How does GitHub android app force authentication?

Question

I am digging through the GitHub android app source code.

I am trying to find out how do they force the LoginActivity to show up when the app is first started. In their manifest they seem to have HomeActivity as the MAIN and LoginActivity is only launched explicitly.

So that means that always HomeActivity is launched when the app first opens up. However, I don't see any logic in HomeActivity that shows that they check whether the account is present or not, if its not present then go to LoginActivity

In the code LoginActivity is only launched from here.

Answer 1

Okay, the whole Android account authentication and sync adapters mechanism may be rather complicated at first look, and GitHub Android app adds another layer of complexity there, but I'll try to explain you the whole flow (I hope that my understanding is correct).

At first, I'd recommend you this article about Android Authenticator if you are not familiar with the subject yet. GitHub Android uses exactly the same mechanism, described in that article.

You are right, HomeActivity is launched first. It then launches OrganizationLoader to load a list of orgs. That loader invokes method from OrganizationService which is a part of GitHub Java API. GitHub Android uses RoboGuice to configure injecting of most commonly used classes like GitHub API services. You can see that OrganizationService is created in ServicesModule. It takes GithubClient as a constructor parameter and there is also a GitHubModule which is configured to return AccountClient when an instance of GitHubClient is needed. AccountClient overrides configureRequest() method and invokes

String token = account.getAuthToken();

This is a method of GitHubAccount class, which invokes a method from internal Android's AccountManager. And AccountManager is configured to use that AccountAuthenticator you've talked about, which returns LoginActivity intent if there is no account on device.

Hope this helps :)