android账号管理神马的。。。

1.机密信息的安全性靠UID（唯一标识符）机制来保障

public StringgetPassword(Account account)

public StringgetUserData(Account account, String key)

Gets the saved password associated with the account. This is
intended for authenticators and related code; applications should get an auth
token instead.

获取已保存的密码与帐户相关联。这是 
为身份验证和相关的代码准备的;应用程序应该得到一个验证 
令牌代替。

This method requires the caller to hold the permission AUTHENTICATE_ACCOUNTS
and to have the same UID as the account's authenticator.

这个方法要求调用者拥有许可AUTHENTICATE_ACCOUNTS和相同的UID作为用户的鉴别符

l  获取token只需要the permission USE_CREDENTIALS.

public AccountManagerFuture<Bundle> getAuthToken(Account account, String authTokenType, Bundleoptions, Activity activity, AccountManagerCallback<Bundle> callback, Handler handler)

l  应用程序一般通过以下步骤获取token

•       Get an instance of AccountManager using get(Context).用 get(Context)获得账户管理员实例

•       List the available accounts using getAccountsByType(String) or getAccountsByTypeAndFeatures(String, String[], AccountManagerCallback, Handler). Normally applications will only be interested in accounts with one particular type, which identifies the authenticator. Account features are used to identify particular account subtypes and capabilities. Both the account type and features are authenticator-specific strings, and must be known by the application in coordination with its preferred authenticators.

用getAccountsByType(String) or getAccountsByTypeAndFeatures(String, String[], AccountManagerCallback, Handler)列出可用的用户账户。通常应用只关心那些特定类型的用户账户，类型用来识别鉴别符。账户特征用来识别特定的用户子类型和能力。账户类型和特征都是鉴别符特有字段，必须被应用程序所知道以便和它的优先鉴别符协调。

•       Select one or more of the available accounts, possibly by asking the user for their preference. If no suitable accounts are available, addAccount(String, String, String[], Bundle, Activity, AccountManagerCallback, Handler) may be called to prompt the user to create an account of the appropriate type.

选择一个或几个可用的账户，可能通过询问用户的偏好。如果没有合适的账户，addAccount函数将被调用来提示用户创建一个合适的类型的账户

•       Important: If the application is using a previously remembered account selection, it must make sure the account is still in the list of accounts returned by getAccountsByType(String). Requesting an auth token for an account no longer on the device results in an undefined failure.

重要的是：如果应用程序使用了一个先前记住的账户选项，这个账户必须在getAccountsByType函数返回的账户列表上。请求一个不再存在在服务器上的账户的验证令牌，会导致未定义的失败。

•       Request an auth token for the selected account(s) using one of the getAuthToken(Account, String,
Bundle, Activity, AccountManagerCallback, Handler) methods or related helpers. Refer to the description of each method for exact usage and error handling details.

请求一个账户的验证令牌用到了getAuthToken方法及与之相关的方法。详细的内容，参考每个方法的详细用法和错误处理细节文档。

•       Make the request using the auth token. The form of the auth token, the format of the request, and the
protocol used are all specific to the service you are accessing. The application may use whatever network and protocol libraries are useful.

使用验证令牌来发起请求。验证令牌的形态，请求的格式，使用的协议都是你所访问的服务器特定的。应用程序可以使用任何网络和协议函数库。

•       Important: If the request fails with an authentication error, it could be that a cached auth token is stale and no longer honored by the server. The application must call invalidateAuthToken(String, String) to remove the token from the cache, otherwise requests will continue failing! After invalidating the auth token, immediately go back to the "Request an auth token" step above. If the process fails the second time, then it can be treated as a "genuine" authentication failure and the user notified or other appropriate actions taken.

重点：如果请求因为认证错误而失败，是因为缓存中的验证令牌陈旧，不再被服务器所承认。应用程序必须调用 invalidateAuthToken函数来将这个令牌从缓存中移除，否则，请求将一直失败。移除失效令牌后，立刻回到上面的请求验证令牌那一步。如果依然失败，将不再被视为一次验证失败，程序将通知用户或者采取其他适当的措施。