java.lang.SecurityException: caller uid XXXXX is different than the authenticator's uid

エラーの該当箇所を見ますとAccountManagerが関連しているようです。

まずはAccountManagerについて理解してみます。

AccountManager | Android Developers

Class Overview

This class provides access to a centralized registry of the user's online accounts.

The user enters credentials (username and password) once per account,granting applications access to online resources with "one-click" approval.

Different online services have different ways of handling accounts and authentication, so the account manager uses pluggable authenticator modules for different account types.

Authenticators (which may be written by third parties) handle the actual details of validating account credentials and storing account information. For example, Google, Facebook, and Microsoft Exchange each have their own authenticator.

Many servers support some notion of an authentication token, which can be used to authenticate a request to the server without sending the user's actual password. (Auth tokens are normally created with a separate request which does include the user's credentials.)

AccountManager can generate auth tokens for applications, so the application doesn't need to handle passwords directly.

Auth tokens are normally reusable and cached by AccountManager, but must be refreshed periodically.

It's the responsibility of applications to invalidate auth tokens when they stop working so the AccountManager knows it needs to regenerate them.

それでは今回AccountManagerの認証関連のエラーを解消していきます。

エラー解消手順

  • AndroidManifest.xmlのuses-permissionの設定
<!-- Permissions required by the sync adapter -->
<uses-permission
        android:name="android.permission.READ_SYNC_SETTINGS"/>
<uses-permission
        android:name="android.permission.WRITE_SYNC_SETTINGS"/>
<uses-permission
        android:name="android.permission.AUTHENTICATE_ACCOUNTS"/>
  • res/xml/authenticator.xmlの配置
<?xml version="1.0" encoding="utf-8"?>
<account-authenticator xmlns:android="http://schemas.android.com/apk/res/android"
    android:accountType="@string/sync_account_type"
    android:icon="@mipmap/ic_launcher"
    android:label="@string/app_name"
    android:smallIcon="@mipmap/ic_launcher" />

※@string/sync_account_typeはドメインを指定してください

  • Authenticatorの作成
割愛
  • AuthenticatorServiceの作成
割愛
  • AndroidManifest.xmlにAuthenticatorServiceの登録
<!-- SyncAdapter's authentication service -->
<service android:name=".sync.XXXAuthenticatorService">
    <intent-filter>
        <action android:name="android.accounts.AccountAuthenticator" />
    </intent-filter>
    <meta-data
        android:name="android.accounts.AccountAuthenticator"
        android:resource="@xml/authenticator" />
</service>

つまり、Auhenticator関連の設定がうまくいけばaccountManagerはSecurityExceptionを吐かなくなるということです。