GoogleAuthUtil provides static utility methods to acquire OAuth2 tokens for Google accounts; and also to invalidate OAuth2 tokens.
Constant Summary
int | CHANGE_TYPE_ACCOUNT_ADDED | Change types that can be represented in an
AccountChangeEvent . |
int | CHANGE_TYPE_ACCOUNT_REMOVED | |
int | CHANGE_TYPE_ACCOUNT_RENAMED_FROM | A rename event that will contain extra data indicating the original account name. |
int | CHANGE_TYPE_ACCOUNT_RENAMED_TO | A rename event that will contain extra data indicating the new account name. |
int | GCORE_REQUEST_GOOGLE_ACCOUNTS_MIN_VERSION | |
String | GOOGLE_ACCOUNT_TYPE | Google Account type string. |
String | KEY_REQUEST_ACTIONS | |
String | KEY_REQUEST_VISIBLE_ACTIVITIES | This constant is deprecated. in GMS vFinn |
String | KEY_SUPPRESS_PROGRESS_SCREEN | Adding KEY_SUPPRESS_PROGRESS will suppress the
progress screen shown when getting a token when added as a booleantrue
option while calling
getToken(Context, String, String, Bundle) . |
String | WORK_ACCOUNT_TYPE | Android for Work Account type string. |
Public Method Summary
static void |
clearToken(Context
context,Stringtoken)
Clear the specified token in local cache with respect to the
Context .
|
staticList<AccountChangeEvent> |
getAccountChangeEvents(Context
context, int eventIndex,StringaccountName)
Gets a list of events for the given account.
|
staticString | |
staticString | |
staticString | |
staticString | |
staticString |
getToken(Context
context,StringaccountName,
String
scope)
This method is deprecated. Use
getToken(Context, Account, String) instead.
|
staticString |
getTokenWithNotification(Context
context,StringaccountName,
String
scope,Bundleextras,
String
authority,BundlesyncBundle)
This method is deprecated. Use
getTokenWithNotification(Context, Account, String, Bundle, String,
Bundle) instead.
|
staticString | |
staticString |
getTokenWithNotification(Context
context,StringaccountName,
String
scope,Bundleextras,
Intent
callback)
This method is deprecated. Use
getTokenWithNotification(Context, Account, String, Bundle, Intent)
instead.
|
staticString | |
staticString |
getTokenWithNotification(Context
context,StringaccountName,
String
scope,Bundleextras)
This method is deprecated. Use
getTokenWithNotification(Context, Account, String, Bundle)
instead.
|
staticString | |
static void |
invalidateToken(Context
context,Stringtoken)
This method is deprecated. Deprecated because calling this function
requires permissions MANAGE_ACCOUNTS and USE_CREDENTIALS. Please use
clearToken(Context, String) instead.
|
staticBundle | |
staticBoolean |
requestGoogleAccountsAccess(Context
context)
Whitelists caller in Account Manager to see accounts of
GOOGLE_ACCOUNT_TYPE .
|
Inherited Method Summary
Constants
public static final int CHANGE_TYPE_ACCOUNT_ADDED
Change types that can be represented in anAccountChangeEvent
.
public static final int CHANGE_TYPE_ACCOUNT_REMOVED
public static final int CHANGE_TYPE_ACCOUNT_RENAMED_FROM
A rename event that will contain extra data indicating the original account name.
public static final int CHANGE_TYPE_ACCOUNT_RENAMED_TO
A rename event that will contain extra data indicating the new account name.
public static final int GCORE_REQUEST_GOOGLE_ACCOUNTS_MIN_VERSION
public static finalString GOOGLE_ACCOUNT_TYPE
Google Account type string. Used for various calls toAccountManager
.
public static finalString KEY_REQUEST_ACTIONS
See Also
public static finalString KEY_REQUEST_VISIBLE_ACTIVITIES
This constant is deprecated.
in GMS vFinn
See
KEY_REQUEST_ACTIONS
.
public static finalString KEY_SUPPRESS_PROGRESS_SCREEN
Adding KEY_SUPPRESS_PROGRESS will suppress the progress screen shown when getting a
token when added as a booleantrue
option while calling
getToken(Context, String, String, Bundle)
.This is useful for apps that
provide their own splash screens on initialization.
public static finalString WORK_ACCOUNT_TYPE
Android for Work Account type string. Used for various calls toAccountManager
.
Public Methods
public static voidclearToken(Contextcontext, String token)
Clear the specified token in local cache with respect to theContext
.
Note that the context must be the same as that used to initialize the token in a
previous call to
getToken(Context, String, String)
or
getToken(Context, String, String, Bundle)
.
Parameters
context | Context of the token. |
---|---|
token | The token to clear. |
public staticList<AccountChangeEvent> getAccountChangeEvents(Contextcontext, int eventIndex,String accountName)
Gets a list of events for the given account. The result is in reverse chronological order.
Supported types of event are
CHANGE_TYPE_ACCOUNT_ADDED
,
CHANGE_TYPE_ACCOUNT_REMOVED
,
CHANGE_TYPE_ACCOUNT_RENAMED_FROM
and
CHANGE_TYPE_ACCOUNT_RENAMED_TO
.
Parameters
context | |
---|---|
eventIndex | An event index to restrict results by. If0 then all events will
be fetched. Otherwise, events greater than this index will be fetched. Callers can
store the last event index seen and use this field to limit results to only events
more recent than the ones seen prior. |
accountName | The account name to restrict the event list to. |
Throws
GoogleAuthException | |
---|---|
IOException |
public staticStringgetAccountId(Contextctx,String accountName)
Gets a stable account id for the given account name. In the event of a missing id,
user intervention may be required. In such cases, aUserRecoverableAuthException
will be thrown. To initiate the user recovery workflow, clients must start the
Intent
returned by
UserRecoverableAuthException.getIntent()
for result. Upon successfully
returning a client should invoke this method again to get an id.
Throws
GooglePlayServicesAvailabilityException | containing the appropriate connection status error code. |
---|---|
UserRecoverableAuthException | wrapping an Intent for initiating user intervention. The wrapped intent must be
called with
Activity.startActivityForResult(Intent, int) . |
GoogleAuthException | signaling a potentially unrecoverable authentication error. |
IOException | signaling a potentially transient error. |
IllegalStateException | if the method is invoked in the main event thread. |
public staticStringgetToken(Contextcontext, Account account,String scope,Bundle extras)
Gets an access token directly. There are better approaches than GoogleAuthUtil for authentication and authorization in your application:
- To authorize and use REST API in you Android app, check out:Authorizing with Google for REST APIs
- To authenticate with a backend server, use Google Sign-In API to retrieve an ID token
- To enable server-side access, use Google Sign-In API to retrieve anauth code
This method requires substantial network IO thus should be run off the UI thread.
The token returned by this call is not guaranteed to stay valid before it is used.
If using the token results in an unauthorized error, the token should be cleared from
the cache with
clearToken(Context, String)
and this call should be retried.
Be sure to handle theUserRecoverableAuthException
exception, as it is normal behavior that user interaction is required.
Parameters
context | TheContext of the caller. |
---|---|
account | The user account that the token will be associated with. |
scope | AString representing the authentication scope, prefixed with
"oauth2:". To specify multiple scopes, separate them with a space (for example,
"oauth2:scope1 scope2 scope3" ). |
extras | ABundle that contains additional information. For example,
clients that have their own splash screens can suppress the progress dialog
provided by Google Play services by setting
KEY_SUPPRESS_PROGRESS_SCREEN totrue in the
Bundle . |
Returns
- A
String
that contains a valid token.
Throws
UserRecoverableAuthException | Signaling that a user action is required (to provide consent, enter a password,
etc.). To initiate the user action, clients must start theIntent
returned by
UserRecoverableAuthException.getIntent() .Upon successfully returning a
client should invoke this method again to get a token. |
---|---|
IOException | Signaling a transient error (typically network related). It is left to clients to implement a backoff/abandonment strategy appropriate to their latency requirements. |
GooglePlayServicesAvailabilityException | Signaling that GooglePlayServices is not available. |
GoogleAuthException | Signaling an unrecoverable authentication error. These errors will typically result from client errors (e.g. providing an invalid scope). |
IllegalStateException | If the method is invoked in the main event thread. |
public staticStringgetToken(Contextcontext, StringaccountName, Stringscope, Bundle extras)
This method is deprecated.
Use
getToken(Context, Account, String, Bundle)
instead.
public staticStringgetToken(Contextcontext, StringaccountName, String scope)
This method is deprecated.
Use
getToken(Context, Account, String)
instead.
public staticStringgetTokenWithNotification(Contextcontext, StringaccountName, Stringscope, Bundleextras, Stringauthority, Bundle syncBundle)
This method is deprecated.
Use
getTokenWithNotification(Context, Account, String, Bundle, String, Bundle)
instead.
public staticStringgetTokenWithNotification(Contextcontext, Account account,String scope,Bundle extras)
Authenticates the user and returns a Google authentication token, or throws an
Exception
if
there was an error while getting the token.
This method is specifically provided for background tasks. In the event of an error that needs user intervention, this method takes care of pushing relevant notification.
The exception thrown depends upon the underlying error and support for recovery.
UserRecoverableNotifiedException
will be thrown if the error can be resolved by user intervention and a notification has
already been posted to address it.IOException
s
will be thrown if the underlying error might be solved by some intelligent retry
strategy. Alternatively,GoogleAuthException
s
represent a broad class ofException
s that
cannot be recovered programmatically.
The token returned by this call is not guaranteed to stay valid before it is used.
If using the token results in an unauthorized error, the token should be cleared from
the cache with
clearToken(Context, String)
and this call should be retried.
There are better approaches than GoogleAuthUtil for authentication and authorization in your application:
- To authorize and use REST API in you Android app, check out:Authorizing with Google for REST APIs
- To authenticate with a backend server, use Google Sign-In API to retrieve an ID token
- To enable server-side access, use Google Sign-In API to retrieve anauth code
Parameters
context | Context associated with the desired token. |
---|---|
account | Authenticating user account. |
scope | String representing the authentication scope. To specify multiple scopes, separate them with a space (for example, "oauth2:scope1 scope2 scope3" ). |
extras | Bundle containing additional information that may be relevant to the authentication scope. |
Returns
- String containing a valid token.
Throws
UserRecoverableNotifiedException | if a user addressable error occurred and a notification was pushed. |
---|---|
GoogleAuthException | signaling a potentially unrecoverable authentication error. |
IOException | signaling a potentially transient error. |
IllegalStateException | if the method is invoked in the main event thread. |
public staticStringgetTokenWithNotification(Contextcontext, StringaccountName, Stringscope, Bundleextras, Intent callback)
This method is deprecated.
Use
getTokenWithNotification(Context, Account, String, Bundle, Intent)
instead.
public staticStringgetTokenWithNotification(Contextcontext, Account account,String scope,Bundle extras,String authority,Bundle syncBundle)
Authenticates the user and returns a Google authentication token, or throws an
Exception
if
there was an error while getting the token.
This method is specifically provided for sync adaptors. In the event of an error that needs user intervention, this method takes care of pushing relevant notification. After the user addresses the notification, a sync request will be kicked off using the given params. If the user cancels then the sync is not fired.
The exception thrown depends upon the underlying error and support for recovery.
UserRecoverableNotifiedException
will be thrown if the error can be resolved by user intervention and a notification has
already been posted to address it.IOException
s
will be thrown if the underlying error might be solved by some intelligent retry
strategy. Alternatively,GoogleAuthException
s
represent a broad class ofException
s that
cannot be recovered programmatically.
The token returned by this call is not guaranteed to stay valid before it is used.
If using the token results in an unauthorized error, the token should be cleared from
the cache with
clearToken(Context, String)
and this call should be retried.
There are better approaches than GoogleAuthUtil for authentication and authorization in your application:
- To authorize and use REST API in you Android app, check out:Authorizing with Google for REST APIs
- To authenticate with a backend server, use Google Sign-In API to retrieve an ID token
- To enable server-side access, use Google Sign-In API to retrieve anauth code
Parameters
context | Context associated with the desired token. |
---|---|
account | Authenticating user account. |
scope | String representing the authentication scope. To specify multiple scopes, separate them with a space (for example, "oauth2:scope1 scope2 scope3" ). |
extras | Bundle containing additional information that may be relevant to the authentication scope. |
authority | Authority for firing a sync request. Must not be empty or null. |
syncBundle | extras for firing a sync request. This bundle must pass ContentResolver.validateSyncExtrasBundle(). If no extras are needed can a null value can be passed. |
Returns
- String containing a valid token.
Throws
UserRecoverableNotifiedException | if a user addressable error occurred and a notification was pushed. |
---|---|
GoogleAuthException | signaling a potentially unrecoverable authentication error. |
IOException | signaling a potentially transient error. |
IllegalStateException | if the method is invoked in the main event thread. |
public staticStringgetTokenWithNotification(Contextcontext, StringaccountName, Stringscope, Bundle extras)
This method is deprecated.
Use
getTokenWithNotification(Context, Account, String, Bundle)
instead.
public staticStringgetTokenWithNotification(Contextcontext, Account account,String scope,Bundle extras,Intent callback)
Authenticates the user and returns a Google authentication token, or throws an
Exception
if
there was an error while getting the token.
This method is specifically provided for background tasks. In the event of an error that needs user intervention, this method takes care of pushing relevant notification. After the user addresses the notification, the callback is broadcasted. If the user cancels then the callback is not fired.
The exception thrown depends upon the underlying error and support for recovery.
UserRecoverableNotifiedException
will be thrown if the error can be resolved by user intervention and a notification has
already been posted to address it.IOException
s
will be thrown if the underlying error might be solved by some intelligent retry
strategy. Alternatively,GoogleAuthException
s
represent a broad class ofException
s that
cannot be recovered programmatically.
The token returned by this call is not guaranteed to stay valid before it is used.
If using the token results in an unauthorized error, the token should be cleared from
the cache with
clearToken(Context, String)
and this call should be retried.
There are better approaches than GoogleAuthUtil for authentication and authorization in your application:
- To authorize and use REST API in you Android app, check out:Authorizing with Google for REST APIs
- To authenticate with a backend server, use Google Sign-In API to retrieve an ID token
- To enable server-side access, use Google Sign-In API to retrieve anauth code
Parameters
context | Context associated with the desired token. |
---|---|
account | Authenticating user account. |
scope | String representing the authentication scope. To specify multiple scopes, separate them with a space (for example, "oauth2:scope1 scope2 scope3" ). |
extras | Bundle containing additional information that may be relevant to the authentication scope. |
callback | A broadcast intent with a valid receiver that has been exported for other apps to send broadcasts to it. This intent must be serializable using toUri(Intent.URI_INTENT_SCHEME) and Intent.parseUri(intentUri, Intent.URI_INTENT_SCHEME). Cannot be null. |
Returns
- String containing a valid token.
Throws
UserRecoverableNotifiedException | if a user addressable error occurred and a notification was pushed. |
---|---|
GoogleAuthException | signaling a potentially unrecoverable authentication error. |
IOException | signaling a potentially transient error. |
IllegalStateException | if the method is invoked in the main event thread. |
public static voidinvalidateToken(Contextcontext, String token)
This method is deprecated.
Deprecated because calling this function requires permissions MANAGE_ACCOUNTS and
USE_CREDENTIALS. Please use
clearToken(Context, String)
instead.
public staticBundleremoveAccount(Contextcontext, Account account)
Removes an account from the AccountManager.
Similar to
AccountManager.removeAccount(Account, AccountManagerCallback, Handler)
but
does not enforce permission checks when called by the device owner or profile
owner.
This method isnotsafe to call from UI thread.
SeeDevicePolicyManager
for definition of device owner and profile owner.
Parameters
context | Context of the caller. |
---|---|
account | The account to remove. |
Returns
- See
AccountManager.removeAccount(Account, AccountManagerCallback, Handler)
for more details.
Throws
GoogleAuthException | |
---|---|
IOException |
public staticBooleanrequestGoogleAccountsAccess(Context context)
Whitelists caller in Account Manager to see accounts of
GOOGLE_ACCOUNT_TYPE
.In case of success the caller can useAccountManager
methods to see all Google accounts on the device. The method is available in Android O
and newer versions.
Parameters
context | Context of the caller. |
---|
Returns
- whether the access was granted.
Throws
UserRecoverableAuthException | wrapping an Intent for initiating user intervention. The wrapped intent must be
called with
Activity.startActivityForResult(Intent, int) .Upon successfully
returning a client can invoke this method again to verify that access was
granted. |
---|---|
GoogleAuthException | signaling a potentially unrecoverable authentication error. |
IOException | signaling a potentially transient error. |