Revoke account permission for an app
Asked Answered
T

3

9

I wrote a code that request an AuthToken from the account manager, using the getAuthToken(). On the first time - the user needs to "Allow" the authentication, but later on there's no need to.

I want to know if there's a way to revoke that permission, using the android system or code, in order to help me debug my program (I'm running out of accounts :)). Uninstalling the app doesn't help.

Thank you,

Udi

Tankoos answered 27/4, 2011 at 14:22 Comment(0)
T
10

I've found that when you remove and re-add the account, then the permission is revoked, and you have to allow it again.

That's the easiest way i've found, I'm marking this as the answer unless I'll get a better one.

Tankoos answered 1/5, 2011 at 15:8 Comment(2)
remove and re-add the account, then the permission is revoked... its wrong!Bradeord
You are GOD. This is the only method that worked for me after looking all over SO. Thank you.Genetic
W
0

You might need to do a full uninstall/reinstall to in effect revoke it. Also, if you are using a specific sharedUserId, you can change the sharedUserId after you uninstall so it looks like a different account. Finally, you can sign it with a different cert. That's what I've been able to get away with, but a clean API to revoke (or even just an Activity) would be nice.

Wardwarde answered 27/4, 2011 at 14:27 Comment(2)
Well, I did a full uninstall/reinstall, that didn't help. I'm not using a sharedUserId as well.Tankoos
Yeah, you might need to try and set the sharedUserId to force the OS to assign it a differente user ID under the hood.Wardwarde
G
0

I tried using reflexion (for testing purposes only). Unfortunately, it throws a SecurityException because Android checks that the caller is a System app...

For reference, here is the code:

/**
     * Revoke the fact that current app is allowed to retrieve an authToken for an account.
     * @param accountName The account whose permissions are being revoked
     * @param context current context
     * @return true if revoked successfully, false otherwise
     */
    public static boolean revokeAppPermission(String accountName, Context context) {
        if (accountName == null) {
            Log.w(TAG, "revokeAppPermission: abort, account missing.");
            return false;
        }

        AccountManager accountManager = AccountManager.get(context);
        Account[] accounts = accountManager.getAccounts();
        Account accountToRevoke = null;
        for (Account account : accounts) {
            if (accountName.equals(account.name)) {
                accountToRevoke = account;
                break;
            }
        }

        if (accountToRevoke == null) {
            Log.w(TAG, "revokeAppPermission: abort, no account found.");
            return false;
        }

        try {
            // public void updateAppPermission(Account account, String authTokenType, int uid, boolean value) {
            Method updateAppPermissionMethod = AccountManager.class.getDeclaredMethod("updateAppPermission", 
                    Account.class, String.class, int.class, boolean.class);
            updateAppPermissionMethod.setAccessible(true);
            updateAppPermissionMethod.invoke(accountManager, // Instance to invoke the method on 
                    accountToRevoke, // account 
                    "oauth2:https://www.googleapis.com/auth/somegoogleservice", // authTokenType
                    context.getApplicationInfo().uid, // uid
                    false); // false to revoke
        } catch (Exception e) {
            Log.w(TAG, "revokeAppPermission: Failed:" + e.getMessage());
            e.printStackTrace();
            return false;
        }

        return true;
    }
Gavrah answered 24/3, 2013 at 18:18 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.