diff --git a/frameworks/cj/user_auth/inc/user_auth_ffi_struct.h b/frameworks/cj/user_auth/inc/user_auth_ffi_struct.h index 412745f4ded2c005d1918845f955a8c60fe4e06e..0b359b3ec79e12cc2efceec8f47a819870b84e67 100644 --- a/frameworks/cj/user_auth/inc/user_auth_ffi_struct.h +++ b/frameworks/cj/user_auth/inc/user_auth_ffi_struct.h @@ -48,6 +48,11 @@ struct CjUserAuthResult { uint16_t credentialCount; }; +struct CjReuseAuthResult { + uint8_t *token; + int64_t tokenLen; +}; + class CjUserAuthCallback final : public AuthenticationCallback { public: CjUserAuthCallback() = default; diff --git a/frameworks/cj/user_auth/src/user_auth_ffi.cpp b/frameworks/cj/user_auth/src/user_auth_ffi.cpp index c72dd2e929683a31bc6f331f801c88812e75b9f2..c19c012c899ec83c0e8848d41d24d441196fe8d1 100644 --- a/frameworks/cj/user_auth/src/user_auth_ffi.cpp +++ b/frameworks/cj/user_auth/src/user_auth_ffi.cpp @@ -83,4 +83,4 @@ uint64_t FfiUserAuthStart(const CjAuthParam &authParam, const CjWidgetParam &wid int32_t FfiUserAuthCancel(const uint64_t contextId) { return UserAuthClientImpl::GetInstance().CancelAuthentication(contextId); -} +} \ No newline at end of file diff --git a/frameworks/js/napi/user_auth/BUILD.gn b/frameworks/js/napi/user_auth/BUILD.gn index 89e5a4dfb99978f0d422aa0263287ff37995357e..7c98e2fd572b59f1552b8f03ca55448072ad2d7b 100644 --- a/frameworks/js/napi/user_auth/BUILD.gn +++ b/frameworks/js/napi/user_auth/BUILD.gn @@ -46,6 +46,7 @@ ohos_shared_library("userauth") { "src/user_auth_instance_v10.cpp", "src/user_auth_modal_callback.cpp", "src/user_auth_napi_helper.cpp", + "src/user_auth_param_utils.cpp", "src/user_auth_widget_callback_v10.cpp", "src/user_auth_widget_mgr_v10.cpp", ] diff --git a/frameworks/js/napi/user_auth/inc/auth_common.h b/frameworks/js/napi/user_auth/inc/auth_common.h index 90da12d4898bce4a8ba2e123dabe67b2ca656f6c..601053613513d5160c4fb0a1737e8e162bdf5fde 100644 --- a/frameworks/js/napi/user_auth/inc/auth_common.h +++ b/frameworks/js/napi/user_auth/inc/auth_common.h @@ -81,6 +81,7 @@ enum class UserAuthResultCode : int32_t { TYPE_NOT_SUPPORT = 12500005, TRUST_LEVEL_NOT_SUPPORT = 12500006, BUSY = 12500007, + PARAM_VERIFIED_FAILED = 12500008, LOCKED = 12500009, NOT_ENROLLED = 12500010, RESULT_CODE_V9_MAX = 12500010, diff --git a/frameworks/js/napi/user_auth/inc/user_auth_instance_v10.h b/frameworks/js/napi/user_auth/inc/user_auth_instance_v10.h index 59c22965b13f5222248bc7e8f1d8c42d2ab3c869..b331fdc4a3bc988742b7f3bf75324a83400989d5 100644 --- a/frameworks/js/napi/user_auth/inc/user_auth_instance_v10.h +++ b/frameworks/js/napi/user_auth/inc/user_auth_instance_v10.h @@ -43,24 +43,14 @@ public: UserAuthResultCode Start(napi_env env, napi_callback_info info); UserAuthResultCode Cancel(napi_env env, napi_callback_info info); static napi_value GetEnrolledState(napi_env env, napi_callback_info info); + static napi_value QueryReusableAuthResult(napi_env env, napi_callback_info info); private: - UserAuthResultCode InitChallenge(napi_env env, napi_value value); - UserAuthResultCode InitAuthType(napi_env env, napi_value value); - UserAuthResultCode InitAuthTrustLevel(napi_env env, napi_value value); - UserAuthResultCode InitReuseUnlockResult(napi_env env, napi_value value); - UserAuthResultCode InitUserId(napi_env env, napi_value value); - UserAuthResultCode ProcessAuthTrustLevelAndUserId(napi_env env, napi_value value); - UserAuthResultCode ProcessReuseUnlockResult(napi_env env, napi_value value); - UserAuthResultCode InitAuthParam(napi_env env, napi_value value); - UserAuthResultCode ProcessWindowMode(napi_env env, napi_value value); - UserAuthResultCode InitWidgetParam(napi_env env, napi_value value); std::shared_ptr GetCallback(napi_env env, napi_value value); static napi_value DoGetEnrolledStateResult(napi_env env, EnrolledState enrolledState, UserAuthApiEventReporter &reporter); - UserAuthResultCode ProcessContext(napi_env env, napi_value value); - bool CheckUIContext(const std::shared_ptr context); - + static UserAuthResultCode ParseReusableAuthResultParam(napi_env env, napi_callback_info info, + WidgetAuthParam &authParam); AuthParamInner authParam_ = {}; UserAuthNapiClientImpl::WidgetParamNapi widgetParam_ = {}; diff --git a/frameworks/js/napi/user_auth/inc/user_auth_napi_helper.h b/frameworks/js/napi/user_auth/inc/user_auth_napi_helper.h index 740b3d37a800f5785c2a8a48f580c77ed3044430..8bd7459a840b877636f608f56b317469a98ba29c 100644 --- a/frameworks/js/napi/user_auth/inc/user_auth_napi_helper.h +++ b/frameworks/js/napi/user_auth/inc/user_auth_napi_helper.h @@ -46,6 +46,7 @@ public: static napi_status GetUint8ArrayValue(napi_env env, napi_value value, size_t limitLen, std::vector &array); static napi_value Uint64ToNapiUint8Array(napi_env env, uint64_t value); + static napi_value Uint8VectorToNapiUint8Array(napi_env env, std::vector &value); static napi_status SetInt32Property(napi_env env, napi_value obj, const char *name, int32_t value); static napi_status SetUint32Property(napi_env env, napi_value obj, const char *name, uint32_t value); static napi_status SetUint8ArrayProperty(napi_env env, @@ -59,6 +60,7 @@ public: static int32_t GetResultCodeV8(int32_t result); static int32_t GetResultCodeV9(int32_t result); static int32_t GetResultCodeV10(int32_t result); + static int32_t GetResultCodeV20(int32_t result); static bool SetStringPropertyUtf8( napi_env env, napi_value object, const std::string &name, const std::string &value); static bool GetInt32Array(napi_env env, napi_value obj, std::vector vec); diff --git a/frameworks/js/napi/user_auth/inc/user_auth_param_utils.h b/frameworks/js/napi/user_auth/inc/user_auth_param_utils.h new file mode 100644 index 0000000000000000000000000000000000000000..4bc6859ec25ed0ff9dea6f7b1bce81fc58bf4c83 --- /dev/null +++ b/frameworks/js/napi/user_auth/inc/user_auth_param_utils.h @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef USER_AUTH_PARAM_UTILS_H +#define USER_AUTH_PARAM_UTILS_H + +#include + +#include "nocopyable.h" + +#include "ability.h" + +#include "auth_common.h" +#include "user_auth_napi_client_impl.h" +#include "user_auth_api_event_reporter.h" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +class UserAuthParamUtils : public NoCopyable { +public: + static UserAuthResultCode InitChallenge(napi_env env, napi_value value, AuthParamInner &authParam); + static UserAuthResultCode InitAuthType(napi_env env, napi_value value, AuthParamInner &authParam); + static UserAuthResultCode InitAuthTrustLevel(napi_env env, napi_value value, AuthParamInner &authParam); + static UserAuthResultCode InitReuseUnlockResult(napi_env env, napi_value value, AuthParamInner &authParam); + static UserAuthResultCode InitUserId(napi_env env, napi_value value, AuthParamInner &authParam); + static UserAuthResultCode ProcessAuthTrustLevelAndUserId(napi_env env, napi_value value, + AuthParamInner &authParam); + static UserAuthResultCode ProcessReuseUnlockResult(napi_env env, napi_value value, AuthParamInner &authParam); + static UserAuthResultCode InitAuthParam(napi_env env, napi_value value, AuthParamInner &authParam); + static UserAuthResultCode ProcessWindowMode(napi_env env, napi_value value, + UserAuthNapiClientImpl::WidgetParamNapi &widgetParam); + static UserAuthResultCode InitWidgetParam(napi_env env, napi_value value, + UserAuthNapiClientImpl::WidgetParamNapi &widgetParam, + std::shared_ptr &abilityContext); + static UserAuthResultCode ProcessContext(napi_env env, napi_value value, + UserAuthNapiClientImpl::WidgetParamNapi &widgetParam, + std::shared_ptr &abilityContext); + static bool CheckUIContext(const std::shared_ptr context); +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS +#endif // USER_AUTH_PARAM_UTILS_H diff --git a/frameworks/js/napi/user_auth/src/user_auth_entry.cpp b/frameworks/js/napi/user_auth/src/user_auth_entry.cpp index 70bb8e5031a363e6da905f6389de09568f85f920..4e7466a0dc927255fe66f5f8f1dae7f479cc3624 100644 --- a/frameworks/js/napi/user_auth/src/user_auth_entry.cpp +++ b/frameworks/js/napi/user_auth/src/user_auth_entry.cpp @@ -649,6 +649,12 @@ napi_value CancelAuth(napi_env env, napi_callback_info info) return UserAuthImpl::CancelAuth(env, info); } +napi_value QueryReusableAuthResult(napi_env env, napi_callback_info info) +{ + IAM_LOGI("start"); + return UserAuthInstanceV10::QueryReusableAuthResult(env, info); +} + napi_value AuthTrustLevelConstructor(napi_env env) { napi_value authTrustLevel = nullptr; @@ -1008,6 +1014,7 @@ napi_value UserAuthInit(napi_env env, napi_value exports) DECLARE_NAPI_FUNCTION("getUserAuthWidgetMgr", UserAuth::GetUserAuthWidgetMgrV10), DECLARE_NAPI_FUNCTION("getEnrolledState", UserAuth::GetEnrolledState), DECLARE_NAPI_FUNCTION("sendNotice", UserAuth::SendNotice), + DECLARE_NAPI_FUNCTION("queryReusableAuthResult", UserAuth::QueryReusableAuthResult), }; status = napi_define_properties(env, exports, sizeof(exportFuncs) / sizeof(napi_property_descriptor), exportFuncs); diff --git a/frameworks/js/napi/user_auth/src/user_auth_instance_v10.cpp b/frameworks/js/napi/user_auth/src/user_auth_instance_v10.cpp index 91cafb17728f3bff62ccfea9888985813e7fb2b5..d8d313ac45a099ba9b85bd87355e26029db6af6b 100644 --- a/frameworks/js/napi/user_auth/src/user_auth_instance_v10.cpp +++ b/frameworks/js/napi/user_auth/src/user_auth_instance_v10.cpp @@ -20,9 +20,6 @@ #include #include "napi_base_context.h" -#include "ui_content.h" -#include "ui_extension_context.h" -#include "ui_holder_extension_context.h" #include "iam_logger.h" #include "iam_ptr.h" @@ -31,6 +28,7 @@ #include "user_auth_client_impl.h" #include "user_auth_common_defines.h" #include "user_auth_napi_helper.h" +#include "user_auth_param_utils.h" #define LOG_TAG "USER_AUTH_NAPI" @@ -38,23 +36,6 @@ namespace OHOS { namespace UserIam { namespace UserAuth { const std::string AUTH_EVENT_RESULT = "result"; -const std::string AUTH_PARAM_CHALLENGE = "challenge"; -const std::string AUTH_PARAM_AUTHTYPE = "authType"; -const std::string AUTH_PARAM_AUTHTRUSTLEVEL = "authTrustLevel"; -const std::string AUTH_PARAM_REUSEUNLOCKRESULT = "reuseUnlockResult"; -const std::string AUTH_PARAM_USER_ID = "userId"; -const std::string WIDGET_PARAM_TITLE = "title"; -const std::string WIDGET_PARAM_NAVIBTNTEXT = "navigationButtonText"; -const std::string WIDGET_PARAM_WINDOWMODE = "windowMode"; -const std::string WIDGET_PARAM_CONTEXT = "uiContext"; -const std::string NOTICETYPE = "noticeType"; -const std::string REUSEMODE = "reuseMode"; -const std::string REUSEDURATION = "reuseDuration"; - -namespace WidgetType { - constexpr int32_t TITLE_MAX = 500; - constexpr int32_t BUTTON_MAX = 60; -} napi_value UserAuthInstanceV10::GetEnrolledState(napi_env env, napi_callback_info info) { napi_value argv[ARGS_ONE] = {nullptr}; @@ -141,372 +122,6 @@ UserAuthInstanceV10::UserAuthInstanceV10(napi_env env) : callback_(Common::MakeS widgetParam_.windowMode = WindowModeType::UNKNOWN_WINDOW_MODE; } -UserAuthResultCode UserAuthInstanceV10::InitChallenge(napi_env env, napi_value value) -{ - authParam_.challenge.clear(); - napi_status ret = UserAuthNapiHelper::CheckNapiType(env, value, napi_null); - if (ret == napi_ok) { - IAM_LOGI("challenge is null"); - std::string msgStr = "Parameter error. The type of \"challenge\" must be Uint8Array."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - ret = UserAuthNapiHelper::GetUint8ArrayValue(env, value, MAX_CHALLENG_LEN, authParam_.challenge); - if (ret != napi_ok) { - IAM_LOGE("GetUint8ArrayValue fail:%{public}d", ret); - std::string msgStr = "Parameter error. The length of \"challenge\" connot exceed 32."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - IAM_LOGI("challenge size:%{public}zu", authParam_.challenge.size()); - return UserAuthResultCode::SUCCESS; -} - -UserAuthResultCode UserAuthInstanceV10::InitAuthType(napi_env env, napi_value value) -{ - bool isArray = false; - napi_is_array(env, value, &isArray); - if (!isArray) { - IAM_LOGI("authType is not array"); - std::string msgStr = "Parameter error. The type of \"authType\" must be array."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - uint32_t length = 0; - napi_get_array_length(env, value, &length); - for (uint32_t i = 0; i < length; ++i) { - napi_value jsValue = nullptr; - napi_handle_scope scope = nullptr; - napi_open_handle_scope(env, &scope); - napi_get_element(env, value, i, &jsValue); - if (jsValue == nullptr) { - napi_close_handle_scope(env, scope); - continue; - } - int32_t value = 0; - napi_status ret = UserAuthNapiHelper::GetInt32Value(env, jsValue, value); - napi_close_handle_scope(env, scope); - if (ret != napi_ok) { - IAM_LOGE("napi authType GetUint32Value fail:%{public}d", ret); - std::string msgStr = "Parameter error. The type of \"authType\" must be number."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - IAM_LOGI("napi get authType:%{public}d", value); - if (!UserAuthNapiHelper::CheckUserAuthType(value)) { - IAM_LOGE("authType is illegal, %{public}d", value); - return UserAuthResultCode::TYPE_NOT_SUPPORT; - } - auto iter = std::find(authParam_.authTypes.begin(), authParam_.authTypes.end(), static_cast(value)); - if (iter != authParam_.authTypes.end()) { - IAM_LOGE("napi authType:%{public}d exist", value); - std::string msgStr = "Parameter error. The type of \"authType\" must be AuthType."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - authParam_.authTypes.push_back(static_cast(value)); - } - - IAM_LOGI("authType size:%{public}zu", authParam_.authTypes.size()); - return UserAuthResultCode::SUCCESS; -} - -UserAuthResultCode UserAuthInstanceV10::InitAuthTrustLevel(napi_env env, napi_value value) -{ - napi_status ret = UserAuthNapiHelper::CheckNapiType(env, value, napi_null); - if (ret == napi_ok) { - IAM_LOGI("authTrustLevel is null"); - std::string msgStr = "Parameter error. The type of \"authTrustLevel\" must be number."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - uint32_t authTrustLevel; - ret = UserAuthNapiHelper::GetUint32Value(env, value, authTrustLevel); - if (ret != napi_ok) { - IAM_LOGE("GetUint32Value fail:%{public}d", ret); - std::string msgStr = "Parameter error. The type of \"authTrustLevel\" must be number."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - if (!UserAuthNapiHelper::CheckAuthTrustLevel(authTrustLevel)) { - IAM_LOGE("AuthTrustLevel fail:%{public}u", authTrustLevel); - return UserAuthResultCode::TRUST_LEVEL_NOT_SUPPORT; - } - authParam_.authTrustLevel = AuthTrustLevel(authTrustLevel); - IAM_LOGI("authTrustLevel:%{public}u", authParam_.authTrustLevel); - return UserAuthResultCode::SUCCESS; -} - -UserAuthResultCode UserAuthInstanceV10::InitReuseUnlockResult(napi_env env, napi_value value) -{ - uint32_t reuseMode; - uint32_t reuseDuration; - if (!UserAuthNapiHelper::HasNamedProperty(env, value, REUSEMODE)) { - IAM_LOGE("propertyName: %{public}s not exists.", REUSEMODE.c_str()); - std::string msgStr = "Parameter error. \"reuseMode\" is a mandatory parameter and is left unspecified."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - napi_value napi_reuseMode = UserAuthNapiHelper::GetNamedProperty(env, value, REUSEMODE); - napi_status ret = UserAuthNapiHelper::GetUint32Value(env, napi_reuseMode, reuseMode); - if (ret != napi_ok) { - IAM_LOGE("GetUint32Value fail:%{public}d", ret); - std::string msgStr = "Parameter error. The type of \"reuseMode\" must be number."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - authParam_.reuseUnlockResult.reuseMode = ReuseMode(reuseMode); - if (!UserAuthNapiHelper::HasNamedProperty(env, value, REUSEDURATION)) { - IAM_LOGE("propertyName: %{public}s not exists.", REUSEDURATION.c_str()); - std::string msgStr = "Parameter error. \"reuseDuration\" is a mandatory parameter and is left unspecified."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - napi_value napi_reuseDuration = UserAuthNapiHelper::GetNamedProperty(env, value, REUSEDURATION); - ret = UserAuthNapiHelper::GetUint32Value(env, napi_reuseDuration, reuseDuration); - if (ret != napi_ok) { - IAM_LOGE("GetUint32Value fail:%{public}d", ret); - std::string msgStr = "Parameter error. The type of \"reuseDuration\" must be number."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - authParam_.reuseUnlockResult.reuseDuration = reuseDuration; - if (!UserAuthNapiHelper::CheckReuseUnlockResult(authParam_.reuseUnlockResult)) { - IAM_LOGE("ReuseUnlockResult fail"); - std::string msgStr = "Parameter error. The type of \"reuseUnlockResult\" must be ReuseUnlockResult."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - authParam_.reuseUnlockResult.isReuse = true; - IAM_LOGI("reuseMode: %{public}u, reuseDuration: %{public}" PRIu64, authParam_.reuseUnlockResult.reuseMode, - authParam_.reuseUnlockResult.reuseDuration); - return UserAuthResultCode::SUCCESS; -} - -UserAuthResultCode UserAuthInstanceV10::InitUserId(napi_env env, napi_value value) -{ - napi_status ret = UserAuthNapiHelper::GetInt32Value(env, value, authParam_.userId); - if (ret != napi_ok) { - IAM_LOGE("GetUint32Value fail:%{public}d", ret); - std::string msgStr = "Parameter error. The type of \"userId\" must be number."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - if (authParam_.userId < 0) { - IAM_LOGE("GetInt32Value fail:%{public}d", ret); - std::string msgStr = "Parameter error. The \"userId\" must be greater than or equal to 0"; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - IAM_LOGI("InitUserId userId: %{public}d", authParam_.userId); - return UserAuthResultCode::SUCCESS; -} - -UserAuthResultCode UserAuthInstanceV10::ProcessAuthTrustLevelAndUserId(napi_env env, napi_value value) -{ - if (!UserAuthNapiHelper::HasNamedProperty(env, value, AUTH_PARAM_AUTHTRUSTLEVEL)) { - IAM_LOGE("propertyName: %{public}s not exists.", AUTH_PARAM_AUTHTRUSTLEVEL.c_str()); - std::string msgStr = "Parameter error. \"authTrustLevel\" is a mandatory parameter and is left unspecified."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - napi_value napi_authTrustLevel = UserAuthNapiHelper::GetNamedProperty(env, value, AUTH_PARAM_AUTHTRUSTLEVEL); - UserAuthResultCode errorCode = InitAuthTrustLevel(env, napi_authTrustLevel); - if (errorCode != UserAuthResultCode::SUCCESS) { - IAM_LOGE("InitAuthTrustLevel fail:%{public}d", errorCode); - return errorCode; - } - - if (UserAuthNapiHelper::HasNamedProperty(env, value, AUTH_PARAM_USER_ID)) { - napi_value napi_userId = UserAuthNapiHelper::GetNamedProperty(env, value, AUTH_PARAM_USER_ID); - errorCode = InitUserId(env, napi_userId); - if (errorCode != UserAuthResultCode::SUCCESS) { - IAM_LOGE("InitUserId fail:%{public}d", errorCode); - return errorCode; - } - } - return UserAuthResultCode::SUCCESS; -} - -UserAuthResultCode UserAuthInstanceV10::InitAuthParam(napi_env env, napi_value value) -{ - napi_status ret = UserAuthNapiHelper::CheckNapiType(env, value, napi_null); - if (ret == napi_ok) { - IAM_LOGI("authParam is null"); - std::string msgStr = "Parameter error. \"authParam\" is a mandatory parameter and is left unspecified."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - - if (!UserAuthNapiHelper::HasNamedProperty(env, value, AUTH_PARAM_CHALLENGE)) { - IAM_LOGE("propertyName: %{public}s not exists.", AUTH_PARAM_CHALLENGE.c_str()); - std::string msgStr = "Parameter error. \"challenge\" is a mandatory parameter and is left unspecified."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - napi_value napi_challenge = UserAuthNapiHelper::GetNamedProperty(env, value, AUTH_PARAM_CHALLENGE); - UserAuthResultCode errorCode = InitChallenge(env, napi_challenge); - if (errorCode != UserAuthResultCode::SUCCESS) { - IAM_LOGE("InitChallenge fail:%{public}d", errorCode); - return UserAuthResultCode::OHOS_INVALID_PARAM; - } - - if (!UserAuthNapiHelper::HasNamedProperty(env, value, AUTH_PARAM_AUTHTYPE)) { - IAM_LOGE("propertyName: %{public}s not exists.", AUTH_PARAM_AUTHTYPE.c_str()); - std::string msgStr = "Parameter error. \"authType\" is a mandatory parameter and is left unspecified."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - napi_value napi_authType = UserAuthNapiHelper::GetNamedProperty(env, value, AUTH_PARAM_AUTHTYPE); - errorCode = InitAuthType(env, napi_authType); - if (errorCode != UserAuthResultCode::SUCCESS) { - IAM_LOGE("InitAuthType fail:%{public}d", errorCode); - return errorCode; - } - - errorCode = ProcessReuseUnlockResult(env, value); - if (errorCode != UserAuthResultCode::SUCCESS) { - return errorCode; - } - errorCode = ProcessAuthTrustLevelAndUserId(env, value); - if (errorCode != UserAuthResultCode::SUCCESS) { - IAM_LOGE("ProcessAuthTrustLevelAndUserId fail:%{public}d", errorCode); - return errorCode; - } - return UserAuthResultCode::SUCCESS; -} - -UserAuthResultCode UserAuthInstanceV10::ProcessReuseUnlockResult(napi_env env, napi_value value) -{ - if (UserAuthNapiHelper::HasNamedProperty(env, value, AUTH_PARAM_REUSEUNLOCKRESULT)) { - napi_value napi_reuseUnlockResult = UserAuthNapiHelper::GetNamedProperty(env, value, - AUTH_PARAM_REUSEUNLOCKRESULT); - UserAuthResultCode errorCode = InitReuseUnlockResult(env, napi_reuseUnlockResult); - if (errorCode != UserAuthResultCode::SUCCESS) { - IAM_LOGE("InitReuseUnlockResult fail:%{public}d", errorCode); - return errorCode; - } - } else { - authParam_.reuseUnlockResult.isReuse = false; - } - return UserAuthResultCode::SUCCESS; -} - -UserAuthResultCode UserAuthInstanceV10::InitWidgetParam(napi_env env, napi_value value) -{ - napi_status ret = UserAuthNapiHelper::CheckNapiType(env, value, napi_null); - if (ret == napi_ok) { - IAM_LOGE("widgetParam is null"); - std::string msgStr = "Parameter error. \"widgetParam\" is a mandatory parameter and is left unspecified."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - - if (!UserAuthNapiHelper::HasNamedProperty(env, value, WIDGET_PARAM_TITLE)) { - IAM_LOGE("propertyName: %{public}s not exists.", WIDGET_PARAM_TITLE.c_str()); - std::string msgStr = "Parameter error. \"title\" is a mandatory parameter and is left unspecified."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - std::string title = UserAuthNapiHelper::GetStringPropertyUtf8(env, value, WIDGET_PARAM_TITLE); - if (title == "" || title.size() > WidgetType::TITLE_MAX) { - IAM_LOGE("title is invalid. size: %{public}zu", title.size()); - std::string msgStr = "Parameter error. The length of \"title\" connot exceed 500."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - widgetParam_.title = title; - - if (UserAuthNapiHelper::HasNamedProperty(env, value, WIDGET_PARAM_NAVIBTNTEXT)) { - std::string naviBtnTxt = UserAuthNapiHelper::GetStringPropertyUtf8(env, value, WIDGET_PARAM_NAVIBTNTEXT); - if (naviBtnTxt == "" || naviBtnTxt.size() > WidgetType::BUTTON_MAX) { - IAM_LOGE("navigation button text is invalid, size: %{public}zu", naviBtnTxt.size()); - std::string msgStr = "Parameter error. The length of \"navigationButtonText\" connot exceed 60."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - widgetParam_.navigationButtonText = naviBtnTxt; - } - - UserAuthResultCode errorCode = ProcessWindowMode(env, value); - if (errorCode != UserAuthResultCode::SUCCESS) { - return errorCode; - } - errorCode = ProcessContext(env, value); - if (errorCode != UserAuthResultCode::SUCCESS) { - return errorCode; - } - return UserAuthResultCode::SUCCESS; -} - -UserAuthResultCode UserAuthInstanceV10::ProcessContext(napi_env env, napi_value value) -{ - IAM_LOGI("process uiContext"); - if (UserAuthNapiHelper::HasNamedProperty(env, value, WIDGET_PARAM_CONTEXT)) { - IAM_LOGI("widgetParam has uiContext"); - napi_value napi_uiContext = UserAuthNapiHelper::GetNamedProperty(env, value, WIDGET_PARAM_CONTEXT); - napi_status ret = UserAuthNapiHelper::CheckNapiType(env, napi_uiContext, napi_object); - if (ret != napi_ok) { - IAM_LOGE("get uiContext fail: %{public}d", ret); - std::string msgStr = "Parameter error. The type of \"uiContext\" must be context."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - bool stageMode = false; - ret = OHOS::AbilityRuntime::IsStageContext(env, napi_uiContext, stageMode); - if (ret != napi_ok) { - IAM_LOGE("uiContext must be stage mode: %{public}d", ret); - std::string msgStr = "Parameter error. The type of \"uiContext\" must be stage mode."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - auto context = OHOS::AbilityRuntime::GetStageModeContext(env, napi_uiContext); - if (CheckUIContext(context)) { - context_ = context; - widgetParam_.hasContext = true; - IAM_LOGI("widgetParam has valid uiContext"); - } else { - // Default as modal system - IAM_LOGI("widgetParam has invalid uiContext, not base on valid AbilityContext or UIExtensionContext."); - } - } - return UserAuthResultCode::SUCCESS; -} - -UserAuthResultCode UserAuthInstanceV10::ProcessWindowMode(napi_env env, napi_value value) -{ - if (UserAuthNapiHelper::HasNamedProperty(env, value, WIDGET_PARAM_WINDOWMODE)) { - napi_value napi_windowModeType = UserAuthNapiHelper::GetNamedProperty(env, value, WIDGET_PARAM_WINDOWMODE); - uint32_t windowMode; - napi_status ret = UserAuthNapiHelper::GetUint32Value(env, napi_windowModeType, windowMode); - if (ret != napi_ok) { - IAM_LOGE("napi authType GetUint32Value fail:%{public}d", ret); - std::string msgStr = "Parameter error. The type of \"windowMode\" must be number."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - switch (windowMode) { - case WindowModeType::DIALOG_BOX: - case WindowModeType::FULLSCREEN: - case WindowModeType::NONE_INTERRUPTION_DIALOG_BOX: - widgetParam_.windowMode = static_cast(windowMode); - break; - default: - IAM_LOGE("windowMode type not support."); - std::string msgStr = "Parameter error. The type of \"windowMode\" must be WindowModeType."; - return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); - } - } - - IAM_LOGI("widgetParam title:%{public}s, navBtnText:%{public}s, winMode:%{public}u", - widgetParam_.title.c_str(), widgetParam_.navigationButtonText.c_str(), - static_cast(widgetParam_.windowMode)); - return UserAuthResultCode::SUCCESS; -} - -bool UserAuthInstanceV10::CheckUIContext(const std::shared_ptr context) -{ - if (context == nullptr) { - IAM_LOGE("get context failed"); - return false; - } - - auto abilityContext = AbilityRuntime::Context::ConvertTo(context); - if (abilityContext == nullptr) { - IAM_LOGE("abilityContext is null"); - auto holderContext = AbilityRuntime::Context::ConvertTo(context); - if (holderContext == nullptr) { - IAM_LOGE("uiExtensionContext is null"); - return false; - } - if (holderContext->GetUIContent() == nullptr) { - IAM_LOGE("uiContent is null"); - return false; - } - } else { - if (abilityContext->GetUIContent() == nullptr) { - IAM_LOGE("uiContent is null"); - return false; - } - } - return true; -} - UserAuthResultCode UserAuthInstanceV10::Init(napi_env env, napi_callback_info info) { if (callback_ == nullptr) { @@ -526,13 +141,13 @@ UserAuthResultCode UserAuthInstanceV10::Init(napi_env env, napi_callback_info in return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); } - UserAuthResultCode errCode = InitAuthParam(env, argv[PARAM0]); + UserAuthResultCode errCode = UserAuthParamUtils::InitAuthParam(env, argv[PARAM0], authParam_); if (errCode != UserAuthResultCode::SUCCESS) { IAM_LOGE("AuthParamInner type error, errorCode: %{public}d", errCode); return errCode; } - errCode = InitWidgetParam(env, argv[PARAM1]); + errCode = UserAuthParamUtils::InitWidgetParam(env, argv[PARAM1], widgetParam_, context_); if (errCode != UserAuthResultCode::SUCCESS) { IAM_LOGE("WidgetParam type error, errorCode: %{public}d", errCode); return errCode; @@ -719,6 +334,62 @@ UserAuthResultCode UserAuthInstanceV10::Cancel(napi_env env, napi_callback_info isAuthStarted_ = false; return UserAuthResultCode::SUCCESS; } + +UserAuthResultCode UserAuthInstanceV10::ParseReusableAuthResultParam(napi_env env, napi_callback_info info, + WidgetAuthParam &authParam) +{ + napi_value argv[ARGS_ONE]; + size_t argc = ARGS_ONE; + napi_status ret = napi_get_cb_info(env, info, &argc, argv, nullptr, nullptr); + if (ret != napi_ok) { + IAM_LOGE("napi_get_cb_info fail:%{public}d", ret); + return UserAuthResultCode::GENERAL_ERROR; + } + if (argc != ARGS_ONE) { + IAM_LOGE("parms error"); + std::string msgStr = "Parameter vefification failed. The number of parameters should be 1."; + napi_throw(env, UserAuthNapiHelper::GenerateErrorMsg(env, UserAuthResultCode::PARAM_VERIFIED_FAILED, msgStr)); + return UserAuthResultCode::PARAM_VERIFIED_FAILED; + } + AuthParamInner authParaminner = {}; + UserAuthResultCode errCode = UserAuthParamUtils::InitAuthParam(env, argv[PARAM0], authParaminner); + if (errCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("AuthParamInner type error, errorCode: %{public}d", errCode); + return errCode; + } + authParam.userId = authParaminner.userId; + authParam.challenge = authParaminner.challenge; + authParam.authTypes = authParaminner.authTypes; + authParam.authTrustLevel = authParaminner.authTrustLevel; + authParam.reuseUnlockResult.isReuse = authParaminner.reuseUnlockResult.isReuse; + authParam.reuseUnlockResult.reuseMode = authParaminner.reuseUnlockResult.reuseMode; + authParam.reuseUnlockResult.reuseDuration = authParaminner.reuseUnlockResult.reuseDuration; + return UserAuthResultCode::SUCCESS; +} + +napi_value UserAuthInstanceV10::QueryReusableAuthResult(napi_env env, napi_callback_info info) +{ + UserAuthApiEventReporter reporter("QueryReusableAuthResult"); + WidgetAuthParam authParam = {0}; + UserAuthResultCode errCode = ParseReusableAuthResultParam(env, info, authParam); + if (errCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("AuthParamInner type error, errorCode: %{public}d", errCode); + reporter.ReportFailed(errCode); + return nullptr; + } + + std::vector token; + int32_t code = UserAuthClientImpl::Instance().QueryReusableAuthResult(authParam, token); + if (code != SUCCESS) { + IAM_LOGE("failed to query reuse result %{public}d", code); + int32_t resultCode = UserAuthNapiHelper::GetResultCodeV20(code); + napi_throw(env, UserAuthNapiHelper::GenerateBusinessErrorV9(env, UserAuthResultCode(resultCode))); + reporter.ReportFailed(UserAuthResultCode::GENERAL_ERROR); + return nullptr; + } + napi_value eventInfo = UserAuthNapiHelper::Uint8VectorToNapiUint8Array(env, token); + return eventInfo; +} } // namespace UserAuth } // namespace UserIam } // namespace OHOS diff --git a/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp b/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp index e20742303e99df69ba7fe6dc0228c61dfa115bba..d2aa9492e3aa9b39f92d80ecc1ddc66a784743cb 100644 --- a/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp +++ b/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp @@ -46,6 +46,7 @@ const std::map g_resultV92Str = { {UserAuthResultCode::TYPE_NOT_SUPPORT, "Unsupport authentication type."}, {UserAuthResultCode::TRUST_LEVEL_NOT_SUPPORT, "Unsupport authentication trust level."}, {UserAuthResultCode::BUSY, "Authentication service is busy."}, + {UserAuthResultCode::PARAM_VERIFIED_FAILED, "Parameter verification failed."}, {UserAuthResultCode::LOCKED, "Authentication is lockout."}, {UserAuthResultCode::NOT_ENROLLED, "Authentication template has not been enrolled."}, {UserAuthResultCode::CANCELED_FROM_WIDGET, "Authentication is canceled from widget."}, @@ -185,6 +186,39 @@ int32_t UserAuthNapiHelper::GetResultCodeV10(int32_t result) return static_cast(UserAuthResultCode::GENERAL_ERROR); } +int32_t UserAuthNapiHelper::GetResultCodeV20(int32_t result) +{ + if (result == CHECK_PERMISSION_FAILED) { + return static_cast(UserAuthResultCode::OHOS_CHECK_PERMISSION_FAILED); + } + if (result == INVALID_PARAMETERS) { + return static_cast(UserAuthResultCode::PARAM_VERIFIED_FAILED); + } + if (result == CHECK_SYSTEM_APP_FAILED) { + return static_cast(UserAuthResultCode::OHOS_CHECK_SYSTEM_APP_FAILED); + } + if (result == HARDWARE_NOT_SUPPORTED) { + return static_cast(UserAuthResultCode::GENERAL_ERROR); + } + if (result == AUTH_TOKEN_CHECK_FAILED) { + return static_cast(UserAuthResultCode::AUTH_TOKEN_CHECK_FAILED); + } + if (result == AUTH_TOKEN_EXPIRED) { + return static_cast(UserAuthResultCode::AUTH_TOKEN_EXPIRED); + } + if (result > (INT32_MAX - static_cast(UserAuthResultCode::RESULT_CODE_V16_MIN))) { + return static_cast(UserAuthResultCode::GENERAL_ERROR); + } + int32_t resultCodeV16 = result + static_cast(UserAuthResultCode::RESULT_CODE_V16_MIN); + if (resultCodeV16 >= static_cast(UserAuthResultCode::RESULT_CODE_V16_MIN) && + resultCodeV16 <= static_cast(UserAuthResultCode::RESULT_CODE_V16_MAX)) { + IAM_LOGI("version GetResultCodeV16 resultCodeV16 result: %{public}d", resultCodeV16); + return resultCodeV16; + } + IAM_LOGE("version GetResultCodeV16 resultCodeV16 error"); + return static_cast(UserAuthResultCode::GENERAL_ERROR); +} + napi_value UserAuthNapiHelper::GenerateBusinessErrorV9(napi_env env, UserAuthResultCode result) { napi_value code; @@ -374,6 +408,21 @@ napi_value UserAuthNapiHelper::Uint64ToNapiUint8Array(napi_env env, uint64_t val return result; } +napi_value UserAuthNapiHelper::Uint8VectorToNapiUint8Array(napi_env env, std::vector &value) +{ + void *data = nullptr; + napi_value arraybuffer = nullptr; + size_t length = value.size(); + NAPI_CALL(env, napi_create_arraybuffer(env, length, &data, &arraybuffer)); + if (memcpy_s(data, length, reinterpret_cast(value.data()), length) != EOK) { + IAM_LOGE("memcpy_s fail"); + return nullptr; + } + napi_value result = nullptr; + NAPI_CALL(env, napi_create_typedarray(env, napi_uint8_array, length, arraybuffer, 0, &result)); + return result; +} + napi_status UserAuthNapiHelper::CallVoidNapiFunc(napi_env env, napi_ref funcRef, size_t argc, const napi_value *argv) { napi_value funcVal; diff --git a/frameworks/js/napi/user_auth/src/user_auth_param_utils.cpp b/frameworks/js/napi/user_auth/src/user_auth_param_utils.cpp new file mode 100644 index 0000000000000000000000000000000000000000..9c85651920dd2a468776fa5e5e92cc7710063718 --- /dev/null +++ b/frameworks/js/napi/user_auth/src/user_auth_param_utils.cpp @@ -0,0 +1,428 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "user_auth_param_utils.h" + +#include +#include +#include + +#include "napi_base_context.h" +#include "ui_content.h" +#include "ui_extension_context.h" +#include "ui_holder_extension_context.h" + +#include "iam_logger.h" +#include "iam_ptr.h" + +#include "user_auth_common_defines.h" +#include "user_auth_napi_helper.h" + +#define LOG_TAG "USER_AUTH_NAPI" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +const std::string AUTH_PARAM_CHALLENGE = "challenge"; +const std::string AUTH_PARAM_AUTHTYPE = "authType"; +const std::string AUTH_PARAM_AUTHTRUSTLEVEL = "authTrustLevel"; +const std::string AUTH_PARAM_REUSEUNLOCKRESULT = "reuseUnlockResult"; +const std::string AUTH_PARAM_USER_ID = "userId"; +const std::string WIDGET_PARAM_TITLE = "title"; +const std::string WIDGET_PARAM_NAVIBTNTEXT = "navigationButtonText"; +const std::string WIDGET_PARAM_WINDOWMODE = "windowMode"; +const std::string WIDGET_PARAM_CONTEXT = "uiContext"; +const std::string NOTICETYPE = "noticeType"; +const std::string REUSEMODE = "reuseMode"; +const std::string REUSEDURATION = "reuseDuration"; + +namespace WidgetType { + constexpr int32_t TITLE_MAX = 500; + constexpr int32_t BUTTON_MAX = 60; +} + +UserAuthResultCode UserAuthParamUtils::InitChallenge(napi_env env, napi_value value, AuthParamInner &authParam) +{ + authParam.challenge.clear(); + napi_status ret = UserAuthNapiHelper::CheckNapiType(env, value, napi_null); + if (ret == napi_ok) { + IAM_LOGI("challenge is null"); + std::string msgStr = "Parameter error. The type of \"challenge\" must be Uint8Array."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + ret = UserAuthNapiHelper::GetUint8ArrayValue(env, value, MAX_CHALLENG_LEN, authParam.challenge); + if (ret != napi_ok) { + IAM_LOGE("GetUint8ArrayValue fail:%{public}d", ret); + std::string msgStr = "Parameter error. The length of \"challenge\" connot exceed 32."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + IAM_LOGI("challenge size:%{public}zu", authParam.challenge.size()); + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthParamUtils::InitAuthType(napi_env env, napi_value value, AuthParamInner &authParam) +{ + bool isArray = false; + napi_is_array(env, value, &isArray); + if (!isArray) { + IAM_LOGI("authType is not array"); + std::string msgStr = "Parameter error. The type of \"authType\" must be array."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + uint32_t length = 0; + napi_get_array_length(env, value, &length); + for (uint32_t i = 0; i < length; ++i) { + napi_value jsValue = nullptr; + napi_handle_scope scope = nullptr; + napi_open_handle_scope(env, &scope); + napi_get_element(env, value, i, &jsValue); + if (jsValue == nullptr) { + napi_close_handle_scope(env, scope); + continue; + } + int32_t value = 0; + napi_status ret = UserAuthNapiHelper::GetInt32Value(env, jsValue, value); + napi_close_handle_scope(env, scope); + if (ret != napi_ok) { + IAM_LOGE("napi authType GetUint32Value fail:%{public}d", ret); + std::string msgStr = "Parameter error. The type of \"authType\" must be number."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + IAM_LOGI("napi get authType:%{public}d", value); + if (!UserAuthNapiHelper::CheckUserAuthType(value)) { + IAM_LOGE("authType is illegal, %{public}d", value); + return UserAuthResultCode::TYPE_NOT_SUPPORT; + } + auto iter = std::find(authParam.authTypes.begin(), authParam.authTypes.end(), static_cast(value)); + if (iter != authParam.authTypes.end()) { + IAM_LOGE("napi authType:%{public}d exist", value); + std::string msgStr = "Parameter error. The type of \"authType\" must be AuthType."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + authParam.authTypes.push_back(static_cast(value)); + } + + IAM_LOGI("authType size:%{public}zu", authParam.authTypes.size()); + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthParamUtils::InitAuthTrustLevel(napi_env env, napi_value value, AuthParamInner &authParam) +{ + napi_status ret = UserAuthNapiHelper::CheckNapiType(env, value, napi_null); + if (ret == napi_ok) { + IAM_LOGI("authTrustLevel is null"); + std::string msgStr = "Parameter error. The type of \"authTrustLevel\" must be number."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + uint32_t authTrustLevel; + ret = UserAuthNapiHelper::GetUint32Value(env, value, authTrustLevel); + if (ret != napi_ok) { + IAM_LOGE("GetUint32Value fail:%{public}d", ret); + std::string msgStr = "Parameter error. The type of \"authTrustLevel\" must be number."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + if (!UserAuthNapiHelper::CheckAuthTrustLevel(authTrustLevel)) { + IAM_LOGE("AuthTrustLevel fail:%{public}u", authTrustLevel); + return UserAuthResultCode::TRUST_LEVEL_NOT_SUPPORT; + } + authParam.authTrustLevel = AuthTrustLevel(authTrustLevel); + IAM_LOGI("authTrustLevel:%{public}u", authParam.authTrustLevel); + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthParamUtils::InitReuseUnlockResult(napi_env env, napi_value value, AuthParamInner &authParam) +{ + uint32_t reuseMode; + uint32_t reuseDuration; + if (!UserAuthNapiHelper::HasNamedProperty(env, value, REUSEMODE)) { + IAM_LOGE("propertyName: %{public}s not exists.", REUSEMODE.c_str()); + std::string msgStr = "Parameter error. \"reuseMode\" is a mandatory parameter and is left unspecified."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + napi_value napi_reuseMode = UserAuthNapiHelper::GetNamedProperty(env, value, REUSEMODE); + napi_status ret = UserAuthNapiHelper::GetUint32Value(env, napi_reuseMode, reuseMode); + if (ret != napi_ok) { + IAM_LOGE("GetUint32Value fail:%{public}d", ret); + std::string msgStr = "Parameter error. The type of \"reuseMode\" must be number."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + authParam.reuseUnlockResult.reuseMode = ReuseMode(reuseMode); + if (!UserAuthNapiHelper::HasNamedProperty(env, value, REUSEDURATION)) { + IAM_LOGE("propertyName: %{public}s not exists.", REUSEDURATION.c_str()); + std::string msgStr = "Parameter error. \"reuseDuration\" is a mandatory parameter and is left unspecified."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + napi_value napi_reuseDuration = UserAuthNapiHelper::GetNamedProperty(env, value, REUSEDURATION); + ret = UserAuthNapiHelper::GetUint32Value(env, napi_reuseDuration, reuseDuration); + if (ret != napi_ok) { + IAM_LOGE("GetUint32Value fail:%{public}d", ret); + std::string msgStr = "Parameter error. The type of \"reuseDuration\" must be number."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + authParam.reuseUnlockResult.reuseDuration = reuseDuration; + if (!UserAuthNapiHelper::CheckReuseUnlockResult(authParam.reuseUnlockResult)) { + IAM_LOGE("ReuseUnlockResult fail"); + std::string msgStr = "Parameter error. The type of \"reuseUnlockResult\" must be ReuseUnlockResult."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + authParam.reuseUnlockResult.isReuse = true; + IAM_LOGI("reuseMode: %{public}u, reuseDuration: %{public}" PRIu64, authParam.reuseUnlockResult.reuseMode, + authParam.reuseUnlockResult.reuseDuration); + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthParamUtils::InitUserId(napi_env env, napi_value value, AuthParamInner &authParam) +{ + napi_status ret = UserAuthNapiHelper::GetInt32Value(env, value, authParam.userId); + if (ret != napi_ok) { + IAM_LOGE("GetUint32Value fail:%{public}d", ret); + std::string msgStr = "Parameter error. The type of \"userId\" must be number."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + if (authParam.userId < 0) { + IAM_LOGE("GetInt32Value fail:%{public}d", ret); + std::string msgStr = "Parameter error. The \"userId\" must be greater than or equal to 0"; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + IAM_LOGI("InitUserId userId: %{public}d", authParam.userId); + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthParamUtils::ProcessAuthTrustLevelAndUserId(napi_env env, napi_value value, + AuthParamInner &authParam) +{ + if (!UserAuthNapiHelper::HasNamedProperty(env, value, AUTH_PARAM_AUTHTRUSTLEVEL)) { + IAM_LOGE("propertyName: %{public}s not exists.", AUTH_PARAM_AUTHTRUSTLEVEL.c_str()); + std::string msgStr = "Parameter error. \"authTrustLevel\" is a mandatory parameter and is left unspecified."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + napi_value napi_authTrustLevel = UserAuthNapiHelper::GetNamedProperty(env, value, AUTH_PARAM_AUTHTRUSTLEVEL); + UserAuthResultCode errorCode = InitAuthTrustLevel(env, napi_authTrustLevel, authParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitAuthTrustLevel fail:%{public}d", errorCode); + return errorCode; + } + + if (UserAuthNapiHelper::HasNamedProperty(env, value, AUTH_PARAM_USER_ID)) { + napi_value napi_userId = UserAuthNapiHelper::GetNamedProperty(env, value, AUTH_PARAM_USER_ID); + errorCode = InitUserId(env, napi_userId, authParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitUserId fail:%{public}d", errorCode); + return errorCode; + } + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthParamUtils::InitAuthParam(napi_env env, napi_value value, AuthParamInner &authParam) +{ + napi_status ret = UserAuthNapiHelper::CheckNapiType(env, value, napi_null); + if (ret == napi_ok) { + IAM_LOGI("authParam is null"); + std::string msgStr = "Parameter error. \"authParam\" is a mandatory parameter and is left unspecified."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + + if (!UserAuthNapiHelper::HasNamedProperty(env, value, AUTH_PARAM_CHALLENGE)) { + IAM_LOGE("propertyName: %{public}s not exists.", AUTH_PARAM_CHALLENGE.c_str()); + std::string msgStr = "Parameter error. \"challenge\" is a mandatory parameter and is left unspecified."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + napi_value napi_challenge = UserAuthNapiHelper::GetNamedProperty(env, value, AUTH_PARAM_CHALLENGE); + UserAuthResultCode errorCode = InitChallenge(env, napi_challenge, authParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitChallenge fail:%{public}d", errorCode); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + + if (!UserAuthNapiHelper::HasNamedProperty(env, value, AUTH_PARAM_AUTHTYPE)) { + IAM_LOGE("propertyName: %{public}s not exists.", AUTH_PARAM_AUTHTYPE.c_str()); + std::string msgStr = "Parameter error. \"authType\" is a mandatory parameter and is left unspecified."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + napi_value napi_authType = UserAuthNapiHelper::GetNamedProperty(env, value, AUTH_PARAM_AUTHTYPE); + errorCode = InitAuthType(env, napi_authType, authParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitAuthType fail:%{public}d", errorCode); + return errorCode; + } + + errorCode = ProcessReuseUnlockResult(env, value, authParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + return errorCode; + } + errorCode = ProcessAuthTrustLevelAndUserId(env, value, authParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("ProcessAuthTrustLevelAndUserId fail:%{public}d", errorCode); + return errorCode; + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthParamUtils::ProcessReuseUnlockResult(napi_env env, napi_value value, + AuthParamInner &authParam) +{ + if (UserAuthNapiHelper::HasNamedProperty(env, value, AUTH_PARAM_REUSEUNLOCKRESULT)) { + napi_value napi_reuseUnlockResult = UserAuthNapiHelper::GetNamedProperty(env, value, + AUTH_PARAM_REUSEUNLOCKRESULT); + UserAuthResultCode errorCode = InitReuseUnlockResult(env, napi_reuseUnlockResult, authParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitReuseUnlockResult fail:%{public}d", errorCode); + return errorCode; + } + } else { + authParam.reuseUnlockResult.isReuse = false; + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthParamUtils::InitWidgetParam(napi_env env, napi_value value, + UserAuthNapiClientImpl::WidgetParamNapi &widgetParam, std::shared_ptr &abilityContext) +{ + napi_status ret = UserAuthNapiHelper::CheckNapiType(env, value, napi_null); + if (ret == napi_ok) { + IAM_LOGE("widgetParam is null"); + std::string msgStr = "Parameter error. \"widgetParam\" is a mandatory parameter and is left unspecified."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + + if (!UserAuthNapiHelper::HasNamedProperty(env, value, WIDGET_PARAM_TITLE)) { + IAM_LOGE("propertyName: %{public}s not exists.", WIDGET_PARAM_TITLE.c_str()); + std::string msgStr = "Parameter error. \"title\" is a mandatory parameter and is left unspecified."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + std::string title = UserAuthNapiHelper::GetStringPropertyUtf8(env, value, WIDGET_PARAM_TITLE); + if (title == "" || title.size() > WidgetType::TITLE_MAX) { + IAM_LOGE("title is invalid. size: %{public}zu", title.size()); + std::string msgStr = "Parameter error. The length of \"title\" connot exceed 500."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + widgetParam.title = title; + + if (UserAuthNapiHelper::HasNamedProperty(env, value, WIDGET_PARAM_NAVIBTNTEXT)) { + std::string naviBtnTxt = UserAuthNapiHelper::GetStringPropertyUtf8(env, value, WIDGET_PARAM_NAVIBTNTEXT); + if (naviBtnTxt == "" || naviBtnTxt.size() > WidgetType::BUTTON_MAX) { + IAM_LOGE("navigation button text is invalid, size: %{public}zu", naviBtnTxt.size()); + std::string msgStr = "Parameter error. The length of \"navigationButtonText\" connot exceed 60."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + widgetParam.navigationButtonText = naviBtnTxt; + } + + UserAuthResultCode errorCode = ProcessWindowMode(env, value, widgetParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + return errorCode; + } + errorCode = ProcessContext(env, value, widgetParam, abilityContext); + if (errorCode != UserAuthResultCode::SUCCESS) { + return errorCode; + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthParamUtils::ProcessContext(napi_env env, napi_value value, + UserAuthNapiClientImpl::WidgetParamNapi &widgetParam, std::shared_ptr &abilityContext) +{ + IAM_LOGI("process uiContext"); + if (UserAuthNapiHelper::HasNamedProperty(env, value, WIDGET_PARAM_CONTEXT)) { + IAM_LOGI("widgetParam has uiContext"); + napi_value napi_uiContext = UserAuthNapiHelper::GetNamedProperty(env, value, WIDGET_PARAM_CONTEXT); + napi_status ret = UserAuthNapiHelper::CheckNapiType(env, napi_uiContext, napi_object); + if (ret != napi_ok) { + IAM_LOGE("get uiContext fail: %{public}d", ret); + std::string msgStr = "Parameter error. The type of \"uiContext\" must be context."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + bool stageMode = false; + ret = OHOS::AbilityRuntime::IsStageContext(env, napi_uiContext, stageMode); + if (ret != napi_ok) { + IAM_LOGE("uiContext must be stage mode: %{public}d", ret); + std::string msgStr = "Parameter error. The type of \"uiContext\" must be stage mode."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + auto context = OHOS::AbilityRuntime::GetStageModeContext(env, napi_uiContext); + if (CheckUIContext(context)) { + abilityContext = context; + widgetParam.hasContext = true; + IAM_LOGI("widgetParam has valid uiContext"); + } else { + // Default as modal system + IAM_LOGI("widgetParam has invalid uiContext, not base on valid AbilityContext or UIExtensionContext."); + } + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthParamUtils::ProcessWindowMode(napi_env env, napi_value value, + UserAuthNapiClientImpl::WidgetParamNapi &widgetParam) +{ + if (UserAuthNapiHelper::HasNamedProperty(env, value, WIDGET_PARAM_WINDOWMODE)) { + napi_value napi_windowModeType = UserAuthNapiHelper::GetNamedProperty(env, value, WIDGET_PARAM_WINDOWMODE); + uint32_t windowMode; + napi_status ret = UserAuthNapiHelper::GetUint32Value(env, napi_windowModeType, windowMode); + if (ret != napi_ok) { + IAM_LOGE("napi authType GetUint32Value fail:%{public}d", ret); + std::string msgStr = "Parameter error. The type of \"windowMode\" must be number."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + switch (windowMode) { + case WindowModeType::DIALOG_BOX: + case WindowModeType::FULLSCREEN: + case WindowModeType::NONE_INTERRUPTION_DIALOG_BOX: + widgetParam.windowMode = static_cast(windowMode); + break; + default: + IAM_LOGE("windowMode type not support."); + std::string msgStr = "Parameter error. The type of \"windowMode\" must be WindowModeType."; + return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); + } + } + + IAM_LOGI("widgetParam title:%{public}s, navBtnText:%{public}s, winMode:%{public}u", + widgetParam.title.c_str(), widgetParam.navigationButtonText.c_str(), + static_cast(widgetParam.windowMode)); + return UserAuthResultCode::SUCCESS; +} + +bool UserAuthParamUtils::CheckUIContext(const std::shared_ptr context) +{ + if (context == nullptr) { + IAM_LOGE("get context failed"); + return false; + } + + auto abilityContext = AbilityRuntime::Context::ConvertTo(context); + if (abilityContext == nullptr) { + IAM_LOGE("abilityContext is null"); + auto holderContext = AbilityRuntime::Context::ConvertTo(context); + if (holderContext == nullptr) { + IAM_LOGE("uiExtensionContext is null"); + return false; + } + if (holderContext->GetUIContent() == nullptr) { + IAM_LOGE("uiContent is null"); + return false; + } + } else { + if (abilityContext->GetUIContent() == nullptr) { + IAM_LOGE("uiContent is null"); + return false; + } + } + return true; +} +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS diff --git a/frameworks/native/client/inc/user_auth_client_impl.h b/frameworks/native/client/inc/user_auth_client_impl.h index 4f5ec6d701173fcebc9fc4012ba62257e6829c30..1419ca898d25e8afe677328880bf166597937c17 100644 --- a/frameworks/native/client/inc/user_auth_client_impl.h +++ b/frameworks/native/client/inc/user_auth_client_impl.h @@ -66,6 +66,7 @@ public: int32_t SetGlobalConfigParam(const GlobalConfigParam ¶m) override; int32_t PrepareRemoteAuth(const std::string &networkId, const std::shared_ptr &callback) override; + int32_t QueryReusableAuthResult(const WidgetAuthParam &authParam, std::vector &token) override; private: ResultCode SetPropertyInner(int32_t userId, const SetPropertyRequest &request, diff --git a/frameworks/native/client/src/user_auth_client_impl.cpp b/frameworks/native/client/src/user_auth_client_impl.cpp index 82ed9a422af2d070efca237712ddb75dd72b7feb..a94e4bb6dafdb7594f356406e7f3e42ded64c8b2 100644 --- a/frameworks/native/client/src/user_auth_client_impl.cpp +++ b/frameworks/native/client/src/user_auth_client_impl.cpp @@ -722,6 +722,30 @@ int32_t UserAuthClientImpl::PrepareRemoteAuth(const std::string &networkId, return proxy->PrepareRemoteAuth(networkId, wrapper); } +int32_t UserAuthClientImpl::QueryReusableAuthResult(const WidgetAuthParam &authParam, std::vector &token) +{ + IAM_LOGI("start"); + auto proxy = GetProxy(); + if (!proxy) { + IAM_LOGE("proxy is nullptr"); + return GENERAL_ERROR; + } + + IpcAuthParamInner ipcAuthParamInner = {}; + ipcAuthParamInner.userId = authParam.userId; + ipcAuthParamInner.isUserIdSpecified = true; + ipcAuthParamInner.challenge = authParam.challenge; + for (auto &authType : authParam.authTypes) { + ipcAuthParamInner.authTypes.push_back(static_cast(authType)); + } + ipcAuthParamInner.authTrustLevel = authParam.authTrustLevel, + ipcAuthParamInner.reuseUnlockResult.isReuse = authParam.reuseUnlockResult.isReuse; + ipcAuthParamInner.reuseUnlockResult.reuseMode = authParam.reuseUnlockResult.reuseMode; + ipcAuthParamInner.reuseUnlockResult.reuseDuration = authParam.reuseUnlockResult.reuseDuration; + + return proxy->QueryReusableAuthResult(ipcAuthParamInner, token); +} + void UserAuthClientImpl::InitIpcRemoteAuthParam(const std::optional &remoteAuthParam, IpcRemoteAuthParam &ipcRemoteAuthParam) { @@ -778,6 +802,7 @@ void UserAuthClientImpl::InitIpcAuthParam(const AuthParamInner &authParam, ipcAuthParamInner.authTrustLevel = static_cast(authParam.authTrustLevel); ipcAuthParamInner.authIntent = static_cast(authParam.authIntent); ipcAuthParamInner.reuseUnlockResult.isReuse = authParam.reuseUnlockResult.isReuse; + ipcAuthParamInner.reuseUnlockResult.reuseMode = authParam.reuseUnlockResult.reuseMode; ipcAuthParamInner.reuseUnlockResult.reuseDuration = authParam.reuseUnlockResult.reuseDuration; } diff --git a/frameworks/native/client/user_auth_client_map b/frameworks/native/client/user_auth_client_map index c2c807fbaced2873047f0dfb2dc063012ba931af..3bfacb9faaf459c03793d0e1aff03d571ce7fc96 100644 --- a/frameworks/native/client/user_auth_client_map +++ b/frameworks/native/client/user_auth_client_map @@ -32,6 +32,7 @@ OHOS::UserIam::UserAuth::UserAuthNapiClientImpl::Instance*; OHOS::UserIam::UserAuth::UserAuthNapiClientImpl::BeginWidgetAuth*; OHOS::UserIam::UserAuth::UserAuthNapiClientImpl::CancelAuthentication*; + OHOS::UserIam::UserAuth::UserAuthClientImpl::QueryReusableAuthResult*; }; local: *; diff --git a/frameworks/native/ipc/idl/IUserAuth.idl b/frameworks/native/ipc/idl/IUserAuth.idl index 969e2bf3c52df63963723e83fd510fbbf363ccda..f3636124f72edc0f9f83da27bd111de77a62f2e9 100644 --- a/frameworks/native/ipc/idl/IUserAuth.idl +++ b/frameworks/native/ipc/idl/IUserAuth.idl @@ -72,4 +72,6 @@ interface OHOS.UserIam.UserAuth.IUserAuth { void VerifyAuthToken([in] unsigned char[] tokenIn, [in] unsigned long allowableDuration, [in] IVerifyTokenCallback verifyTokenCallback); + + void QueryReusableAuthResult([in] IpcAuthParamInner ipcAuthParamInner, [out] unsigned char[] token); } \ No newline at end of file diff --git a/interfaces/inner_api/user_auth_client.h b/interfaces/inner_api/user_auth_client.h index 42ca06dfcfbb5dc17d43a927b4dc870d80513287..631d5ddd6eae3c261f0fa6110b0af5c196922430 100644 --- a/interfaces/inner_api/user_auth_client.h +++ b/interfaces/inner_api/user_auth_client.h @@ -174,6 +174,15 @@ public: * @return Return get result(0:success; other:failed). */ virtual int32_t GetAvailableStatus(int32_t userId, AuthType authType, AuthTrustLevel authTrustLevel) = 0; + + /** + * @brief Query reusable authentication result. + * @param authParam, authentication paramater for widgetAuth. + * @param extraInfo reuse authentication token. + * + * @return Return query result(0:success; other:failed). + */ + virtual int32_t QueryReusableAuthResult(const WidgetAuthParam &authParam, std::vector &token) = 0; }; } // namespace UserAuth } // namespace UserIam diff --git a/services/context/inc/auth_widget_helper.h b/services/context/inc/auth_widget_helper.h index 32794f85d38b2d0e83893f3ef91a16877520e018..7b42afaef456b9999a79c378bfd7d857ade4b92d 100644 --- a/services/context/inc/auth_widget_helper.h +++ b/services/context/inc/auth_widget_helper.h @@ -29,10 +29,12 @@ public: const WidgetParamInner &widgetParam, ContextFactory::AuthWidgetContextPara ¶); static int32_t CheckValidSolution(int32_t userId, const std::vector &authTypeList, const AuthTrustLevel &atl, std::vector &validTypeList); - static int32_t CheckReuseUnlockResult(const ContextFactory::AuthWidgetContextPara ¶, + static int32_t GetReuseUnlockResult(const ContextFactory::AuthWidgetContextPara ¶, const AuthParamInner &authParam, Attributes &extraInfo); static bool GetUserAuthProfile(int32_t userId, const AuthType &authType, ContextFactory::AuthProfile &profile); + static int32_t CheckReuseUnlockResult(const int32_t userId, const AuthParamInner &authParam, + HdiReuseUnlockInfo &reuseResultInfo); #ifndef IAM_TEST_ENABLE private: diff --git a/services/context/src/auth_widget_helper.cpp b/services/context/src/auth_widget_helper.cpp index 2db454c6c856fad527ef829b2abdde5a1aec2168..45797e1645835f497b2a1f95af6bb88d93afb7fd 100644 --- a/services/context/src/auth_widget_helper.cpp +++ b/services/context/src/auth_widget_helper.cpp @@ -184,11 +184,9 @@ int32_t AuthWidgetHelper::SetReuseUnlockResult(int32_t apiVersion, const HdiReus return SUCCESS; } -int32_t AuthWidgetHelper::CheckReuseUnlockResult(const ContextFactory::AuthWidgetContextPara ¶, - const AuthParamInner &authParam, Attributes &extraInfo) +int32_t AuthWidgetHelper::CheckReuseUnlockResult(const int32_t userId, const AuthParamInner &authParam, + HdiReuseUnlockInfo &reuseResultInfo) { - IAM_LOGI("start userId:%{public}d, reuseMode:%{public}u, reuseDuration: %{public}" PRIu64 ".", - para.userId, authParam.reuseUnlockResult.reuseMode, authParam.reuseUnlockResult.reuseDuration); if (!authParam.reuseUnlockResult.isReuse || authParam.reuseUnlockResult.reuseDuration == 0 || authParam.reuseUnlockResult.reuseDuration > MAX_ALLOWABLE_REUSE_DURATION || (authParam.reuseUnlockResult.reuseMode != AUTH_TYPE_RELEVANT && @@ -205,20 +203,25 @@ int32_t AuthWidgetHelper::CheckReuseUnlockResult(const ContextFactory::AuthWidge } HdiReuseUnlockParam unlockParam = {}; - unlockParam.baseParam.userId = para.userId; + unlockParam.baseParam.userId = userId; unlockParam.baseParam.authTrustLevel = authParam.authTrustLevel; for (auto &type : authParam.authTypes) { unlockParam.authTypes.emplace_back(static_cast(type)); } unlockParam.baseParam.challenge = authParam.challenge; - unlockParam.baseParam.callerName = para.callerName; - unlockParam.baseParam.callerType = para.callerType; - unlockParam.baseParam.apiVersion = para.sdkVersion; unlockParam.reuseUnlockResultMode = authParam.reuseUnlockResult.reuseMode; unlockParam.reuseUnlockResultDuration = authParam.reuseUnlockResult.reuseDuration; + return hdi->CheckReuseUnlockResult(unlockParam, reuseResultInfo); +} + +int32_t AuthWidgetHelper::GetReuseUnlockResult(const ContextFactory::AuthWidgetContextPara ¶, + const AuthParamInner &authParam, Attributes &extraInfo) +{ + IAM_LOGI("start userId:%{public}d, reuseMode:%{public}u, reuseDuration: %{public}" PRIu64 ".", + para.userId, authParam.reuseUnlockResult.reuseMode, authParam.reuseUnlockResult.reuseDuration); HdiReuseUnlockInfo reuseResultInfo = {}; - int32_t result = hdi->CheckReuseUnlockResult(unlockParam, reuseResultInfo); + int32_t result = CheckReuseUnlockResult(para.userId, authParam, reuseResultInfo); if (result != SUCCESS) { IAM_LOGE("CheckReuseUnlockResult failed result:%{public}d userId:%{public}d", result, para.userId); return result; diff --git a/services/ipc/inc/user_auth_service.h b/services/ipc/inc/user_auth_service.h index 295400d46bfb6abd8050b6bece20502986e45258..94dabd9f50475e9cd08dffcefdc15a6f676f3e1e 100644 --- a/services/ipc/inc/user_auth_service.h +++ b/services/ipc/inc/user_auth_service.h @@ -69,6 +69,8 @@ public: const sptr &userAuthCallback) override; int32_t VerifyAuthToken(const std::vector &tokenIn, uint64_t allowableDuration, const sptr &verifyTokenCallback) override; + int32_t QueryReusableAuthResult(const IpcAuthParamInner &ipcAuthParamInner, + std::vector &token) override; int32_t CallbackEnter([[maybe_unused]] uint32_t code) override; int32_t CallbackExit([[maybe_unused]] uint32_t code, [[maybe_unused]] int32_t result) override; diff --git a/services/ipc/src/user_auth_service.cpp b/services/ipc/src/user_auth_service.cpp index 28bb51c1ac6211c86e3f9898fd437e7d9ecd839b..5dbd40f8167f9a64f75a17f88eec2711b4a5fa80 100644 --- a/services/ipc/src/user_auth_service.cpp +++ b/services/ipc/src/user_auth_service.cpp @@ -1274,9 +1274,9 @@ int32_t UserAuthService::AuthWidget(int32_t apiVersion, const IpcAuthParamInner return checkRet; } - if (AuthWidgetHelper::CheckReuseUnlockResult(para, authParam, extraInfo) == SUCCESS) { - IAM_LOGE("check reuse unlock result success"); - contextCallback->SetTraceAuthFinishReason("UserAuthService AuthWidget CheckReuseUnlockResult success"); + if (AuthWidgetHelper::GetReuseUnlockResult(para, authParam, extraInfo) == SUCCESS) { + IAM_LOGE("get reuse unlock result success"); + contextCallback->SetTraceAuthFinishReason("UserAuthService AuthWidget GetReuseUnlockResult success"); contextCallback->OnResult(SUCCESS, extraInfo); contextId = REUSE_AUTH_RESULT_CONTEXT_ID; return SUCCESS; @@ -1658,6 +1658,34 @@ int32_t UserAuthService::VerifyAuthToken(const std::vector &tokenIn, ui return SUCCESS; } +int32_t UserAuthService::QueryReusableAuthResult(const IpcAuthParamInner &ipcAuthParamInner, + std::vector &token) +{ + if (!IpcCommon::CheckPermission(*this, ACCESS_USER_AUTH_INTERNAL_PERMISSION)) { + IAM_LOGE("failed to check permission"); + return CHECK_PERMISSION_FAILED; + } + + if (!(IpcCommon::GetDirectCallerType(*this) == Security::AccessToken::TOKEN_HAP && + IpcCommon::CheckPermission(*this, IS_SYSTEM_APP))) { + IAM_LOGE("caller is not systemApp."); + return CHECK_SYSTEM_APP_FAILED; + } + + AuthParamInner authParam = {}; + InitAuthParam(ipcAuthParamInner, authParam); + HdiReuseUnlockInfo reuseResultInfo = {}; + int32_t result = AuthWidgetHelper::CheckReuseUnlockResult(authParam.userId, authParam, reuseResultInfo); + if (result != SUCCESS) { + IAM_LOGE("CheckReuseUnlockResult failed result:%{public}d userId:%{public}d", result, + ipcAuthParamInner.userId); + return result; + } + + token = reuseResultInfo.token; + return SUCCESS; +} + void UserAuthService::InitAuthParam(const IpcAuthParamInner &ipcAuthParam, AuthParamInner &authParam) { authParam.userId = ipcAuthParam.userId; diff --git a/test/fuzztest/clients/userauthclient_fuzzer/user_auth_client_fuzzer.cpp b/test/fuzztest/clients/userauthclient_fuzzer/user_auth_client_fuzzer.cpp index e1a794ceea8bafc3c27708d88bffc5d5927212c1..ea1dab5e1e997e88e9a92f7293e993304202702b 100644 --- a/test/fuzztest/clients/userauthclient_fuzzer/user_auth_client_fuzzer.cpp +++ b/test/fuzztest/clients/userauthclient_fuzzer/user_auth_client_fuzzer.cpp @@ -405,6 +405,22 @@ void FuzzSetGlobalConfigParam(Parcel &parcel) IAM_LOGI("end"); } +void FuzzQueryReusableAuthResult(Parcel &parcel) +{ + IAM_LOGI("start"); + std::vector token; + WidgetAuthParam authParam = {}; + authParam.userId = parcel.ReadInt32(); + Common::FillFuzzUint8Vector(parcel, authParam.challenge); + authParam.authTypes.push_back(static_cast(parcel.ReadInt32())); + authParam.authTrustLevel = static_cast(parcel.ReadUint32()); + authParam.reuseUnlockResult.isReuse = parcel.ReadBool(); + authParam.reuseUnlockResult.reuseMode = static_cast(parcel.ReadInt32()); + authParam.reuseUnlockResult.reuseDuration = parcel.ReadUint64(); + UserAuthClientImpl::Instance().QueryReusableAuthResult(authParam, token); + IAM_LOGI("end"); +} + using FuzzFunc = decltype(FuzzClientGetAvailableStatus); FuzzFunc *g_fuzzFuncs[] = { FuzzClientGetEnrolledState, @@ -430,6 +446,7 @@ FuzzFunc *g_fuzzFuncs[] = { FuzzSetPropCallbackServiceOnPropResult, FuzzSetGlobalConfigParam, FuzzNapiBeginWidgetAuth, + FuzzQueryReusableAuthResult, }; void UserAuthClientFuzzTest(const uint8_t *data, size_t size) diff --git a/test/fuzztest/services/context/remoteauthcontext_fuzzer/remote_auth_context_fuzzer.cpp b/test/fuzztest/services/context/remoteauthcontext_fuzzer/remote_auth_context_fuzzer.cpp index 8036ea3c5fbdc51a8d0dfb3a167d7fefadfde1bc..6660219c2510fd3d7064f455310b5c8953214469 100644 --- a/test/fuzztest/services/context/remoteauthcontext_fuzzer/remote_auth_context_fuzzer.cpp +++ b/test/fuzztest/services/context/remoteauthcontext_fuzzer/remote_auth_context_fuzzer.cpp @@ -271,7 +271,7 @@ void FuzzSetReuseUnlockResult(Parcel &parcel) AuthWidgetHelper::SetReuseUnlockResult(apiVersion, info, extraInfo); } -void FuzzCheckReuseUnlockResult(Parcel &parcel) +void FuzzGetReuseUnlockResult(Parcel &parcel) { ContextFactory::AuthWidgetContextPara para; para.userId = MAIN_USER_ID; @@ -289,7 +289,7 @@ void FuzzCheckReuseUnlockResult(Parcel &parcel) }; Attributes extraInfo; FillIAttributes(parcel, extraInfo); - AuthWidgetHelper::CheckReuseUnlockResult(para, authParam, extraInfo); + AuthWidgetHelper::GetReuseUnlockResult(para, authParam, extraInfo); } using FuzzFunc = decltype(ContextAppStateObserverFuzzTest); @@ -303,7 +303,7 @@ FuzzFunc *g_fuzzFuncs[] = { FuzzParseAttributes, FuzzCheckValidSolution, FuzzSetReuseUnlockResult, - FuzzCheckReuseUnlockResult, + FuzzGetReuseUnlockResult, }; void RemoteAuthContextFuzzTest(const uint8_t *data, size_t size) diff --git a/test/fuzztest/services/userauthservice_fuzzer/user_auth_service_fuzzer.cpp b/test/fuzztest/services/userauthservice_fuzzer/user_auth_service_fuzzer.cpp index 96135e92d2b0a90b5fb41621fbfc62c8355e5d4c..6d47d08787f832713dd61e80495d29e528be52cc 100644 --- a/test/fuzztest/services/userauthservice_fuzzer/user_auth_service_fuzzer.cpp +++ b/test/fuzztest/services/userauthservice_fuzzer/user_auth_service_fuzzer.cpp @@ -698,6 +698,25 @@ void FuzzVerifyAuthToken(Parcel &parcel) IAM_LOGI("end"); } +void FuzzQueryReusableAuthResult(Parcel &parcel) +{ + IAM_LOGI("begin"); + std::vector token; + IpcAuthParamInner ipcAuthParamInner = {}; + ipcAuthParamInner.userId = parcel.ReadInt32(); + Common::FillFuzzUint8Vector(parcel, ipcAuthParamInner.challenge); + ipcAuthParamInner.authTypes.push_back(parcel.ReadInt32()); + ipcAuthParamInner.authTrustLevel = parcel.ReadUint32(); + ipcAuthParamInner.reuseUnlockResult.isReuse = parcel.ReadBool(); + ipcAuthParamInner.reuseUnlockResult.reuseMode = parcel.ReadInt32(); + ipcAuthParamInner.reuseUnlockResult.reuseDuration = parcel.ReadUint64(); + IpcCommon::AddPermission(ACCESS_USER_AUTH_INTERNAL_PERMISSION); + IpcCommon::AddPermission(IS_SYSTEM_APP); + g_userAuthService.QueryReusableAuthResult(ipcAuthParamInner, token); + IpcCommon::DeleteAllPermission(); + IAM_LOGI("end"); +} + void FuzzGetAuthTokenAttr(Parcel &parcel) { IAM_LOGI("begin"); @@ -757,6 +776,7 @@ FuzzFunc *g_fuzzFuncs[] = { FuzzGetPropertyById, FuzzVerifyAuthToken, FuzzGetAuthTokenAttr, + FuzzQueryReusableAuthResult, }; void UserAuthFuzzTest(const uint8_t *data, size_t size) diff --git a/test/unittest/inner_api/src/user_auth_client_test.cpp b/test/unittest/inner_api/src/user_auth_client_test.cpp index 3301ac9fc5182cddd1b3c56ce53e32027352dc24..a7bda0e67123ff39040359459c3aa97cfb058728 100644 --- a/test/unittest/inner_api/src/user_auth_client_test.cpp +++ b/test/unittest/inner_api/src/user_auth_client_test.cpp @@ -857,7 +857,6 @@ HWTEST_F(UserAuthClientTest, UserAuthClientGetNorthAvailableStatus, TestSize.Lev EXPECT_EQ(ret, GENERAL_ERROR); } - HWTEST_F(UserAuthClientTest, UserAuthClientGetPropertyById001, TestSize.Level0) { uint64_t testCredentialId = 1; @@ -912,6 +911,41 @@ HWTEST_F(UserAuthClientTest, UserAuthClientGetPropertyById002, TestSize.Level0) dr->OnRemoteDied(obj); IpcClientUtils::ResetObj(); } + +HWTEST_F(UserAuthClientTest, QueryReusableAuthResult001, TestSize.Level0) +{ + WidgetAuthParam authParam = {}; + std::vector token; + + int32_t ret = UserAuthClient::GetInstance().QueryReusableAuthResult(authParam, token); + EXPECT_EQ(ret, GENERAL_ERROR); +} + +HWTEST_F(UserAuthClientTest, QueryReusableAuthResult002, TestSize.Level0) +{ + WidgetAuthParam authParam = {}; + std::vector token; + + auto service = Common::MakeShared(); + EXPECT_NE(service, nullptr); + EXPECT_CALL(*service, QueryReusableAuthResult(_, _)).Times(1); + ON_CALL(*service, QueryReusableAuthResult) + .WillByDefault( + [](const IpcAuthParamInner &ipcAuthParamInner, std::vector &token) { + static const uint32_t USER_AUTH_TOKEN_LEN = 148; + token.resize(USER_AUTH_TOKEN_LEN); + return SUCCESS; + } + ); + sptr obj(new (std::nothrow) MockRemoteObject()); + sptr dr(nullptr); + CallRemoteObject(service, obj, dr); + int32_t ret = UserAuthClient::GetInstance().QueryReusableAuthResult(authParam, token); + EXPECT_EQ(ret, SUCCESS); + EXPECT_NE(dr, nullptr); + dr->OnRemoteDied(obj); + IpcClientUtils::ResetObj(); +} } // namespace UserAuth } // namespace UserIam } // namespace OHOS \ No newline at end of file diff --git a/test/unittest/services/mocks/mock_user_auth_service.h b/test/unittest/services/mocks/mock_user_auth_service.h index 6c6c5c7d8c8adf92acf59e89ad3836dc6ec810eb..de7b3bace5bbe1162e492dcd6eca74719ff2302e 100644 --- a/test/unittest/services/mocks/mock_user_auth_service.h +++ b/test/unittest/services/mocks/mock_user_auth_service.h @@ -69,6 +69,8 @@ public: const sptr &userAuthCallback)); MOCK_METHOD3(VerifyAuthToken, int32_t(const std::vector &tokenIn, uint64_t allowableDuration, const sptr &verifyTokenCallback)); + MOCK_METHOD2(QueryReusableAuthResult, int32_t(const IpcAuthParamInner &ipcAuthParamInner, + std::vector &token)); MOCK_METHOD1(CallbackEnter, int32_t(uint32_t code)); MOCK_METHOD2(CallbackExit, int32_t(uint32_t code, int32_t result)); }; diff --git a/test/unittest/services/src/auth_widget_helper_test.cpp b/test/unittest/services/src/auth_widget_helper_test.cpp index 40c3e1cb8606093d9850b23c85cf4f15f103e7a0..63e73180e367c966969d078e632f54ed8425a9b4 100644 --- a/test/unittest/services/src/auth_widget_helper_test.cpp +++ b/test/unittest/services/src/auth_widget_helper_test.cpp @@ -431,24 +431,24 @@ HWTEST_F(AuthWidgetHelperTest, AuthWidgetHelperTestCheckValidSolution002, TestSi MockIUserAuthInterface::Holder::GetInstance().Reset(); } -HWTEST_F(AuthWidgetHelperTest, AuthWidgetHelperTestCheckReuseUnlockResult001, TestSize.Level0) +HWTEST_F(AuthWidgetHelperTest, AuthWidgetHelperTestGetReuseUnlockResult001, TestSize.Level0) { ContextFactory::AuthWidgetContextPara para; para.userId = 1; Attributes extraInfo; AuthParamInner authParam; authParam.reuseUnlockResult.isReuse = false; - EXPECT_EQ(AuthWidgetHelper::CheckReuseUnlockResult(para, authParam, extraInfo), INVALID_PARAMETERS); + EXPECT_EQ(AuthWidgetHelper::GetReuseUnlockResult(para, authParam, extraInfo), INVALID_PARAMETERS); authParam.reuseUnlockResult.isReuse = true; authParam.reuseUnlockResult.reuseDuration = 0; - EXPECT_EQ(AuthWidgetHelper::CheckReuseUnlockResult(para, authParam, extraInfo), INVALID_PARAMETERS); + EXPECT_EQ(AuthWidgetHelper::GetReuseUnlockResult(para, authParam, extraInfo), INVALID_PARAMETERS); authParam.reuseUnlockResult.reuseDuration = 6 * 60 * 1000; - EXPECT_EQ(AuthWidgetHelper::CheckReuseUnlockResult(para, authParam, extraInfo), INVALID_PARAMETERS); + EXPECT_EQ(AuthWidgetHelper::GetReuseUnlockResult(para, authParam, extraInfo), INVALID_PARAMETERS); } -HWTEST_F(AuthWidgetHelperTest, AuthWidgetHelperTestCheckReuseUnlockResult002, TestSize.Level0) +HWTEST_F(AuthWidgetHelperTest, AuthWidgetHelperTestGetReuseUnlockResult002, TestSize.Level0) { ContextFactory::AuthWidgetContextPara para; para.userId = 1; @@ -463,7 +463,7 @@ HWTEST_F(AuthWidgetHelperTest, AuthWidgetHelperTestCheckReuseUnlockResult002, Te EXPECT_CALL(*mockHdi, CheckReuseUnlockResult(_, _)).Times(5); ON_CALL(*mockHdi, CheckReuseUnlockResult) .WillByDefault(Return(HDF_FAILURE)); - EXPECT_EQ(AuthWidgetHelper::CheckReuseUnlockResult(para, authParam, extraInfo), HDF_FAILURE); + EXPECT_EQ(AuthWidgetHelper::GetReuseUnlockResult(para, authParam, extraInfo), HDF_FAILURE); ON_CALL(*mockHdi, CheckReuseUnlockResult) .WillByDefault( [](const HdiReuseUnlockParam &info, HdiReuseUnlockInfo &reuseInfo) { @@ -472,20 +472,20 @@ HWTEST_F(AuthWidgetHelperTest, AuthWidgetHelperTestCheckReuseUnlockResult002, Te return HDF_SUCCESS; } ); - EXPECT_EQ(AuthWidgetHelper::CheckReuseUnlockResult(para, authParam, extraInfo), HDF_SUCCESS); + EXPECT_EQ(AuthWidgetHelper::GetReuseUnlockResult(para, authParam, extraInfo), HDF_SUCCESS); ON_CALL(*mockHdi, CheckReuseUnlockResult) .WillByDefault(Return(HDF_SUCCESS)); - EXPECT_EQ(AuthWidgetHelper::CheckReuseUnlockResult(para, authParam, extraInfo), SUCCESS); + EXPECT_EQ(AuthWidgetHelper::GetReuseUnlockResult(para, authParam, extraInfo), SUCCESS); para.sdkVersion = 10001; authParam.authTypes.push_back(FINGERPRINT); ON_CALL(*mockHdi, CheckReuseUnlockResult).WillByDefault(Return(HDF_SUCCESS)); - EXPECT_EQ(AuthWidgetHelper::CheckReuseUnlockResult(para, authParam, extraInfo), SUCCESS); + EXPECT_EQ(AuthWidgetHelper::GetReuseUnlockResult(para, authParam, extraInfo), SUCCESS); authParam.reuseUnlockResult.isReuse = true; authParam.reuseUnlockResult.reuseDuration = 4 * 60 * 1000; authParam.reuseUnlockResult.reuseMode = CALLER_IRRELEVANT_AUTH_TYPE_IRRELEVANT; - EXPECT_EQ(AuthWidgetHelper::CheckReuseUnlockResult(para, authParam, extraInfo), SUCCESS); + EXPECT_EQ(AuthWidgetHelper::GetReuseUnlockResult(para, authParam, extraInfo), SUCCESS); MockIUserAuthInterface::Holder::GetInstance().Reset(); } diff --git a/test/unittest/services/src/user_auth_service_test_part02.cpp b/test/unittest/services/src/user_auth_service_test_part02.cpp index 6c8dba9bd34347c9ecbe63c778510cf700534d82..6696f424aae3b317c1f5637c7804d9916ceac224 100644 --- a/test/unittest/services/src/user_auth_service_test_part02.cpp +++ b/test/unittest/services/src/user_auth_service_test_part02.cpp @@ -1698,6 +1698,146 @@ HWTEST_F(UserAuthServiceTest, UserAuthServiceVerifyAuthToken005, TestSize.Level0 EXPECT_EQ(service.VerifyAuthToken(testTokenIn, allowableDuration, callbackInterface), SUCCESS); IpcCommon::DeleteAllPermission(); } + +HWTEST_F(UserAuthServiceTest, QueryReusableAuthResult001, TestSize.Level0) +{ + UserAuthService service; + std::vector tempChallenge = {}; + tempChallenge.resize(32); + IpcAuthParamInner ipcAuthParamInner = {}; + ipcAuthParamInner.userId = 1; + ipcAuthParamInner.isUserIdSpecified = true; + ipcAuthParamInner.challenge = tempChallenge; + ipcAuthParamInner.authTrustLevel = ATL3; + ipcAuthParamInner.authTypes.push_back(PIN); + ipcAuthParamInner.reuseUnlockResult.isReuse = true; + ipcAuthParamInner.reuseUnlockResult.reuseMode = AUTH_TYPE_RELEVANT; + ipcAuthParamInner.reuseUnlockResult.reuseDuration = 5 * 60 * 1000; + + auto mockHdi = MockIUserAuthInterface::Holder::GetInstance().Get(); + EXPECT_NE(mockHdi, nullptr); + EXPECT_CALL(*mockHdi, CheckReuseUnlockResult(_, _)) + .WillOnce([](const HdiReuseUnlockParam &info, HdiReuseUnlockInfo &reuseInfo) { + static const uint32_t USER_AUTH_TOKEN_LEN = 148; + reuseInfo.token.resize(USER_AUTH_TOKEN_LEN); + return HDF_SUCCESS; + }); + + IpcCommon::AddPermission(ACCESS_USER_AUTH_INTERNAL_PERMISSION); + IpcCommon::AddPermission(IS_SYSTEM_APP); + std::vector token; + EXPECT_EQ(service.QueryReusableAuthResult(ipcAuthParamInner, token), SUCCESS); + IpcCommon::DeleteAllPermission(); +} + +HWTEST_F(UserAuthServiceTest, QueryReusableAuthResult002, TestSize.Level0) +{ + UserAuthService service; + std::vector tempChallenge = {}; + tempChallenge.resize(32); + IpcAuthParamInner ipcAuthParamInner = {}; + ipcAuthParamInner.userId = 1; + ipcAuthParamInner.isUserIdSpecified = true; + ipcAuthParamInner.challenge = tempChallenge; + ipcAuthParamInner.authTrustLevel = ATL3; + ipcAuthParamInner.authTypes.push_back(PIN); + ipcAuthParamInner.reuseUnlockResult.isReuse = true; + ipcAuthParamInner.reuseUnlockResult.reuseMode = AUTH_TYPE_RELEVANT; + ipcAuthParamInner.reuseUnlockResult.reuseDuration = 5 * 60 * 1000; + + IpcCommon::AddPermission(IS_SYSTEM_APP); + std::vector token; + EXPECT_EQ(service.QueryReusableAuthResult(ipcAuthParamInner, token), CHECK_PERMISSION_FAILED); + IpcCommon::DeleteAllPermission(); +} + +HWTEST_F(UserAuthServiceTest, QueryReusableAuthResult003, TestSize.Level0) +{ + UserAuthService service; + std::vector tempChallenge = {}; + tempChallenge.resize(32); + IpcAuthParamInner ipcAuthParamInner = {}; + ipcAuthParamInner.userId = 1; + ipcAuthParamInner.isUserIdSpecified = true; + ipcAuthParamInner.challenge = tempChallenge; + ipcAuthParamInner.authTrustLevel = ATL3; + ipcAuthParamInner.authTypes.push_back(PIN); + ipcAuthParamInner.reuseUnlockResult.isReuse = true; + ipcAuthParamInner.reuseUnlockResult.reuseMode = AUTH_TYPE_RELEVANT; + ipcAuthParamInner.reuseUnlockResult.reuseDuration = 5 * 60 * 1000; + + auto mockHdi = MockIUserAuthInterface::Holder::GetInstance().Get(); + EXPECT_NE(mockHdi, nullptr); + EXPECT_CALL(*mockHdi, CheckReuseUnlockResult(_, _)) + .WillOnce([](const HdiReuseUnlockParam &info, HdiReuseUnlockInfo &reuseInfo) { + static const uint32_t USER_AUTH_TOKEN_LEN = 148; + reuseInfo.token.resize(USER_AUTH_TOKEN_LEN); + return HDF_SUCCESS; + }); + + IpcCommon::AddPermission(ACCESS_USER_AUTH_INTERNAL_PERMISSION); + std::vector token; + EXPECT_EQ(service.QueryReusableAuthResult(ipcAuthParamInner, token), SUCCESS); + IpcCommon::DeleteAllPermission(); +} + +HWTEST_F(UserAuthServiceTest, QueryReusableAuthResult004, TestSize.Level0) +{ + UserAuthService service; + std::vector tempChallenge = {}; + tempChallenge.resize(32); + IpcAuthParamInner ipcAuthParamInner = {}; + ipcAuthParamInner.userId = 1; + ipcAuthParamInner.isUserIdSpecified = true; + ipcAuthParamInner.challenge = tempChallenge; + ipcAuthParamInner.authTrustLevel = ATL3; + ipcAuthParamInner.authTypes.push_back(PIN); + ipcAuthParamInner.reuseUnlockResult.isReuse = true; + ipcAuthParamInner.reuseUnlockResult.reuseMode = AUTH_TYPE_RELEVANT; + ipcAuthParamInner.reuseUnlockResult.reuseDuration = 5 * 60 * 1000; + + auto mockHdi = MockIUserAuthInterface::Holder::GetInstance().Get(); + EXPECT_NE(mockHdi, nullptr); + EXPECT_CALL(*mockHdi, CheckReuseUnlockResult(_, _)) + .WillOnce([](const HdiReuseUnlockParam &info, HdiReuseUnlockInfo &reuseInfo) { + return HDF_FAILURE; + }); + + IpcCommon::AddPermission(ACCESS_USER_AUTH_INTERNAL_PERMISSION); + IpcCommon::AddPermission(IS_SYSTEM_APP); + std::vector token; + EXPECT_EQ(service.QueryReusableAuthResult(ipcAuthParamInner, token), HDF_FAILURE); + IpcCommon::DeleteAllPermission(); +} + +HWTEST_F(UserAuthServiceTest, QueryReusableAuthResult005, TestSize.Level0) +{ + UserAuthService service; + std::vector tempChallenge = {}; + tempChallenge.resize(32); + IpcAuthParamInner ipcAuthParamInner = {}; + ipcAuthParamInner.userId = 1; + ipcAuthParamInner.isUserIdSpecified = true; + ipcAuthParamInner.challenge = tempChallenge; + ipcAuthParamInner.authTrustLevel = ATL3; + ipcAuthParamInner.authTypes.push_back(PIN); + ipcAuthParamInner.reuseUnlockResult.isReuse = true; + ipcAuthParamInner.reuseUnlockResult.reuseMode = AUTH_TYPE_RELEVANT; + ipcAuthParamInner.reuseUnlockResult.reuseDuration = 5 * 60 * 1000; + + auto mockHdi = MockIUserAuthInterface::Holder::GetInstance().Get(); + EXPECT_NE(mockHdi, nullptr); + EXPECT_CALL(*mockHdi, CheckReuseUnlockResult(_, _)) + .WillOnce([](const HdiReuseUnlockParam &info, HdiReuseUnlockInfo &reuseInfo) { + return HDF_SUCCESS; + }); + + IpcCommon::AddPermission(ACCESS_USER_AUTH_INTERNAL_PERMISSION); + IpcCommon::AddPermission(IS_SYSTEM_APP); + std::vector token; + EXPECT_EQ(service.QueryReusableAuthResult(ipcAuthParamInner, token), SUCCESS); + IpcCommon::DeleteAllPermission(); +} } // namespace UserAuth } // namespace UserIam } // namespace OHOS \ No newline at end of file