diff --git a/frameworks/native/client/src/user_idm_callback_service.cpp b/frameworks/native/client/src/user_idm_callback_service.cpp index 2a64412c6e90e3f005d1e2dda78ace0499bedfdf..d78c68f65cb7a7c88bf88625fe5582c2885c43ca 100644 --- a/frameworks/native/client/src/user_idm_callback_service.cpp +++ b/frameworks/native/client/src/user_idm_callback_service.cpp @@ -114,6 +114,8 @@ int32_t IdmGetCredInfoCallbackService::OnCredentialInfos(int32_t resultCode, credentialInfo.pinType = static_cast(iter.pinType); credentialInfo.credentialId = iter.credentialId; credentialInfo.templateId = iter.templateId; + credentialInfo.isAbandoned = iter.isAbandoned; + credentialInfo.validityPeriod = iter.validityPeriod; credInfoList.push_back(credentialInfo); } getCredInfoCallback_->OnCredentialInfo(resultCode, credInfoList); diff --git a/frameworks/native/executors/BUILD.gn b/frameworks/native/executors/BUILD.gn index 727096cb3ffc7403658c3028370dc866fe71d23a..b841754968ad84d25281037e5a2136c4544d8d19 100644 --- a/frameworks/native/executors/BUILD.gn +++ b/frameworks/native/executors/BUILD.gn @@ -32,6 +32,7 @@ ohos_shared_library("userauth_executors") { } branch_protector_ret = "pac_ret" sources = [ + "src/async_command/abandon_command.cpp", "src/async_command/async_command_base.cpp", "src/async_command/auth_command.cpp", "src/async_command/collect_command.cpp", diff --git a/frameworks/native/executors/include/async_command/abandon_command.h b/frameworks/native/executors/include/async_command/abandon_command.h new file mode 100644 index 0000000000000000000000000000000000000000..ec5a4e3feb5bfdfce8b70b77d87ce1dba3b2e969 --- /dev/null +++ b/frameworks/native/executors/include/async_command/abandon_command.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ABANDON_COMMAND_H +#define ABANDON_COMMAND_H + +#include "async_command_base.h" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +class AbandonCommand : public AsyncCommandBase { +public: + AbandonCommand(std::weak_ptr executor, uint64_t scheduleId, const Attributes &commandAttrs, + std::shared_ptr executorMessenger); + ~AbandonCommand() override = default; + +protected: + ResultCode SendRequest() override; + void OnResultInner(ResultCode result, const std::vector &extraInfo) override; + +private: + std::shared_ptr attributes_ {nullptr}; +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + +#endif // ABANDON_COMMAND_H \ No newline at end of file diff --git a/frameworks/native/executors/include/framework/framework_executor_callback.h b/frameworks/native/executors/include/framework/framework_executor_callback.h index 33052d24a20c7504da2100b1d1e62d9e38e8803f..bfb8f97512a4e22dd76ddc8d3d7bd4ee44da467a 100644 --- a/frameworks/native/executors/include/framework/framework_executor_callback.h +++ b/frameworks/native/executors/include/framework/framework_executor_callback.h @@ -64,6 +64,7 @@ private: ResultCode ProcessNotifyExecutorReady(const Attributes &properties); ResultCode ProcessCustomCommand(const Attributes &properties); ResultCode ProcessGetPropertyCommand(std::shared_ptr conditions, std::shared_ptr values); + ResultCode ProcessAbandonCommand(uint64_t scheduleId, const Attributes &properties); ResultCode FillPropertyToAttribute(const std::vector &keyList, const Property property, std::shared_ptr values); const char *GetDescription(); diff --git a/frameworks/native/executors/src/async_command/abandon_command.cpp b/frameworks/native/executors/src/async_command/abandon_command.cpp new file mode 100644 index 0000000000000000000000000000000000000000..9ac4667547ca25b2514d61f25a5c3c13f1f9e88d --- /dev/null +++ b/frameworks/native/executors/src/async_command/abandon_command.cpp @@ -0,0 +1,89 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "abandon_command.h" + +#include "iam_executor_framework_types.h" +#include "iam_check.h" +#include "iam_logger.h" +#include "iam_mem.h" +#include "iam_para2str.h" +#include "iam_ptr.h" +#include "iam_defines.h" +#include "hisysevent_adapter.h" + +#define LOG_TAG "USER_AUTH_EXECUTOR" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +AbandonCommand::AbandonCommand(std::weak_ptr executor, uint64_t scheduleId, + const Attributes &attributes, std::shared_ptr executorMessenger) + : AsyncCommandBase("Abandon", scheduleId, executor, executorMessenger), + attributes_(Common::MakeShared(attributes.Serialize())) +{ +} + +ResultCode AbandonCommand::SendRequest() +{ + IAM_LOGI("%{public}s send request start", GetDescription()); + IF_FALSE_LOGE_AND_RETURN_VAL(attributes_ != nullptr, ResultCode::GENERAL_ERROR); + + auto hdi = GetExecutorHdi(); + IF_FALSE_LOGE_AND_RETURN_VAL(hdi != nullptr, ResultCode::GENERAL_ERROR); + + uint32_t tokenId = 0; + bool getTokenIdRet = attributes_->GetUint32Value(Attributes::ATTR_ACCESS_TOKEN_ID, tokenId); + IF_FALSE_LOGE_AND_RETURN_VAL(getTokenIdRet == true, ResultCode::GENERAL_ERROR); + + std::vector extraInfo; + bool getExtraInfoRet = attributes_->GetUint8ArrayValue(Attributes::ATTR_EXTRA_INFO, extraInfo); + IF_FALSE_LOGE_AND_RETURN_VAL(getExtraInfoRet == true, ResultCode::GENERAL_ERROR); + + int32_t userId; + bool getUserId = attributes_->GetInt32Value(Attributes::ATTR_USER_ID, userId); + IF_FALSE_LOGE_AND_RETURN_VAL(getUserId == true, ResultCode::GENERAL_ERROR); + + std::vector templateIds; + bool getTempalteIds = attributes_->GetUint64ArrayValue(Attributes::ATTR_TEMPLATE_ID_LIST, templateIds); + IF_FALSE_LOGE_AND_RETURN_VAL(getTempalteIds == true, ResultCode::GENERAL_ERROR); + + ResultCode ret = hdi->Abandon(scheduleId_, (AbandonParam) { tokenId, userId, templateIds[0], extraInfo}, + shared_from_this()); + IAM_LOGI("%{public}s abandon result %{public}d", GetDescription(), ret); + return ret; +} + +void AbandonCommand::OnResultInner(ResultCode result, const std::vector &extraInfo) +{ + IAM_LOGI("%{public}s on result start", GetDescription()); + std::vector nonConstExtraInfo(extraInfo.begin(), extraInfo.end()); + auto authAttributes = Common::MakeShared(); + IF_FALSE_LOGE_AND_RETURN(authAttributes != nullptr); + bool setResultCodeRet = authAttributes->SetUint32Value(Attributes::ATTR_RESULT_CODE, result); + IF_FALSE_LOGE_AND_RETURN(setResultCodeRet == true); + bool setAuthResultRet = + authAttributes->SetUint8ArrayValue(Attributes::ATTR_RESULT, nonConstExtraInfo); + IF_FALSE_LOGE_AND_RETURN(setAuthResultRet == true); + int32_t ret = MessengerFinish(scheduleId_, result, authAttributes); + if (ret != USERAUTH_SUCCESS) { + IAM_LOGE("%{public}s call finish fail", GetDescription()); + return; + } + IAM_LOGI("%{public}s call finish success result %{public}d", GetDescription(), result); +} +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS diff --git a/frameworks/native/executors/src/framework/framework_executor_callback.cpp b/frameworks/native/executors/src/framework/framework_executor_callback.cpp index 43db9e7fa23870a6002692e875125e3762e66dd7..38b4b1584788d4a2dbd162f87f67e0dd61d8b756 100644 --- a/frameworks/native/executors/src/framework/framework_executor_callback.cpp +++ b/frameworks/native/executors/src/framework/framework_executor_callback.cpp @@ -18,6 +18,7 @@ #include #include +#include "abandon_command.h" #include "auth_command.h" #include "collect_command.h" #include "custom_command.h" @@ -69,11 +70,15 @@ ResultCode FrameworkExecutorCallback::OnBeginExecuteInner(uint64_t scheduleId, s ret = ProcessEnrollCommand(scheduleId, commandAttrs); break; case AUTH: + case ABANDONED_PIN_AUTH: ret = ProcessAuthCommand(scheduleId, commandAttrs); break; case IDENTIFY: ret = ProcessIdentifyCommand(scheduleId, commandAttrs); break; + case ABANDON: + ret = ProcessAbandonCommand(scheduleId, commandAttrs); + break; default: IAM_LOGE("command id %{public}u is not supported", commandId); } @@ -354,6 +359,14 @@ ResultCode FrameworkExecutorCallback::ProcessGetPropertyCommand(std::shared_ptr< return ResultCode::SUCCESS; } +ResultCode FrameworkExecutorCallback::ProcessAbandonCommand(uint64_t scheduleId, const Attributes &properties) +{ + std::lock_guard lock(mutex_); + auto command = Common::MakeShared(executor_, scheduleId, properties, executorMessenger_); + IF_FALSE_LOGE_AND_RETURN_VAL(command != nullptr, ResultCode::GENERAL_ERROR); + return command->StartProcess(); +} + ResultCode FrameworkExecutorCallback::FillPropertyToAttribute(const std::vector &keyList, const Property property, std::shared_ptr values) { diff --git a/frameworks/native/executors/src/iauth_executor_hdi.cpp b/frameworks/native/executors/src/iauth_executor_hdi.cpp index 7f703407a5022dd2e89a0a319b253150bd224760..79ae980682f6839a2627caed68a85594cfae30bf 100644 --- a/frameworks/native/executors/src/iauth_executor_hdi.cpp +++ b/frameworks/native/executors/src/iauth_executor_hdi.cpp @@ -76,6 +76,13 @@ ResultCode IAuthExecutorHdi::SetCachedTemplates(const std::vector &tem return GENERAL_ERROR; } +ResultCode IAuthExecutorHdi::Abandon(uint64_t scheduleId, const AbandonParam ¶m, + const std::shared_ptr &callbackObj) +{ + IAM_LOGE("method not implemented"); + return GENERAL_ERROR; +} + ResultCode IAuthExecutorHdi::NotifyCollectorReady(uint64_t scheduleId) { IAM_LOGE("method not implemented"); diff --git a/frameworks/native/ipc/idl/UserAuthTypes.idl b/frameworks/native/ipc/idl/UserAuthTypes.idl index 50273566de61a2c01945b0d5fd404d1915ed3195..51b47bc2eba1f6a2595bdfd05515afa3b8c054d2 100644 --- a/frameworks/native/ipc/idl/UserAuthTypes.idl +++ b/frameworks/native/ipc/idl/UserAuthTypes.idl @@ -173,6 +173,10 @@ struct IpcCredentialInfo { unsigned long credentialId; /* User templateId is generated by executor to represent user characteristics. */ unsigned long templateId; + /* Abandoned flag of pin credential. */ + boolean isAbandoned; + /* Valid period of credential remain. */ + unsigned long validityPeriod; }; /** diff --git a/interfaces/inner_api/iam_common_defines.h b/interfaces/inner_api/iam_common_defines.h index 963459e07446ed3ba7c19df1cdbcaf1b968b3cb5..08ff5bb86e7f2469a5d4904206fef2272fccc53f 100644 --- a/interfaces/inner_api/iam_common_defines.h +++ b/interfaces/inner_api/iam_common_defines.h @@ -137,6 +137,10 @@ enum ScheduleMode : int32_t { AUTH = 1, /** The schedule mode is identification. */ IDENTIFY = 2, + /** The schedule mode is abandon. */ + ABANDON = 4, + /** The schedule mode is abandon pin authentication. */ + ABANDONED_PIN_AUTH = 5, }; /** diff --git a/interfaces/inner_api/iam_executor/iam_executor_framework_types.h b/interfaces/inner_api/iam_executor/iam_executor_framework_types.h index 960891ec79f0e7df83df7eecc0c5f9a3fc69a466..8d4078ed154cbfa5110a4cc7d40f7151a4ee145f 100644 --- a/interfaces/inner_api/iam_executor/iam_executor_framework_types.h +++ b/interfaces/inner_api/iam_executor/iam_executor_framework_types.h @@ -124,6 +124,19 @@ struct Property { int32_t nextFailLockoutDuration; }; +/** + * @brief Defines Abandon parameter. + */ +struct AbandonParam { + /** Token id. */ + uint32_t tokenId; + /** User id. */ + int32_t userId; + /** Template id. */ + uint64_t templateId; + /** Extra info. */ + std::vector extraInfo; +}; } // namespace UserAuth } // namespace UserIam } // namespace OHOS diff --git a/interfaces/inner_api/iam_executor/iam_executor_iauth_executor_hdi.h b/interfaces/inner_api/iam_executor/iam_executor_iauth_executor_hdi.h index 34a7e483ffb140432a27c36f01179663e5e12541..9e7effac09c570aecd2a9b5006580be39e3df9d2 100644 --- a/interfaces/inner_api/iam_executor/iam_executor_iauth_executor_hdi.h +++ b/interfaces/inner_api/iam_executor/iam_executor_iauth_executor_hdi.h @@ -173,6 +173,17 @@ public: * @return Return the result success or error code{@link ResultCode}. */ virtual ResultCode NotifyCollectorReady(uint64_t scheduleId); + + /** + * @brief Begin abandon. + * + * @param scheduleId Current abandon schedule ID. + * @param param Abandon param. + * @param callbackObj Callback of abandon result. + * @return Return the result success or error code{@link ResultCode}. + */ + virtual ResultCode Abandon(uint64_t scheduleId, const AbandonParam ¶m, + const std::shared_ptr &callbackObj); }; } // namespace UserAuth } // namespace UserIam diff --git a/interfaces/inner_api/user_idm_client_defines.h b/interfaces/inner_api/user_idm_client_defines.h index d55f21a1962c90f77d630ea0d7be8b5ced6608a6..64a097d4f46b340ad47d895365190082ab5dbaa3 100644 --- a/interfaces/inner_api/user_idm_client_defines.h +++ b/interfaces/inner_api/user_idm_client_defines.h @@ -44,6 +44,10 @@ struct CredentialInfo { uint64_t credentialId {0}; /* User templateId is generated by executor to represent user characteristics. */ uint64_t templateId {0}; + /* Abandoned flag of pin credential. */ + bool isAbandoned; + /* Valid period of credential remain. */ + uint64_t validityPeriod {0}; }; /** diff --git a/services/base/BUILD.gn b/services/base/BUILD.gn index c71140c50d1025e4ee23bf3b53740889a198aed0..9ff94de17fa48f902f4602aff7e1af41199f2673 100644 --- a/services/base/BUILD.gn +++ b/services/base/BUILD.gn @@ -46,7 +46,7 @@ ohos_source_set("userauth_service_base") { external_deps = [ "access_token:libaccesstoken_sdk", "c_utils:utils", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "hilog:libhilog", "init:libbegetutil", "ipc:ipc_core", diff --git a/services/base/inc/user_auth_hdi.h b/services/base/inc/user_auth_hdi.h index 31c1c3696bda2f5454e6561ecaddfd4232579ee4..5ed87fb5035eb6c663736596c92f32cbfe731b7c 100644 --- a/services/base/inc/user_auth_hdi.h +++ b/services/base/inc/user_auth_hdi.h @@ -17,10 +17,10 @@ #define USER_AUTH_HDI #include "accesstoken_kit.h" -#include "v3_0/iuser_auth_interface.h" -#include "v3_0/message_callback_stub.h" -#include "v3_0/user_auth_types.h" -#include "v3_0/user_auth_interface_service.h" +#include "v4_0/iuser_auth_interface.h" +#include "v4_0/message_callback_stub.h" +#include "v4_0/user_auth_types.h" +#include "v4_0/user_auth_interface_service.h" namespace OHOS { namespace UserIam { @@ -45,34 +45,34 @@ static inline HdiCallerType ConvertATokenTypeToCallerType(int32_t in) return it->second; } -using IUserAuthInterface = OHOS::HDI::UserAuth::V3_0::IUserAuthInterface; -using HdiAuthType = OHOS::HDI::UserAuth::V3_0::AuthType; -using HdiExecutorRole = OHOS::HDI::UserAuth::V3_0::ExecutorRole; -using HdiExecutorSecureLevel = OHOS::HDI::UserAuth::V3_0::ExecutorSecureLevel; -using HdiPinSubType = OHOS::HDI::UserAuth::V3_0::PinSubType; -using HdiScheduleMode = OHOS::HDI::UserAuth::V3_0::ScheduleMode; -using HdiExecutorRegisterInfo = OHOS::HDI::UserAuth::V3_0::ExecutorRegisterInfo; -using HdiExecutorInfo = OHOS::HDI::UserAuth::V3_0::ExecutorInfo; -using HdiScheduleInfo = OHOS::HDI::UserAuth::V3_0::ScheduleInfo; -using HdiAuthParam = OHOS::HDI::UserAuth::V3_0::AuthParam; -using HdiExecutorSendMsg = OHOS::HDI::UserAuth::V3_0::ExecutorSendMsg; -using HdiAuthResultInfo = OHOS::HDI::UserAuth::V3_0::AuthResultInfo; -using HdiIdentifyResultInfo = OHOS::HDI::UserAuth::V3_0::IdentifyResultInfo; -using HdiEnrollParam = OHOS::HDI::UserAuth::V3_0::EnrollParam; -using HdiUserType = OHOS::HDI::UserAuth::V3_0::UserType; -using HdiCredentialInfo = OHOS::HDI::UserAuth::V3_0::CredentialInfo; -using HdiEnrolledInfo = OHOS::HDI::UserAuth::V3_0::EnrolledInfo; -using HdiEnrollResultInfo = OHOS::HDI::UserAuth::V3_0::EnrollResultInfo; -using HdiEnrolledState = OHOS::HDI::UserAuth::V3_0::EnrolledState; -using HdiReuseUnlockInfo = OHOS::HDI::UserAuth::V3_0::ReuseUnlockInfo; -using HdiReuseUnlockParam = OHOS::HDI::UserAuth::V3_0::ReuseUnlockParam; -using HdiIMessageCallback = OHOS::HDI::UserAuth::V3_0::IMessageCallback; -using UserInfo = OHOS::HDI::UserAuth::V3_0::UserInfo; -using ExtUserInfo = OHOS::HDI::UserAuth::V3_0::ExtUserInfo; -using HdiGlobalConfigType = OHOS::HDI::UserAuth::V3_0::GlobalConfigType; -using HdiGlobalConfigValue = OHOS::HDI::UserAuth::V3_0::GlobalConfigValue; -using HdiGlobalConfigParam = OHOS::HDI::UserAuth::V3_0::GlobalConfigParam; -using HdiUserAuthTokenPlain = OHOS::HDI::UserAuth::V3_0::UserAuthTokenPlain; +using IUserAuthInterface = OHOS::HDI::UserAuth::V4_0::IUserAuthInterface; +using HdiAuthType = OHOS::HDI::UserAuth::V4_0::AuthType; +using HdiExecutorRole = OHOS::HDI::UserAuth::V4_0::ExecutorRole; +using HdiExecutorSecureLevel = OHOS::HDI::UserAuth::V4_0::ExecutorSecureLevel; +using HdiPinSubType = OHOS::HDI::UserAuth::V4_0::PinSubType; +using HdiScheduleMode = OHOS::HDI::UserAuth::V4_0::ScheduleMode; +using HdiExecutorRegisterInfo = OHOS::HDI::UserAuth::V4_0::ExecutorRegisterInfo; +using HdiExecutorInfo = OHOS::HDI::UserAuth::V4_0::ExecutorInfo; +using HdiScheduleInfo = OHOS::HDI::UserAuth::V4_0::ScheduleInfo; +using HdiAuthParam = OHOS::HDI::UserAuth::V4_0::AuthParam; +using HdiExecutorSendMsg = OHOS::HDI::UserAuth::V4_0::ExecutorSendMsg; +using HdiAuthResultInfo = OHOS::HDI::UserAuth::V4_0::AuthResultInfo; +using HdiIdentifyResultInfo = OHOS::HDI::UserAuth::V4_0::IdentifyResultInfo; +using HdiEnrollParam = OHOS::HDI::UserAuth::V4_0::EnrollParam; +using HdiUserType = OHOS::HDI::UserAuth::V4_0::UserType; +using HdiCredentialInfo = OHOS::HDI::UserAuth::V4_0::CredentialInfo; +using HdiEnrolledInfo = OHOS::HDI::UserAuth::V4_0::EnrolledInfo; +using HdiEnrollResultInfo = OHOS::HDI::UserAuth::V4_0::EnrollResultInfo; +using HdiEnrolledState = OHOS::HDI::UserAuth::V4_0::EnrolledState; +using HdiReuseUnlockInfo = OHOS::HDI::UserAuth::V4_0::ReuseUnlockInfo; +using HdiReuseUnlockParam = OHOS::HDI::UserAuth::V4_0::ReuseUnlockParam; +using HdiIMessageCallback = OHOS::HDI::UserAuth::V4_0::IMessageCallback; +using UserInfo = OHOS::HDI::UserAuth::V4_0::UserInfo; +using ExtUserInfo = OHOS::HDI::UserAuth::V4_0::ExtUserInfo; +using HdiGlobalConfigType = OHOS::HDI::UserAuth::V4_0::GlobalConfigType; +using HdiGlobalConfigValue = OHOS::HDI::UserAuth::V4_0::GlobalConfigValue; +using HdiGlobalConfigParam = OHOS::HDI::UserAuth::V4_0::GlobalConfigParam; +using HdiUserAuthTokenPlain = OHOS::HDI::UserAuth::V4_0::UserAuthTokenPlain; } // namespace UserAuth } // namespace UserIam } // namespace OHOS diff --git a/services/context/BUILD.gn b/services/context/BUILD.gn index 7e1676d3ff761048ebcd799f02125abb9e628426..80a997bd7918cbc9e23fb52354579d16f314a825 100644 --- a/services/context/BUILD.gn +++ b/services/context/BUILD.gn @@ -36,6 +36,7 @@ ohos_source_set("userauth_service_context") { remove_configs = [ "//build/config/compiler:no_exceptions" ] sources = [ + "src/abandon_context.cpp", "src/auth_widget_helper.cpp", "src/base_context.cpp", "src/context_appstate_observer.cpp", @@ -80,7 +81,7 @@ ohos_source_set("userauth_service_context") { "ability_runtime:extension_manager", "access_token:libaccesstoken_sdk", "c_utils:utils", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "hilog:libhilog", "hitrace:hitrace_meter", "init:libbegetutil", diff --git a/services/context/inc/abandon_context.h b/services/context/inc/abandon_context.h new file mode 100644 index 0000000000000000000000000000000000000000..c06d2b2451eb747a77ae7262c3c400cdb888563f --- /dev/null +++ b/services/context/inc/abandon_context.h @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef IAM_DELETE_CONTEXT_H +#define IAM_DELETE_CONTEXT_H + +#include +#include + +#include "base_context.h" +#include "abandon.h" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +class AbandonContext : public BaseContext { +public: + AbandonContext(uint64_t contextId, std::shared_ptr abandon, std::shared_ptr callback); + ~AbandonContext() override = default; + ContextType GetContextType() const override; + uint32_t GetTokenId() const override; + int32_t GetUserId() const override; + +protected: + bool OnStart() override; + void OnResult(int32_t resultCode, const std::shared_ptr &scheduleResultAttr) override; + bool OnStop() override; + +private: + bool UpdateScheduleResult(const std::shared_ptr &scheduleResultAttr); + void InvokeResultCallback(int32_t resultCode) const; + std::shared_ptr abandon_ = nullptr; +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS +#endif // IAM_DELETE_CONTEXT_H \ No newline at end of file diff --git a/services/context/inc/context.h b/services/context/inc/context.h index f93d14b91094280eee338b380417ff264f978b73..9376029b2cd22a4dba5a38cc3ef032b07196108b 100644 --- a/services/context/inc/context.h +++ b/services/context/inc/context.h @@ -44,6 +44,7 @@ enum ContextType { REMOTE_AUTH_CONTEXT, REMOTE_AUTH_INVOKER_CONTEXT, SCHEDULE_HOLDER_CONTEXT, + CONTEXT_DELETE, }; class Context { diff --git a/services/context/inc/context_factory.h b/services/context/inc/context_factory.h index 575a47178140aa8d537416c78c85fbad8fb9d1a1..6453ca28c06675d1bba8ce1117ce10de39cb65dd 100644 --- a/services/context/inc/context_factory.h +++ b/services/context/inc/context_factory.h @@ -23,6 +23,7 @@ #include "singleton.h" #include "authentication_impl.h" +#include "abandon_impl.h" #include "enrollment_impl.h" #include "context.h" #include "context_callback.h" @@ -73,6 +74,8 @@ public: static std::shared_ptr CreateWidgetContext(const AuthWidgetContextPara ¶, std::shared_ptr callback); static std::shared_ptr CreateScheduleHolderContext(std::shared_ptr scheduleNode); + static std::shared_ptr CreateAbandonContext(const Abandon::AbandonParam ¶, + const std::shared_ptr &callback); }; } // namespace UserAuth } // namespace UserIam diff --git a/services/context/src/abandon_context.cpp b/services/context/src/abandon_context.cpp new file mode 100644 index 0000000000000000000000000000000000000000..fe8b2d30aa2771b584113512b471bb209b8c6a62 --- /dev/null +++ b/services/context/src/abandon_context.cpp @@ -0,0 +1,143 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "abandon_context.h" + +#include "hisysevent_adapter.h" +#include "iam_check.h" +#include "iam_logger.h" +#include "iam_para2str.h" +#include "resource_node_utils.h" +#include "schedule_node.h" +#include "schedule_node_callback.h" + +#define LOG_TAG "USER_AUTH_SA" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +AbandonContext::AbandonContext(uint64_t contextId, std::shared_ptr abandon, + std::shared_ptr callback) + : BaseContext("Delete", contextId, callback, false), abandon_(abandon) +{ +} + +ContextType AbandonContext::GetContextType() const +{ + return CONTEXT_DELETE; +} + +uint32_t AbandonContext::GetTokenId() const +{ + IF_FALSE_LOGE_AND_RETURN_VAL(abandon_ != nullptr, 0); + return abandon_->GetAccessTokenId(); +} + +int32_t AbandonContext::GetUserId() const +{ + IF_FALSE_LOGE_AND_RETURN_VAL(abandon_ != nullptr, INVALID_USER_ID); + return abandon_->GetUserId(); +} + +bool AbandonContext::OnStart() +{ + IAM_LOGI("%{public}s start", GetDescription()); + IF_FALSE_LOGE_AND_RETURN_VAL(abandon_ != nullptr, false); + bool startRet = abandon_->Start(scheduleList_, shared_from_this()); + if (!startRet) { + IAM_LOGE("%{public}s abandon start fail", GetDescription()); + SetLatestError(abandon_->GetLatestError()); + return startRet; + } + + IF_FALSE_LOGE_AND_RETURN_VAL(scheduleList_.size() == 1, false); + IF_FALSE_LOGE_AND_RETURN_VAL(scheduleList_[0] != nullptr, false); + bool startScheduleRet = scheduleList_[0]->StartSchedule(); + IF_FALSE_LOGE_AND_RETURN_VAL(startScheduleRet, false); + IAM_LOGI("%{public}s Schedule:%{public}s Type:%{public}d success", GetDescription(), + GET_MASKED_STRING(scheduleList_[0]->GetScheduleId()).c_str(), scheduleList_[0]->GetAuthType()); + + return true; +} + +void AbandonContext::OnResult(int32_t resultCode, const std::shared_ptr &scheduleResultAttr) +{ + IAM_LOGI("%{public}s receive result code %{public}d", GetDescription(), resultCode); + bool updateRet = UpdateScheduleResult(scheduleResultAttr); + if (!updateRet) { + IAM_LOGE("%{public}s UpdateScheduleResult fail", GetDescription()); + if (resultCode == SUCCESS) { + resultCode = GetLatestError(); + } + } + InvokeResultCallback(resultCode); + IAM_LOGI("%{public}s on result %{public}d finish", GetDescription(), resultCode); +} + +bool AbandonContext::OnStop() +{ + IAM_LOGI("%{public}s start", GetDescription()); + if (scheduleList_.size() == 1 && scheduleList_[0] != nullptr) { + scheduleList_[0]->StopSchedule(); + } + + IF_FALSE_LOGE_AND_RETURN_VAL(abandon_ != nullptr, false); + bool cancelRet = abandon_->Cancel(); + if (!cancelRet) { + IAM_LOGE("%{public}s abandon stop fail", GetDescription()); + SetLatestError(abandon_->GetLatestError()); + return cancelRet; + } + return true; +} + +bool AbandonContext::UpdateScheduleResult(const std::shared_ptr &scheduleResultAttr) +{ + IAM_LOGI("%{public}s start", GetDescription()); + IF_FALSE_LOGE_AND_RETURN_VAL(abandon_ != nullptr, false); + IF_FALSE_LOGE_AND_RETURN_VAL(scheduleResultAttr != nullptr, false); + std::vector scheduleResult; + bool getResultCodeRet = scheduleResultAttr->GetUint8ArrayValue(Attributes::ATTR_RESULT, scheduleResult); + IF_FALSE_LOGE_AND_RETURN_VAL(getResultCodeRet == true, false); + std::shared_ptr infoToDel; + bool updateRet = abandon_->Update(scheduleResult, infoToDel); + if (!updateRet) { + IAM_LOGE("%{public}s abandon update fail", GetDescription()); + SetLatestError(abandon_->GetLatestError()); + return updateRet; + } + if (infoToDel == nullptr) { + IAM_LOGI("no credential to delete"); + } else { + std::vector> credInfos = {infoToDel}; + int32_t ret = ResourceNodeUtils::NotifyExecutorToDeleteTemplates(credInfos, "DeleteForUpdate"); + if (ret != SUCCESS) { + IAM_LOGE("failed to notify executor delete template, error code : %{public}d", ret); + } + } + + return true; +} + +void AbandonContext::InvokeResultCallback(int32_t resultCode) const +{ + IAM_LOGI("%{public}s start", GetDescription()); + IF_FALSE_LOGE_AND_RETURN(callback_ != nullptr); + Attributes finalResult; + callback_->OnResult(resultCode, finalResult); + IAM_LOGI("%{public}s invoke result callback success", GetDescription()); +} +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS diff --git a/services/context/src/context_factory.cpp b/services/context/src/context_factory.cpp index 7ae3823d5811cf6f1cc791777f774e94ee7ff3cc..5b4f87f352b405c803f67fa535bb27a40f76b6f8 100644 --- a/services/context/src/context_factory.cpp +++ b/services/context/src/context_factory.cpp @@ -16,6 +16,7 @@ #include "context_callback_impl.h" #include "context_pool.h" +#include "abandon_context.h" #include "enroll_context.h" #include "iam_check.h" #include "iam_logger.h" @@ -120,6 +121,17 @@ std::shared_ptr ContextFactory::CreateScheduleHolderContext(std::shared uint64_t newContextId = ContextPool::GetNewContextId(); return Common::MakeShared(newContextId, scheduleNode); } + +std::shared_ptr ContextFactory::CreateAbandonContext(const Abandon::AbandonParam ¶, + const std::shared_ptr &callback) +{ + IF_FALSE_LOGE_AND_RETURN_VAL(callback != nullptr, nullptr); + uint64_t newContextId = ContextPool::GetNewContextId(); + auto abandon = Common::MakeShared(para); + IF_FALSE_LOGE_AND_RETURN_VAL(abandon != nullptr, nullptr); + abandon->SetAccessTokenId(para.tokenId); + return Common::MakeShared(newContextId, abandon, callback); +} } // namespace UserAuth } // namespace UserIam } // namespace OHOS diff --git a/services/core/BUILD.gn b/services/core/BUILD.gn index 628409b60101d1458524d2fc564ef8bca7eab585..4dbb740f91abcbcc369f10c977d845a3636aa4f1 100644 --- a/services/core/BUILD.gn +++ b/services/core/BUILD.gn @@ -56,6 +56,7 @@ ohos_source_set("userauth_service_core") { remove_configs = [ "//build/config/compiler:no_exceptions" ] sources = [ + "src/abandon_impl.cpp", "src/authentication_impl.cpp", "src/credential_info_impl.cpp", "src/driver_state_manager.cpp", @@ -95,7 +96,7 @@ ohos_source_set("userauth_service_core") { "access_token:libtokenid_sdk", "c_utils:utils", "device_manager:devicemanagersdk", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "hdf_core:libhdi", "hilog:libhilog", "hitrace:hitrace_meter", diff --git a/services/core/inc/abandon.h b/services/core/inc/abandon.h new file mode 100644 index 0000000000000000000000000000000000000000..bd8edbcc6e7bfb0f42cf6a4ea0271e01f238e597 --- /dev/null +++ b/services/core/inc/abandon.h @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef IAM_ABANDON_H +#define IAM_ABANDON_H + +#include +#include +#include + +#include "credential_info_interface.h" +#include "update_pin_param_interface.h" +#include "schedule_node.h" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +class Abandon { +public: + struct AbandonParam { + int32_t userId {0}; + uint64_t credentialId {0}; + uint32_t tokenId {0}; + std::vector token; + }; + + virtual ~Abandon() = default; + + virtual bool Start(std::vector> &scheduleList, + std::shared_ptr callback) = 0; + virtual bool Update(const std::vector &scheduleResult, + std::shared_ptr &info) = 0; + virtual bool Cancel() = 0; + + virtual void SetAccessTokenId(uint32_t tokenId) = 0; + virtual uint32_t GetAccessTokenId() const = 0; + virtual int32_t GetLatestError() const = 0; + virtual int32_t GetUserId() const = 0; + +protected: + virtual void SetLatestError(int32_t error) = 0; +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS +#endif // IAM_ABANDON_H \ No newline at end of file diff --git a/services/core/inc/credential_info_interface.h b/services/core/inc/credential_info_interface.h index 222aec092837e605a6660e9062b9a4baa3794f10..30f2b051208b99c7462435af45fd8c0f3a1fc316 100644 --- a/services/core/inc/credential_info_interface.h +++ b/services/core/inc/credential_info_interface.h @@ -34,6 +34,8 @@ public: virtual uint32_t GetExecutorSensorHint() const = 0; virtual uint32_t GetExecutorMatcher() const = 0; virtual PinSubType GetAuthSubType() const = 0; + virtual bool GetAbandonFlag() const; + virtual uint64_t GetValidPeriod() const; }; } // namespace UserAuth } // namespace UserIam diff --git a/services/core/src/abandon_impl.cpp b/services/core/src/abandon_impl.cpp new file mode 100644 index 0000000000000000000000000000000000000000..ce33ec178cc4fe7a403bfea43b0c34dfc2261272 --- /dev/null +++ b/services/core/src/abandon_impl.cpp @@ -0,0 +1,156 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "abandon_impl.h" + +#include "credential_info_impl.h" +#include "hdi_wrapper.h" +#include "iam_hitrace_helper.h" +#include "iam_logger.h" +#include "iam_ptr.h" +#include "ipc_common.h" +#include "load_mode_handler.h" +#include "publish_event_adapter.h" +#include "resource_node_utils.h" +#include "schedule_node_helper.h" +#include "update_pin_param_impl.h" +#include "user_idm_database.h" + +#define LOG_TAG "USER_AUTH_SA" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +AbandonImpl::AbandonImpl(AbandonParam abandonPara) : abandonPara_(abandonPara) +{ +} + +AbandonImpl::~AbandonImpl() +{ + Cancel(); +} + +void AbandonImpl::SetLatestError(int32_t error) +{ + if (error != ResultCode::SUCCESS) { + latestError_ = error; + } +} + +int32_t AbandonImpl::GetLatestError() const +{ + return latestError_; +} + +void AbandonImpl::SetAccessTokenId(uint32_t tokenId) +{ + tokenId_ = tokenId; +} + +uint32_t AbandonImpl::GetAccessTokenId() const +{ + return tokenId_; +} + +int32_t AbandonImpl::GetUserId() const +{ + return abandonPara_.userId; +} + +bool AbandonImpl::Start(std::vector> &scheduleList, + std::shared_ptr callback) +{ + IAM_LOGE("UserId:%{public}d", abandonPara_.userId); + auto hdi = HdiWrapper::GetHdiInstance(); + if (!hdi) { + IAM_LOGE("bad hdi"); + return false; + } + + HdiScheduleInfo hdiScheduleInfo = {}; + IamHitraceHelper traceHelper("hdi DeleteCredential"); + int32_t ret = hdi->AbandonCredential(abandonPara_.userId, abandonPara_.credentialId, abandonPara_.token, + hdiScheduleInfo); + if (ret != HDF_SUCCESS) { + IAM_LOGE("failed to delete credential, error code : %{public}d", ret); + return false; + } + + return StartSchedule(abandonPara_.userId, hdiScheduleInfo, scheduleList, callback); +} + +bool AbandonImpl::Update(const std::vector &scheduleResult, std::shared_ptr &info) +{ + auto hdi = HdiWrapper::GetHdiInstance(); + if (!hdi) { + IAM_LOGE("bad hdi"); + return false; + } + + std::vector credentialInfos; + auto result = hdi->UpdateAbandonResult(abandonPara_.userId, scheduleResult, credentialInfos); + if (result != HDF_SUCCESS) { + IAM_LOGE("hdi UpdateAbandonResult failed, err is %{public}d, userId is %{public}d", result, + abandonPara_.userId); + SetLatestError(result); + return false; + } + + if (!credentialInfos.empty()) { + info = Common::MakeShared(abandonPara_.userId, credentialInfos[0]); + if (info == nullptr) { + IAM_LOGE("bad alloc"); + return false; + } + } + + return true; +} + +bool AbandonImpl::Cancel() +{ + if (!running_) { + return false; + } + running_ = false; + return true; +} + +bool AbandonImpl::StartSchedule(int32_t userId, HdiScheduleInfo &info, + std::vector> &scheduleList, std::shared_ptr callback) +{ + IAM_LOGI("start"); + std::vector infos = {}; + infos.emplace_back(info); + + ScheduleNodeHelper::NodeOptionalPara para; + para.tokenId = tokenId_; + para.userId = userId; + + if (!ScheduleNodeHelper::BuildFromHdi(infos, callback, scheduleList, para)) { + IAM_LOGE("BuildFromHdi failed"); + return false; + } + if (scheduleList.size() == 0 || scheduleList[0] == nullptr) { + IAM_LOGE("Bad Parameter!"); + return false; + } + + scheduleId_ = scheduleList[0]->GetScheduleId(); + running_ = true; + return true; +} +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS \ No newline at end of file diff --git a/services/core/src/abandon_impl.h b/services/core/src/abandon_impl.h new file mode 100644 index 0000000000000000000000000000000000000000..012576fafd4066b3929d595ec79a1cf8fb689371 --- /dev/null +++ b/services/core/src/abandon_impl.h @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef IAM_DELETE_IMPL_H +#define IAM_DELETE_IMPL_H + +#include +#include + +#include "abandon.h" +#include "schedule_node.h" +#include "user_auth_hdi.h" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +class AbandonImpl final : public Abandon, public NoCopyable { +public: + explicit AbandonImpl(AbandonParam abandonPara); + ~AbandonImpl() override; + + bool Start(std::vector> &scheduleList, + std::shared_ptr callback) override; + bool Update(const std::vector &scheduleResult, std::shared_ptr &info) override; + bool Cancel() override; + + void SetAccessTokenId(uint32_t tokenId) override; + uint32_t GetAccessTokenId() const override; + int32_t GetLatestError() const override; + int32_t GetUserId() const override; + +protected: + void SetLatestError(int32_t error) override; + +private: + bool StartSchedule(int32_t userId, HdiScheduleInfo &info, + std::vector> &scheduleList, std::shared_ptr callback); + + AbandonParam abandonPara_; + + uint32_t tokenId_ {0}; + uint64_t scheduleId_ {0}; + bool running_ {false}; + int32_t latestError_ = ResultCode::GENERAL_ERROR; +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS +#endif // IAM_DELETE_IMPL_H \ No newline at end of file diff --git a/services/core/src/credential_info_impl.cpp b/services/core/src/credential_info_impl.cpp index 4a2a57d213039dfd5a1031939df9679c59bdb142..bbcf83107859888d949f2f8d6db4c9dc1f8554ac 100644 --- a/services/core/src/credential_info_impl.cpp +++ b/services/core/src/credential_info_impl.cpp @@ -61,6 +61,16 @@ PinSubType CredentialInfoImpl::GetAuthSubType() const { return static_cast(info_.authSubType); } + +bool CredentialInfoImpl::GetAbandonFlag() const +{ + return info_.isAbandoned; +} + +uint64_t CredentialInfoImpl::GetValidPeriod() const +{ + return info_.validityPeriod; +} } // namespace UserAuth } // namespace UserIam } // namespace OHOS \ No newline at end of file diff --git a/services/core/src/credential_info_impl.h b/services/core/src/credential_info_impl.h index 99477f12c6c8e3a5439f63e872cd39852d8d2212..c8220d18d3f8638766bb2c76fe5ea980b2cc3388 100644 --- a/services/core/src/credential_info_impl.h +++ b/services/core/src/credential_info_impl.h @@ -36,6 +36,8 @@ public: uint32_t GetExecutorSensorHint() const override; uint32_t GetExecutorMatcher() const override; PinSubType GetAuthSubType() const override; + bool GetAbandonFlag() const override; + uint64_t GetValidPeriod() const override; private: int32_t userId_; diff --git a/services/core/src/user_idm_database_impl.cpp b/services/core/src/user_idm_database_impl.cpp index 43da208a6a3c7f4c3a7b48b0ddc6ffd5b79b7da1..bc84e35efcc41fdbd9e8259b322d481036baeb16 100644 --- a/services/core/src/user_idm_database_impl.cpp +++ b/services/core/src/user_idm_database_impl.cpp @@ -122,6 +122,7 @@ int32_t UserIdmDatabaseImpl::DeleteCredentialInfo(int32_t userId, uint64_t crede return GENERAL_ERROR; } credInfo = info; + return SUCCESS; } diff --git a/services/ipc/BUILD.gn b/services/ipc/BUILD.gn index e8b8affc7396cc73b4d69e23d28cacc85b458b45..a8ba29594ea9c98cdf35a5c65a55956700a48269 100644 --- a/services/ipc/BUILD.gn +++ b/services/ipc/BUILD.gn @@ -63,7 +63,7 @@ ohos_source_set("userauth_services_ipc") { "c_utils:utils", "common_event_service:cesfwk_innerkits", "device_manager:devicemanagersdk", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "dsoftbus:softbus_client", "hdf_core:libhdi", "hilog:libhilog", diff --git a/services/ipc/inc/user_idm_service.h b/services/ipc/inc/user_idm_service.h index 6b3dc96f76561ae47972ae574a0d803baed67c20..6255d24a2ad0979619b115419afd862845acb1dc 100644 --- a/services/ipc/inc/user_idm_service.h +++ b/services/ipc/inc/user_idm_service.h @@ -79,6 +79,10 @@ private: const std::shared_ptr &contextCallback); int32_t StartEnroll(Enrollment::EnrollmentPara ¶, const std::shared_ptr &contextCallback, Attributes &extraInfo, bool needSubscribeAppState); + int32_t StartDelete(int32_t userId, uint64_t credentialId, const std::vector &authToken, + const std::shared_ptr &contextCallback, Attributes &extraInfo); + int32_t StartAbandon(Abandon::AbandonParam ¶, const std::shared_ptr &contextCallback, + Attributes &extraInfo); void PublishCommonEvent(int32_t userId, uint64_t credentialId, AuthType authType); std::mutex mutex_; }; diff --git a/services/ipc/src/user_idm_service.cpp b/services/ipc/src/user_idm_service.cpp index 87fdae505336345d5f616ebccd96c60d29f0a996..cec15e709d803897292e406e98d6ed4156ab644d 100644 --- a/services/ipc/src/user_idm_service.cpp +++ b/services/ipc/src/user_idm_service.cpp @@ -40,6 +40,7 @@ #include "user_idm_database.h" #include "user_idm_session_controller.h" #include "xcollie_helper.h" +#include "system_param_manager.h" #define LOG_TAG "USER_AUTH_SA" @@ -142,6 +143,8 @@ int32_t UserIdmService::GetCredentialInfoInner(int32_t userId, AuthType authType info.templateId = credInfo->GetTemplateId(); info.authType = credInfo->GetAuthType(); info.pinType = credInfo->GetAuthSubType(); + info.isAbandoned = credInfo->GetAbandonFlag(); + info.validityPeriod = credInfo->GetValidPeriod(); credInfoList.push_back(info); } return SUCCESS; @@ -170,6 +173,8 @@ int32_t UserIdmService::GetCredentialInfo(int32_t userId, int32_t authType, ipcCredInfo.pinType = static_cast(iter.pinType.value_or(PIN_SIX)); ipcCredInfo.credentialId = iter.credentialId; ipcCredInfo.templateId = iter.templateId; + ipcCredInfo.isAbandoned = iter.isAbandoned; + ipcCredInfo.validityPeriod = iter.validityPeriod; ipcCredInfoList.push_back(ipcCredInfo); } @@ -494,6 +499,56 @@ int32_t UserIdmService::DelUser(int32_t userId, const std::vector &auth return SUCCESS; } +int32_t UserIdmService::StartDelete(int32_t userId, uint64_t credentialId, const std::vector &authToken, + const std::shared_ptr &contextCallback, Attributes &extraInfo) +{ + std::shared_ptr oldInfo; + auto ret = UserIdmDatabase::Instance().DeleteCredentialInfo(userId, credentialId, authToken, oldInfo); + if (ret != SUCCESS) { + IAM_LOGE("failed to delete CredentialInfo"); + contextCallback->OnResult(ret, extraInfo); + return ret; + } + if (oldInfo != nullptr) { + contextCallback->SetTraceAuthType(oldInfo->GetAuthType()); + } + + IAM_LOGI("delete credentialInfo success"); + std::vector> list = {oldInfo}; + ret = ResourceNodeUtils::NotifyExecutorToDeleteTemplates(list, "DeleteTemplate"); + if (ret != SUCCESS) { + IAM_LOGE("failed to delete executor info, error code : %{public}d", ret); + } + + contextCallback->OnResult(ret, extraInfo); + if (oldInfo != nullptr) { + PublishCommonEvent(userId, credentialId, oldInfo->GetAuthType()); + } + + return SUCCESS; +} + +int32_t UserIdmService::StartAbandon(Abandon::AbandonParam ¶, + const std::shared_ptr &contextCallback, Attributes &extraInfo) +{ + auto context = ContextFactory::CreateAbandonContext(para, contextCallback); + if (context == nullptr || !ContextPool::Instance().Insert(context)) { + IAM_LOGE("failed to insert context"); + contextCallback->OnResult(GENERAL_ERROR, extraInfo); + return GENERAL_ERROR; + } + contextCallback->SetTraceRequestContextId(context->GetContextId()); + auto cleaner = ContextHelper::Cleaner(context); + contextCallback->SetCleaner(cleaner); + + if (!context->Start()) { + IAM_LOGE("failed to start delete"); + contextCallback->OnResult(context->GetLatestError(), extraInfo); + return GENERAL_ERROR; + } + return SUCCESS; +} + int32_t UserIdmService::DelCredential(int32_t userId, uint64_t credentialId, const std::vector &authToken, const sptr &idmCallback) { @@ -522,30 +577,25 @@ int32_t UserIdmService::DelCredential(int32_t userId, uint64_t credentialId, std::lock_guard lock(mutex_); CancelCurrentEnrollIfExist(); - - std::shared_ptr oldInfo; - auto ret = UserIdmDatabase::Instance().DeleteCredentialInfo(userId, credentialId, authToken, oldInfo); + std::shared_ptr credInfo; + int32_t ret = UserIdmDatabase::Instance().GetCredentialInfoById(credentialId, credInfo); if (ret != SUCCESS) { - IAM_LOGE("failed to delete CredentialInfo"); + IAM_LOGE("GetCredentialInfoById fail"); contextCallback->OnResult(ret, extraInfo); return ret; } - if (oldInfo != nullptr) { - contextCallback->SetTraceAuthType(oldInfo->GetAuthType()); + bool isAdvSecMode = SystemParamManager::GetInstance().GetParam("ohos.boot.advsecmode.state", "0") != "0"; + if (isAdvSecMode || credInfo->GetAbandonFlag() || credInfo->GetAuthType() != PIN) { + return StartDelete(userId, credentialId, authToken, contextCallback, extraInfo); + } else { + Abandon::AbandonParam abandonParam = { + .userId = userId, + .credentialId = credentialId, + .tokenId = IpcCommon::GetAccessTokenId(*this), + .token = authToken, + }; + return StartAbandon(abandonParam, contextCallback, extraInfo); } - - IAM_LOGI("delete credentialInfo success"); - std::vector> list = {oldInfo}; - ret = ResourceNodeUtils::NotifyExecutorToDeleteTemplates(list, "DeleteTemplate"); - if (ret != SUCCESS) { - IAM_LOGE("failed to delete executor info, error code : %{public}d", ret); - } - - contextCallback->OnResult(ret, extraInfo); - if (oldInfo != nullptr) { - PublishCommonEvent(userId, credentialId, oldInfo->GetAuthType()); - } - return SUCCESS; } @@ -737,6 +787,8 @@ int32_t UserIdmService::GetCredentialInfoSync(int32_t userId, int32_t authType, ipcCredInfo.pinType = static_cast(iter.pinType.value_or(PIN_SIX)); ipcCredInfo.credentialId = iter.credentialId; ipcCredInfo.templateId = iter.templateId; + ipcCredInfo.isAbandoned = iter.isAbandoned; + ipcCredInfo.validityPeriod = iter.validityPeriod; ipcCredentialInfoList.push_back(ipcCredInfo); } diff --git a/services/load_mode/BUILD.gn b/services/load_mode/BUILD.gn index 5177271c5859798f9c17f95b48cabf5859877129..4ad32491d71e4eb15763657c735eac2621b7255b 100644 --- a/services/load_mode/BUILD.gn +++ b/services/load_mode/BUILD.gn @@ -62,7 +62,7 @@ ohos_source_set("userauth_service_load_mode") { "access_token:libtokenid_sdk", "c_utils:utils", "device_manager:devicemanagersdk", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "hdf_core:libhdi", "hilog:libhilog", "hitrace:hitrace_meter", diff --git a/test/fuzztest/common_fuzzer/BUILD.gn b/test/fuzztest/common_fuzzer/BUILD.gn index 72cb5d15cef83e18d331d93424b1cb500653b303..474fe6f2c3a2c023ad61f3a8e10ae59c35cee797 100644 --- a/test/fuzztest/common_fuzzer/BUILD.gn +++ b/test/fuzztest/common_fuzzer/BUILD.gn @@ -89,7 +89,7 @@ ohos_source_set("userauth_service_base_fuzzer") { external_deps = [ "access_token:libaccesstoken_sdk", "c_utils:utils", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "hicollie:libhicollie", "hilog:libhilog", "init:libbegetutil", @@ -119,6 +119,7 @@ ohos_source_set("userauth_service_core_fuzzer") { remove_configs = [ "//build/config/compiler:no_exceptions" ] sources = [ + "../../../services/core/src/abandon_impl.cpp", "../../../services/core/src/authentication_impl.cpp", "../../../services/core/src/credential_info_impl.cpp", "../../../services/core/src/driver_state_manager.cpp", @@ -163,7 +164,7 @@ ohos_source_set("userauth_service_core_fuzzer") { "access_token:libtokenid_sdk", "c_utils:utils", "device_manager:devicemanagersdk", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "hdf_core:libhdi", "hicollie:libhicollie", "hilog:libhilog", @@ -204,6 +205,7 @@ ohos_source_set("userauth_service_context_fuzzer") { remove_configs = [ "//build/config/compiler:no_exceptions" ] sources = [ + "../../../services/context/src/abandon_context.cpp", "../../../services/context/src/auth_widget_helper.cpp", "../../../services/context/src/base_context.cpp", "../../../services/context/src/context_appstate_observer.cpp", @@ -250,7 +252,7 @@ ohos_source_set("userauth_service_context_fuzzer") { "access_token:libaccesstoken_sdk", "c_utils:utils", "common_event_service:cesfwk_innerkits", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "hicollie:libhicollie", "hilog:libhilog", "hitrace:hitrace_meter", @@ -362,7 +364,7 @@ ohos_source_set("userauth_services_ipc_fuzzer") { "access_token:libaccesstoken_sdk", "c_utils:utils", "device_manager:devicemanagersdk", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "dsoftbus:softbus_client", "hdf_core:libhdi", "hicollie:libhicollie", diff --git a/test/fuzztest/dummy/mock_iuser_auth_interface.h b/test/fuzztest/dummy/mock_iuser_auth_interface.h index 511829def46dcd803fabe23a83cf10f7511aaa00..594b05e6a892b684cc592214ecd9288f46ce516b 100644 --- a/test/fuzztest/dummy/mock_iuser_auth_interface.h +++ b/test/fuzztest/dummy/mock_iuser_auth_interface.h @@ -211,6 +211,24 @@ public: { return 0; } + + int32_t AbandonCredential(int32_t userId, uint64_t credentialId, const std::vector& authToken, + HdiScheduleInfo &info) + { + return 0; + } + + int32_t UpdateAbandonResult(int32_t userId, const std::vector &scheduleResult, + std::vector &infos) + { + return 0; + } + + int32_t ClearExpiredCredential(const std::vector &userIds, + std::vector &infos) + { + return 0; + } }; class MockIUserAuthInterface::Holder : public Singleton { diff --git a/test/fuzztest/executors/userauthdrivermanager_fuzzer/BUILD.gn b/test/fuzztest/executors/userauthdrivermanager_fuzzer/BUILD.gn index e17074f642917c172239708c929d48aab6e3a280..532a7cea6d57acb92436aacc10f7d7162259fb3f 100644 --- a/test/fuzztest/executors/userauthdrivermanager_fuzzer/BUILD.gn +++ b/test/fuzztest/executors/userauthdrivermanager_fuzzer/BUILD.gn @@ -36,6 +36,7 @@ ohos_fuzztest("UserAuthDriverManagerFuzzTest") { ] sources = [ + "../../../../frameworks/native/executors/src/async_command/abandon_command.cpp", "../../../../frameworks/native/executors/src/async_command/async_command_base.cpp", "../../../../frameworks/native/executors/src/async_command/auth_command.cpp", "../../../../frameworks/native/executors/src/async_command/collect_command.cpp", diff --git a/test/fuzztest/executors/userauthexecutor_fuzzer/BUILD.gn b/test/fuzztest/executors/userauthexecutor_fuzzer/BUILD.gn index a53ce1f50b2ade7fa9a9dfe4e2f1507dce235ea3..57f0c9e27e36bcb4ae79ec85fb4d9305951cd721 100644 --- a/test/fuzztest/executors/userauthexecutor_fuzzer/BUILD.gn +++ b/test/fuzztest/executors/userauthexecutor_fuzzer/BUILD.gn @@ -37,6 +37,7 @@ ohos_fuzztest("UserAuthExecutorFuzzTest") { ] sources = [ + "../../../../frameworks/native/executors/src/async_command/abandon_command.cpp", "../../../../frameworks/native/executors/src/async_command/async_command_base.cpp", "../../../../frameworks/native/executors/src/async_command/auth_command.cpp", "../../../../frameworks/native/executors/src/async_command/collect_command.cpp", diff --git a/test/fuzztest/services/coauthservice_fuzzer/BUILD.gn b/test/fuzztest/services/coauthservice_fuzzer/BUILD.gn index 24f639313d5160d5cf6fd0b2091c7e03f8359a8c..761d0d0a58f102772044b068aa48a326813b99c3 100644 --- a/test/fuzztest/services/coauthservice_fuzzer/BUILD.gn +++ b/test/fuzztest/services/coauthservice_fuzzer/BUILD.gn @@ -54,7 +54,7 @@ ohos_fuzztest("CoAuthServiceFuzzTest") { external_deps = [ "c_utils:utils", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "eventhandler:libeventhandler", "hdf_core:libhdi", "hilog:libhilog", diff --git a/test/fuzztest/services/context/contextcallbackimpl_fuzzer/BUILD.gn b/test/fuzztest/services/context/contextcallbackimpl_fuzzer/BUILD.gn index 31714c459cd2d02b1c2ef3334c7d2ac7ef9b0a82..03b19f50ce73c8f973dd691d0a82d90a11d1141a 100644 --- a/test/fuzztest/services/context/contextcallbackimpl_fuzzer/BUILD.gn +++ b/test/fuzztest/services/context/contextcallbackimpl_fuzzer/BUILD.gn @@ -61,7 +61,7 @@ ohos_fuzztest("ContextCallbackImplFuzzTest") { external_deps = [ "access_token:libaccesstoken_sdk", "c_utils:utils", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "eventhandler:libeventhandler", "hdf_core:libhdi", "hilog:libhilog", diff --git a/test/fuzztest/services/context/contextpoolimpl_fuzzer/BUILD.gn b/test/fuzztest/services/context/contextpoolimpl_fuzzer/BUILD.gn index dd2ca1f6945a31946ad9116a6b05a821f124d8fd..8f5486b43d7c8f76b03a07760fdeeee950bfdd66 100644 --- a/test/fuzztest/services/context/contextpoolimpl_fuzzer/BUILD.gn +++ b/test/fuzztest/services/context/contextpoolimpl_fuzzer/BUILD.gn @@ -68,7 +68,7 @@ ohos_fuzztest("ContextPoolImplFuzzTest") { "ability_runtime:extension_manager", "access_token:libaccesstoken_sdk", "c_utils:utils", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "eventhandler:libeventhandler", "hdf_core:libhdi", "hilog:libhilog", diff --git a/test/fuzztest/services/context/remoteauthcontext_fuzzer/BUILD.gn b/test/fuzztest/services/context/remoteauthcontext_fuzzer/BUILD.gn index 6a80ab47f0d8226f705162be0a035432d8ea07f9..7e4da48c1889dac092120ba17ae9846943444af6 100644 --- a/test/fuzztest/services/context/remoteauthcontext_fuzzer/BUILD.gn +++ b/test/fuzztest/services/context/remoteauthcontext_fuzzer/BUILD.gn @@ -60,7 +60,7 @@ ohos_fuzztest("RemoteAuthContextFuzzTest") { external_deps = [ "c_utils:utils", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "eventhandler:libeventhandler", "hdf_core:libhdi", "hilog:libhilog", diff --git a/test/fuzztest/services/core/remoteexecutorstub_fuzzer/BUILD.gn b/test/fuzztest/services/core/remoteexecutorstub_fuzzer/BUILD.gn index 4c1c72e1953e776394ba9141249842d09aa6ec38..13c846d9e60375bc928a4f7f6fb0604e2806a0ac 100644 --- a/test/fuzztest/services/core/remoteexecutorstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/core/remoteexecutorstub_fuzzer/BUILD.gn @@ -57,7 +57,7 @@ ohos_fuzztest("RemoteExecutorStubFuzzTest") { "access_token:libaccesstoken_sdk", "c_utils:utils", "device_manager:devicemanagersdk", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "hdf_core:libhdi", "hilog:libhilog", "hitrace:hitrace_meter", diff --git a/test/fuzztest/services/softbus_fuzzer/BUILD.gn b/test/fuzztest/services/softbus_fuzzer/BUILD.gn index fa346b2d33dc7afdb7d62840c1d061c4e435dc74..ce5039ee64d8325526dba6c532504a5044794506 100644 --- a/test/fuzztest/services/softbus_fuzzer/BUILD.gn +++ b/test/fuzztest/services/softbus_fuzzer/BUILD.gn @@ -53,7 +53,7 @@ ohos_fuzztest("SoftBusFuzzTest") { "c_utils:utils", "c_utils:utils", "device_manager:devicemanagersdk", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "dsoftbus:softbus_client", "eventhandler:libeventhandler", "hdf_core:libhdi", diff --git a/test/fuzztest/services/templatecachemanager_fuzzer/BUILD.gn b/test/fuzztest/services/templatecachemanager_fuzzer/BUILD.gn index a27c34f1319947e1efcb477489e3a8ef1ff0c284..5b4ef83e683d548cf762f41386e99652b0074e8e 100644 --- a/test/fuzztest/services/templatecachemanager_fuzzer/BUILD.gn +++ b/test/fuzztest/services/templatecachemanager_fuzzer/BUILD.gn @@ -54,7 +54,7 @@ ohos_fuzztest("TemplateCacheManagerFuzzTest") { "ability_runtime:app_manager", "ability_runtime:extension_manager", "c_utils:utils", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "eventhandler:libeventhandler", "hdf_core:libhdi", "hilog:libhilog", diff --git a/test/fuzztest/services/userauthservice_fuzzer/BUILD.gn b/test/fuzztest/services/userauthservice_fuzzer/BUILD.gn index 90cec5e9c6cfebc06d89a9dfd3af5f50f160b054..9f6283a3e9ef3e5d24344db9163e689ddbd15acd 100644 --- a/test/fuzztest/services/userauthservice_fuzzer/BUILD.gn +++ b/test/fuzztest/services/userauthservice_fuzzer/BUILD.gn @@ -55,7 +55,7 @@ ohos_fuzztest("UserAuthServiceFuzzTest") { "ability_runtime:extension_manager", "access_token:libaccesstoken_sdk", "c_utils:utils", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "dsoftbus:softbus_client", "eventhandler:libeventhandler", "hdf_core:libhdi", diff --git a/test/fuzztest/services/useridmservice_fuzzer/BUILD.gn b/test/fuzztest/services/useridmservice_fuzzer/BUILD.gn index a1feadea1acb2b30f5add75946b098ef7efec465..32adbcdadfc7529f9beac5a53d57b558a56aff2d 100644 --- a/test/fuzztest/services/useridmservice_fuzzer/BUILD.gn +++ b/test/fuzztest/services/useridmservice_fuzzer/BUILD.gn @@ -59,7 +59,7 @@ ohos_fuzztest("UserIdmServiceFuzzTest") { "ability_runtime:extension_manager", "access_token:libaccesstoken_sdk", "c_utils:utils", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "hdf_core:libhdi", "hilog:libhilog", "ipc:ipc_single", diff --git a/test/unittest/executors/BUILD.gn b/test/unittest/executors/BUILD.gn index 22fc35bddfa89a35b7a341c66076ba69271c3f77..3b0d4b968b55560a6e290e9ede8ae493db354e58 100644 --- a/test/unittest/executors/BUILD.gn +++ b/test/unittest/executors/BUILD.gn @@ -40,6 +40,7 @@ ohos_unittest("iam_executors_test") { ] sources = [ + "../../../frameworks/native/executors/src/async_command/abandon_command.cpp", "../../../frameworks/native/executors/src/async_command/async_command_base.cpp", "../../../frameworks/native/executors/src/async_command/auth_command.cpp", "../../../frameworks/native/executors/src/async_command/collect_command.cpp", diff --git a/test/unittest/services/BUILD.gn b/test/unittest/services/BUILD.gn index 74f88527dbe98883f0e733301b77404ee3798078..85a095df31e33ca382dddc9b4e829c33723beaf4 100644 --- a/test/unittest/services/BUILD.gn +++ b/test/unittest/services/BUILD.gn @@ -56,6 +56,7 @@ ohos_unittest("iam_services_test") { "../../../services/base/src/thread_handler_impl.cpp", "../../../services/base/src/thread_handler_manager.cpp", "../../../services/base/src/thread_handler_singleton_impl.cpp", + "../../../services/context/src/abandon_context.cpp", "../../../services/context/src/auth_widget_helper.cpp", "../../../services/context/src/base_context.cpp", "../../../services/context/src/context_appstate_observer.cpp", @@ -80,6 +81,7 @@ ohos_unittest("iam_services_test") { "../../../services/context/src/widget_context.cpp", "../../../services/context/src/widget_context_callback_impl.cpp", "../../../services/context/src/widget_json.cpp", + "../../../services/core/src/abandon_impl.cpp", "../../../services/core/src/authentication_impl.cpp", "../../../services/core/src/credential_info_impl.cpp", "../../../services/core/src/driver_state_manager.cpp", @@ -204,7 +206,7 @@ ohos_unittest("iam_services_test") { "c_utils:utils", "common_event_service:cesfwk_innerkits", "device_manager:devicemanagersdk", - "drivers_interface_user_auth:libuser_auth_proxy_3.0", + "drivers_interface_user_auth:libuser_auth_proxy_4.0", "dsoftbus:softbus_client", "googletest:gmock", "hdf_core:libhdi", diff --git a/test/unittest/services/mocks/mock_credential_info.h b/test/unittest/services/mocks/mock_credential_info.h index 6020da30ebe0b9179ee73bff7ca5b3214fbfca74..402bc3e81eb36304c2af38072b8fc62eb003ade5 100644 --- a/test/unittest/services/mocks/mock_credential_info.h +++ b/test/unittest/services/mocks/mock_credential_info.h @@ -33,6 +33,8 @@ public: MOCK_CONST_METHOD0(GetExecutorSensorHint, uint32_t()); MOCK_CONST_METHOD0(GetExecutorMatcher, uint32_t()); MOCK_CONST_METHOD0(GetAuthSubType, PinSubType()); + MOCK_CONST_METHOD0(GetAbandonFlag, bool()); + MOCK_CONST_METHOD0(GetValidPeriod, uint64_t()); }; } // namespace UserAuth } // namespace UserIam diff --git a/test/unittest/services/mocks/mock_iuser_auth_interface.h b/test/unittest/services/mocks/mock_iuser_auth_interface.h index 1ecdb3c238e6fd920504e049b1f969891fbb703b..a7f6c8ff824ab302be8f089c86449a23f1b6e681 100644 --- a/test/unittest/services/mocks/mock_iuser_auth_interface.h +++ b/test/unittest/services/mocks/mock_iuser_auth_interface.h @@ -84,6 +84,12 @@ public: MOCK_METHOD4(VerifyAuthToken, int32_t(const std::vector& tokenIn, uint64_t allowableDuration, HdiUserAuthTokenPlain &tokenPlainOut, std::vector& rootSecret)); MOCK_METHOD2(GetCredentialById, int32_t(uint64_t credentialId, HdiCredentialInfo &info)); + MOCK_METHOD4(AbandonCredential, int32_t(int32_t userId, uint64_t credentialId, + const std::vector& authToken, HdiScheduleInfo& info)); + MOCK_METHOD3(UpdateAbandonResult, int32_t(int32_t userId, const std::vector &scheduleResult, + std::vector &infos)); + MOCK_METHOD2(ClearExpiredCredential, int32_t(const std::vector &userIds, + std::vector &infos)); }; class MockIUserAuthInterface::Holder : public Singleton {