android - java.lang.SecurityException : caller uid XXXXX lacks any of android. 权限.GET_ACCOUNTS

Question

注意:这不是重复的，我在类似的 StackOverflow 问题中尝试了很多解决方案，但它们对我的情况不起作用。感谢您的帮助。

此崩溃似乎只发生在运行 Android 版本低于 6.0 的设备上。例如，它在运行 Android 5.1 版的 XT1032 上崩溃。在那种情况下，每当我调用此方法时，在我的 AppCompatActivity 的 onCreate 方法中，

AccountManager.get(this).addOnAccountsUpdatedListener(this, null, true);

它崩溃是因为它似乎没有所需的权限(我不知道为什么，因为它在 list 中)。我相信它并没有真正进入该方法，但由于 @RequiresPermission 行而在进入该方法时崩溃:

@RequiresPermission(GET_ACCOUNTS)
    public void addOnAccountsUpdatedListener(final OnAccountsUpdateListener listener,
            Handler handler, boolean updateImmediately) { ...

这是堆栈跟踪，加上一些更多的日志记录代码:

V/AccountManagerService: getAccounts: accountType null, caller's uid 10018, pid 23074
V/AccountManagerService:   caller uid 10018 has android.permission.GET_ACCOUNTS
V/AccountManagerService: getAccounts: accountType null, caller's uid 10018, pid 23074
V/AccountManagerService:   caller uid 10018 has android.permission.GET_ACCOUNTS
V/AccountManagerService:   caller uid 10009 has android.permission.INTERACT_ACROSS_USERS
V/AccountManagerService: getAccounts: accountType com.google, caller's uid 10009, pid 1738
V/AccountManagerService:   caller uid 10009 has android.permission.GET_ACCOUNTS
V/AccountManagerService: getAccounts: accountType null, caller's uid 10018, pid 23074
V/AccountManagerService:   caller uid 10018 has android.permission.GET_ACCOUNTS
V/AccountManagerService: getAccounts: accountType null, caller's uid 10156, pid 13722
W/AccountManagerService:   caller uid 10156 lacks any of android.permission.GET_ACCOUNTS

java.lang.RuntimeException: Unable to start activity ComponentInfo{MainActivity}: java.lang.SecurityException: caller uid 10156 lacks any of android.permission.GET_ACCOUNTS
                                                                                             at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2325)
                                                                                             at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2387)
                                                                                             at android.app.ActivityThread.access$800(ActivityThread.java:151)
                                                                                             at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1303)
                                                                                             at android.os.Handler.dispatchMessage(Handler.java:102)
                                                                                             at android.os.Looper.loop(Looper.java:135)
                                                                                             at android.app.ActivityThread.main(ActivityThread.java:5254)
                                                                                             at java.lang.reflect.Method.invoke(Native Method)
                                                                                             at java.lang.reflect.Method.invoke(Method.java:372)
                                                                                             at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:903)
                                                                                             at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:698)
                                                                                          Caused by: java.lang.SecurityException: caller uid 10156 lacks any of android.permission.GET_ACCOUNTS
                                                                                             at android.os.Parcel.readException(Parcel.java:1546)
                                                                                             at android.os.Parcel.readException(Parcel.java:1499)
                                                                                             at android.accounts.IAccountManager$Stub$Proxy.getAccounts(IAccountManager.java:728)
                                                                                             at android.accounts.AccountManager.getAccounts(AccountManager.java:407)
                                                                                             at android.accounts.AccountManager.addOnAccountsUpdatedListener(AccountManager.java:2372)

调用者 uid 是什么，为什么使用 uid 10156而不是 10018或 10009哪些有权限？

我验证了我的 AuthenticationService 中的帐户类型字符串与 authenticator.xml 的 accountType 相同，并且它们都使用硬编码字符串(不是字符串资源)。

public class AuthenticationService extends Service {

    public static final String ACCOUNT_TYPE = "com.mywebsite";
    ...
    public static boolean createAccount(String username,...) {

        AccountManager am = AccountManager.get(Application.getInstance());
        Account account = new Account(username, ACCOUNT_TYPE);

还有我的验证器:

<account-authenticator xmlns:android="http://schemas.android.com/apk/res/android"
                       android:accountType="com.mywebsite"
                       android:icon="@mipmap/ic_launcher"
                       android:smallIcon="@mipmap/ic_launcher"
                       android:label="@string/app_name"
    />

我也有这个: <uses-permission android:name="android.permission.GET_ACCOUNTS" />在<manifest>标签，而不是 <application>标签。 list :

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.mywebsite.android.department.departmentname” >

    <uses-permission android:name="android.permission.INTERNET" />
    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
    <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
    <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
    <uses-permission android:name="com.google.android.providers.gsf.permission.READ_GSERVICES" />
    <uses-permission android:name="android.permission.GET_ACCOUNTS" />
    <uses-permission android:name="android.permission.USE_CREDENTIALS" />
    <uses-permission android:name="android.permission.MANAGE_ACCOUNTS" />
    <uses-permission android:name="android.permission.AUTHENTICATE_ACCOUNTS" />
    <uses-permission android:name="android.permission.WRITE_SYNC_SETTINGS" />
    <uses-permission android:name="android.permission.READ_SYNC_SETTINGS" />
    <uses-permission android:name="android.permission.READ_CALENDAR" />
    <uses-permission android:name="android.permission.WRITE_CALENDAR" />
    <uses-permission android:name="android.permission.WAKE_LOCK"/>
    <uses-permission android:name="com.google.android.c2dm.permission.RECEIVE"/>
    <uses-permission android:name="android.permission.READ_LOGS"/>

    <application
        android:name=".Application"
        android:icon="@mipmap/ic_launcher"
        android:label="@string/app_name”>
        <service android:name=".auth.AuthenticationService" >
            <intent-filter>
                <action android:name="android.accounts.AccountAuthenticator" />
            </intent-filter>

            <meta-data
                android:name="android.accounts.AccountAuthenticator"
                android:resource="@xml/authenticator" />
        </service>

    </application>

</manifest>

这似乎是 Android 文档中的一个线索，但它似乎与我的错误无关，因为我确实拥有 list 中的权限(http://developer.android.com/reference/android/Manifest.permission.html#GET_ACCOUNTS):

Note: Beginning with Android 6.0 (API level 23), if an app shares the signature of the authenticator that manages an account, it does not need "GET_ACCOUNTS" permission to read information about that account. On Android 5.1 and lower, all apps need "GET_ACCOUNTS" permission to read information about any account.

Answer 1

事实证明与我正在使用的库有冲突。具体来说，图书馆的支持团队告诉我:

The layer SDK requests the GET_ACCOUNTS permission using a maxSdkVersion of 18. It would appear that when the manifests get merged this is overwriting the permission request in your manifest, thus not requesting that permission for 19+.

解决方案是改变我的 list :

<uses-permission android:name="android.permission.GET_ACCOUNTS" />

为此:

<uses-permission android:name="android.permission.GET_ACCOUNTS" tools:node="replace" />

具体来说，添加tools:node="replace"。

有关更多详细信息，请参阅我的其他问题的答案:https://stackoverflow.com/a/37013603/2423194