[英]How can the Google Photo App read the accounts without permission?
I'm implementing an login quiet similar to the login of the Google Photo App. 我正在实现类似于Google Photo App登录的安静登录方式。 I'm not testing my App in Android Marshmallow. 我没有在Android棉花糖中测试我的应用程序。 That requires the permission: 这需要获得许可:
<uses-permission android:name="android.permission.GET_ACCOUNTS" />
Quiet clear no questions until here. 在此之前,请先清除所有问题。 But how does the app can read out my accounts without requesting nor granting the permission in the app settings? 但是,应用程序如何在不请求或不授予应用程序设置权限的情况下读出我的帐户?
When I try to use: 当我尝试使用时:
Account[] googleAccounts = AccountManager.get(context).getAccountsByType(GoogleAuthUtil.GOOGLE_ACCOUNT_TYPE);
I just get an empty array. 我只是得到一个空数组。 What am I doing wrong? 我究竟做错了什么?
The past week I've coded a server-side access with Google login ( https://developers.google.com/identity/sign-in/android/offline-access ), and you don't need GET_ACCOUNTS
for it. 在过去的一周中,我已经使用Google登录代码对服务器端访问进行了编码( https://developers.google.com/identity/sign-in/android/offline-access ),并且您不需要GET_ACCOUNTS
。
What happens is that the application requests Google Play Services for a token that you will send to your server. 发生的情况是该应用程序请求Google Play服务获取您将发送到服务器的令牌。 And that's all. 就这样。 Google Play Service will access accounts, popup UI for the user to agree/confirm, etc. Google Play服务将访问帐户,供用户同意/确认的弹出式用户界面等。
So, I'm assuming that's what Google Photos use. 因此,我假设这就是Google Photos所使用的。 Another alternative valid answer is that they're a system app developed and signed by the creators of the OS and they can't do whatever they want by simply accessing protected APIs. 另一个替代的有效答案是,它们是由操作系统的创建者开发并签名的系统应用程序,仅通过访问受保护的API便无法做任何想要的事情。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.