diff --git a/bundle.json b/bundle.json index 34414ecbb4bd1450c3b458152c779c10ea6839ee..53b65838383303704d054da83799b09b463b3787 100644 --- a/bundle.json +++ b/bundle.json @@ -61,7 +61,8 @@ "ffrt", "preferences", "eventhandler", - "config_policy" + "config_policy", + "runtime_core" ] }, "build": { @@ -74,7 +75,8 @@ "//base/useriam/user_auth_framework/frameworks/js/napi/user_auth_extension/module_loader:user_auth_extension", "//base/useriam/user_auth_framework/frameworks/js/napi/user_auth_extension/module_loader:user_auth_extension_module", "//base/useriam/user_auth_framework/frameworks/js/napi/user_auth_icon:userauthicon", - "//base/useriam/user_auth_framework/frameworks/js/napi/user_access_ctrl:useraccessctrl" + "//base/useriam/user_auth_framework/frameworks/js/napi/user_access_ctrl:useraccessctrl", + "//base/useriam/user_auth_framework/frameworks/ets/ani:user_auth_framework_ani" ], "service_group": [ "//base/useriam/user_auth_framework/sa_profile:useriam.init", diff --git a/frameworks/common/BUILD.gn b/frameworks/common/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..e37f295925a23f641cfa15857a75e08618b1ad7a --- /dev/null +++ b/frameworks/common/BUILD.gn @@ -0,0 +1,66 @@ +# Copyright (C) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +config("user_auth_common_config") { + include_dirs = [ "inc" ] +} + +ohos_source_set("user_auth_common") { + sanitize = { + integer_overflow = true + boundary_sanitize = true + cfi = true + cfi_cross_dso = true + debug = false + } + branch_protector_ret = "pac_ret" + include_dirs = [ "inc" ] + + remove_configs = [ "//build/config/compiler:no_exceptions" ] + + sources = [ + "src/user_auth_helper.cpp", + "src/modal_extension_callback.cpp", + "src/user_auth_modal_callback.cpp", + "src/user_auth_api_event_reporter.cpp", + "src/config_parser.cpp", + ] + + external_deps = [ + "ability_base:want", + "ability_runtime:ability_context_native", + "ability_runtime:ability_manager", + "ability_runtime:abilitykit_native", + "ability_runtime:app_context", + "ability_runtime:ui_extension", + "ace_engine:ace_uicontent", + "hiappevent:hiappevent_innerapi", + "hilog:libhilog", + ] + + deps = [ + "../native/client:userauth_client", + ] + + configs = [ + "../../common:iam_log_config", + "../../common:iam_utils_config", + ] + + public_configs = [ ":user_auth_common_config" ] + + subsystem_name = "useriam" + part_name = "user_auth_framework" +} diff --git a/frameworks/js/napi/user_auth/inc/auth_common.h b/frameworks/common/inc/auth_common.h similarity index 100% rename from frameworks/js/napi/user_auth/inc/auth_common.h rename to frameworks/common/inc/auth_common.h diff --git a/frameworks/js/napi/user_auth/inc/config_parser.h b/frameworks/common/inc/config_parser.h similarity index 100% rename from frameworks/js/napi/user_auth/inc/config_parser.h rename to frameworks/common/inc/config_parser.h diff --git a/frameworks/js/napi/user_auth/inc/modal_extension_callback.h b/frameworks/common/inc/modal_extension_callback.h similarity index 100% rename from frameworks/js/napi/user_auth/inc/modal_extension_callback.h rename to frameworks/common/inc/modal_extension_callback.h diff --git a/frameworks/js/napi/user_auth/inc/user_auth_api_event_reporter.h b/frameworks/common/inc/user_auth_api_event_reporter.h similarity index 100% rename from frameworks/js/napi/user_auth/inc/user_auth_api_event_reporter.h rename to frameworks/common/inc/user_auth_api_event_reporter.h diff --git a/frameworks/common/inc/user_auth_helper.h b/frameworks/common/inc/user_auth_helper.h new file mode 100644 index 0000000000000000000000000000000000000000..48eeb1a14c558d21211b394558c4e7f9e76f89ee --- /dev/null +++ b/frameworks/common/inc/user_auth_helper.h @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + *     http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef USER_AUTH_HELPER +#define USER_AUTH_HELPER + +#include +#include + +#include "auth_common.h" +#include "user_auth_client_defines.h" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +class UserAuthHelper { +public: + static bool CheckUserAuthType(int32_t authType); + static bool CheckAuthTrustLevel(uint32_t authTrustLevel); + static int32_t GetResultCodeV10(int32_t result); + static int32_t GetResultCodeV20(int32_t result); + static bool CheckReuseUnlockResult(ReuseUnlockResult reuseUnlockResult); +private: + UserAuthHelper() = default; + ~UserAuthHelper() = default; +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + +#endif // USER_AUTH_HELPER diff --git a/frameworks/js/napi/user_auth/inc/user_auth_modal_callback.h b/frameworks/common/inc/user_auth_modal_callback.h similarity index 100% rename from frameworks/js/napi/user_auth/inc/user_auth_modal_callback.h rename to frameworks/common/inc/user_auth_modal_callback.h diff --git a/frameworks/js/napi/user_auth/src/config_parser.cpp b/frameworks/common/src/config_parser.cpp similarity index 98% rename from frameworks/js/napi/user_auth/src/config_parser.cpp rename to frameworks/common/src/config_parser.cpp index f6dda5c4f5fd937d8cfb93e05249bd4c088aa958..bb0aa1be5040fa57a6837251abc58b3a35304cd1 100644 --- a/frameworks/js/napi/user_auth/src/config_parser.cpp +++ b/frameworks/common/src/config_parser.cpp @@ -21,7 +21,7 @@ #include "iam_logger.h" -#define LOG_TAG "USER_AUTH_NAPI" +#define LOG_TAG "USER_AUTH_COMMON" namespace OHOS { namespace UserIam { diff --git a/frameworks/js/napi/user_auth/src/modal_extension_callback.cpp b/frameworks/common/src/modal_extension_callback.cpp similarity index 100% rename from frameworks/js/napi/user_auth/src/modal_extension_callback.cpp rename to frameworks/common/src/modal_extension_callback.cpp diff --git a/frameworks/js/napi/user_auth/src/user_auth_api_event_reporter.cpp b/frameworks/common/src/user_auth_api_event_reporter.cpp similarity index 99% rename from frameworks/js/napi/user_auth/src/user_auth_api_event_reporter.cpp rename to frameworks/common/src/user_auth_api_event_reporter.cpp index 4bea56747a7c98714a9b116d55356025b53792cb..cea6b3a5bb8559a1c94c732865918e3ecd6a0f88 100644 --- a/frameworks/js/napi/user_auth/src/user_auth_api_event_reporter.cpp +++ b/frameworks/common/src/user_auth_api_event_reporter.cpp @@ -24,7 +24,7 @@ #include "config_parser.h" #include "iam_logger.h" -#define LOG_TAG "USER_AUTH_NAPI" +#define LOG_TAG "USER_AUTH_COMMON" namespace OHOS { namespace UserIam { diff --git a/frameworks/common/src/user_auth_helper.cpp b/frameworks/common/src/user_auth_helper.cpp new file mode 100644 index 0000000000000000000000000000000000000000..b46b5137f7a33b0ae181cbdd9c810eb4885f4395 --- /dev/null +++ b/frameworks/common/src/user_auth_helper.cpp @@ -0,0 +1,103 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "user_auth_helper.h" + +#include + +#include "iam_logger.h" + +#define LOG_TAG "USER_AUTH_COMMON" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { + +int32_t UserAuthHelper::GetResultCodeV10(int32_t result) +{ + if (result == CHECK_PERMISSION_FAILED) { + return static_cast(UserAuthResultCode::OHOS_CHECK_PERMISSION_FAILED); + } + if (result == INVALID_PARAMETERS) { + return static_cast(UserAuthResultCode::OHOS_INVALID_PARAM); + } + if (result == CHECK_SYSTEM_APP_FAILED) { + return static_cast(UserAuthResultCode::OHOS_CHECK_SYSTEM_APP_FAILED); + } + if (result == HARDWARE_NOT_SUPPORTED) { + return static_cast(UserAuthResultCode::GENERAL_ERROR); + } + if (result > (INT32_MAX - static_cast(UserAuthResultCode::RESULT_CODE_V10_MIN))) { + return static_cast(UserAuthResultCode::GENERAL_ERROR); + } + int32_t resultCodeV10 = result + static_cast(UserAuthResultCode::RESULT_CODE_V10_MIN); + if (resultCodeV10 >= static_cast(UserAuthResultCode::RESULT_CODE_V10_MIN) && + resultCodeV10 <= static_cast(UserAuthResultCode::RESULT_CODE_V10_MAX)) { + IAM_LOGI("version GetResultCodeV10 resultCodeV10 result: %{public}d", resultCodeV10); + return resultCodeV10; + } + IAM_LOGE("version GetResultCodeV10 resultCodeV10 error"); + return static_cast(UserAuthResultCode::GENERAL_ERROR); +} + +int32_t UserAuthHelper::GetResultCodeV20(int32_t result) +{ + if (result == INVALID_PARAMETERS) { + return static_cast(UserAuthResultCode::PARAM_VERIFIED_FAILED); + } + if (result == REUSE_AUTH_RESULT_FAILED) { + return static_cast(UserAuthResultCode::REUSE_AUTH_RESULT_FAILED); + } + return GetResultCodeV10(result); +} + +bool UserAuthHelper::CheckUserAuthType(int32_t authType) +{ + if (authType != AuthType::PIN && authType != AuthType::FACE && + authType != AuthType::FINGERPRINT && authType != AuthType::PRIVATE_PIN) { + IAM_LOGE("authType check fail:%{public}d", authType); + return false; + } + return true; +} + +bool UserAuthHelper::CheckAuthTrustLevel(uint32_t authTrustLevel) +{ + if (authTrustLevel != AuthTrustLevel::ATL1 && authTrustLevel != AuthTrustLevel::ATL2 && + authTrustLevel != AuthTrustLevel::ATL3 && authTrustLevel != AuthTrustLevel::ATL4) { + IAM_LOGE("authTrustLevel check fail:%{public}d", authTrustLevel); + return false; + } + return true; +} + + bool UserAuthHelper::CheckReuseUnlockResult(ReuseUnlockResult reuseUnlockResult) + { + if (reuseUnlockResult.reuseMode != ReuseMode::AUTH_TYPE_RELEVANT && + reuseUnlockResult.reuseMode != ReuseMode::AUTH_TYPE_IRRELEVANT && + reuseUnlockResult.reuseMode != ReuseMode::CALLER_IRRELEVANT_AUTH_TYPE_RELEVANT && + reuseUnlockResult.reuseMode != ReuseMode::CALLER_IRRELEVANT_AUTH_TYPE_IRRELEVANT) { + IAM_LOGE("reuseMode check fail:%{public}u", reuseUnlockResult.reuseMode); + return false; + } + if (reuseUnlockResult.reuseDuration <= 0 || reuseUnlockResult.reuseDuration > MAX_ALLOWABLE_REUSE_DURATION) { + IAM_LOGE("reuseDuration check fail:%{public}" PRIu64, reuseUnlockResult.reuseDuration); + return false; + } + return true; +} +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS diff --git a/frameworks/js/napi/user_auth/src/user_auth_modal_callback.cpp b/frameworks/common/src/user_auth_modal_callback.cpp similarity index 100% rename from frameworks/js/napi/user_auth/src/user_auth_modal_callback.cpp rename to frameworks/common/src/user_auth_modal_callback.cpp diff --git a/frameworks/ets/ani/BUILD.gn b/frameworks/ets/ani/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..7baccd55924d27acf81b5d4bb1369944e60a39b5 --- /dev/null +++ b/frameworks/ets/ani/BUILD.gn @@ -0,0 +1,20 @@ +# Copyright (C) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +group("user_auth_framework_ani") { + deps = [ + "./user_access_ctrl:user_access_ctrl_ani", + "./user_auth:user_auth_ani", + "./user_auth_extension:user_auth_extension_ani" + ] +} diff --git a/frameworks/ets/ani/user_access_ctrl/BUILD.gn b/frameworks/ets/ani/user_access_ctrl/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..137c5eec4dc2aac8b194a8d5e09416b12580039f --- /dev/null +++ b/frameworks/ets/ani/user_access_ctrl/BUILD.gn @@ -0,0 +1,104 @@ +# Copyright (C) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/components/ets_frontend/ets2abc_config.gni") +import("//build/ohos.gni") +import("//build/ohos/taihe_idl/taihe.gni") +import("../../../../user_auth_framework.gni") + +copy_taihe_idl("user_access_ctrl_copy_taihe_idl") { + sources = [ "idl/ohos.userIAM.userAccessCtrl.taihe" ] + deps = [ "$user_auth_framework_path/frameworks/ets/ani/user_auth:user_auth_copy_taihe_idl" ] +} + +taihe_generated_file_path = + "$taihe_file_path/out/useriam/user_auth_frameworks/user_access_ctrl" +ohos_taihe("user_access_ctrl_taihe") { + taihe_generated_file_path = "$taihe_generated_file_path" + deps = [ ":user_access_ctrl_copy_taihe_idl" ] + outputs = [ + "$taihe_generated_file_path/src/ohos.userIAM.userAccessCtrl.ani.cpp", + "$taihe_generated_file_path/src/ohos.userIAM.userAccessCtrl.abi.c", + ] +} + +generate_static_abc("user_access_ctrl_abc") { + base_url = "$taihe_generated_file_path" + files = [ "$taihe_generated_file_path/@ohos.userIAM.userAccessCtrl.ets" ] + is_boot_abc = "True" + device_dst_file = "system/framework/ohos.userIAM.userAccessCtrl.abc" + dst_file = "$target_out_dir/ohos.userIAM.userAccessCtrl.abc" + out_puts = [ "$target_out_dir/ohos.userIAM.userAccessCtrl.abc" ] + dependencies = [ ":user_access_ctrl_taihe" ] +} + +ohos_prebuilt_etc("user_access_ctrl_abc_etc") { + source = "$target_out_dir/ohos.userIAM.userAccessCtrl.abc" + module_install_dir = "framework" + deps = [ ":user_access_ctrl_abc" ] + part_name = "user_auth_framework" + subsystem_name = "useriam" +} + +taihe_shared_library("useraccessctrl_ani") { + sanitize = { + integer_overflow = true + ubsan = true + boundary_sanitize = true + cfi = true + cfi_cross_dso = true + debug = false + } + branch_protector_ret = "pac_ret" + remove_configs = [ "//build/config/compiler:no_exceptions" ] + + taihe_generated_file_path = "$taihe_generated_file_path" + include_dirs = [ + "${user_auth_framework_path}/common/logs", + "${user_auth_framework_path}/common/utils", + ] + + sources = get_target_outputs(":user_access_ctrl_taihe") + + sources += [ + "src/ani_constructor.cpp", + "src/ohos.userIAM.userAccessCtrl.impl.cpp", + ] + + deps = [ + ":user_access_ctrl_taihe", + "${user_auth_framework_path}/frameworks/native/client:userauth_client", + ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + "ipc:ipc_single", + "runtime_core:ani", + "runtime_core:libarkruntime", + ] + + if (use_musl) { + version_script = "user_access_ctrl_ani_map" + } + + part_name = "user_auth_framework" + subsystem_name = "useriam" +} + +group("user_access_ctrl_ani") { + deps = [ + ":user_access_ctrl_abc_etc", + ":useraccessctrl_ani", + ] +} diff --git a/frameworks/ets/ani/user_access_ctrl/idl/ohos.userIAM.userAccessCtrl.taihe b/frameworks/ets/ani/user_access_ctrl/idl/ohos.userIAM.userAccessCtrl.taihe new file mode 100644 index 0000000000000000000000000000000000000000..ca8dd28c987373d440785ab9c7df2b61a2bc33ce --- /dev/null +++ b/frameworks/ets/ani/user_access_ctrl/idl/ohos.userIAM.userAccessCtrl.taihe @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +@!namespace("@ohos.userIAM.userAccessCtrl", "userAccessCtrl") + +from ohos.userIAM.userAuth.userAuth use AuthTrustLevel, UserAuthType; + +@!sts_inject(""" +static { loadLibrary("useraccessctrl_ani.z"); } +""") + +enum AuthTokenType : i32 { + TOKEN_TYPE_LOCAL_AUTH = 0, + TOKEN_TYPE_LOCAL_RESIGN = 1, + TOKEN_TYPE_COAUTH = 2 +} + +struct AuthToken { + challenge: @typedarray Array; + authTrustLevel: AuthTrustLevel; + authType: UserAuthType; + tokenType: AuthTokenType; + userId: i32; + timeInterval: i64; + secureUid: Optional; + enrolledId: Optional; + credentialId: Optional; +} + +@gen_promise("verifyAuthToken") +function verifyAuthTokenSync(authToken: @typedarray Array, allowableDuration: i32): AuthToken; \ No newline at end of file diff --git a/frameworks/ets/ani/user_access_ctrl/src/ani_constructor.cpp b/frameworks/ets/ani/user_access_ctrl/src/ani_constructor.cpp new file mode 100644 index 0000000000000000000000000000000000000000..bde731fae44b23e7a5a493a9278bf4e3b7bc6f93 --- /dev/null +++ b/frameworks/ets/ani/user_access_ctrl/src/ani_constructor.cpp @@ -0,0 +1,30 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "ohos.userIAM.userAccessCtrl.ani.hpp" + +ANI_EXPORT ani_status ANI_Constructor(ani_vm *vm, uint32_t *result) +{ + ani_env *env; + if (ANI_OK != vm->GetEnv(ANI_VERSION_1, &env)) { + return ANI_ERROR; + } + if (ANI_OK != ohos::userIAM::userAccessCtrl::ANIRegister(env)) { + std::cerr << "ohos::userIAM::userAccessCtrl" << std::endl; + return ANI_ERROR; + } + *result = ANI_VERSION_1; + return ANI_OK; +} diff --git a/frameworks/ets/ani/user_access_ctrl/src/ohos.userIAM.userAccessCtrl.impl.cpp b/frameworks/ets/ani/user_access_ctrl/src/ohos.userIAM.userAccessCtrl.impl.cpp new file mode 100644 index 0000000000000000000000000000000000000000..21e626be319f9d860c8064c3435b39b77d95276b --- /dev/null +++ b/frameworks/ets/ani/user_access_ctrl/src/ohos.userIAM.userAccessCtrl.impl.cpp @@ -0,0 +1,321 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "ohos.userIAM.userAccessCtrl.impl.hpp" + +#include "taihe/runtime.hpp" + +#include +#include +#include +#include + +#include "attributes.h" +#include "iam_check.h" +#include "iam_common_defines.h" +#include "iam_logger.h" +#include "iam_ptr.h" +#include "user_access_ctrl_client.h" + +#define LOG_TAG "USER_ACCESS_CTRL_ANI" + +namespace userAccessCtrl = ohos::userIAM::userAccessCtrl; +namespace userAuth = ohos::userIAM::userAuth::userAuth; +namespace UserAuth = OHOS::UserIam::UserAuth; +using namespace taihe; +using namespace OHOS::UserIam::Common; +namespace OHOS { +namespace UserIam { +namespace UserAuth { +enum class JsResultCode : int32_t { + OHOS_CHECK_PERMISSION_FAILED = 201, + OHOS_CHECK_SYSTEM_APP_FAILED = 202, + OHOS_INVALID_PARAM = 401, + GENERAL_ERROR = 12500002, + AUTH_TOKEN_CHECK_FAILED = 12500015, + AUTH_TOKEN_EXPIRED = 12500016, +}; + +struct VerifyAuthTokenResult { + int32_t resultCode; + std::vector extraInfo; +}; + +class VerifyAuthTokenCallback : public VerifyTokenCallback { +public: + VerifyAuthTokenCallback() + { + future_ = promise_.get_future().share(); + } + + void OnResult(int32_t result, const Attributes &extraInfo) override + { + std::lock_guard lock(mutex_); + IAM_LOGI("result: %{public}d, resultSet_: %{public}d", result, resultSet_); + if (!resultSet_) { + VerifyAuthTokenResult verifyAuthTokenResult { result, extraInfo.Serialize() }; + promise_.set_value(verifyAuthTokenResult); + resultSet_ = true; + } + } + + std::shared_future GetFuture() + { + std::lock_guard lock(mutex_); + return future_; + } + +private: + std::mutex mutex_; + std::promise promise_; + std::shared_future future_; + bool resultSet_ = false; +}; + +bool ConvertAllowableDuration(int32_t allowableDuration, uint64_t &outAllowableDurationUint64) +{ + constexpr const double maxAllowableDuration = 24 * 60 * 60 * 1000; + if (allowableDuration <= 0 || allowableDuration > maxAllowableDuration) { + IAM_LOGE("allowableDuration check fail:%{public}d", allowableDuration); + return false; + } + outAllowableDurationUint64 = static_cast(allowableDuration); + return true; +} + +bool CheckAuthTokenLen(std::vector &authToken) +{ + constexpr const size_t maxAuthTokenLen = 1024; + if (authToken.size() > maxAuthTokenLen) { + IAM_LOGE("authToken length check fail:%{public}zu", authToken.size()); + return false; + } + return true; +} + +bool ConvertAuthTrustLevel(int32_t authTrustLevel, userAuth::AuthTrustLevel &authTrustLevelOut) +{ + switch (authTrustLevel) { + case AuthTrustLevel::ATL1: + authTrustLevelOut = userAuth::AuthTrustLevel::key_t::ATL1; + return true; + case AuthTrustLevel::ATL2: + authTrustLevelOut = userAuth::AuthTrustLevel::key_t::ATL2; + return true; + case AuthTrustLevel::ATL3: + authTrustLevelOut = userAuth::AuthTrustLevel::key_t::ATL3; + return true; + case AuthTrustLevel::ATL4: + authTrustLevelOut = userAuth::AuthTrustLevel::key_t::ATL4; + return true; + default: + IAM_LOGE("invalid authTrustLevel:%{public}d", authTrustLevel); + return false; + } +} + +bool ConvertUserAuthType(int32_t userAuthType, userAuth::UserAuthType &userAuthTypeOut) +{ + switch (userAuthType) { + case AuthType::PIN: + userAuthTypeOut = userAuth::UserAuthType::key_t::PIN; + return true; + case AuthType::FACE: + userAuthTypeOut = userAuth::UserAuthType::key_t::FACE; + return true; + case AuthType::FINGERPRINT: + userAuthTypeOut = userAuth::UserAuthType::key_t::FINGERPRINT; + return true; + case AuthType::PRIVATE_PIN: + userAuthTypeOut = userAuth::UserAuthType::key_t::PRIVATE_PIN; + return true; + default: + IAM_LOGE("invalid userAuthType:%{public}d", userAuthType); + return false; + } +} + +bool ConvertAuthTokenType(int32_t authTokenType, userAccessCtrl::AuthTokenType &authTokenTypeOut) +{ + switch (authTokenType) { + case AuthTokenType::TOKEN_TYPE_LOCAL_AUTH: + authTokenTypeOut = userAccessCtrl::AuthTokenType::key_t::TOKEN_TYPE_LOCAL_AUTH; + return true; + case AuthTokenType::TOKEN_TYPE_LOCAL_RESIGN: + authTokenTypeOut = userAccessCtrl::AuthTokenType::key_t::TOKEN_TYPE_LOCAL_RESIGN; + return true; + case AuthTokenType::TOKEN_TYPE_LOCAL_COAUTH: + authTokenTypeOut = userAccessCtrl::AuthTokenType::key_t::TOKEN_TYPE_COAUTH; + return true; + default: + IAM_LOGE("invalid authTokenType:%{public}d", authTokenType); + return false; + } +} + +bool FillAniAuthToken(const std::vector &extraInfo, userAccessCtrl::AuthToken &authToken) +{ + Attributes attr(extraInfo); + + std::vector localChallenge; + bool getChallengeRet = attr.GetUint8ArrayValue(Attributes::ATTR_CHALLENGE, localChallenge); + IF_FALSE_LOGE_AND_RETURN_VAL(getChallengeRet, false); + authToken.challenge = array_view(localChallenge); + + int32_t localAuthTrustLevel; + bool getAuthTrustLevelRet = attr.GetInt32Value(Attributes::ATTR_AUTH_TRUST_LEVEL, localAuthTrustLevel); + IF_FALSE_LOGE_AND_RETURN_VAL(getAuthTrustLevelRet, false); + bool convertAuthTrustLevelRet = ConvertAuthTrustLevel(localAuthTrustLevel, authToken.authTrustLevel); + IF_FALSE_LOGE_AND_RETURN_VAL(convertAuthTrustLevelRet, false); + + int32_t localAuthType; + bool getAuthTypeRet = attr.GetInt32Value(Attributes::ATTR_AUTH_TYPE, localAuthType); + IF_FALSE_LOGE_AND_RETURN_VAL(getAuthTypeRet, false); + bool convertUserAuthTypeRet = ConvertUserAuthType(localAuthType, authToken.authType); + IF_FALSE_LOGE_AND_RETURN_VAL(convertUserAuthTypeRet, false); + + int32_t localTokenType; + bool getTokenTypeRet = attr.GetInt32Value(Attributes::ATTR_TOKEN_TYPE, localTokenType); + IF_FALSE_LOGE_AND_RETURN_VAL(getTokenTypeRet, false); + bool convertAuthTokenTypeRet = ConvertAuthTokenType(localTokenType, authToken.tokenType); + IF_FALSE_LOGE_AND_RETURN_VAL(convertAuthTokenTypeRet, false); + + int32_t userId = 0; + bool getUserIdRet = attr.GetInt32Value(Attributes::ATTR_USER_ID, userId); + IF_FALSE_LOGE_AND_RETURN_VAL(getUserIdRet, false); + authToken.userId = userId; + + bool getTokenTimeIntervalRet = attr.GetInt64Value(Attributes::ATTR_TOKEN_TIME_INTERVAL, authToken.timeInterval); + IF_FALSE_LOGE_AND_RETURN_VAL(getTokenTimeIntervalRet, false); + + int64_t secureUid; + bool getSecureUidRet = attr.GetInt64Value(Attributes::ATTR_SEC_USER_ID, secureUid); + if (!getSecureUidRet) { + IAM_LOGE("optional: ATTR_SEC_USER_ID is not set"); + } else { + authToken.secureUid = optional::make(secureUid); + } + + int64_t enrolledId; + bool getEnrolledIdRet = attr.GetInt64Value(Attributes::ATTR_CREDENTIAL_DIGEST, enrolledId); + if (!getEnrolledIdRet) { + IAM_LOGE("optional: ATTR_CREDENTIAL_DIGEST is not set"); + } else { + authToken.enrolledId = optional::make(enrolledId); + } + + int64_t credentialId; + bool getCredentialIdRet = attr.GetInt64Value(Attributes::ATTR_CREDENTIAL_ID, credentialId); + if (!getCredentialIdRet) { + IAM_LOGE("optional: ATTR_CREDENTIAL_ID is not set"); + } else { + authToken.credentialId = optional::make(credentialId); + } + + return true; +} + +ResultCode VerifyAuthTokenSyncInner(array_view authToken, int32_t allowableDuration, + userAccessCtrl::AuthToken &authTokenOut) +{ + int32_t maxWaitTime = 10000; // 10 seconds + IAM_LOGD("start"); + std::shared_ptr callback = MakeShared(); + IF_FALSE_LOGE_AND_RETURN_VAL(callback != nullptr, ResultCode::GENERAL_ERROR); + + std::vector localAuthToken(authToken.begin(), authToken.end()); + uint64_t allowableDurationUint64 = 0; + if (!CheckAuthTokenLen(localAuthToken) || !ConvertAllowableDuration(allowableDuration, allowableDurationUint64)) { + return ResultCode::INVALID_PARAMETERS; + } + + UserAccessCtrlClient::GetInstance().VerifyAuthToken(localAuthToken, allowableDurationUint64, callback); + auto future = callback->GetFuture(); + auto result = future.wait_for(std::chrono::milliseconds(maxWaitTime)); + if (result == std::future_status::timeout) { + IAM_LOGE("verifyAuthToken timeout"); + return ResultCode::TIMEOUT; + } + + VerifyAuthTokenResult verifyAuthTokenResult = future.get(); + if (verifyAuthTokenResult.resultCode != ResultCode::SUCCESS) { + IAM_LOGE("verifyAuthToken resultCode error:%{public}d", verifyAuthTokenResult.resultCode); + return static_cast(verifyAuthTokenResult.resultCode); + } + bool fillAniAuthTokenRet = FillAniAuthToken(verifyAuthTokenResult.extraInfo, authTokenOut); + IF_FALSE_LOGE_AND_RETURN_VAL(fillAniAuthTokenRet, ResultCode::GENERAL_ERROR); + + IAM_LOGD("success"); + return ResultCode::SUCCESS; +} + +void ThrowBusinessError(ResultCode ret) +{ + const std::map> result2Pair = { + { ResultCode::INVALID_PARAMETERS, { JsResultCode::OHOS_INVALID_PARAM, "Invalid authentication parameters." } }, + { ResultCode::CHECK_PERMISSION_FAILED, { JsResultCode::OHOS_CHECK_PERMISSION_FAILED, "Permission denied." } }, + { ResultCode::CHECK_SYSTEM_APP_FAILED, + { JsResultCode::OHOS_CHECK_SYSTEM_APP_FAILED, "The caller is not a system application." } }, + { ResultCode::GENERAL_ERROR, { JsResultCode::GENERAL_ERROR, "Unknown errors." } }, + { ResultCode::AUTH_TOKEN_CHECK_FAILED, + { JsResultCode::AUTH_TOKEN_CHECK_FAILED, + "Operation failed because of authToken integrity check failed." } }, + { ResultCode::AUTH_TOKEN_EXPIRED, + { JsResultCode::AUTH_TOKEN_EXPIRED, "Operation failed because of authToken has expired." } } + }; + + if (ret == ResultCode::SUCCESS) { + return; + } + + auto pair = result2Pair.find(ret); + if (pair == result2Pair.end()) { + pair = result2Pair.find(ResultCode::GENERAL_ERROR); + } + IF_FALSE_LOGE_AND_RETURN(pair != result2Pair.end()); + IAM_LOGE("ThrowBusinessError, result: %{public}d, errorCode: %{public}d, errmsg: %{public}s", pair->first, + pair->second.first, pair->second.second.c_str()); + set_business_error(static_cast(pair->second.first), pair->second.second); +} + +userAccessCtrl::AuthToken VerifyAuthTokenSync(array_view authToken, double allowableDuration) +{ + IAM_LOGI("start"); + userAccessCtrl::AuthToken authTokenOut = { + array_view(nullptr, 0), + userAuth::AuthTrustLevel::key_t::ATL1, + userAuth::UserAuthType::key_t::PIN, + userAccessCtrl::AuthTokenType::key_t::TOKEN_TYPE_LOCAL_AUTH, + }; + + ResultCode ret = VerifyAuthTokenSyncInner(authToken, allowableDuration, authTokenOut); + if (ret != ResultCode::SUCCESS) { + ThrowBusinessError(ret); + return authTokenOut; + } + IAM_LOGI("success"); + return authTokenOut; +} +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + +namespace { +userAccessCtrl::AuthToken verifyAuthTokenSync(array_view authToken, double allowableDuration) +{ + return UserAuth::VerifyAuthTokenSync(authToken, allowableDuration); +} +} // namespace +TH_EXPORT_CPP_API_verifyAuthTokenSync(verifyAuthTokenSync); diff --git a/frameworks/ets/ani/user_access_ctrl/user_access_ctrl_ani_map b/frameworks/ets/ani/user_access_ctrl/user_access_ctrl_ani_map new file mode 100644 index 0000000000000000000000000000000000000000..443c2148f1fa0d4e1c23c0c6c631ad584c498906 --- /dev/null +++ b/frameworks/ets/ani/user_access_ctrl/user_access_ctrl_ani_map @@ -0,0 +1,22 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{ + global: + extern "C++" { + ANI_Constructor; + taihe*; + }; + local: + *; +}; \ No newline at end of file diff --git a/frameworks/ets/ani/user_auth/BUILD.gn b/frameworks/ets/ani/user_auth/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..84bc34488700c5e1421d963d9b6623424acc8e61 --- /dev/null +++ b/frameworks/ets/ani/user_auth/BUILD.gn @@ -0,0 +1,116 @@ +# Copyright (C) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/components/ets_frontend/ets2abc_config.gni") +import("//build/ohos.gni") +import("//build/ohos/taihe_idl/taihe.gni") +import("../../../../user_auth_framework.gni") + +copy_taihe_idl("user_auth_copy_taihe_idl") { + sources = [ + "idl/ohos.userIAM.userAuth.taihe", + "idl/ohos.userIAM.userAuth.userAuth.taihe", + ] +} + +subsystem_name = "useriam" +part_name = "user_auth_framework" +taihe_generated_file_path = "$taihe_file_path/out/$subsystem_name/$part_name" + +ohos_taihe("user_auth_taihe") { + taihe_generated_file_path = "$taihe_generated_file_path" + deps = [ ":user_auth_copy_taihe_idl" ] + outputs = [ + "$taihe_generated_file_path/src/ohos.userIAM.userAuth.userAuth.ani.cpp", + "$taihe_generated_file_path/src/ohos.userIAM.userAuth.userAuth.abi.c", + ] +} + +taihe_shared_library("userauth_ani") { + include_dirs = [ + "inc", + "../../../common/inc", + ] + sources = get_target_outputs(":user_auth_taihe") + sources += [ + "src/ani_constructor.cpp", + "src/ohos.userIAM.userAuth.userAuth.impl.cpp", + "src/user_auth_ani_helper.cpp", + "src/user_auth_callback_v10.cpp", + "src/user_auth_instance_v10.cpp", + "src/user_auth_widget_callback_v10.cpp", + "src/user_auth_widget_mgr_v10.cpp", + ] + external_deps = [ + "ability_base:want", + "ability_runtime:ability_context_native", + "ability_runtime:ability_manager", + "ability_runtime:abilitykit_native", + "ability_runtime:ani_base_context", + "ability_runtime:app_context", + "ability_runtime:ui_extension", + "ace_engine:ace_uicontent", + "c_utils:utils", + "hiappevent:hiappevent_innerapi", + "hilog:libhilog", + "ipc:ipc_single", + "runtime_core:ani", + ] + + sanitize = { + integer_overflow = true + boundary_sanitize = true + cfi = true + cfi_cross_dso = true + debug = false + } + + configs = [ + "../../../../common:iam_log_config", + "../../../../common:iam_utils_config", + ] + + deps = [ + ":user_auth_taihe", + "../../../native/client:userauth_client", + "../../../common:user_auth_common", + ] + remove_configs = [ "//build/config/compiler:no_exceptions" ] + taihe_generated_file_path = "$taihe_generated_file_path" + output_extension = "so" + part_name = "$part_name" + subsystem_name = "$subsystem_name" +} + +generate_static_abc("user_auth") { + base_url = "$taihe_generated_file_path" + files = [ "$taihe_generated_file_path/@ohos.userIAM.userAuth.ets" ] + is_boot_abc = "True" + device_dst_file = "system/framework/user_auth.abc" + dependencies = [ ":user_auth_taihe" ] +} + +ohos_prebuilt_etc("user_auth_abc_etc") { + source = "$target_out_dir/user_auth.abc" + module_install_dir = "framework" + deps = [ ":user_auth" ] + part_name = "$part_name" + subsystem_name = "$subsystem_name" +} + +group("user_auth_ani") { + deps = [ + ":user_auth_abc_etc", + ":userauth_ani", + ] +} diff --git a/frameworks/ets/ani/user_auth/idl/ohos.userIAM.userAuth.taihe b/frameworks/ets/ani/user_auth/idl/ohos.userIAM.userAuth.taihe new file mode 100644 index 0000000000000000000000000000000000000000..000e3ab7c8ca560478261eb2798c7308687a47cb --- /dev/null +++ b/frameworks/ets/ani/user_auth/idl/ohos.userIAM.userAuth.taihe @@ -0,0 +1,20 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +@!namespace("@ohos.userIAM.userAuth") + +@!sts_inject(""" +import Context from 'application.Context'; +""") diff --git a/frameworks/ets/ani/user_auth/idl/ohos.userIAM.userAuth.userAuth.taihe b/frameworks/ets/ani/user_auth/idl/ohos.userIAM.userAuth.userAuth.taihe new file mode 100644 index 0000000000000000000000000000000000000000..cabb46a4ca87f481e6f8e184dd64d9d347cc26ef --- /dev/null +++ b/frameworks/ets/ani/user_auth/idl/ohos.userIAM.userAuth.userAuth.taihe @@ -0,0 +1,132 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +@!namespace("@ohos.userIAM.userAuth", "userAuth") + +@!sts_inject(""" +static { loadLibrary("userauth_ani"); } +export const MAX_ALLOWABLE_REUSE_DURATION : int = 300000; +""") + +enum UserAuthType : i32 { + PIN = 1, + FACE = 2, + FINGERPRINT = 4, + PRIVATE_PIN = 16 +} + +enum AuthTrustLevel : i32 { + ATL1 = 10000, + ATL2 = 20000, + ATL3 = 30000, + ATL4 = 40000 +} + +enum WindowModeType : i32 { + DIALOG_BOX = 1, + FULLSCREEN = 2 +} + +enum ReuseMode : i32 { + AUTH_TYPE_RELEVANT = 1, + AUTH_TYPE_IRRELEVANT = 2, + CALLER_IRRELEVANT_AUTH_TYPE_RELEVANT = 3, + CALLER_IRRELEVANT_AUTH_TYPE_IRRELEVANT = 4 +} + +enum NoticeType : i32 { + WIDGET_NOTICE = 1 +} + +enum UserAuthResultCode : i32 { + SUCCESS = 12500000, + FAIL = 12500001, + GENERAL_ERROR = 12500002, + CANCELED = 12500003, + TIMEOUT = 12500004, + TYPE_NOT_SUPPORT = 12500005, + TRUST_LEVEL_NOT_SUPPORT = 12500006, + BUSY = 12500007, + LOCKED = 12500009, + NOT_ENROLLED = 12500010, + CANCELED_FROM_WIDGET = 12500011, + PIN_EXPIRED = 12500013, + AUTH_TOKEN_CHECK_FAILED = 12500015, + AUTH_TOKEN_EXPIRED = 12500016 +} + +struct EnrolledState { + credentialDigest: i32; + credentialCount: i32; +} + +struct ReuseUnlockResult { + reuseMode: ReuseMode; + reuseDuration: i32; +} + +struct AuthParam { + challenge: @typedarray Array; + authType: Array; + authTrustLevel: AuthTrustLevel; + reuseUnlockResult: Optional; + userId: Optional; +} + +struct WidgetParam { + title: String; + navigationButtonText: Optional; + windowMode: Optional; + uiContext: Optional<@sts_type("Context") Opaque>; +} + +struct UserAuthResult { + result: i32; + token: Optional<@typedarray Array>; + authType: Optional; + enrolledState: Optional; +} + +struct IAuthCallback { + onResult: (result: UserAuthResult) => void; +} + +struct IAuthWidgetCallback { + sendCommand: (cmdData: String) => void; +} + +interface UserAuthInstance { + on(type: String, callback: IAuthCallback): void; + off(type: String, callback: Optional): void; + start(): void; + cancel(): void; +} + +interface UserAuthWidgetMgr { + on(type: String, callback: IAuthWidgetCallback): void; + off(type: String, callback: Optional): void; +} + +function GetAvailableStatus(authType: UserAuthType, authTrustLevel: AuthTrustLevel): void; + +function GetEnrolledState(authType: UserAuthType): EnrolledState; + +function GetUserAuthInstance(authParam: AuthParam, widgetParam: WidgetParam): UserAuthInstance; + +function SendNotice(noticeType: NoticeType, eventData: String): void; + +function GetUserAuthWidgetMgr(version: i32): UserAuthWidgetMgr; + +function QueryReusableAuthResult(authParam: AuthParam): @typedarray Array; \ No newline at end of file diff --git a/frameworks/ets/ani/user_auth/inc/user_auth_ani_helper.h b/frameworks/ets/ani/user_auth/inc/user_auth_ani_helper.h new file mode 100644 index 0000000000000000000000000000000000000000..e8902012dde0d0e2e830cb24e1bfd7d0e18cded2 --- /dev/null +++ b/frameworks/ets/ani/user_auth/inc/user_auth_ani_helper.h @@ -0,0 +1,46 @@ +/** + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef USER_AUTH_ANI_HELPER +#define USER_AUTH_ANI_HELPER + +#include + +#include "nocopyable.h" +#include "ohos.userIAM.userAuth.userAuth.proj.hpp" + +#include "auth_common.h" +#include "user_auth_client_defines.h" + +namespace userAuth = ohos::userIAM::userAuth::userAuth; + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +class UserAuthAniHelper { +public: + static UserAuthResultCode ThrowBusinessError(UserAuthResultCode error); + static bool VerifyNoticeParam(const std::string &eventData); + static bool ConvertUserAuthType(int32_t userAuthType, userAuth::UserAuthType &userAuthTypeOut); + +private: + UserAuthAniHelper() = default; + ~UserAuthAniHelper() = default; +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + +#endif // USER_AUTH_ANI_HELPER diff --git a/frameworks/ets/ani/user_auth/inc/user_auth_callback_v10.h b/frameworks/ets/ani/user_auth/inc/user_auth_callback_v10.h new file mode 100644 index 0000000000000000000000000000000000000000..40a61e2341d3eb091cbc8db4df8913c8211316c4 --- /dev/null +++ b/frameworks/ets/ani/user_auth/inc/user_auth_callback_v10.h @@ -0,0 +1,58 @@ +/** + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef USER_AUTH_CALLBACK_V10_H +#define USER_AUTH_CALLBACK_V10_H + +#include + +#include "nocopyable.h" +#include "ohos.userIAM.userAuth.userAuth.proj.hpp" + +#include "iam_ptr.h" +#include "auth_common.h" +#include "iam_common_defines.h" +#include "user_auth_ani_helper.h" +#include "user_auth_client.h" +#include "user_auth_common_defines.h" + +namespace userAuth = ohos::userIAM::userAuth::userAuth; + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +class UserAuthCallbackV10 : public AuthenticationCallback, + public std::enable_shared_from_this, + public NoCopyable { +public: + explicit UserAuthCallbackV10(); + ~UserAuthCallbackV10() override; + void OnAcquireInfo(int32_t module, uint32_t acquireInfo, const Attributes& extraInfo) override; + void OnResult(int32_t result, const Attributes& extraInfo) override; + void SetResultCallback(const userAuth::IAuthCallback& resultCallback); + void ClearResultCallback(); + bool HasResultCallback(); + +private: + bool DoResultCallback( + int32_t result, const std::vector& token, int32_t authType, EnrolledState enrolledState); + std::mutex mutex_; + std::shared_ptr resultCallback_ = nullptr; +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + +#endif // USER_AUTH_CALLBACK_V10_H diff --git a/frameworks/ets/ani/user_auth/inc/user_auth_instance_v10.h b/frameworks/ets/ani/user_auth/inc/user_auth_instance_v10.h new file mode 100644 index 0000000000000000000000000000000000000000..90ce1d2a8998a88a05234badec622b7828329a65 --- /dev/null +++ b/frameworks/ets/ani/user_auth/inc/user_auth_instance_v10.h @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef USER_AUTH_INSTANCE_V10_H +#define USER_AUTH_INSTANCE_V10_H + +#include + +#include "ability.h" +#include "nocopyable.h" + +#include "iam_ptr.h" +#include "auth_common.h" +#include "user_auth_client_defines.h" +#include "user_auth_callback_v10.h" +#include "user_auth_napi_client_impl.h" +#include "user_auth_modal_callback.h" + +#include "ohos.userIAM.userAuth.userAuth.proj.hpp" + +namespace userAuth = ohos::userIAM::userAuth::userAuth; + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +class UserAuthInstanceV10 : public NoCopyable { +public: + explicit UserAuthInstanceV10(); + ~UserAuthInstanceV10() = default; + + UserAuthResultCode Init(userAuth::AuthParam const &authParam, userAuth::WidgetParam const &widgetParam); + UserAuthResultCode On(std::string type, userAuth::IAuthCallback const &callback); + UserAuthResultCode Off(std::string type, taihe::optional_view callback); + UserAuthResultCode Start(); + UserAuthResultCode Cancel(); + +private: + UserAuthResultCode InitAuthParam(userAuth::AuthParam const &authParam); + UserAuthResultCode InitWidgetParam(userAuth::WidgetParam const &widgetParam); + UserAuthResultCode InitChallenge(userAuth::AuthParam const &authParam); + UserAuthResultCode InitAuthType(userAuth::AuthParam const &authParam); + UserAuthResultCode InitAuthTrustLevel(userAuth::AuthParam const &authParam); + UserAuthResultCode InitReuseUnlockResult(userAuth::AuthParam const &authParam); + UserAuthResultCode InitUserId(userAuth::AuthParam const &authParam); + UserAuthResultCode InitTitle(userAuth::WidgetParam const &widgetParam); + UserAuthResultCode InitNavigationButtonText(userAuth::WidgetParam const &widgetParam); + UserAuthResultCode InitWindowMode(userAuth::WidgetParam const &widgetParam); + UserAuthResultCode InitContext(userAuth::WidgetParam const &widgetParam); + bool CheckUIContext(const std::shared_ptr context); + + uint64_t contextId_ = 0; + bool isAuthStarted_ = false; + + AuthParamInner authParam_ = {}; + UserAuthNapiClientImpl::WidgetParamNapi widgetParam_ = {}; + + std::mutex mutex_; + std::shared_ptr callback_ = nullptr; + std::shared_ptr modalCallback_ = nullptr; + std::shared_ptr context_ = nullptr; +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + +#endif // USER_AUTH_INSTANCE_V10_H diff --git a/frameworks/ets/ani/user_auth/inc/user_auth_widget_callback_v10.h b/frameworks/ets/ani/user_auth/inc/user_auth_widget_callback_v10.h new file mode 100644 index 0000000000000000000000000000000000000000..70f980dcbe9e1de7b427e3e5a88e75ff2a82c501 --- /dev/null +++ b/frameworks/ets/ani/user_auth/inc/user_auth_widget_callback_v10.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef USER_AUTH_WIDGET_CALLBACK_V10_H +#define USER_AUTH_WIDGET_CALLBACK_V10_H + +#include + +#include "nocopyable.h" +#include "ohos.userIAM.userAuth.userAuth.proj.hpp" + +#include "iam_common_defines.h" +#include "auth_common.h" +#include "iuser_auth_widget_callback.h" +#include "user_auth_ani_helper.h" +#include "user_auth_common_defines.h" + +namespace userAuth = ohos::userIAM::userAuth::userAuth; + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +class UserAuthWidgetCallback : public IUserAuthWidgetCallback, + public std::enable_shared_from_this, + public NoCopyable { +public: + explicit UserAuthWidgetCallback(); + ~UserAuthWidgetCallback() override; + void SendCommand(const std::string& cmdData) override; + void SetCommandCallback(userAuth::IAuthWidgetCallback const& callback); + void ClearCommandCallback(); + bool HasCommandCallback(); + +private: + std::mutex mutex_; + std::shared_ptr commandCallback_ = nullptr; +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + +#endif // USER_AUTH_WIDGET_CALLBACK_V10_H diff --git a/frameworks/ets/ani/user_auth/inc/user_auth_widget_mgr_v10.h b/frameworks/ets/ani/user_auth/inc/user_auth_widget_mgr_v10.h new file mode 100644 index 0000000000000000000000000000000000000000..6668b02e7bd1685af2b0e2f9777d8676c2a56586 --- /dev/null +++ b/frameworks/ets/ani/user_auth/inc/user_auth_widget_mgr_v10.h @@ -0,0 +1,52 @@ +/** + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef USER_AUTH_WIDGET_MGR_V10 +#define USER_AUTH_WIDGET_MGR_V10 + +#include + +#include "nocopyable.h" + +#include "iam_common_defines.h" +#include "auth_common.h" +#include "user_auth_ani_helper.h" +#include "user_auth_client.h" +#include "user_auth_common_defines.h" +#include "user_auth_widget_callback_v10.h" + +namespace userAuth = ohos::userIAM::userAuth::userAuth; + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +class UserAuthWidgetMgr : public NoCopyable { +public: + explicit UserAuthWidgetMgr(); + ~UserAuthWidgetMgr() = default; + + UserAuthResultCode Init(int32_t version); + UserAuthResultCode On(std::string type, userAuth::IAuthWidgetCallback const &callback); + UserAuthResultCode Off(std::string type, taihe::optional_view callback); + +private: + int32_t version_ = 1; + std::shared_ptr callback_ = nullptr; +}; +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + +#endif // USER_AUTH_WIDGET_MGR_V10 diff --git a/frameworks/ets/ani/user_auth/src/ani_constructor.cpp b/frameworks/ets/ani/user_auth/src/ani_constructor.cpp new file mode 100644 index 0000000000000000000000000000000000000000..3b124779fef3b79ec9c675ec901c78a95e363bb7 --- /dev/null +++ b/frameworks/ets/ani/user_auth/src/ani_constructor.cpp @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "ohos.userIAM.userAuth.userAuth.ani.hpp" + +#include "iam_logger.h" + +#define LOG_TAG "USER_AUTH_ANI" + +ANI_EXPORT ani_status ANI_Constructor(ani_vm *vm, uint32_t *result) +{ + IAM_LOGI("ANI_Constructor begin"); + if (vm == nullptr || result == nullptr) { + IAM_LOGE("Error from ohos::userIAM::userAuth::userAuth::ANIRegister"); + return ANI_ERROR; + } + ani_env *env; + if (ANI_OK != vm->GetEnv(ANI_VERSION_1, &env)) { + return ANI_ERROR; + } + if (ANI_OK != ohos::userIAM::userAuth::userAuth::ANIRegister(env)) { + IAM_LOGE("Error from ohos::userIAM::userAuth::userAuth::ANIRegister"); + return ANI_ERROR; + } + *result = ANI_VERSION_1; + IAM_LOGI("ANI_Constructor end"); + return ANI_OK; +} diff --git a/frameworks/ets/ani/user_auth/src/ohos.userIAM.userAuth.userAuth.impl.cpp b/frameworks/ets/ani/user_auth/src/ohos.userIAM.userAuth.userAuth.impl.cpp new file mode 100644 index 0000000000000000000000000000000000000000..bddf389c1fdd7db1066deb76ed309dbf65aad810 --- /dev/null +++ b/frameworks/ets/ani/user_auth/src/ohos.userIAM.userAuth.userAuth.impl.cpp @@ -0,0 +1,330 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "ohos.userIAM.userAuth.userAuth.proj.hpp" +#include "ohos.userIAM.userAuth.userAuth.impl.hpp" +#include "taihe/runtime.hpp" +#include "stdexcept" + +#include "iam_ptr.h" +#include "iam_logger.h" +#include "auth_common.h" +#include "user_auth_helper.h" +#include "user_auth_ani_helper.h" +#include "user_auth_client_impl.h" +#include "user_auth_common_defines.h" +#include "user_auth_instance_v10.h" +#include "user_auth_widget_mgr_v10.h" +#include "user_auth_api_event_reporter.h" + +#define LOG_TAG "USER_AUTH_ANI" + +namespace UserAuth = OHOS::UserIam::UserAuth; +using namespace taihe; +using namespace ohos::userIAM::userAuth::userAuth; +using namespace OHOS::UserIam::Common; + +namespace { + +class UserAuthInstanceImpl { +public: + UserAuthInstanceImpl(AuthParam const &authParam, WidgetParam const &widgetParam) + { + userAuthInstanceV10_ = MakeShared(); + init(authParam, widgetParam); + } + + void init(AuthParam const &authParam, WidgetParam const &widgetParam) + { + if (userAuthInstanceV10_ == nullptr) { + IAM_LOGE("userAuthInstanceV10_ is null"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::GENERAL_ERROR); + return; + } + UserAuth::UserAuthResultCode initResult = userAuthInstanceV10_->Init(authParam, widgetParam); + if (initResult != UserAuth::UserAuthResultCode::SUCCESS) { + IAM_LOGE("userAuthInstanceV10_ init fail"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(initResult); + return; + } + } + + void on(string_view type, IAuthCallback const &callback) + { + if (userAuthInstanceV10_ == nullptr) { + IAM_LOGE("userAuthInstanceV10_ is null"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::GENERAL_ERROR); + return; + } + UserAuth::UserAuthResultCode onResult = userAuthInstanceV10_->On(type.c_str(), callback); + if (onResult != UserAuth::UserAuthResultCode::SUCCESS) { + IAM_LOGE("userAuthInstanceV10_ on fail"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(onResult); + return; + } + } + + void off(string_view type, optional_view callback) + { + if (userAuthInstanceV10_ == nullptr) { + IAM_LOGE("userAuthInstanceV10_ is null"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::GENERAL_ERROR); + return; + } + UserAuth::UserAuthResultCode offResult = userAuthInstanceV10_->Off(type.c_str(), callback); + if (offResult != UserAuth::UserAuthResultCode::SUCCESS) { + IAM_LOGE("userAuthInstanceV10_ off fail"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(offResult); + return; + } + } + + void start() + { + if (userAuthInstanceV10_ == nullptr) { + IAM_LOGE("userAuthInstanceV10_ is null"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::GENERAL_ERROR); + return; + } + UserAuth::UserAuthResultCode startResult = userAuthInstanceV10_->Start(); + if (startResult != UserAuth::UserAuthResultCode::SUCCESS) { + IAM_LOGE("userAuthInstanceV10_ start fail"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(startResult); + return; + } + } + + void cancel() + { + if (userAuthInstanceV10_ == nullptr) { + IAM_LOGE("userAuthInstanceV10_ is null"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::GENERAL_ERROR); + return; + } + UserAuth::UserAuthResultCode canelResult = userAuthInstanceV10_->Cancel(); + if (canelResult != UserAuth::UserAuthResultCode::SUCCESS) { + IAM_LOGE("userAuthInstanceV10_ cancel fail"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(canelResult); + return; + } + } + +private: + std::shared_ptr userAuthInstanceV10_ = nullptr; +}; + +class UserAuthWidgetMgrImpl { +public: + explicit UserAuthWidgetMgrImpl(int32_t version) + { + userAuthWidgetMgr_ = MakeShared(); + init(version); + } + + void init(int32_t version) + { + if (userAuthWidgetMgr_ == nullptr) { + IAM_LOGE("userAuthWidgetMgr_ is null after MakeShared"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::GENERAL_ERROR); + return; + } + UserAuth::UserAuthResultCode initResult = userAuthWidgetMgr_->Init(version); + if (initResult != UserAuth::UserAuthResultCode::SUCCESS) { + IAM_LOGE("userAuthWidgetMgr_ init fail"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(initResult); + return; + } + } + + void on(string_view type, IAuthWidgetCallback const &callback) + { + if (userAuthWidgetMgr_ == nullptr) { + IAM_LOGE("userAuthWidgetMgr_ is null after MakeShared"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::GENERAL_ERROR); + return; + } + UserAuth::UserAuthResultCode onResult = userAuthWidgetMgr_->On(type.c_str(), callback); + if (onResult != UserAuth::UserAuthResultCode::SUCCESS) { + IAM_LOGE("userAuthWidgetMgr_ on fail"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(onResult); + return; + } + } + + void off(string_view type, optional_view callback) + { + if (userAuthWidgetMgr_ == nullptr) { + IAM_LOGE("userAuthWidgetMgr_ is null after MakeShared"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::GENERAL_ERROR); + return; + } + UserAuth::UserAuthResultCode offResult = userAuthWidgetMgr_->Off(type.c_str(), callback); + if (offResult != UserAuth::UserAuthResultCode::SUCCESS) { + IAM_LOGE("userAuthWidgetMgr_ off fail"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(offResult); + return; + } + } + +private: + std::shared_ptr userAuthWidgetMgr_ = nullptr; +}; + +void GetAvailableStatus(UserAuthType authType, AuthTrustLevel authTrustLevel) +{ + IAM_LOGI("GetAvailableStatus begin"); + UserAuth::UserAuthApiEventReporter reporter("getAvailableStatus"); + if (!UserAuth::UserAuthHelper::CheckUserAuthType(authType)) { + IAM_LOGE("authType check fail:%{public}d", authType.get_value()); + reporter.ReportFailed(UserAuth::UserAuthResultCode::TYPE_NOT_SUPPORT); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::TYPE_NOT_SUPPORT); + return; + } + if (!UserAuth::UserAuthHelper::CheckAuthTrustLevel(authTrustLevel)) { + IAM_LOGE("authTrustLevel check fail:%{public}d", authTrustLevel.get_value()); + reporter.ReportFailed(UserAuth::UserAuthResultCode::TRUST_LEVEL_NOT_SUPPORT); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::TRUST_LEVEL_NOT_SUPPORT); + return; + } + int32_t status = UserAuth::UserAuthClientImpl::Instance().GetNorthAvailableStatus(UserAuth::API_VERSION_9, + UserAuth::AuthType(authType.get_value()), UserAuth::AuthTrustLevel(authTrustLevel.get_value())); + IAM_LOGI("result = %{public}d", status); + if (status == static_cast(UserAuth::UserAuthResultCode::PIN_EXPIRED)) { + reporter.ReportFailed(UserAuth::UserAuthResultCode::PIN_EXPIRED); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::PIN_EXPIRED); + return; + } + reporter.ReportSuccess(); +} + +EnrolledState GetEnrolledState(UserAuthType authType) +{ + IAM_LOGI("GetEnrolledState begin"); + UserAuth::UserAuthApiEventReporter reporter("getEnrolledState"); + if (!UserAuth::UserAuthHelper::CheckUserAuthType(authType)) { + IAM_LOGE("authType check fail:%{public}d", authType.get_value()); + reporter.ReportFailed(UserAuth::UserAuthResultCode::TYPE_NOT_SUPPORT); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::TYPE_NOT_SUPPORT); + return {}; + } + UserAuth::EnrolledState enrolledState = {}; + int32_t code = UserAuth::UserAuthClientImpl::Instance().GetEnrolledState( + UserAuth::API_VERSION_12, UserAuth::AuthType(authType.get_value()), enrolledState); + if (code != static_cast(UserAuth::AuthenticationResult::SUCCESS)) { + IAM_LOGE("failed to get enrolled state %{public}d", code); + UserAuth::UserAuthResultCode resultCode = UserAuth::UserAuthResultCode( + UserAuth::UserAuthHelper::GetResultCodeV10(code)); + reporter.ReportFailed(resultCode); + UserAuth::UserAuthAniHelper::ThrowBusinessError(resultCode); + return {}; + } + EnrolledState result{enrolledState.credentialDigest, enrolledState.credentialCount}; + reporter.ReportSuccess(); + return result; +} + +UserAuthInstance GetUserAuthInstance(AuthParam const &authParam, WidgetParam const &widgetParam) +{ + IAM_LOGI("GetUserAuthInstance begin"); + UserAuth::UserAuthApiEventReporter reporter("getUserAuthInstance"); + auto userAuthInstance = make_holder(authParam, widgetParam); + reporter.ReportSuccess(); + return userAuthInstance; +} + +void SendNotice(NoticeType noticeType, string_view eventData) +{ + IAM_LOGI("SendNotice begin"); + UserAuth::NoticeType type = UserAuth::NoticeType(noticeType.get_value()); + IAM_LOGI("recv SendNotice noticeType:%{public}d eventData:%{public}s", type, eventData.c_str()); + if (!UserAuth::UserAuthAniHelper::VerifyNoticeParam(eventData.c_str())) { + IAM_LOGE("Invalid notice parameter"); + UserAuth::UserAuthAniHelper::ThrowBusinessError(UserAuth::UserAuthResultCode::OHOS_INVALID_PARAM); + return; + } + + int32_t result = UserAuth::UserAuthClientImpl::Instance().Notice(type, eventData.c_str()); + UserAuth::UserAuthResultCode errCode = UserAuth::UserAuthResultCode::SUCCESS; + if (result != static_cast(UserAuth::ResultCode::SUCCESS)) { + errCode = UserAuth::UserAuthResultCode(UserAuth::UserAuthHelper::GetResultCodeV10(result)); + IAM_LOGE("SendNotice fail. result: %{public}d, errCode: %{public}d", result, errCode); + UserAuth::UserAuthAniHelper::ThrowBusinessError(errCode); + return; + } + IAM_LOGI("end SendNotice"); +} + +UserAuth::WidgetAuthParam ConvertAuthParamToWidgetAuthParam(AuthParam const &authParam) +{ + UserAuth::WidgetAuthParam widgetAuthParam = {}; + widgetAuthParam.challenge = std::vector(authParam.challenge.begin(), authParam.challenge.end()); + widgetAuthParam.authTrustLevel = UserAuth::AuthTrustLevel(authParam.authTrustLevel.get_value()); + + for (const auto &type : authParam.authType) { + widgetAuthParam.authTypes.push_back(static_cast(type.get_value())); + } + + if (authParam.userId.has_value()) { + widgetAuthParam.userId = static_cast(authParam.userId.value()); + } else { + widgetAuthParam.userId = UserAuth::INVALID_USER_ID; + } + + if (authParam.reuseUnlockResult.has_value()) { + widgetAuthParam.reuseUnlockResult.isReuse = true; + widgetAuthParam.reuseUnlockResult.reuseMode = static_cast( + authParam.reuseUnlockResult->reuseMode.get_value()); + widgetAuthParam.reuseUnlockResult.reuseDuration = + static_cast(authParam.reuseUnlockResult->reuseDuration); + } else { + widgetAuthParam.reuseUnlockResult.isReuse = false; + } + + return widgetAuthParam; +} + +array QueryReusableAuthResult(AuthParam const &authParam) +{ + IAM_LOGI("QueryReusableAuthResult begin"); + + UserAuth::WidgetAuthParam widgetAuthParam = ConvertAuthParamToWidgetAuthParam(authParam); + + std::vector token; + int32_t code = UserAuth::UserAuthClientImpl::Instance().QueryReusableAuthResult(widgetAuthParam, token); + if (code != UserAuth::SUCCESS) { + IAM_LOGE("failed to query reuse result %{public}d", code); + UserAuth::UserAuthResultCode resultCode = UserAuth::UserAuthResultCode( + UserAuth::UserAuthHelper::GetResultCodeV10(code)); + UserAuth::UserAuthAniHelper::ThrowBusinessError(resultCode); + return {}; + } + + return taihe::array(taihe::copy_data_t{}, token.data(), token.size()); +} + +UserAuthWidgetMgr GetUserAuthWidgetMgr(int32_t version) +{ + IAM_LOGI("GetUserAuthWidgetMgr begin"); + auto userAuthWidgetMgr = make_holder(version); + return userAuthWidgetMgr; +} +} // namespace + +TH_EXPORT_CPP_API_GetAvailableStatus(GetAvailableStatus); +TH_EXPORT_CPP_API_GetEnrolledState(GetEnrolledState); +TH_EXPORT_CPP_API_GetUserAuthInstance(GetUserAuthInstance); +TH_EXPORT_CPP_API_SendNotice(SendNotice); +TH_EXPORT_CPP_API_QueryReusableAuthResult(QueryReusableAuthResult); +TH_EXPORT_CPP_API_GetUserAuthWidgetMgr(GetUserAuthWidgetMgr); diff --git a/frameworks/ets/ani/user_auth/src/user_auth_ani_helper.cpp b/frameworks/ets/ani/user_auth/src/user_auth_ani_helper.cpp new file mode 100644 index 0000000000000000000000000000000000000000..3b1fe8a5534f3f9cb1911f4e491ceaa1668300c8 --- /dev/null +++ b/frameworks/ets/ani/user_auth/src/user_auth_ani_helper.cpp @@ -0,0 +1,118 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "user_auth_ani_helper.h" + +#include +#include +#include +#include "nlohmann/json.hpp" + +#include "taihe/runtime.hpp" +#include "iam_logger.h" + +#define LOG_TAG "USER_AUTH_ANI" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { + +namespace { +const std::map g_resultV92Str = { + {UserAuthResultCode::OHOS_INVALID_PARAM, "Invalid authentication parameters."}, + {UserAuthResultCode::OHOS_CHECK_PERMISSION_FAILED, "Permission denied."}, + {UserAuthResultCode::OHOS_CHECK_SYSTEM_APP_FAILED, "The caller is not a system application."}, + {UserAuthResultCode::SUCCESS, "Authentication succeeded."}, + {UserAuthResultCode::FAIL, "Authentication failed."}, + {UserAuthResultCode::GENERAL_ERROR, "Unknown errors."}, + {UserAuthResultCode::CANCELED, "Authentication canceled."}, + {UserAuthResultCode::TIMEOUT, "Authentication timeout."}, + {UserAuthResultCode::TYPE_NOT_SUPPORT, "Unsupport authentication type."}, + {UserAuthResultCode::TRUST_LEVEL_NOT_SUPPORT, "Unsupport authentication trust level."}, + {UserAuthResultCode::BUSY, "Authentication service is busy."}, + {UserAuthResultCode::LOCKED, "Authentication is lockout."}, + {UserAuthResultCode::NOT_ENROLLED, "Authentication template has not been enrolled."}, + {UserAuthResultCode::CANCELED_FROM_WIDGET, "Authentication is canceled from widget."}, + {UserAuthResultCode::PIN_EXPIRED, "Operation failed because of PIN expired."}, + {UserAuthResultCode::AUTH_TOKEN_CHECK_FAILED, "Operation failed because of authToken integrity check failed."}, + {UserAuthResultCode::AUTH_TOKEN_EXPIRED, "Operation failed because of authToken has expired."} +}; + +const std::string NOTICE_EVENT_TYPE = "event"; +const std::string NOTICE_PAYLOAD = "payload"; +const std::string NOTICE_PAYLOAD_TYPE = "type"; +} // namespace + +bool UserAuthAniHelper::ConvertUserAuthType(int32_t userAuthType, userAuth::UserAuthType &userAuthTypeOut) +{ + switch (userAuthType) { + case AuthType::PIN: + userAuthTypeOut = userAuth::UserAuthType::key_t::PIN; + return true; + case AuthType::FACE: + userAuthTypeOut = userAuth::UserAuthType::key_t::FACE; + return true; + case AuthType::FINGERPRINT: + userAuthTypeOut = userAuth::UserAuthType::key_t::FINGERPRINT; + return true; + case AuthType::PRIVATE_PIN: + userAuthTypeOut = userAuth::UserAuthType::key_t::PRIVATE_PIN; + return true; + default: + IAM_LOGE("invalid userAuthType:%{public}d", userAuthType); + return false; + } +} + +UserAuthResultCode UserAuthAniHelper::ThrowBusinessError(UserAuthResultCode error) +{ + std::string msgStr; + auto res = g_resultV92Str.find(error); + if (res == g_resultV92Str.end()) { + IAM_LOGE("result %{public}d not found", static_cast(error)); + error = UserAuthResultCode::GENERAL_ERROR; + } + msgStr = g_resultV92Str.at(error); + IAM_LOGI("ThrowBusinessError, errorCode: %{public}d, errmsg: %{public}s", error, msgStr.c_str()); + taihe::set_business_error(static_cast(error), msgStr); + return error; +} + +bool UserAuthAniHelper::VerifyNoticeParam(const std::string &eventData) +{ + auto json = nlohmann::json::parse(eventData.c_str(), nullptr, false); + if (json.is_null() || json.is_discarded()) { + IAM_LOGE("Notice data is invalid json object"); + return false; + } + + if (json.find(NOTICE_EVENT_TYPE) == json.end() || !json[NOTICE_EVENT_TYPE].is_string()) { + IAM_LOGE("Invalid event type exist in notice data"); + return false; + } + + if (json.find(NOTICE_PAYLOAD) == json.end() || + json[NOTICE_PAYLOAD].find(NOTICE_PAYLOAD_TYPE) == json[NOTICE_PAYLOAD].end() || + !json[NOTICE_PAYLOAD][NOTICE_PAYLOAD_TYPE].is_array()) { + IAM_LOGE("Invalid payload exist in notice data"); + return false; + } + IAM_LOGI("valid notice parameter"); + return true; +} +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + \ No newline at end of file diff --git a/frameworks/ets/ani/user_auth/src/user_auth_callback_v10.cpp b/frameworks/ets/ani/user_auth/src/user_auth_callback_v10.cpp new file mode 100644 index 0000000000000000000000000000000000000000..d71d77a2e41da6c98dfe00df22d716b613c11ea0 --- /dev/null +++ b/frameworks/ets/ani/user_auth/src/user_auth_callback_v10.cpp @@ -0,0 +1,114 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "user_auth_callback_v10.h" +#include "iam_logger.h" +#include "iam_ptr.h" +#include "user_auth_client_impl.h" +#include "user_auth_helper.h" +#include "user_auth_ani_helper.h" + +#define LOG_TAG "USER_AUTH_ANI" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { + +UserAuthCallbackV10::UserAuthCallbackV10() +{} + +UserAuthCallbackV10::~UserAuthCallbackV10() +{} + +void UserAuthCallbackV10::SetResultCallback(const userAuth::IAuthCallback &resultCallback) +{ + std::lock_guard guard(mutex_); + resultCallback_ = Common::MakeShared(resultCallback); +} + +void UserAuthCallbackV10::ClearResultCallback() +{ + std::lock_guard guard(mutex_); + resultCallback_ = nullptr; +} + +bool UserAuthCallbackV10::HasResultCallback() +{ + std::lock_guard guard(mutex_); + return resultCallback_ != nullptr; +} + +bool UserAuthCallbackV10::DoResultCallback( + int32_t result, const std::vector &token, int32_t authType, EnrolledState enrolledState) +{ + IAM_LOGI("start"); + std::lock_guard guard(mutex_); + if (resultCallback_ == nullptr) { + IAM_LOGI("resultCallback_ is nullptr."); + return false; + } + userAuth::UserAuthResult userAuthResult = {0}; + userAuthResult.result = UserAuthHelper::GetResultCodeV10(result); + if (!token.empty()) { + userAuthResult.token = + taihe::optional>( + std::in_place_t{}, taihe::copy_data_t{}, token.data(), token.size()); + } + if (UserAuthHelper::CheckUserAuthType(authType)) { + userAuth::UserAuthType authTypeAni(userAuth::UserAuthType::key_t::PIN); + if (!UserAuthAniHelper::ConvertUserAuthType(authType, authTypeAni)) { + IAM_LOGE("Set authType error. authType: %{public}d", authType); + return false; + } + userAuthResult.authType = taihe::optional::make(authTypeAni); + } + if (UserAuthResultCode(result) == UserAuthResultCode::SUCCESS) { + userAuth::EnrolledState enrolledStateAni = {enrolledState.credentialDigest, enrolledState.credentialCount}; + userAuthResult.enrolledState = taihe::optional::make(enrolledStateAni); + } + resultCallback_->onResult(userAuthResult); + return true; +} + +void UserAuthCallbackV10::OnAcquireInfo( + int32_t module, uint32_t acquireInfo, const UserIam::UserAuth::Attributes &extraInfo) +{} + +void UserAuthCallbackV10::OnResult(int32_t result, const Attributes &extraInfo) +{ + IAM_LOGI("start, result:%{public}d", result); + std::vector token = {}; + int32_t authType = {0}; + EnrolledState enrolledState = {}; + if (!extraInfo.GetUint8ArrayValue(Attributes::ATTR_SIGNATURE, token)) { + IAM_LOGE("ATTR_SIGNATURE is null"); + } + if (!extraInfo.GetInt32Value(Attributes::ATTR_AUTH_TYPE, authType)) { + IAM_LOGE("ATTR_AUTH_TYPE is null"); + } + if (!extraInfo.GetUint64Value(Attributes::ATTR_CREDENTIAL_DIGEST, enrolledState.credentialDigest)) { + IAM_LOGE("ATTR_CREDENTIAL_DIGEST is null"); + } + if (!extraInfo.GetUint16Value(Attributes::ATTR_CREDENTIAL_COUNT, enrolledState.credentialCount)) { + IAM_LOGE("ATTR_CREDENTIAL_COUNT is null"); + } + bool ret = DoResultCallback(result, token, authType, enrolledState); + IAM_LOGD("DoResultCallback ret = %{public}d", ret); +} + +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + \ No newline at end of file diff --git a/frameworks/ets/ani/user_auth/src/user_auth_instance_v10.cpp b/frameworks/ets/ani/user_auth/src/user_auth_instance_v10.cpp new file mode 100644 index 0000000000000000000000000000000000000000..638b93e72b6ad674f4738495761135049412b39d --- /dev/null +++ b/frameworks/ets/ani/user_auth/src/user_auth_instance_v10.cpp @@ -0,0 +1,418 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "user_auth_instance_v10.h" + +#include +#include +#include + +#include "taihe/runtime.hpp" +#include "securec.h" +#include "ani_base_context.h" +#include "ui_content.h" +#include "ui_extension_context.h" +#include "ui_holder_extension_context.h" + +#include "iam_logger.h" +#include "user_auth_helper.h" +#include "user_auth_ani_helper.h" +#include "user_auth_common_defines.h" +#include "user_auth_client_impl.h" +#include "user_auth_api_event_reporter.h" + +#define LOG_TAG "USER_AUTH_ANI" + +namespace userAuth = ohos::userIAM::userAuth::userAuth; + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +const std::string AUTH_EVENT_RESULT = "result"; +const std::string AUTH_PARAM_CHALLENGE = "challenge"; +const std::string AUTH_PARAM_AUTHTYPE = "authType"; +const std::string AUTH_PARAM_AUTHTRUSTLEVEL = "authTrustLevel"; +const std::string AUTH_PARAM_REUSEUNLOCKRESULT = "reuseUnlockResult"; +const std::string AUTH_PARAM_USER_ID = "userId"; +const std::string WIDGET_PARAM_TITLE = "title"; +const std::string WIDGET_PARAM_NAVIBTNTEXT = "navigationButtonText"; +const std::string WIDGET_PARAM_WINDOWMODE = "windowMode"; +const std::string WIDGET_PARAM_CONTEXT = "uiContext"; +const std::string NOTICETYPE = "noticeType"; +const std::string REUSEMODE = "reuseMode"; +const std::string REUSEDURATION = "reuseDuration"; + +namespace WidgetType { +constexpr int32_t TITLE_MAX = 500; +constexpr int32_t BUTTON_MAX = 60; +} // namespace WidgetType + +UserAuthInstanceV10::UserAuthInstanceV10() : callback_(Common::MakeShared()) +{ + if (callback_ == nullptr) { + IAM_LOGE("get null callback"); + } + authParam_.authTrustLevel = AuthTrustLevel::ATL1; + authParam_.userId = INVALID_USER_ID; + widgetParam_.navigationButtonText = ""; + widgetParam_.title = ""; + widgetParam_.windowMode = WindowModeType::UNKNOWN_WINDOW_MODE; +} + +UserAuthResultCode UserAuthInstanceV10::Init( + userAuth::AuthParam const &authParam, userAuth::WidgetParam const &widgetParam) +{ + IAM_LOGI("Init start"); + UserAuthResultCode errCode = InitAuthParam(authParam); + if (errCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("AuthParamInner type error, errorCode: %{public}d", errCode); + return errCode; + } + + errCode = InitWidgetParam(widgetParam); + if (errCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("WidgetParam type error, errorCode: %{public}d", errCode); + return errCode; + } + IAM_LOGI("Init SUCCESS"); + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::InitAuthParam(userAuth::AuthParam const &authParam) +{ + IAM_LOGI("InitAuthParam start"); + std::vector challenge(authParam.challenge.begin(), authParam.challenge.end()); + authParam_.challenge = challenge; + + UserAuthResultCode errorCode = InitAuthType(authParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitAuthType fail:%{public}d", errorCode); + return errorCode; + } + + errorCode = InitAuthTrustLevel(authParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitAuthTrustLevel fail:%{public}d", errorCode); + return errorCode; + } + + errorCode = InitReuseUnlockResult(authParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitAuthTrustLevel fail:%{public}d", errorCode); + return errorCode; + } + + errorCode = InitUserId(authParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitUserId fail:%{public}d", errorCode); + return errorCode; + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::InitAuthType(userAuth::AuthParam const &authParam) +{ + IAM_LOGI("InitAuthType start."); + for (const auto &type : authParam.authType) { + if (!UserAuthHelper::CheckUserAuthType(type)) { + IAM_LOGE("authType is illegal, %{public}d", type.get_value()); + return UserAuthResultCode::TYPE_NOT_SUPPORT; + } + authParam_.authTypes.push_back(static_cast(static_cast(type.get_value()))); + } + IAM_LOGI("authType size:%{public}zu", authParam_.authTypes.size()); + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::InitAuthTrustLevel(userAuth::AuthParam const &authParam) +{ + IAM_LOGI("InitAuthTrustLevel start."); + auto authTrustLevel = authParam.authTrustLevel; + if (!UserAuthHelper::CheckAuthTrustLevel(authTrustLevel)) { + IAM_LOGE("AuthTrustLevel fail:%{public}u", authTrustLevel.get_value()); + return UserAuthResultCode::TRUST_LEVEL_NOT_SUPPORT; + } + authParam_.authTrustLevel = AuthTrustLevel(static_cast(authTrustLevel)); + IAM_LOGI("authTrustLevel:%{public}u", authParam_.authTrustLevel); + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::InitReuseUnlockResult(userAuth::AuthParam const &authParam) +{ + IAM_LOGI("InitReuseUnlockResult start."); + if (authParam.reuseUnlockResult.has_value()) { + authParam_.reuseUnlockResult.isReuse = true; + authParam_.reuseUnlockResult.reuseMode = + ReuseMode(static_cast(authParam.reuseUnlockResult->reuseMode.get_value())); + authParam_.reuseUnlockResult.reuseDuration = authParam.reuseUnlockResult->reuseDuration; + if (!UserAuthHelper::CheckReuseUnlockResult(authParam_.reuseUnlockResult)) { + IAM_LOGE("ReuseUnlockResult fail"); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + authParam_.reuseUnlockResult.reuseDuration = authParam.reuseUnlockResult->reuseDuration; + IAM_LOGI("reuseMode: %{public}u, reuseDuration: %{public}" PRIu64, + authParam_.reuseUnlockResult.reuseMode, + authParam_.reuseUnlockResult.reuseDuration); + } else { + IAM_LOGI("propertyName: %{public}s not exists.", AUTH_PARAM_REUSEUNLOCKRESULT.c_str()); + authParam_.reuseUnlockResult.isReuse = false; + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::InitUserId(userAuth::AuthParam const &authParam) +{ + IAM_LOGI("InitUserId start."); + if (authParam.userId.has_value()) { + authParam_.userId = authParam.userId.value(); + if (authParam_.userId < 0) { + IAM_LOGE("userId error."); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + IAM_LOGI("InitUserId userId: %{public}d", authParam_.userId); + } else { + IAM_LOGI("propertyName: %{public}s not exists.", AUTH_PARAM_USER_ID.c_str()); + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::InitWidgetParam(userAuth::WidgetParam const &widgetParam) +{ + IAM_LOGI("InitWidgetParam start."); + UserAuthResultCode errorCode = InitTitle(widgetParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitTitle fail:%{public}d", errorCode); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + + errorCode = InitNavigationButtonText(widgetParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitNavigationButtonText fail:%{public}d", errorCode); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + + errorCode = InitWindowMode(widgetParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitWindowMode fail:%{public}d", errorCode); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + + errorCode = InitContext(widgetParam); + if (errorCode != UserAuthResultCode::SUCCESS) { + IAM_LOGE("InitContext fail:%{public}d", errorCode); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::InitTitle(userAuth::WidgetParam const &widgetParam) +{ + IAM_LOGI("InitTitle start."); + std::string title = widgetParam.title.c_str(); + if (title == "" || title.size() > WidgetType::TITLE_MAX) { + IAM_LOGE("title is invalid. size: %{public}zu", title.size()); + std::string msgStr = "Parameter error. The length of \"title\" connot exceed 500."; + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + widgetParam_.title = title; + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::InitNavigationButtonText(userAuth::WidgetParam const &widgetParam) +{ + IAM_LOGI("InitNavigationButtonText start."); + if (widgetParam.navigationButtonText.has_value()) { + std::string naviBtnTxt = widgetParam.navigationButtonText->c_str(); + if (naviBtnTxt == "" || naviBtnTxt.size() > WidgetType::BUTTON_MAX) { + IAM_LOGE("navigation button text is invalid, size: %{public}zu", naviBtnTxt.size()); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + widgetParam_.navigationButtonText = naviBtnTxt; + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::InitWindowMode(userAuth::WidgetParam const &widgetParam) +{ + IAM_LOGI("InitWindowMode start."); + if (widgetParam.windowMode.has_value()) { + switch (widgetParam.windowMode->get_key()) { + case userAuth::WindowModeType::key_t::DIALOG_BOX: + widgetParam_.windowMode = WindowModeType::DIALOG_BOX; + break; + case userAuth::WindowModeType::key_t::FULLSCREEN: + widgetParam_.windowMode = WindowModeType::FULLSCREEN; + break; + default: + IAM_LOGE("windowMode type not support."); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + IAM_LOGI("widgetParam title:%{public}s, navBtnText:%{public}s, winMode:%{public}u", + widgetParam_.title.c_str(), + widgetParam_.navigationButtonText.c_str(), + static_cast(widgetParam_.windowMode)); + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::InitContext(userAuth::WidgetParam const &widgetParam) +{ + IAM_LOGI("InitContext start."); + if (widgetParam.uiContext.has_value()) { + IAM_LOGI("widgetParam has uiContext"); + ani_env *env = taihe::get_env(); + ani_object uiContext = reinterpret_cast(widgetParam.uiContext.value()); + ani_boolean stageMode = false; + ani_status status = OHOS::AbilityRuntime::IsStageContext(env, uiContext, stageMode); + if (status != ANI_OK) { + IAM_LOGE("uiContext must be stage mode: %{public}d", status); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + auto context = OHOS::AbilityRuntime::GetStageModeContext(env, uiContext); + if (CheckUIContext(context)) { + context_ = context; + widgetParam_.hasContext = true; + IAM_LOGI("widgetParam has valid uiContext"); + } else { + // Default as modal system + IAM_LOGI("widgetParam has invalid uiContext, not base on valid AbilityContext or UIExtensionContext."); + } + } + return UserAuthResultCode::SUCCESS; +} + +bool UserAuthInstanceV10::CheckUIContext(const std::shared_ptr context) +{ + if (context == nullptr) { + IAM_LOGE("get context failed"); + return false; + } + + auto abilityContext = AbilityRuntime::Context::ConvertTo(context); + if (abilityContext == nullptr) { + IAM_LOGE("abilityContext is null"); + auto holderContext = AbilityRuntime::Context::ConvertTo(context); + if (holderContext == nullptr) { + IAM_LOGE("uiExtensionContext is null"); + return false; + } + if (holderContext->GetUIContent() == nullptr) { + IAM_LOGE("uiContent is null"); + return false; + } + } else { + if (abilityContext->GetUIContent() == nullptr) { + IAM_LOGE("uiContent is null"); + return false; + } + } + return true; +} + +UserAuthResultCode UserAuthInstanceV10::On(std::string type, userAuth::IAuthCallback const &callback) +{ + IAM_LOGI("UserAuthInstanceV10 on."); + if (callback_ == nullptr) { + IAM_LOGE("userAuthInstance on callback is null"); + return UserAuthResultCode::GENERAL_ERROR; + } + static const size_t maxLen = 10; + if (type.size() <= 0 || type.size() > maxLen) { + IAM_LOGE("getAuthInstance on GetStrValue fail."); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + if (type == AUTH_EVENT_RESULT) { + IAM_LOGI("getAuthInstance on SetResultCallback"); + callback_->SetResultCallback(callback); + return UserAuthResultCode::SUCCESS; + } else { + IAM_LOGE("getAuthInstance on invalid event:%{public}s", type.c_str()); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } +} + +UserAuthResultCode UserAuthInstanceV10::Off(std::string type, taihe::optional_view callback) +{ + IAM_LOGI("UserAuthInstanceV10 off."); + if (callback_ == nullptr) { + IAM_LOGE("userAuthInstance off callback is null"); + return UserAuthResultCode::GENERAL_ERROR; + } + + if (type == AUTH_EVENT_RESULT) { + if (!callback_->HasResultCallback()) { + IAM_LOGE("no callback registerred yet"); + return UserAuthResultCode::GENERAL_ERROR; + } + callback_->ClearResultCallback(); + IAM_LOGI("UserAuthResultCode off clear result callback"); + return UserAuthResultCode::SUCCESS; + } else { + IAM_LOGE("invalid event:%{public}s", type.c_str()); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::Start() +{ + IAM_LOGI("UserAuthInstanceV10 start."); + UserAuthApiEventReporter reporter("UserAuthInstance::start"); + if (callback_ == nullptr) { + IAM_LOGE("callback is null"); + reporter.ReportFailed(UserAuthResultCode::GENERAL_ERROR); + return UserAuthResultCode::GENERAL_ERROR; + } + + std::lock_guard guard(mutex_); + if (isAuthStarted_) { + IAM_LOGE("auth already started"); + reporter.ReportFailed(UserAuthResultCode::GENERAL_ERROR); + return UserAuthResultCode::GENERAL_ERROR; + } + + modalCallback_ = Common::MakeShared(context_); + contextId_ = UserAuthNapiClientImpl::Instance().BeginWidgetAuth( + API_VERSION_10, authParam_, widgetParam_, callback_, modalCallback_); + isAuthStarted_ = true; + reporter.ReportSuccess(); + return UserAuthResultCode::SUCCESS; +} + +UserAuthResultCode UserAuthInstanceV10::Cancel() +{ + IAM_LOGI("UserAuthInstanceV10 cancel."); + UserAuthApiEventReporter reporter("UserAuthInstance::cancel"); + std::lock_guard guard(mutex_); + if (!isAuthStarted_) { + IAM_LOGE("auth not started"); + reporter.ReportFailed(UserAuthResultCode::GENERAL_ERROR); + return UserAuthResultCode::GENERAL_ERROR; + } + int32_t result = UserAuthClient::GetInstance().CancelAuthentication(contextId_); + if (result != ResultCode::SUCCESS) { + IAM_LOGE("CancelAuthentication fail:%{public}d", result); + UserAuthResultCode resultCode = UserAuthResultCode(UserAuthHelper::GetResultCodeV10(result)); + reporter.ReportFailed(resultCode); + return resultCode; + } + isAuthStarted_ = false; + reporter.ReportSuccess(); + return UserAuthResultCode::SUCCESS; +} +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + \ No newline at end of file diff --git a/frameworks/ets/ani/user_auth/src/user_auth_widget_callback_v10.cpp b/frameworks/ets/ani/user_auth/src/user_auth_widget_callback_v10.cpp new file mode 100644 index 0000000000000000000000000000000000000000..534ea0143d4a919b60997bdc29ced06c5500215f --- /dev/null +++ b/frameworks/ets/ani/user_auth/src/user_auth_widget_callback_v10.cpp @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "user_auth_widget_callback_v10.h" +#include "iam_ptr.h" +#include "iam_logger.h" + +#define LOG_TAG "USER_AUTH_ANI" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { + +UserAuthWidgetCallback::UserAuthWidgetCallback() +{} + +UserAuthWidgetCallback::~UserAuthWidgetCallback() +{} + +void UserAuthWidgetCallback::SetCommandCallback(userAuth::IAuthWidgetCallback const &callback) +{ + std::lock_guard guard(mutex_); + commandCallback_ = Common::MakeShared(callback); +} + +void UserAuthWidgetCallback::ClearCommandCallback() +{ + std::lock_guard guard(mutex_); + commandCallback_ = nullptr; +} + +bool UserAuthWidgetCallback::HasCommandCallback() +{ + std::lock_guard guard(mutex_); + return commandCallback_ != nullptr; +} + +void UserAuthWidgetCallback::SendCommand(const std::string &cmdData) +{ + IAM_LOGI("start"); + if (commandCallback_ == nullptr) { + IAM_LOGE("commandCallback_ is null"); + return; + } + commandCallback_->sendCommand(cmdData); +} + +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + \ No newline at end of file diff --git a/frameworks/ets/ani/user_auth/src/user_auth_widget_mgr_v10.cpp b/frameworks/ets/ani/user_auth/src/user_auth_widget_mgr_v10.cpp new file mode 100644 index 0000000000000000000000000000000000000000..77df3ea34a9ddfad020f3a9c0db10a316bc709b7 --- /dev/null +++ b/frameworks/ets/ani/user_auth/src/user_auth_widget_mgr_v10.cpp @@ -0,0 +1,102 @@ +/** + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "user_auth_widget_mgr_v10.h" + +#include +#include + +#include "iam_logger.h" +#include "iam_ptr.h" +#include "user_auth_client_impl.h" +#include "user_auth_helper.h" + +#define LOG_TAG "USER_AUTH_ANI" + +namespace OHOS { +namespace UserIam { +namespace UserAuth { +const std::string TYPE_COMMAND = "command"; + +UserAuthWidgetMgr::UserAuthWidgetMgr() + : callback_(Common::MakeShared()) +{ +} + +UserAuthResultCode UserAuthWidgetMgr::Init(int32_t version) +{ + IAM_LOGI("UserAuthWidgetMgr init"); + if (callback_ == nullptr) { + IAM_LOGE("callback is null"); + return UserAuthResultCode::GENERAL_ERROR; + } + IAM_LOGI("UserAuthWidgetMgr version: %{public}d", version); + + if (version != WIDGET_NOTICE) { + IAM_LOGE("version error: %{public}d", version); + return UserAuthResultCode::TYPE_NOT_SUPPORT; + } + version_ = version; + int32_t result = UserAuthClientImpl::Instance().SetWidgetCallback(version_, callback_); + IAM_LOGI("version SetWidgetCallback result: %{public}d", result); + return static_cast(UserAuthHelper::GetResultCodeV10(result)); +} + +UserAuthResultCode UserAuthWidgetMgr::On(std::string type, userAuth::IAuthWidgetCallback const &callback) +{ + IAM_LOGI("UserAuthWidgetMgr on"); + if (callback_ == nullptr) { + IAM_LOGE("callback is null"); + return UserAuthResultCode::GENERAL_ERROR; + } + if (type == TYPE_COMMAND) { + IAM_LOGI("SetCommandCallback"); + if (callback_->HasCommandCallback()) { + IAM_LOGE("command callback has been registerred"); + return UserAuthResultCode::GENERAL_ERROR; + } + callback_->SetCommandCallback(callback); + return UserAuthResultCode::SUCCESS; + } else { + IAM_LOGE("invalid event:%{public}s", type.c_str()); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } +} + +UserAuthResultCode UserAuthWidgetMgr::Off( + std::string type, taihe::optional_view callback) +{ + IAM_LOGI("UserAuthWidgetMgr off"); + if (callback_ == nullptr) { + IAM_LOGE("callback is null"); + return UserAuthResultCode::GENERAL_ERROR; + } + if (type == TYPE_COMMAND) { + IAM_LOGI("ClearCommandCallback"); + if (callback_->HasCommandCallback()) { + IAM_LOGE("no command callback register yet"); + return UserAuthResultCode::GENERAL_ERROR; + } + callback_->ClearCommandCallback(); + return UserAuthResultCode::SUCCESS; + } else { + IAM_LOGE("invalid event:%{public}s", type.c_str()); + return UserAuthResultCode::OHOS_INVALID_PARAM; + } +} +} // namespace UserAuth +} // namespace UserIam +} // namespace OHOS + \ No newline at end of file diff --git a/frameworks/ets/ani/user_auth_extension/BUILD.gn b/frameworks/ets/ani/user_auth_extension/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..b081b38d350338e30cc6418f224654471b032c4b --- /dev/null +++ b/frameworks/ets/ani/user_auth_extension/BUILD.gn @@ -0,0 +1,34 @@ +# Copyright (C) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/components/ets_frontend/ets2abc_config.gni") +import("//build/ohos.gni") + +generate_static_abc("user_auth_extension") { + base_url = "./ets" + files = [ "./ets/@ohos.app.ability.UserAuthExtensionAbility.ets" ] + is_boot_abc = "True" + device_dst_file = "/system/framework/user_auth_extension.abc" +} + +ohos_prebuilt_etc("user_auth_extension_abc_etc") { + source = "$target_out_dir/user_auth_extension.abc" + module_install_dir = "framework" + part_name = "user_auth_framework" + subsystem_name = "useriam" + deps = [ ":user_auth_extension" ] +} + +group("user_auth_extension_ani") { + deps = [ ":user_auth_extension_abc_etc" ] +} diff --git a/frameworks/ets/ani/user_auth_extension/ets/@ohos.app.ability.UserAuthExtensionAbility.ets b/frameworks/ets/ani/user_auth_extension/ets/@ohos.app.ability.UserAuthExtensionAbility.ets new file mode 100644 index 0000000000000000000000000000000000000000..9d11ab7f781ce2a74475c67959cbe70f4d7c890a --- /dev/null +++ b/frameworks/ets/ani/user_auth_extension/ets/@ohos.app.ability.UserAuthExtensionAbility.ets @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"), + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * @file + * @kit UserAuthenticationKit + */ + +import UIExtensionAbility from '@ohos.app.ability.UIExtensionAbility'; + +/** + * The class of user authentication extension ability. + * + * @extends UIExtensionAbility + * @syscap SystemCapability.Ability.AbilityRuntime.Core + * @systemapi Hide this for inner system use. + * @StageModelOnly + * @since arkts {'1.1':'10','1.2':'20'} + * @arkts 1.1&1.2 + */ +export default class UserAuthExtensionAbility extends UIExtensionAbility { +} \ No newline at end of file diff --git a/frameworks/js/napi/user_access_ctrl/BUILD.gn b/frameworks/js/napi/user_access_ctrl/BUILD.gn index a98e58cd1f2cdf348b0a2f8f1c6358ed0c6d64c3..737e08e58584667fb05fc8bbd7bae1ebd433d419 100644 --- a/frameworks/js/napi/user_access_ctrl/BUILD.gn +++ b/frameworks/js/napi/user_access_ctrl/BUILD.gn @@ -25,7 +25,10 @@ ohos_shared_library("useraccessctrl") { branch_protector_ret = "pac_ret" remove_configs = [ "//build/config/compiler:no_exceptions" ] - include_dirs = [ "inc" ] + include_dirs = [ + "inc", + "../../../common/inc", + ] sources = [ "../user_auth/src/user_auth_napi_helper.cpp", diff --git a/frameworks/js/napi/user_auth/BUILD.gn b/frameworks/js/napi/user_auth/BUILD.gn index 03ec4bfb1e41919f631fc55536176257ffc490ae..772baa79fb6b49a2cb8936e4d84445385a26477c 100644 --- a/frameworks/js/napi/user_auth/BUILD.gn +++ b/frameworks/js/napi/user_auth/BUILD.gn @@ -30,13 +30,13 @@ ohos_shared_library("userauth") { branch_protector_ret = "pac_ret" remove_configs = [ "//build/config/compiler:no_exceptions" ] - include_dirs = [ "inc" ] + include_dirs = [ + "inc", + "../../../common/inc", + ] sources = [ "src/auth_instance_v9.cpp", - "src/config_parser.cpp", - "src/modal_extension_callback.cpp", - "src/user_auth_api_event_reporter.cpp", "src/user_auth_callback_v10.cpp", "src/user_auth_callback_v6.cpp", "src/user_auth_callback_v8.cpp", @@ -44,14 +44,16 @@ ohos_shared_library("userauth") { "src/user_auth_entry.cpp", "src/user_auth_impl.cpp", "src/user_auth_instance_v10.cpp", - "src/user_auth_modal_callback.cpp", "src/user_auth_napi_helper.cpp", "src/user_auth_param_utils.cpp", "src/user_auth_widget_callback_v10.cpp", "src/user_auth_widget_mgr_v10.cpp", ] - deps = [ "../../../native/client:userauth_client" ] + deps = [ + "../../../native/client:userauth_client", + "../../../common:user_auth_common", + ] external_deps = [ "ability_base:want", diff --git a/frameworks/js/napi/user_auth/inc/auth_instance_v9.h b/frameworks/js/napi/user_auth/inc/auth_instance_v9.h index 50794356916e786c2afdb6bd31bd86d6d613285f..c42f73030c804854f7d29ef9e0d73c9449cd433f 100644 --- a/frameworks/js/napi/user_auth/inc/auth_instance_v9.h +++ b/frameworks/js/napi/user_auth/inc/auth_instance_v9.h @@ -20,6 +20,7 @@ #include "nocopyable.h" +#include "napi/native_api.h" #include "auth_common.h" #include "user_auth_callback_v9.h" diff --git a/frameworks/js/napi/user_auth/inc/user_auth_callback_v6.h b/frameworks/js/napi/user_auth/inc/user_auth_callback_v6.h index 31de587f3e239654ddee9eaee1beb66d98a95c72..c979969e5327e03c0c7ca54185cfed36d9d7cf2b 100644 --- a/frameworks/js/napi/user_auth/inc/user_auth_callback_v6.h +++ b/frameworks/js/napi/user_auth/inc/user_auth_callback_v6.h @@ -18,6 +18,7 @@ #include "nocopyable.h" +#include "napi/native_api.h" #include "auth_common.h" #include "user_auth_napi_helper.h" #include "user_auth_client.h" diff --git a/frameworks/js/napi/user_auth/inc/user_auth_callback_v9.h b/frameworks/js/napi/user_auth/inc/user_auth_callback_v9.h index 5efc2c00ce67d9f08a5e3b83b71175a611ebe540..fa6b19157273c368eda4d9a6649095630ef90ea2 100644 --- a/frameworks/js/napi/user_auth/inc/user_auth_callback_v9.h +++ b/frameworks/js/napi/user_auth/inc/user_auth_callback_v9.h @@ -20,6 +20,7 @@ #include "nocopyable.h" +#include "napi/native_api.h" #include "auth_common.h" #include "user_auth_napi_helper.h" #include "user_auth_client.h" diff --git a/frameworks/js/napi/user_auth/inc/user_auth_instance_v10.h b/frameworks/js/napi/user_auth/inc/user_auth_instance_v10.h index 2dfb03bd5b035cb0b4028e66c6391567fb54efd4..328b8af4ee3036fcc6bbd2d7071990d332ed4b5e 100644 --- a/frameworks/js/napi/user_auth/inc/user_auth_instance_v10.h +++ b/frameworks/js/napi/user_auth/inc/user_auth_instance_v10.h @@ -22,6 +22,7 @@ #include "ability.h" +#include "napi/native_api.h" #include "auth_common.h" #include "auth_instance_v9.h" #include "user_auth_callback_v10.h" diff --git a/frameworks/js/napi/user_auth/inc/user_auth_napi_helper.h b/frameworks/js/napi/user_auth/inc/user_auth_napi_helper.h index a074c9a98caebb3fa8a76f87564a631367f85e26..6f83ce1271b537ac6c310b630c76db2b779bc418 100644 --- a/frameworks/js/napi/user_auth/inc/user_auth_napi_helper.h +++ b/frameworks/js/napi/user_auth/inc/user_auth_napi_helper.h @@ -32,12 +32,9 @@ namespace UserAuth { class UserAuthNapiHelper { public: static bool CheckAuthType(int32_t authType); - static bool CheckUserAuthType(int32_t authType); - static bool CheckAuthTrustLevel(uint32_t authTrustLevel); static napi_value GenerateBusinessErrorV9(napi_env env, UserAuthResultCode result); static napi_value GenerateErrorMsg(napi_env env, UserAuthResultCode result, std::string errorMsg); static UserAuthResultCode ThrowErrorMsg(napi_env env, UserAuthResultCode errorCode, std::string errorMsg); - static bool CheckReuseUnlockResult(ReuseUnlockResult reuseUnlockResult); static napi_status CheckNapiType(napi_env env, napi_value value, napi_valuetype type); static napi_status GetBoolValue(napi_env env, napi_value value, bool &out); static napi_status GetInt32Value(napi_env env, napi_value value, int32_t &out); @@ -60,8 +57,6 @@ public: static std::string GetStringPropertyUtf8(napi_env env, napi_value object, const std::string &propertyName); static int32_t GetResultCodeV8(int32_t result); static int32_t GetResultCodeV9(int32_t result); - static int32_t GetResultCodeV10(int32_t result); - static int32_t GetResultCodeV20(int32_t result); static bool SetStringPropertyUtf8( napi_env env, napi_value object, const std::string &name, const std::string &value); static bool GetInt32Array(napi_env env, napi_value obj, std::vector vec); diff --git a/frameworks/js/napi/user_auth/src/auth_instance_v9.cpp b/frameworks/js/napi/user_auth/src/auth_instance_v9.cpp index 089a0c64e4afdd7a0f4d775ec41608291d2b9d12..2d7fe3a12292744eb1847d6e24bd28cd6994d915 100644 --- a/frameworks/js/napi/user_auth/src/auth_instance_v9.cpp +++ b/frameworks/js/napi/user_auth/src/auth_instance_v9.cpp @@ -21,6 +21,7 @@ #include "iam_ptr.h" #include "user_auth_api_event_reporter.h" +#include "user_auth_helper.h" #include "user_auth_client_impl.h" #define LOG_TAG "USER_AUTH_NAPI" @@ -53,7 +54,7 @@ UserAuthResultCode AuthInstanceV9::GetAvailableStatusInner(napi_env env, napi_ca IAM_LOGE("napi_get_value_int32 fail:%{public}d", ret); return UserAuthResultCode::GENERAL_ERROR; } - if (!UserAuthNapiHelper::CheckUserAuthType(type)) { + if (!UserAuthHelper::CheckUserAuthType(type)) { IAM_LOGE("CheckUserAuthType fail"); return UserAuthResultCode::TYPE_NOT_SUPPORT; } @@ -63,7 +64,7 @@ UserAuthResultCode AuthInstanceV9::GetAvailableStatusInner(napi_env env, napi_ca IAM_LOGE("napi_get_value_int32 fail:%{public}d", ret); return UserAuthResultCode::GENERAL_ERROR; } - if (!UserAuthNapiHelper::CheckAuthTrustLevel(level)) { + if (!UserAuthHelper::CheckAuthTrustLevel(level)) { IAM_LOGE("CheckAuthTrustLevel fail"); return UserAuthResultCode::TRUST_LEVEL_NOT_SUPPORT; } @@ -151,7 +152,7 @@ UserAuthResultCode AuthInstanceV9::Init(napi_env env, napi_callback_info info) IAM_LOGE("GetUint32Value fail:%{public}d", ret); return UserAuthResultCode::OHOS_INVALID_PARAM; } - if (!UserAuthNapiHelper::CheckAuthTrustLevel(authTrustLevel)) { + if (!UserAuthHelper::CheckAuthTrustLevel(authTrustLevel)) { IAM_LOGE("CheckAuthTrustLevel fail"); return UserAuthResultCode::TRUST_LEVEL_NOT_SUPPORT; } diff --git a/frameworks/js/napi/user_auth/src/user_auth_callback_v10.cpp b/frameworks/js/napi/user_auth/src/user_auth_callback_v10.cpp index 8a66a823d1d68e4b373852b8a84a373c239027de..750ed98fd6158fdfd7d0c684f1438fd4c1c35147 100644 --- a/frameworks/js/napi/user_auth/src/user_auth_callback_v10.cpp +++ b/frameworks/js/napi/user_auth/src/user_auth_callback_v10.cpp @@ -21,6 +21,7 @@ #include "iam_ptr.h" #include "iam_logger.h" +#include "user_auth_helper.h" #include "user_auth_client_impl.h" #define LOG_TAG "USER_AUTH_NAPI" @@ -134,7 +135,7 @@ napi_status UserAuthCallbackV10::DoResultCallback(int32_t result, } } - if (UserAuthNapiHelper::CheckUserAuthType(authType)) { + if (UserAuthHelper::CheckUserAuthType(authType)) { ret = UserAuthNapiHelper::SetInt32Property(env_, eventInfo, "authType", authType); if (ret != napi_ok) { IAM_LOGE("napi_create_int32 failed %{public}d", ret); @@ -244,7 +245,7 @@ void UserAuthCallbackV10::OnResult(int32_t result, const Attributes &extraInfo) return; } resultHolder->callback = shared_from_this(); - resultHolder->result = UserAuthNapiHelper::GetResultCodeV10(result); // ResultCode -> UserAuthResultCode + resultHolder->result = UserAuthHelper::GetResultCodeV10(result); // ResultCode -> UserAuthResultCode resultHolder->env = env_; if (!extraInfo.GetUint8ArrayValue(Attributes::ATTR_SIGNATURE, resultHolder->token)) { IAM_LOGE("ATTR_SIGNATURE is null"); diff --git a/frameworks/js/napi/user_auth/src/user_auth_entry.cpp b/frameworks/js/napi/user_auth/src/user_auth_entry.cpp index 29841e4f1bdb72aecf95780f0cac129e8c2f743d..89d4644c9905875331a9df952d2399eb39cc4f9a 100644 --- a/frameworks/js/napi/user_auth/src/user_auth_entry.cpp +++ b/frameworks/js/napi/user_auth/src/user_auth_entry.cpp @@ -18,6 +18,7 @@ #include "auth_instance_v9.h" #include "nlohmann/json.hpp" #include "user_auth_api_event_reporter.h" +#include "user_auth_helper.h" #include "user_auth_impl.h" #include "user_auth_instance_v10.h" #include "user_auth_widget_mgr_v10.h" @@ -515,7 +516,7 @@ napi_value SendNotice(napi_env env, napi_callback_info info) int32_t result = UserAuthClientImpl::Instance().Notice(noticeType, eventData); if (result != ResultCode::SUCCESS) { - errCode = UserAuthResultCode(UserAuthNapiHelper::GetResultCodeV10(result)); + errCode = UserAuthResultCode(UserAuthHelper::GetResultCodeV10(result)); IAM_LOGE("SendNotice fail. result: %{public}d, errCode: %{public}d", result, errCode); return ResultOfSendNotice(env, errCode); } diff --git a/frameworks/js/napi/user_auth/src/user_auth_impl.cpp b/frameworks/js/napi/user_auth/src/user_auth_impl.cpp index 1bb5b28b37d0739162f606f646a6512364b1f943..de3e2b0f261c1a7fc87123f7cb1bc62b5250b080 100644 --- a/frameworks/js/napi/user_auth/src/user_auth_impl.cpp +++ b/frameworks/js/napi/user_auth/src/user_auth_impl.cpp @@ -23,6 +23,7 @@ #include "iam_para2str.h" #include "iam_ptr.h" +#include "user_auth_helper.h" #include "user_auth_napi_helper.h" #include "user_auth_api_event_reporter.h" #include "user_auth_callback_v6.h" @@ -296,7 +297,7 @@ napi_value UserAuthImpl::GetEnrolledState(napi_env env, napi_callback_info info) reporter.ReportFailed(UserAuthResultCode::GENERAL_ERROR); return nullptr; } - if (!UserAuthNapiHelper::CheckUserAuthType(type)) { + if (!UserAuthHelper::CheckUserAuthType(type)) { IAM_LOGE("CheckUserAuthType fail"); napi_throw(env, UserAuthNapiHelper::GenerateBusinessErrorV9(env, UserAuthResultCode::TYPE_NOT_SUPPORT)); reporter.ReportFailed(UserAuthResultCode::TYPE_NOT_SUPPORT); @@ -307,7 +308,7 @@ napi_value UserAuthImpl::GetEnrolledState(napi_env env, napi_callback_info info) int32_t code = UserAuthClientImpl::Instance().GetEnrolledState(API_VERSION_12, authType, enrolledState); if (code != SUCCESS) { IAM_LOGE("failed to get enrolled state %{public}d", code); - int32_t resultCode = UserAuthNapiHelper::GetResultCodeV10(code); + int32_t resultCode = UserAuthHelper::GetResultCodeV10(code); napi_throw(env, UserAuthNapiHelper::GenerateBusinessErrorV9(env, UserAuthResultCode(resultCode))); reporter.ReportFailed(resultCode); return nullptr; @@ -400,7 +401,7 @@ napi_value UserAuthImpl::QueryReusableAuthResult(napi_env env, napi_callback_inf int32_t code = UserAuthClientImpl::Instance().QueryReusableAuthResult(authParam, token); if (code != SUCCESS) { IAM_LOGE("failed to query reuse result %{public}d", code); - int32_t resultCode = UserAuthNapiHelper::GetResultCodeV20(code); + int32_t resultCode = UserAuthHelper::GetResultCodeV20(code); napi_throw(env, UserAuthNapiHelper::GenerateBusinessErrorV9(env, UserAuthResultCode(resultCode))); reporter.ReportFailed(UserAuthResultCode(resultCode)); return nullptr; diff --git a/frameworks/js/napi/user_auth/src/user_auth_instance_v10.cpp b/frameworks/js/napi/user_auth/src/user_auth_instance_v10.cpp index 0f4ea654919d6d5b507970b3139c30b4c92ddab1..8d6f7b3762d32f7c9cf81ef7de193ba7ce9b091e 100644 --- a/frameworks/js/napi/user_auth/src/user_auth_instance_v10.cpp +++ b/frameworks/js/napi/user_auth/src/user_auth_instance_v10.cpp @@ -27,6 +27,7 @@ #include "user_auth_api_event_reporter.h" #include "user_auth_client_impl.h" #include "user_auth_common_defines.h" +#include "user_auth_helper.h" #include "user_auth_napi_helper.h" #include "user_auth_param_utils.h" @@ -306,7 +307,7 @@ UserAuthResultCode UserAuthInstanceV10::Cancel(napi_env env, napi_callback_info int32_t result = UserAuthClient::GetInstance().CancelAuthentication(contextId_); if (result != ResultCode::SUCCESS) { IAM_LOGE("CancelAuthentication fail:%{public}d", result); - return UserAuthResultCode(UserAuthNapiHelper::GetResultCodeV10(result)); + return UserAuthResultCode(UserAuthHelper::GetResultCodeV10(result)); } isAuthStarted_ = false; return UserAuthResultCode::SUCCESS; diff --git a/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp b/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp index b5aed5cf0a7a342299cb1e67ab830e648047b698..c68e4230e9d06f3d4534d882d587dfd1900f85b6 100644 --- a/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp +++ b/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp @@ -26,6 +26,7 @@ #include "iam_logger.h" #include "iam_ptr.h" +#include "user_auth_helper.h" #define LOG_TAG "USER_AUTH_NAPI" @@ -160,44 +161,6 @@ int32_t UserAuthNapiHelper::GetResultCodeV9(int32_t result) return static_cast(UserAuthResultCode::GENERAL_ERROR); } -int32_t UserAuthNapiHelper::GetResultCodeV10(int32_t result) -{ - if (result == CHECK_PERMISSION_FAILED) { - return static_cast(UserAuthResultCode::OHOS_CHECK_PERMISSION_FAILED); - } - if (result == INVALID_PARAMETERS) { - return static_cast(UserAuthResultCode::OHOS_INVALID_PARAM); - } - if (result == CHECK_SYSTEM_APP_FAILED) { - return static_cast(UserAuthResultCode::OHOS_CHECK_SYSTEM_APP_FAILED); - } - if (result == HARDWARE_NOT_SUPPORTED) { - return static_cast(UserAuthResultCode::GENERAL_ERROR); - } - if (result > (INT32_MAX - static_cast(UserAuthResultCode::RESULT_CODE_V10_MIN))) { - return static_cast(UserAuthResultCode::GENERAL_ERROR); - } - int32_t resultCodeV10 = result + static_cast(UserAuthResultCode::RESULT_CODE_V10_MIN); - if (resultCodeV10 >= static_cast(UserAuthResultCode::RESULT_CODE_V10_MIN) && - resultCodeV10 <= static_cast(UserAuthResultCode::RESULT_CODE_V10_MAX)) { - IAM_LOGI("version GetResultCodeV10 resultCodeV10 result: %{public}d", resultCodeV10); - return resultCodeV10; - } - IAM_LOGE("version GetResultCodeV10 resultCodeV10 error"); - return static_cast(UserAuthResultCode::GENERAL_ERROR); -} - -int32_t UserAuthNapiHelper::GetResultCodeV20(int32_t result) -{ - if (result == INVALID_PARAMETERS) { - return static_cast(UserAuthResultCode::PARAM_VERIFIED_FAILED); - } - if (result == REUSE_AUTH_RESULT_FAILED) { - return static_cast(UserAuthResultCode::REUSE_AUTH_RESULT_FAILED); - } - return GetResultCodeV10(result); -} - napi_value UserAuthNapiHelper::GenerateBusinessErrorV9(napi_env env, UserAuthResultCode result) { napi_value code; @@ -611,43 +574,6 @@ bool UserAuthNapiHelper::CheckAuthType(int32_t authType) } return true; } - -bool UserAuthNapiHelper::CheckUserAuthType(int32_t authType) -{ - const std::set WIDGET_AUTH_TYPE_VALID_SET = {AuthType::PIN, AuthType::FACE, AuthType::FINGERPRINT, - AuthType::PRIVATE_PIN}; - if (WIDGET_AUTH_TYPE_VALID_SET.find(static_cast(authType)) == WIDGET_AUTH_TYPE_VALID_SET.end()) { - IAM_LOGE("authType check fail:%{public}d", authType); - return false; - } - return true; -} - -bool UserAuthNapiHelper::CheckAuthTrustLevel(uint32_t authTrustLevel) -{ - if (authTrustLevel != AuthTrustLevel::ATL1 && authTrustLevel != AuthTrustLevel::ATL2 && - authTrustLevel != AuthTrustLevel::ATL3 && authTrustLevel != AuthTrustLevel::ATL4) { - IAM_LOGE("authTrustLevel check fail:%{public}d", authTrustLevel); - return false; - } - return true; -} - -bool UserAuthNapiHelper::CheckReuseUnlockResult(ReuseUnlockResult reuseUnlockResult) -{ - if (reuseUnlockResult.reuseMode != ReuseMode::AUTH_TYPE_RELEVANT && - reuseUnlockResult.reuseMode != ReuseMode::AUTH_TYPE_IRRELEVANT && - reuseUnlockResult.reuseMode != ReuseMode::CALLER_IRRELEVANT_AUTH_TYPE_RELEVANT && - reuseUnlockResult.reuseMode != ReuseMode::CALLER_IRRELEVANT_AUTH_TYPE_IRRELEVANT) { - IAM_LOGE("reuseMode check fail:%{public}u", reuseUnlockResult.reuseMode); - return false; - } - if (reuseUnlockResult.reuseDuration <= 0 || reuseUnlockResult.reuseDuration > MAX_ALLOWABLE_REUSE_DURATION) { - IAM_LOGE("reuseDuration check fail:%{public}" PRIu64, reuseUnlockResult.reuseDuration); - return false; - } - return true; -} } // namespace UserAuth } // namespace UserIam } // namespace OHOS \ No newline at end of file diff --git a/frameworks/js/napi/user_auth/src/user_auth_param_utils.cpp b/frameworks/js/napi/user_auth/src/user_auth_param_utils.cpp index bb223639be5a850592d24384d2699227c7b5e651..900c9d2ef7e51552e5c2c3db639dc5341227addb 100644 --- a/frameworks/js/napi/user_auth/src/user_auth_param_utils.cpp +++ b/frameworks/js/napi/user_auth/src/user_auth_param_utils.cpp @@ -28,6 +28,7 @@ #include "iam_ptr.h" #include "user_auth_common_defines.h" +#include "user_auth_helper.h" #include "user_auth_napi_helper.h" #define LOG_TAG "USER_AUTH_NAPI" @@ -104,7 +105,7 @@ UserAuthResultCode UserAuthParamUtils::InitAuthType(napi_env env, napi_value val return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); } IAM_LOGI("napi get authType:%{public}d", value); - if (!UserAuthNapiHelper::CheckUserAuthType(value)) { + if (!UserAuthHelper::CheckUserAuthType(value)) { IAM_LOGE("authType is illegal, %{public}d", value); return UserAuthResultCode::TYPE_NOT_SUPPORT; } @@ -136,7 +137,7 @@ UserAuthResultCode UserAuthParamUtils::InitAuthTrustLevel(napi_env env, napi_val std::string msgStr = "Parameter error. The type of \"authTrustLevel\" must be number."; return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); } - if (!UserAuthNapiHelper::CheckAuthTrustLevel(authTrustLevel)) { + if (!UserAuthHelper::CheckAuthTrustLevel(authTrustLevel)) { IAM_LOGE("AuthTrustLevel fail:%{public}u", authTrustLevel); return UserAuthResultCode::TRUST_LEVEL_NOT_SUPPORT; } @@ -175,7 +176,7 @@ UserAuthResultCode UserAuthParamUtils::InitReuseUnlockResult(napi_env env, napi_ return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); } authParam.reuseUnlockResult.reuseDuration = reuseDuration; - if (!UserAuthNapiHelper::CheckReuseUnlockResult(authParam.reuseUnlockResult)) { + if (!UserAuthHelper::CheckReuseUnlockResult(authParam.reuseUnlockResult)) { IAM_LOGE("ReuseUnlockResult fail"); std::string msgStr = "Parameter error. The type of \"reuseUnlockResult\" must be ReuseUnlockResult."; return UserAuthNapiHelper::ThrowErrorMsg(env, UserAuthResultCode::OHOS_INVALID_PARAM, msgStr); diff --git a/frameworks/js/napi/user_auth/src/user_auth_widget_mgr_v10.cpp b/frameworks/js/napi/user_auth/src/user_auth_widget_mgr_v10.cpp index 5746682a45ed79051c2d4e60205bc25bffe86872..85e9a558ee4e2d80882152ec062cc5e3713f704d 100644 --- a/frameworks/js/napi/user_auth/src/user_auth_widget_mgr_v10.cpp +++ b/frameworks/js/napi/user_auth/src/user_auth_widget_mgr_v10.cpp @@ -21,6 +21,7 @@ #include "iam_ptr.h" #include "user_auth_client_impl.h" +#include "user_auth_helper.h" #include "user_auth_widget_callback_v10.h" #define LOG_TAG "USER_AUTH_NAPI" @@ -73,7 +74,7 @@ UserAuthResultCode UserAuthWidgetMgr::Init(napi_env env, napi_callback_info info version_ = version; int32_t result = UserAuthClientImpl::Instance().SetWidgetCallback(version_, callback_); IAM_LOGD("version SetWidgetCallback result: %{public}d", result); - return static_cast(UserAuthNapiHelper::GetResultCodeV10(result)); + return static_cast(UserAuthHelper::GetResultCodeV10(result)); } std::shared_ptr UserAuthWidgetMgr::GetCallback(napi_env env, napi_value value) diff --git a/frameworks/native/client/BUILD.gn b/frameworks/native/client/BUILD.gn index e1f9e88c194e39f24f69b015909ce16602a8970c..00a3c7530bd5866b1d5d7ecb525f65746960d8d2 100644 --- a/frameworks/native/client/BUILD.gn +++ b/frameworks/native/client/BUILD.gn @@ -35,7 +35,7 @@ ohos_shared_library("userauth_client") { include_dirs = [ "inc", "../../../interfaces/inner_api", - "../../js/napi/user_auth/inc", + "../../common/inc", ] sources = [ diff --git a/interfaces/inner_api/iam_common_defines.h b/interfaces/inner_api/iam_common_defines.h index 6998c1f5ed6ea123b7a30340bda0cff3926e4acd..e5b40164969292654ed8587726d461945bdfb68b 100644 --- a/interfaces/inner_api/iam_common_defines.h +++ b/interfaces/inner_api/iam_common_defines.h @@ -165,6 +165,18 @@ enum PropertyMode : uint32_t { PROPERTY_MODE_RISK_EVENT = 9, }; +/** + * @brief Defines auth token type. + */ +enum AuthTokenType: int32_t { + /** The auth token type is local auth. */ + TOKEN_TYPE_LOCAL_AUTH = 0, + /** The auth token type is local resign. */ + TOKEN_TYPE_LOCAL_RESIGN = 1, + /** The auth token type is local coauth. */ + TOKEN_TYPE_LOCAL_COAUTH = 2, +}; + /** * @brief The result code. */ diff --git a/services/context/BUILD.gn b/services/context/BUILD.gn index 8a3cd412c9ada379240b3ae1b9da7427e4e4c7a7..f60391adfc9a52b852ffb96b9b7e9b8424403bd4 100644 --- a/services/context/BUILD.gn +++ b/services/context/BUILD.gn @@ -31,7 +31,7 @@ ohos_source_set("userauth_service_context") { branch_protector_ret = "pac_ret" include_dirs = [ "inc", - "../../frameworks/js/napi/user_auth/inc", + "../../frameworks/common/inc", ] remove_configs = [ "//build/config/compiler:no_exceptions" ] diff --git a/services/ipc/BUILD.gn b/services/ipc/BUILD.gn index 15516020e7443a6eecf9382c43303d4eba958d6c..1e1cc4af9fac942047bf2bb71b42e9ac2b0187f7 100644 --- a/services/ipc/BUILD.gn +++ b/services/ipc/BUILD.gn @@ -33,7 +33,7 @@ ohos_source_set("userauth_services_ipc") { branch_protector_ret = "pac_ret" include_dirs = [ "inc", - "../../frameworks/js/napi/user_auth/inc", + "../../frameworks/common/inc", ] remove_configs = [ "//build/config/compiler:no_exceptions" ] diff --git a/test/fuzztest/clients/coauthclient_fuzzer/BUILD.gn b/test/fuzztest/clients/coauthclient_fuzzer/BUILD.gn index 54386ed321e12df64790615cb9bce2fd18b97145..0a4d1ed4fc8c568a1318d9b4504f37754beca94d 100644 --- a/test/fuzztest/clients/coauthclient_fuzzer/BUILD.gn +++ b/test/fuzztest/clients/coauthclient_fuzzer/BUILD.gn @@ -30,7 +30,7 @@ ohos_fuzztest("CoAuthClientFuzzTest") { include_dirs = [ "../../../../interfaces/inner_api", - "../../../../frameworks/js/napi/user_auth/inc", + "../../../../frameworks/common/inc", "../../../../frameworks/native/ipc/inc", "../../../../frameworks/native/client/inc", "../../../../frameworks/native/ipc/common_defines", diff --git a/test/fuzztest/clients/eventlistenercallbackservice_fuzzer/BUILD.gn b/test/fuzztest/clients/eventlistenercallbackservice_fuzzer/BUILD.gn index 22cf235ba183d0e9391043aab3e931a7fd3477fd..979225daaa2ed463b8cd499fe24a28a5bd30edb5 100644 --- a/test/fuzztest/clients/eventlistenercallbackservice_fuzzer/BUILD.gn +++ b/test/fuzztest/clients/eventlistenercallbackservice_fuzzer/BUILD.gn @@ -30,7 +30,7 @@ ohos_fuzztest("EventListenerCallbackServiceFuzzTest") { include_dirs = [ "../../../../interfaces/inner_api", - "../../../../frameworks/js/napi/user_auth/inc", + "../../../../frameworks/common/inc", "../../../../frameworks/native/ipc/inc", "../../../../frameworks/native/client/inc", "../../../../frameworks/native/ipc/common_defines", diff --git a/test/fuzztest/clients/executorcallbackservice_fuzzer/BUILD.gn b/test/fuzztest/clients/executorcallbackservice_fuzzer/BUILD.gn index c58792595f7809f48c44c24b49f0a7c1e54965ba..187e79d99f70767081c36285de8ae0cbd6a6536c 100644 --- a/test/fuzztest/clients/executorcallbackservice_fuzzer/BUILD.gn +++ b/test/fuzztest/clients/executorcallbackservice_fuzzer/BUILD.gn @@ -35,7 +35,7 @@ ohos_fuzztest("ExecutorCallbackServiceFuzzTest") { "../../../../services/context/inc", "../../../../services/ipc/inc", "../../../../interfaces/inner_api", - "../../../../frameworks/js/napi/user_auth/inc", + "../../../../frameworks/common/inc", "../../../../frameworks/native/ipc/inc", "../../../../frameworks/native/client/inc", "../../../../frameworks/native/ipc/common_defines", diff --git a/test/fuzztest/clients/useraccessctrlclient_fuzzer/BUILD.gn b/test/fuzztest/clients/useraccessctrlclient_fuzzer/BUILD.gn index 5ad2650f88cba3cd573d593804f2b6256512dc4c..3bf4fb1a8dc1aa40bc2cc0895801a429a9443747 100644 --- a/test/fuzztest/clients/useraccessctrlclient_fuzzer/BUILD.gn +++ b/test/fuzztest/clients/useraccessctrlclient_fuzzer/BUILD.gn @@ -29,7 +29,7 @@ ohos_fuzztest("UserAccessCtrlClientFuzzTest") { include_dirs = [ "../../../../interfaces/inner_api", - "../../../../frameworks/js/napi/user_auth/inc", + "../../../../frameworks/common/inc", "../../../../frameworks/native/ipc/common_defines", "../../../../frameworks/native/ipc/inc", "../../../../frameworks/native/common/dfx/inc", diff --git a/test/fuzztest/clients/userauthclient_fuzzer/BUILD.gn b/test/fuzztest/clients/userauthclient_fuzzer/BUILD.gn index fd5e13c1a674e5702678fbfec0bb0e977d674494..09ef1df7a9227250a3207084a03920e735692b96 100644 --- a/test/fuzztest/clients/userauthclient_fuzzer/BUILD.gn +++ b/test/fuzztest/clients/userauthclient_fuzzer/BUILD.gn @@ -29,7 +29,7 @@ ohos_fuzztest("UserAuthClientFuzzTest") { include_dirs = [ "../../../../interfaces/inner_api", - "../../../../frameworks/js/napi/user_auth/inc", + "../../../../frameworks/common/inc", "../../../../frameworks/native/ipc/common_defines", "../../../../frameworks/native/ipc/inc", "../../../../frameworks/native/common/dfx/inc", diff --git a/test/fuzztest/clients/useridmclient_fuzzer/BUILD.gn b/test/fuzztest/clients/useridmclient_fuzzer/BUILD.gn index bd03c67a9dd9c1994e2c3db5a981f21949269aa6..a7405a0735b12d1effa2504cb87d0c02a68ff89a 100644 --- a/test/fuzztest/clients/useridmclient_fuzzer/BUILD.gn +++ b/test/fuzztest/clients/useridmclient_fuzzer/BUILD.gn @@ -30,7 +30,7 @@ ohos_fuzztest("UserIdmClientFuzzTest") { include_dirs = [ "../../../../interfaces/inner_api", - "../../../../frameworks/js/napi/user_auth/inc", + "../../../../frameworks/common/inc", "../../../../frameworks/native/ipc/common_defines", "../../../../frameworks/native/ipc/inc", "../../../../frameworks/native/common/dfx/inc", diff --git a/test/fuzztest/common_fuzzer/BUILD.gn b/test/fuzztest/common_fuzzer/BUILD.gn index ef67c1d510f46e07bc9bb4e469a2857780a513fa..aef2668f60460f6379a9b43aaa95886fb46bb916 100644 --- a/test/fuzztest/common_fuzzer/BUILD.gn +++ b/test/fuzztest/common_fuzzer/BUILD.gn @@ -228,7 +228,7 @@ ohos_source_set("userauth_service_context_fuzzer") { branch_protector_ret = "pac_ret" include_dirs = [ "inc", - "../../../frameworks/js/napi/user_auth/inc", + "../../../frameworks/common/inc", ] remove_configs = [ "//build/config/compiler:no_exceptions" ] @@ -367,7 +367,7 @@ ohos_source_set("userauth_services_ipc_fuzzer") { branch_protector_ret = "pac_ret" include_dirs = [ "../../../services/ipc/inc", - "../../../frameworks/js/napi/user_auth/inc", + "../../../frameworks/common/inc", ] remove_configs = [ "//build/config/compiler:no_exceptions" ] diff --git a/test/fuzztest/services/context/widgetcontext_fuzzer/BUILD.gn b/test/fuzztest/services/context/widgetcontext_fuzzer/BUILD.gn index a62f8007b00694c00c1ee02789a127abb76db744..b93ccec19bc2b19ecbf803fa5d958c561090739f 100644 --- a/test/fuzztest/services/context/widgetcontext_fuzzer/BUILD.gn +++ b/test/fuzztest/services/context/widgetcontext_fuzzer/BUILD.gn @@ -40,7 +40,7 @@ ohos_fuzztest("WidgetContextFuzzTest") { "../../../../../services/remote_connect/src", "../../../../../frameworks/native/ipc/inc", "../../../../../frameworks/native/ipc/common_defines", - "../../../../../frameworks/js/napi/user_auth/inc", + "../../../../../frameworks/common/inc", "../../../../../interfaces/inner_api", "../../../../../common/utils", "../../../../../common/logs", diff --git a/test/unittest/inner_api/BUILD.gn b/test/unittest/inner_api/BUILD.gn index 798cc59f4c7bb5e5828725701659d4902ccaed77..f356c01e7b6074e86ea049f8d16a7c5a4fcf0f33 100644 --- a/test/unittest/inner_api/BUILD.gn +++ b/test/unittest/inner_api/BUILD.gn @@ -36,7 +36,7 @@ ohos_unittest("iam_inner_api_test") { "mocks", "../services/mocks", "../../../interfaces/inner_api", - "../../../frameworks/js/napi/user_auth/inc", + "../../../frameworks/common/inc", "../../../frameworks/native/client/inc", ] diff --git a/test/unittest/services/BUILD.gn b/test/unittest/services/BUILD.gn index 8817bfc41f0b1736ef1acf67e6bf2533d284c21b..3aa2a2b375b3a5949fbf52266b0224ea66646c06 100644 --- a/test/unittest/services/BUILD.gn +++ b/test/unittest/services/BUILD.gn @@ -43,7 +43,7 @@ ohos_unittest("iam_services_test") { "../../../services/ipc/inc", "../../../services/load_mode/inc", "../../../services/remote_connect/inc", - "../../../frameworks/js/napi/user_auth/inc", + "../../../frameworks/common/inc", "../../../frameworks/native/ipc/inc", "../../../frameworks/native/ipc/common_defines", "../inner_api/mocks", diff --git a/user_auth_framework.gni b/user_auth_framework.gni index 666777aae7661ccd0c63289e0bade9dcd00fb338..6d7369047220465cacb50e4eedfda2063d09e81c 100644 --- a/user_auth_framework.gni +++ b/user_auth_framework.gni @@ -13,6 +13,7 @@ declare_args() { user_auth_framework_enable_dynamic_load = false + user_auth_framework_path = "//base/useriam/user_auth_framework" screenlock_client_enable = true if (defined(global_parts_info) && !defined(global_parts_info.theme_screenlock_mgr)) {