How does GitHub android app force authentication?

Asked 20/12, 2013 at 15:42 Answered 20/12, 2013 at 16:29

Solved java android github android-authenticator

I am digging through the GitHub android app source code.

I am trying to find out how do they force the LoginActivity to show up when the app is first started. In their manifest they seem to have HomeActivity as the MAIN and LoginActivity is only launched explicitly.

So that means that always HomeActivity is launched when the app first opens up. However, I don't see any logic in HomeActivity that shows that they check whether the account is present or not, if its not present then go to LoginActivity

In the code LoginActivity is only launched from here.

Paean answered 20/12, 2013 at 15:42 Comment(1)

SharedPreferences, if an account is saved log in if not show the activity. I don't know how they do it but it's a way of how it can be done.. – Vorous 20/12, 2013 at 15:51

Okay, the whole Android account authentication and sync adapters mechanism may be rather complicated at first look, and GitHub Android app adds another layer of complexity there, but I'll try to explain you the whole flow (I hope that my understanding is correct).

At first, I'd recommend you this article about Android Authenticator if you are not familiar with the subject yet. GitHub Android uses exactly the same mechanism, described in that article.

You are right, HomeActivity is launched first. It then launches OrganizationLoader to load a list of orgs. That loader invokes method from OrganizationService which is a part of GitHub Java API. GitHub Android uses RoboGuice to configure injecting of most commonly used classes like GitHub API services. You can see that OrganizationService is created in ServicesModule. It takes GithubClient as a constructor parameter and there is also a GitHubModule which is configured to return AccountClient when an instance of GitHubClient is needed. AccountClient overrides configureRequest() method and invokes

String token = account.getAuthToken();

This is a method of GitHubAccount class, which invokes a method from internal Android's AccountManager. And AccountManager is configured to use that AccountAuthenticator you've talked about, which returns LoginActivity intent if there is no account on device.

Hope this helps :)

Heise answered 20/12, 2013 at 16:29 Comment(1)

Great! I think link for this article is broken. Can you please post the article link? Thanks again for help. – Paean 20/12, 2013 at 16:43

The app is using the Android account system, which is actually implemented in the class you already found. That account system will at some point call getAuthToken(), and there it's a simple check whether the password is empty, that returns the Intent for the LoginActivity to the account management system. Using that intent, the account management system will call back into the app and finally invoke the LoginActivity.

Felty answered 20/12, 2013 at 16:14 Comment(0)

Recommended topics

Hot tags