Rare exception “android.accounts.AuthenticatorException: ServiceDisabled” - what does this means?

痞子三分冷 提交于 2021-02-05 09:34:28

问题


EDIT 3 (Jully)

Problem is now back again!

android.accounts.AuthenticatorException: ServiceDisabled

So my email app is not able to connect to GMail anymore.

Can anybody help?

Thanks

EDIT 2 (March 7)

Maybe the creation of an "ID clients OAuth 2.0" for Android is solving this issue.. This ID has to be created on this page https://console.developers.google.com/apis/credentials

Investigation ongoing..


EDIT

I think this is related to this https://wordpress.org/support/topic/be-careful-everybody-who-is-using-oauth-2-0-to-access-gmail-google-gsuite-apis/

How should I do to have my app approved to use the oauth2:https://mail.google.com/ scope?


Feedback of affected user - is it the cause of this?

He created many Google account (to do some tests). Could this be related to a too big amount of Google accounts created, accounts that are 'linked' to his initial email address (using the same initial account for recovery)? Wrong assumption


My email app is using AccountManager to access GMail (with OAuthToken ) and it's working fine (since 2102), except that I now have a peculiar exception that happens only with a specific Google account

This seems to be a quite new behavior

Here is the error is:

W/System.err: android.accounts.AuthenticatorException: ServiceDisabled
W/System.err:     at android.accounts.AccountManager.convertErrorToException(AccountManager.java:2507)
W/System.err:     at android.accounts.AccountManager.-wrap0(Unknown Source:0)
W/System.err:     at android.accounts.AccountManager$AmsTask$Response.onError(AccountManager.java:2350)
W/System.err:     at android.accounts.IAccountManagerResponse$Stub.onTransact(IAccountManagerResponse.java:69)
W/System.err:     at android.os.Binder.execTransact(Binder.java:697)

Questions:

  1. What exactly does the "android.accounts.AuthenticatorException: ServiceDisabled" error means?
  2. Why on earth is this only happening with this google account? (and probably for some other ones, but this seems really rare as per users feedback). Should I check some Android Google account Settings for this accounts..? Which ones?

So, same code goes well for about 10 accounts I tested on my Phone, and it fails with this very specific Google account! Why?

FYI, I opened an issue here: https://issuetracker.google.com/issues/127454208

Note:

According to the owner of this account, the app was working before, and suddenly stopped working: I am in the process of investigating when it happens and if he can give me some hints about some possible actions he took at that time.

Thanks beforehand for your help.


Some info I gathered:

I managed to debug this a bit and found that the stacktrace go further in cpp:

jboolean res = env->CallBooleanMethod(mObject, gBinderOffsets.mExecTransact,
        code, (int32_t)&data, (int32_t)reply, flags);

https://android.googlesource.com/platform/frameworks/base/+/f76a50c/core/jni/android_util_Binder.cpp

I found out that "res = onTransact(code, data, reply, flags);" (i.e. android.accounts.IAccountManagerResponse$Stub.onTransact(IAccountManagerResponse.java:69) from AIDL) is called with

code = 2 (probably android.accounts.AccountManager.VISIBILITY_USER_MANAGED_VISIBLE = 2)
data : a Parcel Object 
reply : another Parcel Object 
flags = 17

Which seems fine, and works for all other Google accounts!

I also found out that the error code in AccountManager.convertErrorToException was code ERROR_CODE_INVALID_RESPONSE


回答1:


Problem understood and solved!

Since January 2019, some OAuth2 scopes are restricted.
Also, the Additional Requirements for Specific API Scopes page sates:

Enforcement of the requirements in this section will begin on January 15, 2019 when all new applications must undergo a new application review process before accessing certain API scopes. Applications submitted for verification before January 15, 2019 will be given a grace period to come into compliance, and must submit for re-review no later than February 15, 2019. To learn more about these new requirements, read our blog post, Elevating user trust in our API ecosystem, and the OAuth Application Verification FAQ.

In order to have your Android apps being compliant with this, you must create a new "ID clients OAuth 2.0" for Android.

This ID has to be created on this page https://console.developers.google.com/apis/credentials

The odd thing is that all this seems related to G Suite and Google APIs, not Android SDK.
It's probably because the OAuth part of the Android SDK uses the Google API behind the scene, more precisely, the AccountManager#getAuthToken method does use it.



来源:https://stackoverflow.com/questions/55008300/rare-exception-android-accounts-authenticatorexception-servicedisabled-what

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!