takes you to a screen where
> Android says "The listed applications are requesting permission to
> access the Google App Engine login credentials for account
> x...@gmail.com.  Do you wish to grant this permission?"  then Allow/
> Deny buttons and the name of your app.
>
> I was usingblockingGetAuthToken& it returns null for the token in
> this first case, presumably because there's no way to proceed without
> user interaction.  After you authorize the app, 
> subsequentblockingGetAuthTokencalls succeed.  I suspect non-blocking
> getAuthToken calls will properly handle this asynchronous behavior.
>
> Sweet, now I can remove all my homegrown AppEngine auth stuff :-)

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[Mariano Kamp]

Any update on this one? Does it work again?

How do you it fails?

I think I am in a similar situation. I get back an auth token, but
when using it accessing the Google Reader API it is not accepted.

On Jan 4, 12:10 am, polyclefsoftware  wrote:
> I'm about to tear my hair out. The authToken I was getting from
> AccountManager was working fine before I went away for the holidays. I
> get back home and start back into development and now the authToken I
> get from the following code is no longer valid when requesting a
> cookie:
>
> AccountManager mgr = AccountManager.get(this);
> Account[] accts = mgr.getAccountsByType("com.google");
> Account acct = accts[0];
> AccountManagerFuture accountManagerFuture = mgr.getAuthToken
> (acct, "ah", null, this, null, null);
> Bundle authTokenBundle = accountManagerFuture.getResult();
> String authToken = authTokenBundle.get
> (AccountManager.KEY_AUTHTOKEN).toString();
>
> When I went back and hard-coded in my Google username and password and
> got an authToken from "https://www.google.com/accounts/ClientLogin";,
> it worked just fine.
>
> So as far as I can tell something happened over the past week that
> rendered the authToken acquired from an Android phone using the
> AccountManager API to longer authenticate properly, at least with
> Google App Engine.
>
> Is anyone else actually using the new API for authentication? Is
> anyone else having problems? Can anyone else confirm this behavior?

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[polyclefsoftware]

I'm about to tear my hair out. The authToken I was getting from
AccountManager was working fine before I went away for the holidays. I
get back home and start back into development and now the authToken I
get from the following code is no longer valid when requesting a
cookie:

AccountManager mgr = AccountManager.get(this);
Account[] accts = mgr.getAccountsByType("com.google");
Account acct = accts[0];
AccountManagerFuture accountManagerFuture = mgr.getAuthToken
(acct, "ah", null, this, null, null);
Bundle authTokenBundle = accountManagerFuture.getResult();
String authToken = authTokenBundle.get
(AccountManager.KEY_AUTHTOKEN).toString();

When I went back and hard-coded in my Google username and password and
got an authToken from "https://www.google.com/accounts/ClientLogin";,
it worked just fine.

So as far as I can tell something happened over the past week that
rendered the authToken acquired from an Android phone using the
AccountManager API to longer authenticate properly, at least with
Google App Engine.

Is anyone else actually using the new API for authentication? Is
anyone else having problems? Can anyone else confirm this behavior?

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[polyclefsoftware]

Just tested on my Droid. That does indeed work.

Thanks!

On Dec 11, 9:25 pm, Micah  wrote:
> The application only needs permission to ask authenticators for access
> to anaccount, but when they install they don't have to say which
> accounts the app will access. Just because an app has permission to
> access your Facebookaccountdoesn't mean you want the app to have
> access to your Googleaccount.
>
> If you call:
> getAuthToken(Accountaccount, String authTokenType, Bundle
> loginOptions, Activity activity, AccountManagerCallback
> callback, Handler handler)
> instead of the other getAuthToken and supply it with your Activity
> then it should open the dialog boxes on top of the provided activity
> in the task stack.  I don't have a Droid though so I can't say for
> sure whether or not this is implemented as expected with the Google
> and Facebook authenticators.
>
> On Dec 11, 8:33 am, polyclefsoftware  wrote:
>
>
>
> > Well, if anyone is still following this thread at all...
>
> > I'm able to replicate the behavior RoryD describes, but it is still
> > less than ideal from the user's perspective. Here's what happens:
>
> > 1) The user opens the app for the first time, clicks a button to log
> > in.
> > 2)AccountManagertries to get the auth token, returns null and
> > produces a system notification.
> > 3) At this point, the user would have to return to the home screen,
> > open Notifications, select the system notification that was just
> > produced and allow the app access to their user credentials.
> > 4) The user could then relaunch the app, click a button to log in, and
> > theAccountManagerwould then be able to successfully retrieve the
> > auth token and use it to log in.
>
> > I really don't want users to have to exit my app to accept a
> > permission notification before reentering the app. Granted, they would
> > only have to do this once, but it's still extremely clunky.
>
> > A couple of questions:
>
> > 1) If we're already declaring the GET_ACCOUNTS and USE_CREDENTIALS
> > permissions in the manifest, and the user is aware of this when they
> > install the app, why the extra steps of notifying the user and forcing
> > them to allow the app to use their credentials? Isn't this overkill?
>
> > 2) Is there a way to take the user directly to the notification screen
> > when the system sends the notification, rather than have the user
> > manually navigate away from the app to the notification screen?

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[Micah]

The application only needs permission to ask authenticators for access
to an account, but when they install they don't have to say which
accounts the app will access. Just because an app has permission to
access your Facebook account doesn't mean you want the app to have
access to your Google account.

If you call:
getAuthToken(Account account, String authTokenType, Bundle
loginOptions, Activity activity, AccountManagerCallback
callback, Handler handler)
instead of the other getAuthToken and supply it with your Activity
then it should open the dialog boxes on top of the provided activity
in the task stack.  I don't have a Droid though so I can't say for
sure whether or not this is implemented as expected with the Google
and Facebook authenticators.

On Dec 11, 8:33 am, polyclefsoftware  wrote:
> Well, if anyone is still following this thread at all...
>
> I'm able to replicate the behavior RoryD describes, but it is still
> less than ideal from the user's perspective. Here's what happens:
>
> 1) The user opens the app for the first time, clicks a button to log
> in.
> 2) Account Manager tries to get the auth token, returns null and
> produces a system notification.
> 3) At this point, the user would have to return to the home screen,
> open Notifications, select the system notification that was just
> produced and allow the app access to their user credentials.
> 4) The user could then relaunch the app, click a button to log in, and
> the Account Manager would then be able to successfully retrieve the
> auth token and use it to log in.
>
> I really don't want users to have to exit my app to accept a
> permission notification before reentering the app. Granted, they would
> only have to do this once, but it's still extremely clunky.
>
> A couple of questions:
>
> 1) If we're already declaring the GET_ACCOUNTS and USE_CREDENTIALS
> permissions in the manifest, and the user is aware of this when they
> install the app, why the extra steps of notifying the user and forcing
> them to allow the app to use their credentials? Isn't this overkill?
>
> 2) Is there a way to take the user directly to the notification screen
> when the system sends the notification, rather than have the user
> manually navigate away from the app to the notification screen?

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[polyclefsoftware]

Well, if anyone is still following this thread at all...

I'm able to replicate the behavior RoryD describes, but it is still
less than ideal from the user's perspective. Here's what happens:

1) The user opens the app for the first time, clicks a button to log
in.
2) Account Manager tries to get the auth token, returns null and
produces a system notification.
3) At this point, the user would have to return to the home screen,
open Notifications, select the system notification that was just
produced and allow the app access to their user credentials.
4) The user could then relaunch the app, click a button to log in, and
the Account Manager would then be able to successfully retrieve the
auth token and use it to log in.

I really don't want users to have to exit my app to accept a
permission notification before reentering the app. Granted, they would
only have to do this once, but it's still extremely clunky.

A couple of questions:

1) If we're already declaring the GET_ACCOUNTS and USE_CREDENTIALS
permissions in the manifest, and the user is aware of this when they
install the app, why the extra steps of notifying the user and forcing
them to allow the app to use their credentials? Isn't this overkill?

2) Is there a way to take the user directly to the notification screen
when the system sends the notification, rather than have the user
manually navigate away from the app to the notification screen?

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[polyclefsoftware]

Thanks for this. I'm able to get the auth token after granting
permission to the app. Anyone have any ideas how to clear the
credential information once you have allowed an app to access them?

Uninstalling the app doesn't work, and  under Location & Security
Settings, "Clear storage" is grayed out. I'm not able to test this
functionality in the emulator...any ideas on how to clear access to
credentials without doing a factory reset?

On Dec 3, 2:59 pm, RoryD  wrote:
> On Nov 9, 5:00 pm, Nerdrow  wrote:
>
> > I don't know the authTokenType to pass as an input parameter.
>
> It looks like "ah" does the trick for authTokenType!
>
> If you specify true for notifyAuthFail, you'll get a notification
> posted saying "Permission Requested" that takes you to a screen where
> Android says "The listed applications are requesting permission to
> access the Google App Engine login credentials foraccount
> x...@gmail.com.  Do you wish to grant this permission?"  then Allow/
> Deny buttons and the name of your app.
>
> I was using blockingGetAuthToken & it returns null for the token in
> this first case, presumably because there's no way to proceed without
> user interaction.  After you authorize the app, subsequent
> blockingGetAuthToken calls succeed.  I suspect non-blocking
> getAuthToken calls will properly handle this asynchronous behavior.
>
> Sweet, now I can remove all my homegrown AppEngine auth stuff :-)

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[Micah]

I would be careful removing your own authentication code just yet.  So
far Droid is the only phone with 2.0 on it and it's uncertain that
once other phones get 2.0 whether or not they will also get the
Facebook and Google authenticators.  The emulator currently does *not*
support Facebook or Google authenticators, for example.

On Dec 3, 12:59 pm, RoryD  wrote:
> On Nov 9, 5:00 pm, Nerdrow  wrote:
>
> > I don't know the authTokenType to pass as an input parameter.
>
> It looks like "ah" does the trick for authTokenType!
>
> If you specify true for notifyAuthFail, you'll get a notification
> posted saying "Permission Requested" that takes you to a screen where
> Android says "The listed applications are requesting permission to
> access the Google App Engine login credentials for account
> x...@gmail.com.  Do you wish to grant this permission?"  then Allow/
> Deny buttons and the name of your app.
>
> I was using blockingGetAuthToken & it returns null for the token in
> this first case, presumably because there's no way to proceed without
> user interaction.  After you authorize the app, subsequent
> blockingGetAuthToken calls succeed.  I suspect non-blocking
> getAuthToken calls will properly handle this asynchronous behavior.
>
> Sweet, now I can remove all my homegrown AppEngine auth stuff :-)

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[RoryD]

On Nov 9, 5:00 pm, Nerdrow  wrote:
> I don't know the authTokenType to pass as an input parameter.

It looks like "ah" does the trick for authTokenType!

If you specify true for notifyAuthFail, you'll get a notification
posted saying "Permission Requested" that takes you to a screen where
Android says "The listed applications are requesting permission to
access the Google App Engine login credentials for account
x...@gmail.com.  Do you wish to grant this permission?"  then Allow/
Deny buttons and the name of your app.

I was using blockingGetAuthToken & it returns null for the token in
this first case, presumably because there's no way to proceed without
user interaction.  After you authorize the app, subsequent
blockingGetAuthToken calls succeed.  I suspect non-blocking
getAuthToken calls will properly handle this asynchronous behavior.

Sweet, now I can remove all my homegrown AppEngine auth stuff :-)

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[Micah]

I am working on a similar project over at:
http://code.google.com/p/google-authenticator-for-android/

The end goal is to simulate the Google Account Authenticator found on
the Droid so that developers can use Google Accounts on their AVDs, as
well as people with 2.0 phones without Google Accounts (since the
Google Account isn't part of the AOSP, like Google Maps, Gmail, etc.).

It looks like we are at *about* the same point in writing the
authenticators, ie: not very far. :P  I do have some TODO comments
throughout that talk about some of the questions that I still have as
to how things work though.

On Nov 13, 6:40 pm, Dan Dumont  wrote:
> To facilitate the discussion around this topic, I've started up a project
> over here:http://code.google.com/p/androidaccounts/
>
> If anyone is interested in
> pitching in and writing some examples, let me know so I can add you.
> The current state of the project is as far as I've gotten to understanding
> what is available so far... and I'm stumped as to why new accounts don't
> seem to persist after their creation ( as far as the AccountsTester app is
> concerned ).
> Again, any comments from google devs about usage and best-practices would be
> greatly appreciated!
>
> On Fri, Nov 13, 2009 at 7:16 PM, ddum...@gmail.com wrote:
>
>
>
> > I would also like some documentation.   The APIs are insufficient to
> > deduce any sort of real world usage...
>
> > The sources to the Dev Tools AccountsTester app would be a great
> > start it seems that they left it out of the git repo.
>
> > On Nov 13, 7:05 pm, polyclefsoftware  wrote:
> > > On Nov 13, 3:55 pm, Nerdrow  wrote:
>
> > > > A working example from the Android team would be nice :)
>
> > > No kidding.
>
> > > I'm interested in using the authentication from the user's Google
> > > account to automatically log them into a Google App Engine app. I was
> > > hoping the new AccountManager would allow this. But there are no
> > > working examples and no indication of how one might set up a dummy
> > > account on an emulator.
>
> > > Would one of the Google folks please comment on this?
>
> > --
> > You received this message because you are subscribed to the Google
> > Groups "Android Developers" group.
> > To post to this group, send email to android-developers@googlegroups.com
> > To unsubscribe from this group, send email to
> > android-developers+unsubscr...@googlegroups.com > cr...@googlegroups.com>
> > For more options, visit this group at
> >http://groups.google.com/group/android-developers?hl=en

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

Re: [android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[Dan Dumont]

To facilitate the discussion around this topic, I've started up a project
over here:
http://code.google.com/p/androidaccounts/

If anyone is interested in
pitching in and writing some examples, let me know so I can add you.
The current state of the project is as far as I've gotten to understanding
what is available so far... and I'm stumped as to why new accounts don't
seem to persist after their creation ( as far as the AccountsTester app is
concerned ).
Again, any comments from google devs about usage and best-practices would be
greatly appreciated!


On Fri, Nov 13, 2009 at 7:16 PM, ddum...@gmail.com wrote:

> I would also like some documentation.   The APIs are insufficient to
> deduce any sort of real world usage...
>
> The sources to the Dev Tools AccountsTester app would be a great
> start it seems that they left it out of the git repo.
>
>
>
> On Nov 13, 7:05 pm, polyclefsoftware  wrote:
> > On Nov 13, 3:55 pm, Nerdrow  wrote:
> >
> >
> >
> > > A working example from the Android team would be nice :)
> >
> > No kidding.
> >
> > I'm interested in using the authentication from the user's Google
> > account to automatically log them into a Google App Engine app. I was
> > hoping the new AccountManager would allow this. But there are no
> > working examples and no indication of how one might set up a dummy
> > account on an emulator.
> >
> > Would one of the Google folks please comment on this?
>
> --
> You received this message because you are subscribed to the Google
> Groups "Android Developers" group.
> To post to this group, send email to android-developers@googlegroups.com
> To unsubscribe from this group, send email to
> android-developers+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/android-developers?hl=en
>

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[ddum...@gmail.com]

I would also like some documentation.   The APIs are insufficient to
deduce any sort of real world usage...

The sources to the Dev Tools AccountsTester app would be a great
start it seems that they left it out of the git repo.



On Nov 13, 7:05 pm, polyclefsoftware  wrote:
> On Nov 13, 3:55 pm, Nerdrow  wrote:
>
>
>
> > A working example from the Android team would be nice :)
>
> No kidding.
>
> I'm interested in using the authentication from the user's Google
> account to automatically log them into a Google App Engine app. I was
> hoping the new AccountManager would allow this. But there are no
> working examples and no indication of how one might set up a dummy
> account on an emulator.
>
> Would one of the Google folks please comment on this?

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[polyclefsoftware]

On Nov 13, 3:55 pm, Nerdrow  wrote:
>
> A working example from the Android team would be nice :)

No kidding.

I'm interested in using the authentication from the user's Google
account to automatically log them into a Google App Engine app. I was
hoping the new AccountManager would allow this. But there are no
working examples and no indication of how one might set up a dummy
account on an emulator.

Would one of the Google folks please comment on this?

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[Nerdrow]

Still wants an authTokenType (not Account.type).  Here's what I tried:

final AccountManager accountManager = AccountManager.get(this);
final Account[] accounts = accountManager.getAccounts();
final int accountsCount = accounts.length;
Account account = null;
for(int i=0;i accountManagerFuture = null;
Bundle authTokenBundle = null;
try {
accountManagerFuture = accountManager.getAuthToken(account,
account.type, null, this, null, null);
authTokenBundle = accountManagerFuture.getResult();  // 
exception
thrown here
Log.d("AUTH",
"accountName="+authTokenBundle.getString
(AccountManager.KEY_ACCOUNT_NAME)+
", accountType="+authTokenBundle.getString
(AccountManager.KEY_ACCOUNT_TYPE)+
", authTokenLabel="+authTokenBundle.getString
(AccountManager.KEY_AUTH_TOKEN_LABEL)+
", authToken="+authTokenBundle.getString
(AccountManager.KEY_AUTHTOKEN)
);
} catch (OperationCanceledException e) {
e.printStackTrace();
} catch (AuthenticatorException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (RuntimeException e) {
e.printStackTrace();
}
}

For the first account in the list (which happens to be my corporate
Exchange account), you get this exception:
11-13 13:21:50.778: WARN/System.err(5092):
java.lang.IllegalArgumentException: unknown authTokenType
11-13 13:21:50.786: WARN/System.err(5092): at
android.accounts.AccountManager.convertErrorToException
(AccountManager.java:656)
11-13 13:21:50.794: WARN/System.err(5092): at
android.accounts.AccountManager.access$500(AccountManager.java:53)
11-13 13:21:50.802: WARN/System.err(5092): at
android.accounts.AccountManager$AmsTask$Response.onError
(AccountManager.java:507)
11-13 13:21:50.802: WARN/System.err(5092): at
android.accounts.IAccountManagerResponse$Stub.onTransact
(IAccountManagerResponse.java:69)
11-13 13:21:50.810: WARN/System.err(5092): at
android.os.Binder.execTransact(Binder.java:287)
11-13 13:21:50.818: WARN/System.err(5092): at
dalvik.system.NativeStart.run(Native Method)

For the 2nd account in the list (which happens to be my Facebook
acocunt), the Droid consistently crashes and reboots itself :)
11-13 13:21:53.771: ERROR/AndroidRuntime(4682): Uncaught handler:
thread android.server.ServerThread exiting due to uncaught exception
11-13 13:21:53.771: ERROR/AndroidRuntime(4682): *** EXCEPTION IN
SYSTEM PROCESS.  System will crash.
11-13 13:21:53.778: ERROR/AndroidRuntime(4682):
java.lang.RuntimeException: Unable to start activity ComponentInfo
{android/android.accounts.GrantCredentialsPermissionActivity}:
java.lang.NullPointerException
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): at
android.app.ActivityThread.performLaunchActivity(ActivityThread.java:
2454)
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): at
android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:
2470)
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): at
android.app.ActivityThread.access$2200(ActivityThread.java:119)
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): at
android.app.ActivityThread$H.handleMessage(ActivityThread.java:1821)
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): at
android.os.Handler.dispatchMessage(Handler.java:99)
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): at
android.os.Looper.loop(Looper.java:123)
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): at
com.android.server.ServerThread.run(SystemServer.java:428)
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): Caused by:
java.lang.NullPointerException
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): at
android.accounts.GrantCredentialsPermissionActivity.onCreate
(GrantCredentialsPermissionActivity.java:62)
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): at
android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:
1047)
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): at
android.app.ActivityThread.performLaunchActivity(ActivityThread.java:
2417)
11-13 13:21:53.778: ERROR/AndroidRuntime(4682): ... 6 more

Just thinking this through, I'm wondering if I'm misunderstanding the
purpose of the AccountManager, ie, should I even be able to use the
default Facebook account credentials in my app?  If you've played w/
the Facebook REST API, you're required to sign every request you make
to Facebook using your unique developer API key and a session "secret"
that gets generated when the user authenticates your app (ie, user can
elect to grant your app the ability to read wall posts, post to your
wall, etc., and later revoke those rights).  So lets say the user
grants full permission to the default Facebook app (and Account), then
I use that Account for my app;  the user doesn't even know that my app
is accessing their Facebook profile, but I get full a

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[Micah]

To reply to your more specific questions, it is my understanding that
the type you see in your log output is the type you would pass in to
most of the AccountManager functions.  The type should be a java style
universally unique name (ie: domain.subdomain.accounttype) in the form
of a string.  So if you wanted to get a Google Auth Token you would
call getAuthToken and pass in "com.google", for facebook you would
pass in "com.facebook.auth.login".

I am working on building my own account authenticator now and it's
quite a bit more work than actually getting the auth token.  Basically
anywhere on your Droid that you see Google, Facebook and Exchange you
could add your own account type, as well as allow applications by
other developers to authenticate with your service.

Here is the flow as I understand it, along with links to documentation
for each part:
http://docs.google.com/View?id=dhhtdbc7_4hhh4whg8

Basically once you have an authenticator written and installed on the
user's phone then the user would first need to create an account with
the authenticator.

One authenticator may track credentials for multiple users.  ex: I may
sign-in to the phone with two Google Accounts, then any app that needs
an auth token for "com.google" would need to prompt the user with both
accounts and ask them which one they would like to use.

Once there is one or more accounts setup with the authenticator you
would then ask the authenticator for an auth token for the desired
account.  The authenticator then may (or may not) prompt the user for
additional credentials or it may pass an intent back to the calling
application (depending on which version of getAuthToken you call) and
leave it up to the calling application to send off the credential
request intent (ex: if you are authenticating in the background it may
be better to wait for the user to switch back to your app before
prompting them, or pop-up a notification).

Once authentication is complete the calling application will get a
callback letting it know the results (auth token or failure).  The
calling application can then use that auth token to access services
provided by "com.google" (or whoever you authenticated with), likely
over an SSL connection, so the auth token isn't stolen.

On Nov 9, 5:00 pm, Nerdrow  wrote:
> I just tried this real quick on my Droid:
>
> AccountManager mgr = AccountManager.get(this);
> Account[] accts = mgr.getAccounts();
> final int count = accts.length;
> Account acct = null;
>
> for(int i=0;i   acct = accts[i];
>   Log.d("ACCT", "eclair account - name="+acct.name+",
> type="+acct.type);
>
> }
>
> These are the results (masked :))
>
> 11-09 16:13:09.143: DEBUG/ACCT(2495): eclair account -
> name=@gmail.com, type=com.google
> 11-09 16:13:09.143: DEBUG/ACCT(2495): eclair account -
> name=@.com, type=com.facebook.auth.login
> 11-09 16:13:09.143: DEBUG/ACCT(2495): eclair account -
> name=@.com, type=com.android.exchange
>
> Do you understand how to actually use the returned Account objects?
> It looks like you have to use an AccountManager instance and call the
> getAuthToken method, but this keeps failing for me since I don't know
> the authTokenType to pass as an input parameter.  The Account object
> itself has no other useful fields as far as I can tell.
>
> Related is the AbstractAccountAuthenticator, where you're supposed to
> be able to add authenticator types to appear on the phone (by default
> on the Droid you get 3, Google, Facebook, and Exchange).  Judging by
> the documentation this would allow you to integrate your app into the
> "quick contact bar" or whatever it's called, as well as use the
> ContactsContract api to facilitate contact syncing, but there's no
> examples around any of this stuff, just the documentation.  I found
> this thread about the ContactsContract, but it doesn't help if I can't
> add my authenticator 
> first:http://groups.google.com/group/android-developers/browse_thread/threa...
>
> Anyone have any ideas?
>
> On Nov 8, 9:21 pm, Micah  wrote:
>
>
>
> > In Android 2.0 there is a new android.accounts.AccountManagerclass
> > has a function getAccounts()
> > see:http://developer.android.com/reference/android/accounts/AccountManage...()
>
> > Unfortunately, as most of you know the SDK doesn't come with any of
> > the Google Apps that utilize the Google Account associated with the
> > phone (Gmail, Google Talk, Calendar, etc.).  This means that when you
> > call getAccounts in an emulator it returns an empty array.
>
> > The *hope* is that Google has modified the Google apps shipped with
> > Android 2.0 to use theAccountManagerAPI instead of whatever internal
> > and super-secret-closed system they were using before.  If this is the
> > case, then 3rd party apps can hopefully gain access to a Google Auth
> > token via theAccountManagerinstead of having to ask the user for
> > their username / password.
>
> > Unfortunately, the only phone that has android 2.0 on it to my
> > knowledge is the Motorola Droid.  So

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[Micah]

Using an already existing account is pretty easy, which means in the
case of Droid Facebook, Google and Exchange.  Writing the actual
account providers is the hard part.

I'm just coding this off the top of my head, since I haven't finished
writing an authenticator yet (and the SDK has no built-in accounts)
but something along the lines of this:

/**
NOTE: This code blocks and is the wrong way to write this if 
you are
doing it in the main thread.  In the main thread you should pass in a
callback and wait for notification of success.  For simplicity of
posting the code to this group though I have written it this way.
**/

AccountManager myAccountManager = AccountManager.get(this);
Account foundGoogleAccount;
// TODO: Do what you did to find a Google account.

AccountManagerFuture myAccountManagerFuture;
// TODO: I *think* that the Activity that getAuthToken is 
asking for
is the activity to launch the intent from, not the actual activity
that the intent will launch.  This means that the intent which leads
to a credential prompt from the user will appear on top of the passed
in Activity in the Activity stack.  However, this is not clear in the
documentation so needs testing.
// TODO: Figure out if "com.google" account type needs any
additional login options passed in.  In this call I don't pass in any
login options but every authenticator has the option of requiring
some.  I assume this would be something like an RSA one-time-password
that can't be stored, though the authenticator could also get that via
a credential prompt instead of as a login option.  It may also be used
if a user can authenticate an account with some set of optional
parameters, such as authenticate for viewing only.
myAccountManagerFuture = myAccountManager.getAuthToken
(foundGoogleAccount, "com.google", null, this, null, null);

// THE FOLLOWING CALL BLOCKS WHILE AUTHENTICATION IS DONE!  
Normally
you would wait for a callback with the result, but for simplicity we
do this instead.
Bundle myAuthTokenBundle;
try
{
myAuthTokenBundle = myAccountManagerFuture.getResult();
}
catch (OperationCanceledException e)
{
e.printStackTrace();
return;
}
catch (AuthenticatorException e)
{
e.printStackTrace();
return;
}
catch (IOException e)
{
e.printStackTrace();
return;
}

if 
(myAuthTokenBundle.getString(AccountManager.KEY_ACCOUNT_TYPE) !=
"com.google")
{
// TODO: Handle auth failure case.
return;
}

String myAccountName = myAuthTokenBundle.getString
(AccountManager.KEY_ACCOUNT_NAME);
String myAccountType = myAuthTokenBundle.getString
(AccountManager.KEY_ACCOUNT_TYPE);
// TODO: Figure out the type of auth token.  Is it always a 
String
or something?  Does it depend on the Authenticator?
Object myGoogleAuthToken = myAuthTokenBundle.get
(AccountManager.KEY_AUTHTOKEN);


On Nov 9, 5:00 pm, Nerdrow  wrote:
> I just tried this real quick on my Droid:
>
> AccountManager mgr = AccountManager.get(this);
> Account[] accts = mgr.getAccounts();
> final int count = accts.length;
> Account acct = null;
>
> for(int i=0;i   acct = accts[i];
>   Log.d("ACCT", "eclair account - name="+acct.name+",
> type="+acct.type);
>
> }
>
> These are the results (masked :))
>
> 11-09 16:13:09.143: DEBUG/ACCT(2495): eclair account -
> name=@gmail.com, type=com.google
> 11-09 16:13:09.143: DEBUG/ACCT(2495): eclair account -
> name=@.com, type=com.facebook.auth.login
> 11-09 16:13:09.143: DEBUG/ACCT(2495): eclair account -
> name=@.com, type=com.android.exchange
>
> Do you understand how to actually use the returned Account objects?
> It looks like you have to use an AccountManager instance and call the
> getAuthToken method, but this keeps failing for me since I don't know
> the authTokenType to pass as an input parameter.  The Account object
> itself has no other useful fields as far as I can tell.
>
> Related is the AbstractAccountAuthenticator, where you're supposed to
> be able to add authenticator types to appear on the phone (by default
> on the Droid you get 3, Google, Facebook, and Exchange).  Judging by
> the documentation this would allow you to integrate your app into the
> "quick contact bar" or whatever it's called, as well as use the
> ContactsContract api to facilitate contact syncing, but there's no
> examples around any of this stuff, just the documentation.  I foun

[android-developers] Re: Can someone with a Motorola Droid call AccountManager.getAccounts() please?

[Nerdrow]

I just tried this real quick on my Droid:

AccountManager mgr = AccountManager.get(this);
Account[] accts = mgr.getAccounts();
final int count = accts.length;
Account acct = null;

for(int i=0;ihttp://groups.google.com/group/android-developers/browse_thread/thread/133816827efc8eb9/a571f095d9cb0199?lnk=raot

Anyone have any ideas?

On Nov 8, 9:21 pm, Micah  wrote:
> In Android 2.0 there is a new android.accounts.AccountManagerclass
> has a function getAccounts()
> see:http://developer.android.com/reference/android/accounts/AccountManage...()
>
> Unfortunately, as most of you know the SDK doesn't come with any of
> the Google Apps that utilize the Google Account associated with the
> phone (Gmail, Google Talk, Calendar, etc.).  This means that when you
> call getAccounts in an emulator it returns an empty array.
>
> The *hope* is that Google has modified the Google apps shipped with
> Android 2.0 to use theAccountManagerAPI instead of whatever internal
> and super-secret-closed system they were using before.  If this is the
> case, then 3rd party apps can hopefully gain access to a Google Auth
> token via theAccountManagerinstead of having to ask the user for
> their username / password.
>
> Unfortunately, the only phone that has android 2.0 on it to my
> knowledge is the Motorola Droid.  So this is a call out to any
> developers that have access to that phone to please 
> callAccountManager.getAccounts and let us know whether or not there is a
> Google Account on a production android device.
>
> If not then it appears that it will be up to 3rd party developers to
> write an Authenticator (ideally a free / open sourced one) that
> returns a Google Auth token (and prompts / stores user's Google
> credentials with the android.accounts API.

-- 
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en