Android M 6.0-SecurityException尝试删除帐户 [英] Android M 6.0 - SecurityException Trying to remove accounts
问题描述
我有一个使用Android AccountManager(程序包名称:com.mycompany.accounts)的应用程序,该应用程序将帐户添加到设备并提供登录屏幕.我有另一个应用程序(com.mycomp.actualapp),它使用第一个应用程序添加/删除帐户.
I have an app that uses Android AccountManager (package name: com.mycompany.accounts), that adds accounts to the device and provides a login screen. I have another app (com.mycomp.actualapp), that uses the first app to add/remove accounts.
我可以使用清单中的以下权限在Pre Marshmallow设备上成功添加和删除帐户:
I can successfully add and remove accounts on Pre Marshmallow devices, using the following permissions in the manifest:
<uses-permission android:name="android.permission.GET_ACCOUNTS"/>
<uses-permission android:name="android.permission.MANAGE_ACCOUNTS"/>
<uses-permission android:name="android.permission.USE_CREDENTIALS"/>
使用sdk 22进行编译并以sdk 22为目标时,应自动授予这些权限.以下代码:
When compiling with sdk 22 and targetting sdk 22, these permissions should be automatically granted. The following code:
accountManager.removeAccount(getAccount(), activity, new AccountManagerCallback<Bundle>() {
@Override
public void run(AccountManagerFuture<Bundle> accountManagerFuture) {
try {
Bundle bundle = accountManagerFuture.getResult();
boolean success = bundle.getBoolean(AccountManager.KEY_BOOLEAN_RESULT);
if (success) {
Toast.makeText(activity, activity.getString(R.string.successfully_loggedout), Toast.LENGTH_LONG).show();
afterLogoutSuccess(activity);
} else {
Toast.makeText(activity.getApplicationContext(), activity.getString(R.string.failed_to_logout), Toast.LENGTH_LONG).show();
}
onLogoutListener.onLogoutFinished(success);
return;
} catch (OperationCanceledException e) {
Log.e(TAG,"Operation cancelled exception:", e);
} catch (IOException e) {
Log.e(TAG, "IOException:", e);
} catch (AuthenticatorException e) {
Log.e(TAG, "AuthenticatorException:", e);
}
onLogoutListener.onLogoutFinished(false);
}
}, null);
失败,但以下情况除外:
Fails with the following exception:
java.lang.SecurityException: uid 10057 cannot remove accounts of type: com.mycompany.accounts
at android.os.Parcel.readException(Parcel.java:1599)
at android.os.Parcel.readException(Parcel.java:1552)
at android.accounts.IAccountManager$Stub$Proxy.removeAccount(IAccountManager.java:897)
at android.accounts.AccountManager$7.doWork(AccountManager.java:900)
at android.accounts.AccountManager$AmsTask.start(AccountManager.java:1888)
at android.accounts.AccountManager.removeAccount(AccountManager.java:897)
at com.mycomp.actualapp.utils.LoginHelper$4.doInBackground(LoginHelper.java:282)
at com.mycomp.actualapputils.LoginHelper$4.doInBackground(LoginHelper.java:242)
at android.os.AsyncTask$2.call(AsyncTask.java:295)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1113)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:588)
at java.lang.Thread.run(Thread.java:818)
奇怪的是,这段代码可以在Pre Marshmallow设备上正常运行,没有任何问题.
The strange thing, is that this code runs fine on Pre Marshmallow devices without any issues.
在旁注中,我注意到使用sdk 22和目标22进行编译:转到设置>应用程序>我的应用程序(com.mycomp.actualapp)>权限",我仅看到两个权限,电话"存储".
On a side note, I noticed that compiling with sdk 22 and targeting 22: Going to "Settings > Apps > My app(com.mycomp.actualapp) > Permissions" I see only two permissions, "Phone" "Storage".
我注意到使用sdk 23和目标23进行编译:我看到三个权限,即电话",存储"和联系人".
I noticed that compiling with sdk 23 and targeting 23: I see three permissions, "Phone", "Storage" and "Contacts".
我尝试了以下操作:
-
切换为使用sdk 23进行编译-授予应用设置中的所有权限,然后尝试再次删除帐户.仍然失败,但有相同的异常.
Switching to compile with sdk 23 - grant all permissions in app settings, try remove account again. Still fails with the same exception.
使用22进行编译,并将以下权限添加到清单中.确保所有权限都被授予.仍然失败,但有相同的例外:
Compile with 22 and add the following permissions to the manifest. Make sure all permissions are granted. Still fails with the same exception:
<uses-permission android:name="android.permission.AUTHENTICATE_ACCOUNTS"/>
<uses-permission android:name="android.permission.READ_CONTACTS"/>
<uses-permission android:name="android.permission.WRITE_CONTACTS"/>
我可以在不授予其他权限的情况下获取用户帐户的用户名和令牌,但是删除帐户不起作用.我将非常感谢您的帮助!
I am able to get the users account username and token without additional permission granting, but the removing of accounts doesn't work. I would really appreciate any help!
推荐答案
我知道答案来晚了,但是我想我可以分享我的发现,以防其他任何人遇到同样的情况.
I know this is late to answer but I thought I would share my findings in case anyone else is in the same situation.
我将构建版本升级为23,而不是22,因为我无法在22上解决它.然后,我在运行时明确地请求GET_ACCOUNTS的许可,然后再尝试对它们进行任何操作. https://developer.android.com/training/permissions/requesting.html https://developer.android.com/reference/android/Manifest.Permission.html#GET_ACCOUNTS
I upgraded my build to build with 23 instead of 22 as I couldn't solve it on 22. Then I explicitly asking for the permission at runtime to GET_ACCOUNTS before trying to do anything with them. https://developer.android.com/training/permissions/requesting.html https://developer.android.com/reference/android/Manifest.permission.html#GET_ACCOUNTS
使用23进行编译的其他信息:您无需征求许可,如果该应用程序共享管理帐户的身份验证器的签名.在这种情况下,我的签名不匹配,因此我确实需要请求它.如果您在应用程序中创建一个要在应用程序中使用的帐户,则无需在运行时请求权限.
Further information for compiling with 23: You don't need to ask permission if the app shares the signature of the authenticator that manages an account. In this case, my signatures didn't match so I did need to request it. If you create an account within your app to be used within your app, you do not need to request permission at runtime.
这篇关于Android M 6.0-SecurityException尝试删除帐户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!