0

这段代码来自AuthenticatorActivityAndroid SampleSyncAdapter示例项目。它说,

我们将从服务器返回的 authToken 存储为该帐户的“密码”——因此我们永远不会在本地存储用户的实际密码。

但我根本看不到authToken被使用。为什么?这是一个错误还是故意的?

/**
 * Called when response is received from the server for authentication
 * request. See onAuthenticationResult(). Sets the
 * AccountAuthenticatorResult which is sent back to the caller. We store the
 * authToken that's returned from the server as the 'password' for this
 * account - so we're never storing the user's actual password locally.
 *
 * @param result the confirmCredentials result.
 */
private void finishLogin(String authToken) {

    Log.i(TAG, "finishLogin()");
    final Account account = new Account(mUsername, Constants.ACCOUNT_TYPE);
    if (mRequestNewAccount) {
        mAccountManager.addAccountExplicitly(account, mPassword, null);
        // Set contacts sync for this account.
        ContentResolver.setSyncAutomatically(account, ContactsContract.AUTHORITY, true);
    } else {
        mAccountManager.setPassword(account, mPassword);
    }
    final Intent intent = new Intent();
    intent.putExtra(AccountManager.KEY_ACCOUNT_NAME, mUsername);
    intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE, Constants.ACCOUNT_TYPE);
    setAccountAuthenticatorResult(intent.getExtras());
    setResult(RESULT_OK, intent);
    finish();
}
4

1 回答 1

2

同意,这令人困惑,特别是因为 SampleSyncAdapter 代表了围绕这些类的一些唯一文档。也就是说,我认为这里的评论是错误的,因为 AbstractAccountAuthenticator 和服务都依赖于密码。我已经提交了一个错误以供澄清:

http://code.google.com/p/android/issues/detail?id=40878&thanks=40878&ts=1354582803

于 2012-12-04T01:04:48.297 回答