使用AccountManager和AbstractAccountAuthenticator建立账户系统

使用AccountManager和AbstractAccountAuthenticator建立账户系统

使用AccountManager和AbstractAccountAuthenticator建立账户系统
为什么要使用AccountManager和AccountAuthenticatr

AccountManager和Authenticator之间的关系

使用AccountManager管理账号

创建Authenticator

源码分析

为什么要使用AccountManager和AccountAuthenticatr

建立账户管理系统，可以使用SharedPreference来存储、更新、删除AuthToken，也可以用来存储、更新、删除账户和密码。既然这样，为什么还要使用AccountManager和AccountAuthenticator?

原因有一下几点：

1.AccountManager是Android系统提供的账户管理框架，十分强大和方便，可以管理不同类型账户，不同类型AuthenToken

2.AccountAuthenticator把账户的验证过程、AuthToken的获取过程分离出来，降低程序的耦合性

3.使用AccountAuthenticator会在”设置”中添加一个账户入口，感觉很酷炫。

AccountManager和Authenticator之间的关系

AccountManager和Authenticator的方法相对应，比如，AccountManager的addAccount()方法会调用Authenticator的addAccount()方法，Authenticator的方法会返回一个Bundle给AccountManager处理。具体细节后面会介绍。

使用AccountManager管理账号

顾名思义，AccountManager是用来管理用户账户。使用AccountManager有两个要点：Bundle key常量的含义、如何使用账户管理方法。

AccountManager定义了许多Bundle Key常量，可以用作Intent的key用于Activity之间传递参数；也可以作为Authenticator返回Bundle的Key，这种情况，AccountManager会根据Key的情况作出相应操作，比如，跳转到验证身份页面，返回Accont Type,AuthToken,Account Name(getAuthenToken()有返回AuthToken时必须返回Account Type和Account Name，不然会提示“the type and name should not be empty”)等。

介绍一些常用Bundle key:

Key	含义
AccountManager.KEY_ACCOUNT_AUTHENTICATOR_RESPONSE	可以调用onResult()和onError()来相应用户提供的信息
AccountManager.KEY_INTENT	开启新Activity和用户进行交互
AccountManager.KEY_AUTHTOKEN	令牌
AccountManager.KEY_ACCOUNT_TYPE	账户类型
AccountManager.KEY_ACCOUNT_NAME	账户名
AccountManager.KEY_ERROR_CODE	错误码(必须大于0)
AccountManager.KEY_ERROR_MESSAGE	错误信息(必须和错误码一起使用)

介绍一些常用AccountManager管理账户方法：

获取AuthToken：

@param account 账户
@param authTokenType token类型
@param options 额外的数据
@param activity 用来开启另外的Activity
@param callback 结果回调
@param 回调的线程，null时为主线程
public AccountManagerFuture<Bundle> getAuthToken(
final Account account, final String authTokenType, final Bundle options,
final Activity activity, AccountManagerCallback<Bundle> callback, Handler handler)

获取账户列表：

@param type 账户列表类型
public Account[] getAccountsByType(String type)

从AccountManager的缓存中移除AuthToken:

@param accountType 账户类型
@param authToken 令牌
public void invalidateAuthToken(final String accountType, final String authToken)

获取密码：

@param account 账户
public String getPassword(final Account account)

接下来是重点，创建自己的Authenticator，用来验证用户信息或者与从服务器获取信息。

创建Authenticator

步骤：

1.继承AbstractAcccountAuthenticator

2.重写addAccount(),getAuthenToken()方法。如果有需要还可以重写其他方法

重写addAccount()方法：

@Override
public Bundle addAccount(AccountAuthenticatorResponse response, String accountType, String authTokenType, String[] requiredFeatures, Bundle options) throws NetworkErrorException {
Intent intent=new Intent(mContext,AuthenticatorActivity.class);
intent.putExtra(AccountManager.KEY_ACCOUNT_AUTHENTICATOR_RESPONSE,response);
Bundle bundle=new Bundle();
bundle.putParcelable(AccountManager.KEY_INTENT,intent);
return bundle;
}

重写getAuthenToken()方法，要注意，如果之前成功获取过AuthenToken会缓存，之后不会在调用getAuthenToken()方法，除非调用invalidateAuthenToken()：

@Override
public Bundle getAuthToken(AccountAuthenticatorResponse response, Account account, String authTokenType, Bundle options) throws NetworkErrorException {
//可以请求服务器获取token,这里为了简单直接返回
Bundle bundle;
if(!authTokenType.equals(Constants.AUTH_TOKEN_TYPE)){
bundle=new Bundle();
//没有error_code的情况,不会抛出异常
//bundle.putInt(AccountManager.KEY_ERROR_CODE,1);
bundle.putString(AccountManager.KEY_ERROR_MESSAGE,"invalid authToken");
return bundle;
}

AccountManager am=AccountManager.get(mContext);
String psw=am.getPassword(account);
if(!TextUtils.isEmpty(psw)){
//链接服务器获取token
Random random=new Random();
bundle=new Bundle();
bundle.putString(AccountManager.KEY_AUTHTOKEN,random.nextLong()+"");
//不返回name和type会报错“the type and name should not be empty”
bundle.putString(AccountManager.KEY_ACCOUNT_TYPE,account.type);
bundle.putString(AccountManager.KEY_ACCOUNT_NAME,account.name);
return bundle;
}

bundle=new Bundle();
Intent intent=new Intent(mContext,AuthenticatorActivity.class);
bundle.putParcelable(AccountManager.KEY_INTENT,intent);
intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE,account.type);
intent.putExtra(AccountManager.KEY_ACCOUNT_NAME,account.name);
intent.putExtra(AccountManager.KEY_ACCOUNT_AUTHENTICATOR_RESPONSE,response);
return bundle;
}

3.为Authenticator创建Service

public class AuthenticatorService extends Service{
private MyAuthenticator mAuthenticator=new MyAuthenticator(this);

@Nullable
@Override
public IBinder onBind(Intent intent) {
return mAuthenticator.getIBinder();
}
}

4.为了把Authenticator组件添加到账户管理框架，需要添加Metadata文件描述组件，在res/xml/目录下声明组件

<account-authenticator xmlns:android="http://schemas.android.com/apk/res/android"
android:accountType="com.lm.example.accountmanagersample"
android:icon="@drawable/ic_delete"
android:smallIcon="@drawable/ic_delete"
android:label="@string/app_name"
/>

accountType很重要，用来唯一标识Authenticator，AccountManager的方法中有accountType的参数需要和此处保持一致。

5.在Manifest文件声明之前创建的Service

<service android:name=".AuthenticatorService">
<intent-filter>
<action
android:name="android.accounts.AccountAuthenticator" />
</intent-filter>
<meta-data
android:name="android.accounts.AccountAuthenticator"
android:resource="@xml/authenticator"/>
</service>

源码分析

从源码角度分析AccountManager和Authenticator之间的关系，主要介绍AccountManager的addAccount()和getAuthToken()方法。

首先分析addAccount(),addAccount()源码如下。

/* @param accountType The type of account to add; must not be null
* @param authTokenType The type of auth token (see {@link #getAuthToken})
*     this account will need to be able to generate, null for none
* @param requiredFeatures The features (see {@link #hasFeatures}) this
*     account must have, null for none
* @param addAccountOptions Authenticator-specific options for the request,
*     may be null or empty
* @param activity The {@link Activity} context to use for launching a new
*     authenticator-defined sub-Activity to prompt the user to create an
*     account; used only to call startActivity(); if null, the prompt
*     will not be launched directly, but the necessary {@link Intent}
*     will be returned to the caller instead
* @param callback Callback to invoke when the request completes,
*     null for no callback
* @param handler {@link Handler} identifying the callback thread,
*     null for the main thread
* @return An {@link AccountManagerFuture} which resolves to a Bundle with
*     these fields if activity was specified and an account was created:
* <ul>
* <li> {@link #KEY_ACCOUNT_NAME} - the name of the account created
* <li> {@link #KEY_ACCOUNT_TYPE} - the type of the account
* </ul>
*/
public AccountManagerFuture<Bundle> addAccount(final String accountType,
final String authTokenType, final String[] requiredFeatures,
final Bundle addAccountOptions,
final Activity activity, AccountManagerCallback<Bundle> callback, Handler handler) {
if (accountType == null) throw new IllegalArgumentException("accountType is null");
final Bundle optionsIn = new Bundle();
if (addAccountOptions != null) {
optionsIn.putAll(addAccountOptions);
}
optionsIn.putString(KEY_ANDROID_PACKAGE_NAME, mContext.getPackageName());

return new AmsTask(activity, handler, callback) {
public void doWork() throws RemoteException {
mService.addAccount(mResponse, accountType, authTokenType,
requiredFeatures, activity != null, optionsIn);
}
}.start();
}

新建了个AmsTask实例，重写了dowork()方法,

doWrok()中AccountManagerService实例调用了addAccount()方法，有个参数mResponse是AmTask实例的成员变量。先看下AmsTask主要实现。

private abstract class AmsTask extends FutureTask<Bundle> implements AccountManagerFuture<Bundle> {
final IAccountManagerResponse mResponse;
final Handler mHandler;
final AccountManagerCallback<Bundle> mCallback;
final Activity mActivity;
public AmsTask(Activity activity, Handler handler, AccountManagerCallback<Bundle> callback) {
super(new Callable<Bundle>() {
public Bundle call() throws Exception {
throw new IllegalStateException("this should never be called");
}
});

mHandler = handler;
mCallback = callback;
mActivity = activity;
mResponse = new Response();
}
}

AmsTask继承FutureTask，当setException(Throwable t)被调用后，调用get()方法会抛出该异常。

AccountManagerService的addAccount()方法的主要实现如下。

@Override
public void addAccount(final IAccountManagerResponse response, final String accountType,final String authTokenType, final String[] requiredFeatures,final boolean expectActivityLaunch, final Bundle optionsIn) {
......
new Session(accounts, response, accountType, expectActivityLaunch,
true /* stripAuthTokenFromResult */, null /* accountName */,
false /* authDetailsRequired */,true /*updateLastAuthenticationTime */) {
@Override
public void run() throws RemoteException {
mAuthenticator.addAccount(this, mAccountType,                          authTokenType, requiredFeatures,options);
}

@Override
protected String toDebugString(long now) {
return super.toDebugString(now) + ", addAccount"
+ ", accountType " + accountType
+ ", requiredFeatures "
+ (requiredFeatures != null
? TextUtils.join(",", requiredFeatures)
: null);
}
}.bind();
......
}

看到重点了，Session实例重写run()方法中调用了Authenticator的addAccount()方法，并且绑定Authenticator的Service。接下来看看Authenticator的addAccount()方法(并不是我们重写的addAccount()方法)。

public void addAccount(IAccountAuthenticatorResponse response, String accountType,String authTokenType, String[] features, Bundle options)
throws RemoteException {
......
try {
final Bundle result=
AbstractAccountAuthenticator.this.addAccount(
new AccountAuthenticatorResponse(response),
accountType, authTokenType, features, options);
......
if (result != null) {
response.onResult(result);
}
} catch (Exception e) {
handleException(response, "addAccount", accountType, e);
}
}

这里才正真调用了我们重写的addAccount()方法，会返回Bundle，Session的onResult()方法会先处理Bundle，满足条件(mExpectActivityLaunch && result != null&& result.containsKey(AccountManager.KEY_INTENT))还可能调用response的onError()或onResult方法，这里的onError()方法和onResult()方法是IAccountManagerResponse.Stub实现的方法。先看看Session的onResult()方法。

@Override
public void onResult(Bundle result) {
Bundle.setDefusable(result, true);
mNumResults++;
Intent intent = null;
if (result != null&& (intent = result.getParcelable(AccountManager.KEY_INTENT)) != null) {
checkKeyIntent(Binder.getCallingUid(),intent);
// Omit passwords if the caller isn't permitted to see them.
if (!mIsPasswordForwardingAllowed) {
result.remove(AccountManager.KEY_PASSWORD);
}
}
IAccountManagerResponse response;
if (mExpectActivityLaunch && result != null
&& result.containsKey(AccountManager.KEY_INTENT)) {
response = mResponse;
} else {
response = getResponseAndClose();
}
if (response == null) {
return;
}
if (result == null) {
if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG, getClass().getSimpleName() + " calling onError() on response "+ response);
}
sendErrorResponse(response,AccountManager.ERROR_CODE_INVALID_RESPONSE,"null bundle returned");
return;
}

if ((result.getInt(AccountManager.KEY_ERROR_CODE, -1) > 0) && (intent == null)) {
// All AccountManager error codes are greater
// than 0
sendErrorResponse(response,result.getInt(AccountManager.KEY_ERROR_CODE),result.getString(AccountManager.KEY_ERROR_MESSAGE));
return;
}

// Strip auth token from result.
result.remove(AccountManager.KEY_AUTHTOKEN);

if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log.v(TAG,getClass().getSimpleName() + " calling onResult() on response " + response);
}

// Get the session bundle created by authenticator. The
// bundle contains data necessary for finishing the session
// later. The session bundle will be encrypted here and
// decrypted later when trying to finish the session.
Bundle sessionBundle = result.getBundle(AccountManager.KEY_ACCOUNT_SESSION_BUNDLE);
if (sessionBundle != null) {
String accountType = sessionBundle.getString(AccountManager.KEY_ACCOUNT_TYPE);
if (TextUtils.isEmpty(accountType)
|| !mAccountType.equalsIgnoreCase(accountType)) {
Log.w(TAG, "Account type in session bundle doesn't match request.");
}
// Add accountType info to session bundle. This will
// override any value set by authenticator.
sessionBundle.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccountType);

// Encrypt session bundle before returning to caller.
try {
CryptoHelper cryptoHelper = CryptoHelper.getInstance();
Bundle encryptedBundle = cryptoHelper.encryptBundle(sessionBundle);
result.putBundle(AccountManager.KEY_ACCOUNT_SESSION_BUNDLE, encryptedBundle);
} catch (GeneralSecurityException e) {
if (Log.isLoggable(TAG, Log.DEBUG)) {
Log.v(TAG, "Failed to encrypt session bundle!", e);
}
sendErrorResponse(response, AccountManager.ERROR_CODE_INVALID_RESPONSE,
"failed to encrypt session bundle");
return;
}
}

sendResponse(response, result);
}
}

Session的onResult()方法看到KEY_ERROR_CODE大于0才会setException()。

IAccountManagerResponse.Stub的具体实现。

/** Handles the responses from the AccountManager */
private class Response extends IAccountManagerResponse.Stub {
public void onResult(Bundle bundle) {
Intent intent = bundle.getParcelable(KEY_INTENT);
if (intent != null && mActivity != null) {
// since the user provided an Activity we will silently start intents
// that we see mActivity.startActivity(intent);
// leave the Future running to wait for the real response to this request
} else if (bundle.getBoolean("retry")) {
try {
doWork();
} catch (RemoteException e) {
// this will only happen if the system process is dead, which means
// we will be dying ourselves
}
} else {
set(bundle);
}
}

public void onError(int code, String message) {
if (code == ERROR_CODE_CANCELED ||
code == ERROR_CODE_USER_RESTRICTED
|| code == ERROR_CODE_MANAGEMENT_DISABLED_FOR_ACCOUNT_TYPE) {
// the authenticator indicated that this request was canceled or we were
// forbidden to fulfill; cancel now
cancel(true /* mayInterruptIfRunning */);
return;
}
setException(convertErrorToException(code, message));
}
}

addAccount流程如图





getAhthToken的流程和addAccount流程差不多，可自行分析。

demo地址：

https://github.com/wslaimin/AccountManagerSample.git