AbstractAccountAuthenticator

Kotlin |Java

abstract class AbstractAccountAuthenticator

kotlin.Any
↳	android.accounts.AbstractAccountAuthenticator

Abstract base class for creating AccountAuthenticators. In order to be an authenticator one must extend this class, provide implementations for the abstract methods, and write a service that returns the result of getIBinder() in the service's android.app.Service#onBind(android.content.Intent) when invoked with an intent with action AccountManager#ACTION_AUTHENTICATOR_INTENT. This service must specify the following intent filter and metadata tags in its AndroidManifest.xml file

<intent-filter>
      <action android:name="android.accounts.AccountAuthenticator" />
    </intent-filter>
    <meta-data android:name="android.accounts.AccountAuthenticator"
              android:resource="@xml/authenticator" />

The android:resource attribute must point to a resource that looks like:

<account-authenticator xmlns:android="http://schemas.android.com/apk/res/android"
     android:accountType="typeOfAuthenticator"
     android:icon="@drawable/icon"
     android:smallIcon="@drawable/miniIcon"
     android:label="@string/label"
     android:accountPreferences="@xml/account_preferences"
  />

Replace the icons and labels with your own resources. The android:accountType attribute must be a string that uniquely identifies your authenticator and will be the same string that user will use when making calls on the AccountManager and it also corresponds to Account#type for your accounts. One user of the android:icon is the "Account & Sync" settings page and one user of the android:smallIcon is the Contact Application's tab panels.

The preferences attribute points to a PreferenceScreen xml hierarchy that contains a list of PreferenceScreens that can be invoked to manage the authenticator. An example is:

<PreferenceScreen xmlns:android="http://schemas.android.com/apk/res/android">
     <PreferenceCategory android:title="@string/title_fmt" />
     <PreferenceScreen
          android:key="key1"
          android:title="@string/key1_action"
          android:summary="@string/key1_summary">
          <intent
              android:action="key1.ACTION"
              android:targetPackage="key1.package"
              android:targetClass="key1.class" />
      </PreferenceScreen>
  </PreferenceScreen>

The standard pattern for implementing any of the abstract methods is the following:

If the supplied arguments are enough for the authenticator to fully satisfy the request then it will do so and return a Bundle that contains the results.
If the authenticator needs information from the user to satisfy the request then it will create an Intent to an activity that will prompt the user for the information and then carry out the request. This intent must be returned in a Bundle as key AccountManager#KEY_INTENT.
The activity needs to return the final result when it is complete so the Intent should contain the AccountAuthenticatorResponse as AccountManager#KEY_ACCOUNT_AUTHENTICATOR_RESPONSE. The activity must then call AccountAuthenticatorResponse#onResult or AccountAuthenticatorResponse#onError when it is complete.
If the authenticator cannot synchronously process the request and return a result then it may choose to return null and then use the AccountManagerResponse to send the result when it has completed the request. This asynchronous option is not available for the addAccount method, which must complete synchronously.

The following descriptions of each of the abstract authenticator methods will not describe the possible asynchronous nature of the request handling and will instead just describe the input parameters and the expected result.

When writing an activity to satisfy these requests one must pass in the AccountManagerResponse and return the result via that response when the activity finishes (or whenever else the activity author deems it is the correct time to respond).

Summary

Constants
static String	`KEY_CUSTOM_TOKEN_EXPIRY` Bundle key used for the `long` expiration time (in millis from the unix epoch) of the associated auth token.

Public constructors
`AbstractAccountAuthenticator(context: Context!)`

Public methods
abstract Bundle!	`addAccount(response: AccountAuthenticatorResponse!, accountType: String!, authTokenType: String!, requiredFeatures: Array<String!>!, options: Bundle!)` Adds an account of the specified accountType.
open Bundle!	`addAccountFromCredentials(response: AccountAuthenticatorResponse!, account: Account!, accountCredentials: Bundle!)` Creates an account based on credentials provided by the authenticator instance of another user on the device, who has chosen to share the account with this user.
abstract Bundle!	`confirmCredentials(response: AccountAuthenticatorResponse!, account: Account!, options: Bundle!)` Checks that the user knows the credentials of an account.
abstract Bundle!	`editProperties(response: AccountAuthenticatorResponse!, accountType: String!)` Returns a Bundle that contains the Intent of the activity that can be used to edit the properties.
open Bundle!	`finishSession(response: AccountAuthenticatorResponse!, accountType: String!, sessionBundle: Bundle!)` Finishes the session started by #startAddAccountSession or #startUpdateCredentials by installing the account to device with AccountManager, or updating the local credentials.
open Bundle!	`getAccountCredentialsForCloning(response: AccountAuthenticatorResponse!, account: Account!)` Returns a Bundle that contains whatever is required to clone the account on a different user.
open Bundle!	`getAccountRemovalAllowed(response: AccountAuthenticatorResponse!, account: Account!)` Checks if the removal of this account is allowed.
abstract Bundle!	`getAuthToken(response: AccountAuthenticatorResponse!, account: Account!, authTokenType: String!, options: Bundle!)` Gets an authtoken for an account.
abstract String!	`getAuthTokenLabel(authTokenType: String!)` Ask the authenticator for a localized label for the given authTokenType.
IBinder!	`getIBinder()`
abstract Bundle!	`hasFeatures(response: AccountAuthenticatorResponse!, account: Account!, features: Array<String!>!)` Checks if the account supports all the specified authenticator specific features.
open Bundle!	`isCredentialsUpdateSuggested(response: AccountAuthenticatorResponse!, account: Account!, statusToken: String!)` Checks if update of the account credentials is suggested.
open Bundle!	`startAddAccountSession(response: AccountAuthenticatorResponse!, accountType: String!, authTokenType: String!, requiredFeatures: Array<String!>!, options: Bundle!)` Starts the add account session to authenticate user to an account of the specified accountType.
open Bundle!	`startUpdateCredentialsSession(response: AccountAuthenticatorResponse!, account: Account!, authTokenType: String!, options: Bundle!)` Asks user to re-authenticate for an account but defers updating the locally stored credentials.
abstract Bundle!	`updateCredentials(response: AccountAuthenticatorResponse!, account: Account!, authTokenType: String!, options: Bundle!)` Update the locally stored credentials for an account.

Constants

KEY_CUSTOM_TOKEN_EXPIRY

Added in API level 23

static val KEY_CUSTOM_TOKEN_EXPIRY: String

Bundle key used for the long expiration time (in millis from the unix epoch) of the associated auth token.

Value: "android.accounts.expiry"

See Also

#getAuthToken

Public constructors

AbstractAccountAuthenticator

Added in API level 5

AbstractAccountAuthenticator(context: Context!)

Public methods

addAccount

Added in API level 5

abstract fun addAccount(
    response: AccountAuthenticatorResponse!, 
    accountType: String!, 
    authTokenType: String!, 
    requiredFeatures: Array<String!>!, 
    options: Bundle!
): Bundle!

Adds an account of the specified accountType.

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null
`accountType`	String!: the type of account to add, will never be null
`authTokenType`	String!: the type of auth token to retrieve after adding the account, may be null
`requiredFeatures`	Array<String!>!: a String array of authenticator-specific features that the added account must support, may be null
`options`	Bundle!: a Bundle of authenticator-specific options. It always contains `AccountManager#KEY_CALLER_PID` and `AccountManager#KEY_CALLER_UID` fields which will let authenticator know the identity of the caller.

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response. The result will contain either: `AccountManager#KEY_INTENT`, or `AccountManager#KEY_ACCOUNT_NAME` and `AccountManager#KEY_ACCOUNT_TYPE` of the account that was added, or `AccountManager#KEY_ERROR_CODE` and `AccountManager#KEY_ERROR_MESSAGE` to indicate an error

Exceptions
`android.accounts.NetworkErrorException`	if the authenticator could not honor the request due to a network error

addAccountFromCredentials

Added in API level 18

open fun addAccountFromCredentials(
    response: AccountAuthenticatorResponse!, 
    account: Account!, 
    accountCredentials: Bundle!
): Bundle!

Creates an account based on credentials provided by the authenticator instance of another user on the device, who has chosen to share the account with this user.

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null
`account`	Account!: the account to clone, will never be null
`accountCredentials`	Bundle!: the Bundle containing the required credentials to create the account. Contents of the Bundle are only meaningful to the authenticator. This Bundle is provided by `getAccountCredentialsForCloning(android.accounts.AccountAuthenticatorResponse,android.accounts.Account)`.

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response.

Exceptions
`android.accounts.NetworkErrorException`

See Also

#getAccountCredentialsForCloning(AccountAuthenticatorResponse, Account)

confirmCredentials

Added in API level 5

abstract fun confirmCredentials(
    response: AccountAuthenticatorResponse!, 
    account: Account!, 
    options: Bundle!
): Bundle!

Checks that the user knows the credentials of an account.

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null
`account`	Account!: the account whose credentials are to be checked, will never be null
`options`	Bundle!: a Bundle of authenticator-specific options, may be null

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response. The result will contain either: `AccountManager#KEY_INTENT`, or `AccountManager#KEY_BOOLEAN_RESULT`, true if the check succeeded, false otherwise `AccountManager#KEY_ERROR_CODE` and `AccountManager#KEY_ERROR_MESSAGE` to indicate an error

Exceptions
`android.accounts.NetworkErrorException`	if the authenticator could not honor the request due to a network error

editProperties

Added in API level 5

abstract fun editProperties(
    response: AccountAuthenticatorResponse!, 
    accountType: String!
): Bundle!

Returns a Bundle that contains the Intent of the activity that can be used to edit the properties. In order to indicate success the activity should call response.setResult() with a non-null Bundle.

Parameters
`response`	AccountAuthenticatorResponse!: used to set the result for the request. If the Constants.INTENT_KEY is set in the bundle then this response field is to be used for sending future results if and when the Intent is started.
`accountType`	String!: the AccountType whose properties are to be edited.

Return
`Bundle!`	a Bundle containing the result or the Intent to start to continue the request. If this is null then the request is considered to still be active and the result should sent later using response.

finishSession

Added in API level 26

open fun finishSession(
    response: AccountAuthenticatorResponse!, 
    accountType: String!, 
    sessionBundle: Bundle!
): Bundle!

Finishes the session started by #startAddAccountSession or #startUpdateCredentials by installing the account to device with AccountManager, or updating the local credentials. File I/O may be performed in this call.

Note: when overriding this method, startAddAccountSession and startUpdateCredentialsSession should be overridden too.

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null
`accountType`	String!: the type of account to authenticate with, will never be null
`sessionBundle`	Bundle!: a bundle of session data created by `startAddAccountSession` used for adding account to device, or by `startUpdateCredentialsSession` used for updating local credentials.

Return

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response. The result will contain either: `AccountManager#KEY_INTENT`, or `AccountManager#KEY_ACCOUNT_NAME` and `AccountManager#KEY_ACCOUNT_TYPE` of the account that was added or local credentials were updated, and optional `AccountManager#KEY_ACCOUNT_STATUS_TOKEN` for checking the status of the account later, or `AccountManager#KEY_ERROR_CODE` and `AccountManager#KEY_ERROR_MESSAGE` to indicate an error

Bundle!

a Bundle result or null if the result is to be returned via the response. The result will contain either:

AccountManager#KEY_INTENT, or
AccountManager#KEY_ACCOUNT_NAME and AccountManager#KEY_ACCOUNT_TYPE of the account that was added or local credentials were updated, and optional AccountManager#KEY_ACCOUNT_STATUS_TOKEN for checking the status of the account later, or
AccountManager#KEY_ERROR_CODE and AccountManager#KEY_ERROR_MESSAGE to indicate an error

Exceptions
`android.accounts.NetworkErrorException`	if the authenticator could not honor the request due to a network error

See Also

#startAddAccountSession

getAccountCredentialsForCloning

Added in API level 18

open fun getAccountCredentialsForCloning(
    response: AccountAuthenticatorResponse!, 
    account: Account!
): Bundle!

Returns a Bundle that contains whatever is required to clone the account on a different user. The Bundle is passed to the authenticator instance in the target user via addAccountFromCredentials(android.accounts.AccountAuthenticatorResponse,android.accounts.Account,android.os.Bundle). The default implementation returns null, indicating that cloning is not supported.

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null
`account`	Account!: the account to clone, will never be null

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response.

Exceptions
`android.accounts.NetworkErrorException`

See Also

#addAccountFromCredentials(AccountAuthenticatorResponse, Account, Bundle)

getAccountRemovalAllowed

Added in API level 5

open fun getAccountRemovalAllowed(
    response: AccountAuthenticatorResponse!, 
    account: Account!
): Bundle!

Checks if the removal of this account is allowed.

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null
`account`	Account!: the account to check, will never be null

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response. The result will contain either: `AccountManager#KEY_INTENT`, or `AccountManager#KEY_BOOLEAN_RESULT`, true if the removal of the account is allowed, false otherwise `AccountManager#KEY_ERROR_CODE` and `AccountManager#KEY_ERROR_MESSAGE` to indicate an error

Exceptions
`android.accounts.NetworkErrorException`	if the authenticator could not honor the request due to a network error

getAuthToken

Added in API level 5

abstract fun getAuthToken(
    response: AccountAuthenticatorResponse!, 
    account: Account!, 
    authTokenType: String!, 
    options: Bundle!
): Bundle!

Gets an authtoken for an account. If not null, the resultant Bundle will contain different sets of keys depending on whether a token was successfully issued and, if not, whether one could be issued via some android.app.Activity.

If a token cannot be provided without some additional activity, the Bundle should contain AccountManager#KEY_INTENT with an associated Intent. On the other hand, if there is no such activity, then a Bundle containing AccountManager#KEY_ERROR_CODE and AccountManager#KEY_ERROR_MESSAGE should be returned.

If a token can be successfully issued, the implementation should return the AccountManager#KEY_ACCOUNT_NAME and AccountManager#KEY_ACCOUNT_TYPE of the account associated with the token as well as the AccountManager#KEY_AUTHTOKEN. In addition AbstractAccountAuthenticator implementations that declare themselves android:customTokens=true may also provide a non-negative KEY_CUSTOM_TOKEN_EXPIRY long value containing the expiration timestamp of the expiration time (in millis since the unix epoch), tokens will be cached in memory based on application's packageName/signature for however long that was specified.

Implementers should assume that tokens will be cached on the basis of account and authTokenType. The system may ignore the contents of the supplied options Bundle when determining to re-use a cached token. Furthermore, implementers should assume a supplied expiration time will be treated as non-binding advice.

Finally, note that for android:customTokens=false authenticators, tokens are cached indefinitely until some client calls android.accounts.AccountManager#invalidateAuthToken(java.lang.String,java.lang.String).

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null
`account`	Account!: the account whose credentials are to be retrieved, will never be null
`authTokenType`	String!: the type of auth token to retrieve, will never be null
`options`	Bundle!: a Bundle of authenticator-specific options. It always contains `AccountManager#KEY_CALLER_PID` and `AccountManager#KEY_CALLER_UID` fields which will let authenticator know the identity of the caller.

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response.

Exceptions
`android.accounts.NetworkErrorException`	if the authenticator could not honor the request due to a network error

getAuthTokenLabel

Added in API level 5

abstract fun getAuthTokenLabel(authTokenType: String!): String!

Ask the authenticator for a localized label for the given authTokenType.

Parameters
`authTokenType`	String!: the authTokenType whose label is to be returned, will never be null

Return
`String!`	the localized label of the auth token type, may be null if the type isn't known

getIBinder

Added in API level 5

fun getIBinder(): IBinder!

Return
`IBinder!`	the IBinder for the AccountAuthenticator

hasFeatures

Added in API level 5

abstract fun hasFeatures(
    response: AccountAuthenticatorResponse!, 
    account: Account!, 
    features: Array<String!>!
): Bundle!

Checks if the account supports all the specified authenticator specific features.

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null
`account`	Account!: the account to check, will never be null
`features`	Array<String!>!: an array of features to check, will never be null

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response. The result will contain either: `AccountManager#KEY_INTENT`, or `AccountManager#KEY_BOOLEAN_RESULT`, true if the account has all the features, false otherwise `AccountManager#KEY_ERROR_CODE` and `AccountManager#KEY_ERROR_MESSAGE` to indicate an error

Exceptions
`android.accounts.NetworkErrorException`	if the authenticator could not honor the request due to a network error

isCredentialsUpdateSuggested

Added in API level 26

open fun isCredentialsUpdateSuggested(
    response: AccountAuthenticatorResponse!, 
    account: Account!, 
    statusToken: String!
): Bundle!

Checks if update of the account credentials is suggested.

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null.
`account`	Account!: the account to check, will never be null
`statusToken`	String!: a String of token which can be used to check the status of locally stored credentials and if update of credentials is suggested

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response. The result will contain either: `AccountManager#KEY_BOOLEAN_RESULT`, true if update of account's credentials is suggested, false otherwise `AccountManager#KEY_ERROR_CODE` and `AccountManager#KEY_ERROR_MESSAGE` to indicate an error

Exceptions
`android.accounts.NetworkErrorException`	if the authenticator could not honor the request due to a network error

startAddAccountSession

Added in API level 26

open fun startAddAccountSession(
    response: AccountAuthenticatorResponse!, 
    accountType: String!, 
    authTokenType: String!, 
    requiredFeatures: Array<String!>!, 
    options: Bundle!
): Bundle!

Starts the add account session to authenticate user to an account of the specified accountType. No file I/O should be performed in this call. Account should be added to device only when finishSession is called after this.

Note: when overriding this method, finishSession should be overridden too.

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null
`accountType`	String!: the type of account to authenticate with, will never be null
`authTokenType`	String!: the type of auth token to retrieve after authenticating with the account, may be null
`requiredFeatures`	Array<String!>!: a String array of authenticator-specific features that the account authenticated with must support, may be null
`options`	Bundle!: a Bundle of authenticator-specific options, may be null

Return

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response. The result will contain either: `AccountManager#KEY_INTENT`, or `AccountManager#KEY_ACCOUNT_SESSION_BUNDLE` for adding the account to device later, and if account is authenticated, optional `AccountManager#KEY_PASSWORD` and `AccountManager#KEY_ACCOUNT_STATUS_TOKEN` for checking the status of the account, or `AccountManager#KEY_ERROR_CODE` and `AccountManager#KEY_ERROR_MESSAGE` to indicate an error

Bundle!

a Bundle result or null if the result is to be returned via the response. The result will contain either:

AccountManager#KEY_INTENT, or
AccountManager#KEY_ACCOUNT_SESSION_BUNDLE for adding the account to device later, and if account is authenticated, optional AccountManager#KEY_PASSWORD and AccountManager#KEY_ACCOUNT_STATUS_TOKEN for checking the status of the account, or
AccountManager#KEY_ERROR_CODE and AccountManager#KEY_ERROR_MESSAGE to indicate an error

Exceptions
`android.accounts.NetworkErrorException`	if the authenticator could not honor the request due to a network error

See Also

#finishSession(AccountAuthenticatorResponse, String, Bundle)

startUpdateCredentialsSession

Added in API level 26

open fun startUpdateCredentialsSession(
    response: AccountAuthenticatorResponse!, 
    account: Account!, 
    authTokenType: String!, 
    options: Bundle!
): Bundle!

Asks user to re-authenticate for an account but defers updating the locally stored credentials. No file I/O should be performed in this call. Local credentials should be updated only when finishSession is called after this.

Note: when overriding this method, finishSession should be overridden too.

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null
`account`	Account!: the account whose credentials are to be updated, will never be null
`authTokenType`	String!: the type of auth token to retrieve after updating the credentials, may be null
`options`	Bundle!: a Bundle of authenticator-specific options, may be null

Return

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response. The result will contain either: `AccountManager#KEY_INTENT`, or `AccountManager#KEY_ACCOUNT_SESSION_BUNDLE` for updating the locally stored credentials later, and if account is re-authenticated, optional `AccountManager#KEY_PASSWORD` and `AccountManager#KEY_ACCOUNT_STATUS_TOKEN` for checking the status of the account later, or `AccountManager#KEY_ERROR_CODE` and `AccountManager#KEY_ERROR_MESSAGE` to indicate an error

Bundle!

a Bundle result or null if the result is to be returned via the response. The result will contain either:

AccountManager#KEY_INTENT, or
AccountManager#KEY_ACCOUNT_SESSION_BUNDLE for updating the locally stored credentials later, and if account is re-authenticated, optional AccountManager#KEY_PASSWORD and AccountManager#KEY_ACCOUNT_STATUS_TOKEN for checking the status of the account later, or
AccountManager#KEY_ERROR_CODE and AccountManager#KEY_ERROR_MESSAGE to indicate an error

Exceptions
`android.accounts.NetworkErrorException`	if the authenticator could not honor the request due to a network error

See Also

#finishSession(AccountAuthenticatorResponse, String, Bundle)

updateCredentials

Added in API level 5

abstract fun updateCredentials(
    response: AccountAuthenticatorResponse!, 
    account: Account!, 
    authTokenType: String!, 
    options: Bundle!
): Bundle!

Update the locally stored credentials for an account.

Parameters
`response`	AccountAuthenticatorResponse!: to send the result back to the AccountManager, will never be null
`account`	Account!: the account whose credentials are to be updated, will never be null
`authTokenType`	String!: the type of auth token to retrieve after updating the credentials, may be null
`options`	Bundle!: a Bundle of authenticator-specific options, may be null

Return
`Bundle!`	a Bundle result or null if the result is to be returned via the response. The result will contain either: `AccountManager#KEY_INTENT`, or `AccountManager#KEY_ACCOUNT_NAME` and `AccountManager#KEY_ACCOUNT_TYPE` of the account whose credentials were updated, or `AccountManager#KEY_ERROR_CODE` and `AccountManager#KEY_ERROR_MESSAGE` to indicate an error

Exceptions
`android.accounts.NetworkErrorException`	if the authenticator could not honor the request due to a network error