AuthToken from AccountManager in Android Client No Longer Working

I'm pretty exasperated. I'm attempting to build a turn-based multiplayer online game for Android using Google App Engine in Java as the server.

They seem like a perfect fit. Android requires a Google account, and GAE uses a Google account for authentication, while being free and scalable.

So before the holidays I was able to get authentication to my GAE app from my Android client using the new AccountManager API in Android 2.0. The following code allows you to access the AuthToken of the user's Google account and then use it for authentication, so that the user does not have to manually enter their account username and password:

   AccountManager mgr = AccountManager.get(this); 
   Account[] accts = mgr.getAccountsByType("com.google"); 
   Account acct = accts[0];
   AccountManagerFuture<Bundle> accountManagerFuture = mgr.getAuthToken(acct, "ah", null, this, null, null);
   Bundle authTokenBundle = accountManagerFuture.getResult(); 
   String authToken = authTokenBundle.get(AccountManager.KEY_AUTHTOKEN).toString();

I was then able to append the resulting AuthToken string to the appropriate URL and get a valid cookie which I could then use for all further requests. Only thing is, sometime last week it just stopped working for me. Now when I try to use the AuthToken from the above code, I don't get a cookie returned and my code throws a NullPointerException for the missing cookie.

When I go back to the old way, when the user was manually entering in their Google username and password and I get the AuthToken from "https://www.google.com/accounts/ClientLogin", it works just fine.

Please tell me someone out there has built an Android client for a Google App Engine app using the AuthToken from the Google account on the user's phone, and give me some clue as to why this is no longer working.

I'd really like to make this work. My alternatives are to require the user to enter their credentials (which is clunky, and which they shouldn't have to do), or going with another solution for the server.

Thanks in advance.

I had the same issue & the invalidateAuthToken is the key. You'll need the android.permission.MANAGE_ACCOUNTS permission granted.

Tip: When you call invalidateAuthToken, make sure you pass account type ("com.google") and not token type ("health"). I made this mistake and it took a while to track down because invalidateAuthToken returns no errors.

No offense, but please see the manual developer.android.com/reference/android/accounts/…

@Artem u are a life saver, tried putting the token type in the invalidate and it just DID NOT work, you saved my life :) Thanks a ton!

Where exactly do you have the invalidateAuthToken call? The callback isn't used until the user is done trying (and failing) to enter a password.

Many Thanks for your answer! I am able to get the auth token of an account. But, i want the password of the account. Please tell me where i have to pass the authToken so that i can get the password of account. Please help me i was new to Accounts. All i want is username and password of all gmail accounts that are stored in android device such that i can send an email to them using Gmail Sender

I had the same problem as this guy groups.google.com/group/android-developers/browse_thread/thr‌​ead/… and your response saved me. Thank thank thank you!

There was also this response to his issue here for future generation's reference: groups.google.com/group/android-developers/browse_thread/thr‌​ead/…

@KK_07k11A0585 There is no way Android is ever going to give away anyone's Google passwords.