Revoke account permission for an app
I wrote a code that request an AuthToken from the account manager, using the getAuthToken(). On the first time - the user needs to \"Allow\" the authentication, but later on the
-
I tried using reflexion (for testing purposes only). Unfortunately, it throws a SecurityException because Android checks that the caller is a System app...
For reference, here is the code:
/** * Revoke the fact that current app is allowed to retrieve an authToken for an account. * @param accountName The account whose permissions are being revoked * @param context current context * @return true if revoked successfully, false otherwise */ public static boolean revokeAppPermission(String accountName, Context context) { if (accountName == null) { Log.w(TAG, "revokeAppPermission: abort, account missing."); return false; } AccountManager accountManager = AccountManager.get(context); Account[] accounts = accountManager.getAccounts(); Account accountToRevoke = null; for (Account account : accounts) { if (accountName.equals(account.name)) { accountToRevoke = account; break; } } if (accountToRevoke == null) { Log.w(TAG, "revokeAppPermission: abort, no account found."); return false; } try { // public void updateAppPermission(Account account, String authTokenType, int uid, boolean value) { Method updateAppPermissionMethod = AccountManager.class.getDeclaredMethod("updateAppPermission", Account.class, String.class, int.class, boolean.class); updateAppPermissionMethod.setAccessible(true); updateAppPermissionMethod.invoke(accountManager, // Instance to invoke the method on accountToRevoke, // account "oauth2:https://www.googleapis.com/auth/somegoogleservice", // authTokenType context.getApplicationInfo().uid, // uid false); // false to revoke } catch (Exception e) { Log.w(TAG, "revokeAppPermission: Failed:" + e.getMessage()); e.printStackTrace(); return false; } return true; }
加载中...
- 热议问题