So far we've talked about accessing Google APIs, which use accounts and users defined by Google. If you have your own online service, though, it won't have Google accounts or users, so what do you do? It turns out to be relatively straightforward to install
new account types on a user's device. This lesson explains how to create a custom account type that works the same way as the built-in accounts do.
http://blog.csdn.net/sergeycao
Implement Your Custom Account Code
The first thing you'll need is a way to get credentials from the user. This may be as simple as a dialog box that asks for a name and a password. Or it may be a more exotic procedure like a one-time password or a biometric scan. Either way, it's your responsibility
to implement the code that:
- Collects credentials from the user
- Authenticates the credentials with the server
- Stores the credentials on the device
Typically all three of these requirements can be handled by one activity. We'll call this the authenticator activity.
Because they need to interact with the AccountManager
system, authenticator activities have certain requirements that normal activities don't. To make it easy to get things right, the Android framework supplies a base class,AccountAuthenticatorActivity
,
which you can extend to create your own custom authenticator.
How you address the first two requirements of an authenticator activity, credential collection and authentication, is completely up to you. (If there were only one way to do it, there'd be no need for "custom" account types, after all.) The third requirement
has a canonical, and rather simple, implementation:
final Account account = new Account(mUsername, your_account_type);
mAccountManager.addAccountExplicitly(account, mPassword, null);
Be Smart About Security!
It's important to understand that AccountManager
is not an encryption service or a keychain. It stores account credentials just as you pass them, inplain text. On most devices, this isn't a particular concern,
because it stores them in a database that is only accessible to root. But on a rooted device, the credentials would be readable by anyone withadb
access to the device.
With this in mind, you shouldn't pass the user's actual password to AccountManager.addAccountExplicitly()
. Instead, you should store a cryptographically secure token that would be of limited use to an attacker. If your user credentials
are protecting something valuable, you should carefully consider doing something similar.
Remember: When it comes to security code, follow the "Mythbusters" rule: don't try this at home! Consult a security professional before implementing any custom account code.
Now that the security disclaimers are out of the way, it's time to get back to work. You've already implemented the meat of your custom account code; what's left is plumbing.
Extend AbstractAccountAuthenticator
In order for the AccountManager
to work with your custom account code, you need a class that implements the interfaces thatAccountManager
expects. This class is the
authenticator class.
The easiest way to create an authenticator class is to extend AbstractAccountAuthenticator
and implement its abstract methods. If you've worked through the previous lessons, the abstract methods ofAbstractAccountAuthenticator
should look familiar: they're the opposite side of the methods you called in the previous lesson to get account information and authorization tokens.
Implementing an authenticator class properly requires a number of separate pieces of code. First,AbstractAccountAuthenticator
has seven abstract methods that you must override. Second, you need to add anintent filter
for "android.accounts.AccountAuthenticator"
to your application manifest (shown in the next section). Finally, you must supply two XML resources that define, among other things, the name of your custom account type and the icon that the system
will display next to accounts of this type.
You can find a step-by-step guide to implementing a successful authenticator class and the XML files in theAbstractAccountAuthenticator
documentation. There's also a sample implementation in theSampleSyncAdapter
sample app.
As you read through the SampleSyncAdapter code, you'll notice that several of the methods return an intent in a bundle. This is the same intent that will be used to launch your custom authenticator activity. If your authenticator activity needs any special
initialization parameters, you can attach them to the intent using Intent.putExtra()
.
Create an Authenticator Service
Now that you have an authenticator class, you need a place for it to live. Account authenticators need to be available to multiple applications and work in the background, so naturally they're required to run inside aService
.
We'll call this the authenticator service.
Your authenticator service can be very simple. All it needs to do is create an instance of your authenticator class inonCreate()
and call
getIBinder()
inonBind()
. The
SampleSyncAdapter contains a good example of an authenticator service.
Don't forget to add a <service>
tag to your manifest file and add an intent filter for the AccountAuthenticator intent and declare the account authenticator:
<service ...>
<intent-filter>
<action android:name="android.accounts.AccountAuthenticator" />
</intent-filter>
<meta-data android:name="android.accounts.AccountAuthenticator"
android:resource="@xml/authenticator" />
</service>
Distribute Your Service
You're done! The system now recognizes your account type, right alongside all the big name account types like "Google" and "Corporate." You can use theAccounts & Sync Settings page to add an account, and apps that ask for accounts of your
custom type will be able to enumerate and authenticate just as they would with any other account type.
Of course, all of this assumes that your account service is actually installed on the device. If only one app will ever access the service, then this isn't a big deal—just bundle the service in the app. But if you want your account service to be used by
more than one app, things get trickier. You don't want to bundle the service with all of your apps and have multiple copies of it taking up space on your user's device.
One solution is to place the service in one small, special-purpose APK. When an app wishes to use your custom account type, it can check the device to see if your custom account service is available. If not, it can direct the user to Google Play to download
the service. This may seem like a great deal of trouble at first, but compared with the alternative of re-entering credentials for every app that uses your custom account, it's refreshingly easy.
分享到:
相关推荐
Dojo - Creating a custom widget创建自定义小部件 https://blog.csdn.net/nmj2008/article/details/113554363 博客的配套代码
JSR303不仅提供了预定义的验证注解,如`@NotNull`, `@Min`, `@Max`等,还允许开发者创建自定义的验证约束来满足特定业务需求。这篇博客文章将带你了解如何创建自己的JSR303验证约束。 首先,让我们讨论一下JSR303...
Oracle Solaris 11.2 Creating a Custom Oracle Solaris 11.2 Installation Image-32
在创建自定义的Oracle Solaris 11.1安装映像时,这通常是为了满足特定的系统配置、安全策略或者软件需求。这个过程涉及到对默认安装镜像进行定制,以便在部署时只包含必要的组件和服务,从而提高效率,减少潜在的...
Oracle Solaris 11 创建自定义安装镜像 Oracle Solaris 11 是一个功能强大的企业级操作系统,它为各种规模的企业提供了高级的系统管理、安全性、性能和可靠性。创建自定义Oracle Solaris 11 安装镜像是为了满足特定...
创建自定义的Oracle Solaris 11.3安装镜像是系统管理员和IT专业人员为了满足特定需求和优化部署过程的重要任务。这个过程涉及到选择必要的组件、定制系统设置以及创建一个适合目标环境的定制化安装介质。 首先,...
在Symbian OS中创建自定义控件是一个深入理解操作系统和UI框架的关键步骤,这使得开发者能够根据特定需求设计和实现...阅读提供的文档《Symbian_OS_Creating_Custom_Controls_v1_0_zh_ch.pdf》将进一步深化这一理解。
GDI.plus.Programming.Creating.Custom.Controls.Using.Csharp,不用多说了,英文版的。只要一分。
本资料包“GDI+ Programming (source code) - Creating Custom Controls using C# Source Code”显然聚焦于如何利用GDI+和C#来设计和实现自定义的用户界面元素。 首先,我们要了解GDI+的基本概念。GDI+是微软提供的...
在本章节中,我们将继续探讨WorkFlow HOL实验系列中的第二部分:创建自定义活动(Creating Custom Activities)。这一节的重点在于如何利用Visual Studio 2005创建自定义活动,并将其集成到工作流中。通过学习这一...
6. **脚本自动化**:在上述的"creating a local user account.ps1"文件中,很可能包含了创建本地用户账户的完整脚本,便于批量创建或在无人值守环境中使用。 总之,通过PowerShell,我们可以方便地管理Windows系统...
标题中的“Creating Custom SharePoint Timer Jobs”主要涉及以下几个关键知识点: 1. **定义Timer Job类**: - 基于`SPJobDefinition`类创建一个自定义类,这个类包含了定时任务的基本属性和方法,如执行频率、...
根据给定文件的信息,我们可以提炼出关于在Symbian OS平台上创建自定义控件的关键知识点。以下是对这些知识点的详细解读: ### Symbian OS 创建自定义控件概述 Symbian OS 是一款专为移动设备设计的操作系统,它...
《ug1118-vivado-creating-packaging-custom-ip.pdf》文档专门针对在Vivado环境下,如何创建和打包自定义IP进行了详细说明。 ### 创建和打包自定义IP - **支持的IP打包器输入**:文档首先介绍了创建自定义IP时支持...
- **步骤8**: 选中拖入的QWidget,然后通过属性编辑器将其类型更改为`CustomWidget`。这一步骤称为“提升”,即把一个基础的QWidget转换为自定义控件。 4. **使用自定义控件**: - **步骤9**: 在`mainwindow.ui`...
在处理Web服务相关的Java应用程序时,可能会遇到一个名为“prefix cannot be 'null' when creating a QName”的异常。这个错误通常出现在尝试创建`QName`对象但提供的前缀为`null`的情况下。 ### 错误详情与解决...
《GDI+程序设计:Creating Custom Controls Using C#》是一本深入探讨GDI+技术及其在.NET Framework下应用的专业书籍。GDI+是图形设备接口(Graphics Device Interface)的增强版,是Microsoft Windows操作系统中...
Creating a Website The Missing Manual(4th) 英文epub 第4版 本资源转载自网络,如有侵权,请联系上传者或csdn删除 查看此书详细信息请在美国亚马逊官网搜索此书
「云安全」Creating_Custom_Browser_Extensions_to_Hunt_Low_Hanging_Fruits - 云安全 访问管理 应用安全 安全实践 Linux 网络安全