How do you force AccountManager to show the "Access Request" screen after a user has already allowed access?

Question

When using AccountManager::getAuthTokenByFeatures, an Access Request screen is shown for the user to allow or deny access to the account. After a user allows access, subsequent calls (with the same arguments) return the auth token without prompting the user.

How do you clear the state to make sure the Access Request prompt appears? (This would useful at the very least for development, testing, and demo purposes.)

Russell Davis · Accepted Answer · 2011-08-11T02:22:31.360

7

The only solution I've found is to manually clear out the data stored in the system's accounts.db. Run the following from the command line to clear out all account grants on the system.

For the emulator:

adb -e shell 'sqlite3 /data/system/accounts.db "delete from grants;"'

For a device (must be rooted and have the sqlite3 binary installed):

adb -d shell 'echo sqlite3 /data/system/accounts.db \"delete from grants\;\" | su'

edited Aug 11 '11 at 02:22

answered Jul 27 '11 at 23:03

Russell Davis

8,319
4
40
41

eventually helpful note for others: you might need to make the system folder writable, if sqlite3 isn't already on the device, and you need to push it via adb. http://stackoverflow.com/questions/6066030/read-only-file-system-on-android – Mathias Conradt Dec 04 '12 at 04:28
Another hint: I needed to call "sqlite" with quotes, otherwise I got an error. See http://stackoverflow.com/questions/13696259/sqlite3-on-android-fails-with-syntax-error-unexpected/13697187#13697187 – Mathias Conradt Dec 04 '12 at 06:50
2

Of interest for those still running in to this problem further on down the road: (1) on Android 4.2 which added multi-user support, the accounts.db file will be located in a subdirectory per user, e.g. /data/system/users/0/accounts.db (2) when I ran into the need to revoke these permissions, I found that the grants table in /data/system/users/0/accounts.db was empty. I was using the newer Google Play Services lib to get tokens, and it would appear it stores the grants somewhere else -- possibly even in the cloud (!). – Hugh Apr 05 '13 at 21:22
1

Ran into this same problem, eventually just had to settle for renaming the package each time I wanted to test out the Permission Request flow - pretty annoying that there isn't a better fix for this! Not even uninstalling worked for me. – joe Apr 16 '13 at 19:21

score 1 · Answer 2 · answered May 17 '12 at 19:09

1

I have created a new account which I use for testing. A new account will always prompt for Access Request. Remember to NOT allow access.

To test for the login screen, change the password for the account from another device/PC.

answered May 17 '12 at 19:09

OferR

1,634
19
21

score 1 · Answer 3 · answered Aug 14 '13 at 21:24

Using Google Play Services:

http://developer.android.com/reference/com/google/android/gms/auth/GoogleAuthUtil.html

Add https://www.googleapis.com/auth/userinfo.profile to your scope.

Example:

String scope="oauth2:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"

final String token = GoogleAuthUtil.getToken(context, "xxxx@gmail.com", scope);

OR "brute force"

Intent res = new Intent();
res.addCategory("account:xxxx@gmail.com");
res.addCategory("scope:oauth2:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile");
res.putExtra("service", "oauth2:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile");
Bundle extra= new Bundle();
extra.putString("androidPackageName","com.your.package");
res.putExtra("callerExtras",extra);
res.putExtra("androidPackageName","com.your.package");
res.putExtra("authAccount","xxxx@gmail.com");

String mPackage = "com.google.android.gms";
String mClass = "com.google.android.gms.auth.TokenActivity";
res.setComponent(new ComponentName(mPackage,mClass));
startActivityForResult(res,100);

Now, when you revoke the access here https://accounts.google.com/IssuedAuthSubTokens the application shows you the window for permission again in the device.

score 0 · Answer 4 · answered Jul 16 '15 at 12:55

In my case what Benn Sandoval says does not work.

I had to revoke permissions programmatically and then connect again.

if (googleApiClient != null && !googleApiClient.isConnecting() && googleApiClient.isConnected()){

    googleApiClient.clearDefaultAccountAndReconnect();
    Plus.AccountApi.revokeAccessAndDisconnect(googleApiClient).setResultCallback(new ResultCallback<Status>() {
        @Override
        public void onResult(Status status) {
            Log.i("google+", "Google+ user access revoked");
            googleApiClient.connect();
        }
    });
}

Doing this i was getting asked again to grant permissions to google+

How do you force AccountManager to show the "Access Request" screen after a user has already allowed access?

4 Answers4

Linked