Smart Lock(密码专用)已于 2022 年被废弃,现已从 Google Play 服务 Auth SDK (com.google.android.gms:play-services-auth) 中移除。为了最大限度地减少可能影响现有集成的破坏性更改,适用于 Play 商店中所有现有应用的 Smart Lock 功能将继续正常运行。使用更新后的 SDK (com.google.android.gms:play-services-auth:21.0.0) 编译的新版应用无法再访问 Smart Lock for Password API,且无法成功构建。所有开发者都应尽快迁移其 Android 项目,以便能使用 Credential Manager。
迁移到 Credential Manager API 的好处
Credential Manager 提供简单、统一的 API,实现了对新型功能和实践的支持,同时提升了用户的身份验证体验:
- Credential Manager 完全支持密码保存和身份验证。 这意味着,在您的应用从 Smart Lock 迁移到 Credential Manager 时,不会对用户造成中断。
- Credential Manager 可支持多账号登录方法(包括通行密钥)和联合登录方法(如使用 Google 账号登录),以提高安全性,如果您计划将来支持其中一种方法,还可实现转化。
- 从 Android 14 开始,Credential Manager 支持第三方密码和通行密钥提供程序。
- Credential Manager 会在所有身份验证方法中提供一致、统一的用户体验。
迁移选项:
| 用例 | 建议 |
|---|---|
| 保存密码并使用已保存的密码登录 | 充分利用使用 Credential Manager 让用户登录指南中的密码选项。本文后面部分介绍了密码保存和身份验证的详细步骤。 |
| 使用 Google 账号登录 | 按照将 Credential Manager 与“使用 Google 账号登录”功能集成指南操作。 |
| 向用户显示电话号码提示 | 使用 Google Identity 服务中的 Phone Number Hint API。 |
借助 Credential Manager 使用密码登录
如需使用 Credential Manager API,请完成 Credential Manager 指南的前提条件部分中列出的步骤,并务必执行以下操作:
- 添加所需的依赖项
- 在 ProGuard 文件中保留类
- 添加对 Digital Asset Links 的支持(如果您使用的是 Smart Lock(密码专用),则此步骤应已实现)
- 配置 Credential Manager
- 指示凭据字段
- 保存用户密码
使用已保存的密码登录
如需检索与用户账号关联的密码选项,请完成以下步骤:
1. 初始化密码和身份验证选项
// Retrieves the user's saved password for your app from their
// password provider.
val getPasswordOption = GetPasswordOption()
2. 使用从上一步中检索到的选项构建登录请求。
val getCredRequest = GetCredentialRequest(
listOf(getPasswordOption)
)
3. 启动登录流程
fun launchSignInFlow() {
coroutineScope.launch {
try {
// Attempt to retrieve the credential from the Credential Manager.
val result = credentialManager.getCredential(
// Use an activity-based context to avoid undefined system UI
// launching behavior.
context = activityContext,
request = getCredRequest
)
// Process the successfully retrieved credential.
handleSignIn(result)
} catch (e: GetCredentialException) {
// Handle any errors that occur during the credential retrieval
// process.
handleFailure(e)
}
}
}
private fun handleSignIn(result: GetCredentialResponse) {
// Extract the credential from the response.
val credential = result.credential
// Determine the type of credential and handle it accordingly.
when (credential) {
is PasswordCredential -> {
val username = credential.id
val password = credential.password
// Use the extracted username and password to perform
// authentication.
}
else -> {
// Handle unrecognized credential types.
Log.e(TAG, "Unexpected type of credential")
}
}
}
private fun handleFailure(e: GetCredentialException) {
// Handle specific credential retrieval errors.
when (e) {
is GetCredentialCancellationException -> {
/* This exception is thrown when the user intentionally cancels
the credential retrieval operation. Update the application's state
accordingly. */
}
is GetCredentialCustomException -> {
/* This exception is thrown when a custom error occurs during the
credential retrieval flow. Refer to the documentation of the
third-party SDK used to create the GetCredentialRequest for
handling this exception. */
}
is GetCredentialInterruptedException -> {
/* This exception is thrown when an interruption occurs during the
credential retrieval flow. Determine whether to retry the
operation or proceed with an alternative authentication method. */
}
is GetCredentialProviderConfigurationException -> {
/* This exception is thrown when there is a mismatch in
configurations for the credential provider. Verify that the
provider dependency is included in the manifest and that the
required system services are enabled. */
}
is GetCredentialUnknownException -> {
/* This exception is thrown when the credential retrieval
operation fails without providing any additional details. Handle
the error appropriately based on the application's context. */
}
is GetCredentialUnsupportedException -> {
/* This exception is thrown when the device does not support the
Credential Manager feature. Inform the user that credential-based
authentication is unavailable and guide them to an alternative
authentication method. */
}
is NoCredentialException -> {
/* This exception is thrown when there are no viable credentials
available for the user. Prompt the user to sign up for an account
or provide an alternative authentication method. Upon successful
authentication, store the login information using
androidx.credentials.CredentialManager.createCredential to
facilitate easier sign-in the next time. */
}
else -> {
// Handle unexpected exceptions.
Log.w(TAG, "Unexpected exception type: ${e::class.java.name}")
}
}
}