diff --git a/interfaces/innerkits/native/include/userauth_info.h b/interfaces/innerkits/native/include/userauth_info.h index 7a60d349d6569436667b266f68a2805578173564..e826536d787c303332c1d4821e3a53e59273cbb0 100755 --- a/interfaces/innerkits/native/include/userauth_info.h +++ b/interfaces/innerkits/native/include/userauth_info.h @@ -112,6 +112,7 @@ struct CoAuthInfo { AuthType authType; uint64_t callerID; uint64_t contextID; + int32_t userID; std::string pkgName; std::vector sessionIds; }; diff --git a/services/BUILD.gn b/services/BUILD.gn index db18f921d140955bc2014b6dcc7322265fb8f247..78b3a67ddf1e0cf10ac93d5a926580b314911b6d 100755 --- a/services/BUILD.gn +++ b/services/BUILD.gn @@ -18,6 +18,7 @@ config("userauth_private_config") { "include", "//base/user_iam/auth_executor_mgr/common/interface", "//foundation/distributedschedule/samgr/interfaces/innerkits/samgr_proxy/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", ] } @@ -47,6 +48,7 @@ ohos_shared_library("userauthservice") { "//drivers/peripheral/display/hal:hdi_display_device", "//third_party/openssl:libcrypto_static", "//utils/native/base:utils", + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", ] external_deps = [ diff --git a/services/include/userauth_adapter.h b/services/include/userauth_adapter.h index 7ad3d7ecf78909a8f569b56334b95122a1ed66c2..d445d59c9ecafd67529dcc3cb7f545df700befd1 100644 --- a/services/include/userauth_adapter.h +++ b/services/include/userauth_adapter.h @@ -35,25 +35,23 @@ public: int32_t GetAuthTrustLevel(int32_t userId, uint32_t authType, uint32_t &authTrustLevel); /* Get the executor authentication properties */ - void GetPropAuthInfo(uint64_t callerUID, std::string pkgName, GetPropertyRequest requset, + void GetPropAuthInfo(int32_t userID, uint64_t callerUID, std::string pkgName, GetPropertyRequest requset, sptr& callback); /** This method is called to set the executor properties * after the callback of the coAuth is called to obtain the scheduling token * and the authentication result is successful. * */ - void CoauthSetPropAuthInfo(int32_t resultCode, uint64_t callerUID, std::string pkgName, UserAuthToken authToken, - SetPropertyRequest requset, sptr& callback); + void CoauthSetPropAuthInfo(int32_t userID, int32_t resultCode, uint64_t callerUID, std::string pkgName, + UserAuthToken authToken, SetPropertyRequest requset, sptr& callback); /* Set the executor authentication properties for freez or unfreez */ void SetPropAuthInfo(uint64_t callerUID, std::string pkgName, int32_t resultCode, UserAuthToken authToken, SetPropertyRequest requset, std::vector templateIds, sptr& callback); /* get the executor authentication properties for Coauth */ - void GetPropAuthInfoCoauth(uint64_t callerUID, std::string pkgName, int32_t resultCode, UserAuthToken authToken, - GetPropertyRequest requset, sptr& callback); - /* get userID */ - int32_t GetUserID(int32_t &userID); + void GetPropAuthInfoCoauth(int32_t userID, uint64_t callerUID, std::string pkgName, int32_t resultCode, + UserAuthToken authToken, GetPropertyRequest requset, sptr& callback); int32_t GenerateSolution(AuthSolution param, std::vector &sessionIds); int32_t RequestAuthResult(uint64_t contextId, std::vector scheduleToken, UserAuthToken &authToken, std::vector &sessionIds); diff --git a/services/include/userauth_controller.h b/services/include/userauth_controller.h index 079c765d73ca4d6b322ed00d1a3fb4df07d0322a..b2589333263c8edb817554822b9673c4f0d27edd 100644 --- a/services/include/userauth_controller.h +++ b/services/include/userauth_controller.h @@ -27,11 +27,10 @@ namespace UserAuth { class UserAuthController { public: int32_t GetAuthTrustLevel(int32_t userId, uint32_t authType, uint32_t &authTrustLevel); - void GetPropAuthInfo(std::string pkgName, uint64_t callerUID, GetPropertyRequest getPropertyRequest, + void GetPropAuthInfo(int32_t userID, std::string pkgName, uint64_t callerUID, GetPropertyRequest getPropertyRequest, sptr& callback); int32_t SetExecutorProp(uint64_t callerUID, std::string pkgName, SetPropertyRequest setPropertyrequest, sptr& callback); - int32_t GetUserID(int32_t &userID); int32_t AddContextID(uint64_t contextID); int32_t IsContextIDExist(uint64_t contextID); int32_t GenerateContextID(uint64_t &contextID); diff --git a/services/include/userauth_excallback_impl.h b/services/include/userauth_excallback_impl.h index 65a2a9c441d941324c768939d7070e38f1802d18..4b6554dd58a94ce605764bf687f3821d399b08d9 100644 --- a/services/include/userauth_excallback_impl.h +++ b/services/include/userauth_excallback_impl.h @@ -46,6 +46,7 @@ private: int32_t callbackNowCount_ = 0; uint64_t callbackContextID_ = 0; std::string pkgName_ = ""; + int32_t userID_ = 0; uint64_t callerUid_ = 0; bool callbackResultFlag_ = false; sptr callback_ { nullptr }; @@ -53,7 +54,7 @@ private: std::mutex mutex_; static std::mutex coauthCallbackmutex_; static std::map> saveCoauthCallback_; - void OnFinishHandleExtend(SetPropertyRequest setPropertyRequest, AuthResult authResult, int32_t ret, + void OnFinishHandleExtend(int32_t userID, SetPropertyRequest setPropertyRequest, AuthResult authResult, int32_t ret, UserAuthToken authToken); }; diff --git a/services/include/userauth_service.h b/services/include/userauth_service.h index 03e22009a8cda3784e41f80e2abbfd6fc7e6dcd3..1311866f24565f6a0c2efd957a4f573da7173cdc 100644 --- a/services/include/userauth_service.h +++ b/services/include/userauth_service.h @@ -45,6 +45,7 @@ public: int32_t GetVersion() override; private: + int32_t GetCallingUserID(int32_t &userID); int32_t GetControllerData(sptr& callback, AuthResult &extraInfo, const AuthTurstLevel authTurstLevel, uint64_t &callerID, std::string &callerName, uint64_t &contextID); diff --git a/services/src/userauth_adapter.cpp b/services/src/userauth_adapter.cpp index af1dc5c17fa6d8593f9fdda4fc358c200b903717..d9689068e9de62deecf16d8f395700385757938d 100644 --- a/services/src/userauth_adapter.cpp +++ b/services/src/userauth_adapter.cpp @@ -26,8 +26,6 @@ namespace OHOS { namespace UserIAM { namespace UserAuth { -const int32_t cUserId = 0; - UserAuthAdapter &UserAuthAdapter::GetInstance() { static UserAuthAdapter instance; @@ -45,15 +43,15 @@ int32_t UserAuthAdapter::GetAuthTrustLevel(int32_t userId, uint32_t authType, ui return ret; } -void UserAuthAdapter::GetPropAuthInfo(uint64_t callerUID, std::string pkgName, GetPropertyRequest requset, - sptr& callback) +void UserAuthAdapter::GetPropAuthInfo(int32_t userID, uint64_t callerUID, std::string pkgName, + GetPropertyRequest requset, sptr& callback) { USERAUTH_HILOGD(MODULE_SERVICE, "UserAuth GetPropAuthInfo is start!"); std::shared_ptr getInfoCallback = std::make_shared(callback, requset, callerUID, pkgName); - int32_t ret = UserIDM::UserIDMClient::GetInstance().GetAuthInfo(static_cast(requset.authType), - getInfoCallback); + int32_t ret = UserIDM::UserIDMClient::GetInstance().GetAuthInfo(userID, + static_cast(requset.authType), getInfoCallback); if (ret != SUCCESS) { USERAUTH_HILOGE(MODULE_SERVICE, "UserAuth GetPropAuthInfo ERROR!"); } @@ -134,7 +132,7 @@ int32_t UserAuthAdapter::SetProPropAuthInfo(OHOS::UserIAM::AuthResPool::AuthAttr } return ret; } -void UserAuthAdapter::GetPropAuthInfoCoauth(uint64_t callerUID, std::string pkgName, int32_t resultCode, +void UserAuthAdapter::GetPropAuthInfoCoauth(int32_t userID, uint64_t callerUID, std::string pkgName, int32_t resultCode, UserAuthToken authToken, GetPropertyRequest requset, sptr& callback) { @@ -143,15 +141,15 @@ void UserAuthAdapter::GetPropAuthInfoCoauth(uint64_t callerUID, std::string pkgN std::shared_ptr getInfoCallback = std::make_shared(callback, callerUID, pkgName, resultCode, authToken, requset); - int32_t ret = UserIDM::UserIDMClient::GetInstance().GetAuthInfo(static_cast(requset.authType), - getInfoCallback); + int32_t ret = UserIDM::UserIDMClient::GetInstance().GetAuthInfo(userID, + static_cast(requset.authType), getInfoCallback); if (ret != SUCCESS) { USERAUTH_HILOGE(MODULE_SERVICE, "UserAuth GetPropAuthInfoCoauth ERROR!"); } USERAUTH_HILOGD(MODULE_SERVICE, "UserAuth GetPropAuthInfoCoauth is end!"); } -void UserAuthAdapter::CoauthSetPropAuthInfo(int32_t resultCode, uint64_t callerUID, std::string pkgName, +void UserAuthAdapter::CoauthSetPropAuthInfo(int32_t userID, int32_t resultCode, uint64_t callerUID, std::string pkgName, UserAuthToken authToken, SetPropertyRequest requset, sptr& callback) { @@ -159,7 +157,7 @@ void UserAuthAdapter::CoauthSetPropAuthInfo(int32_t resultCode, uint64_t callerU std::shared_ptr setPropCallback = std::make_shared(callback, callerUID, pkgName, resultCode, authToken, requset); - int32_t ret = UserIDM::UserIDMClient::GetInstance().GetAuthInfo(static_cast(requset.authType), + int32_t ret = UserIDM::UserIDMClient::GetInstance().GetAuthInfo(userID, static_cast(requset.authType), setPropCallback); if (ret != SUCCESS) { USERAUTH_HILOGE(MODULE_SERVICE, "UserAuth CoauthSetPropAuthInfo ERROR!"); @@ -167,14 +165,6 @@ void UserAuthAdapter::CoauthSetPropAuthInfo(int32_t resultCode, uint64_t callerU USERAUTH_HILOGD(MODULE_SERVICE, "UserAuth CoauthSetPropAuthInfo is end!"); } -int32_t UserAuthAdapter::GetUserID(int32_t &userID) -{ - USERAUTH_HILOGD(MODULE_SERVICE, "UserAuth GetUserID is start!"); - // 打桩 IAMTA - userID = cUserId; - return SUCCESS; -} - int32_t UserAuthAdapter::GenerateSolution(AuthSolution param, std::vector &sessionIds) { USERAUTH_HILOGD(MODULE_SERVICE, "UserAuth GenerateSolution is start!"); diff --git a/services/src/userauth_controller.cpp b/services/src/userauth_controller.cpp index 2beb1145f5089da13cfd057deaeb1bbd8916ff40..8a28a8ea39cac27248918061923b570a534fe0ab 100644 --- a/services/src/userauth_controller.cpp +++ b/services/src/userauth_controller.cpp @@ -29,15 +29,11 @@ int32_t UserAuthController::SetExecutorProp(uint64_t callerUID, std::string pkgN { return UserAuthAdapter::GetInstance().SetExecutorProp(callerUID, pkgName, setPropertyrequest, callback); } -void UserAuthController::GetPropAuthInfo(std::string pkgName, uint64_t callerUID, +void UserAuthController::GetPropAuthInfo(int32_t userID, std::string pkgName, uint64_t callerUID, GetPropertyRequest getPropertyRequest, sptr& callback) { - UserAuthAdapter::GetInstance().GetPropAuthInfo(callerUID, pkgName, getPropertyRequest, callback); -} -int32_t UserAuthController::GetUserID(int32_t &userID) -{ - return UserAuthAdapter::GetInstance().GetUserID(userID); + UserAuthAdapter::GetInstance().GetPropAuthInfo(userID, callerUID, pkgName, getPropertyRequest, callback); } int32_t UserAuthController::GenerateSolution(AuthSolution param, std::vector &sessionIds) { diff --git a/services/src/userauth_excallback_impl.cpp b/services/src/userauth_excallback_impl.cpp index 695f81c01c77a590663bb676e440e1776c1d3454..623a0439e8d0d59fe8e1ced27ca3dcc5341ef2ee 100644 --- a/services/src/userauth_excallback_impl.cpp +++ b/services/src/userauth_excallback_impl.cpp @@ -114,6 +114,7 @@ UserAuthCallbackImplCoAuth::UserAuthCallbackImplCoAuth(const sptr &scheduleToken) { @@ -142,14 +143,14 @@ void UserAuthCallbackImplCoAuth::OnAcquireInfo(uint32_t acquire) return; } } -void UserAuthCallbackImplCoAuth::OnFinishHandleExtend(SetPropertyRequest setPropertyRequest, AuthResult authResult, - int32_t ret, UserAuthToken authToken) +void UserAuthCallbackImplCoAuth::OnFinishHandleExtend(int32_t userID, SetPropertyRequest setPropertyRequest, + AuthResult authResult,int32_t ret, UserAuthToken authToken) { if (authType_ == UserAuth::PIN) { USERAUTH_HILOGD(MODULE_SERVICE, "RequestAuthResult SUCCESS"); setPropertyRequest.authType = authType_; setPropertyRequest.key = SetPropertyType::THAW_TEMPLATE; - UserAuthAdapter::GetInstance().CoauthSetPropAuthInfo(ret, callerUid_, pkgName_, + UserAuthAdapter::GetInstance().CoauthSetPropAuthInfo(userID, ret, callerUid_, pkgName_, authToken, setPropertyRequest, callback_); } else { USERAUTH_HILOGD(MODULE_SERVICE, "RequestAuthResult SUCCESS NOT INFO"); @@ -189,21 +190,21 @@ void UserAuthCallbackImplCoAuth::OnFinishHandle(uint32_t resultCode, std::vector } return ; } else if (ret == SUCCESS) { - OnFinishHandleExtend(setPropertyRequest, authResult, ret, authToken); + OnFinishHandleExtend(userID_, setPropertyRequest, authResult, ret, authToken); } else { USERAUTH_HILOGD(MODULE_SERVICE, "RequestAuthResult NOT SUCCESS"); getPropertyRequest.authType = authType_; getPropertyRequest.keys.push_back(UserAuth::REMAIN_TIMES); getPropertyRequest.keys.push_back(UserAuth::FREEZING_TIME); - UserAuthAdapter::GetInstance().GetPropAuthInfoCoauth(callerUid_, pkgName_, ret, + UserAuthAdapter::GetInstance().GetPropAuthInfoCoauth(userID_, callerUid_, pkgName_, ret, authToken, getPropertyRequest, callback_); } } else { USERAUTH_HILOGD(MODULE_SERVICE, "UserAuthCallbackImplCoAuth resultCode == LOCKED"); setPropertyRequest.authType = authType_; setPropertyRequest.key = SetPropertyType::FREEZE_TEMPLATE; - UserAuthAdapter::GetInstance().CoauthSetPropAuthInfo(ret, callerUid_, pkgName_, authToken, setPropertyRequest, - callback_); + UserAuthAdapter::GetInstance().CoauthSetPropAuthInfo(userID_, ret, callerUid_, pkgName_, authToken, + setPropertyRequest, callback_); } if (sessionIds.size() != 0) { for (std::vector::iterator iter = sessionIds.begin(); iter != sessionIds.end(); iter++) { diff --git a/services/src/userauth_service.cpp b/services/src/userauth_service.cpp index 4f827b15050cf69a6c1d507ea46db6469329ef17..8dfd7ed96cdec3e413b2b6ad4dc3cdd7975b4fc5 100644 --- a/services/src/userauth_service.cpp +++ b/services/src/userauth_service.cpp @@ -17,6 +17,7 @@ #include #include "userauth_hilog_wrapper.h" #include "useriam_common.h" +#include "accesstoken_kit.h" #include "userauth_service.h" namespace OHOS { @@ -72,7 +73,7 @@ int32_t UserAuthService::GetAvailableStatus(const AuthType authType, const AuthT return result; } - ret = userauthController_.GetUserID(userID); + ret = this->GetCallingUserID(userID); if (ret != SUCCESS) { USERAUTH_HILOGE(MODULE_SERVICE, "UserAuthService GetAvailableStatus GetUserID is ERROR!"); return result; @@ -99,7 +100,14 @@ void UserAuthService::GetProperty(const GetPropertyRequest request, sptrGetCallingUserID(userID); + if (ret != SUCCESS) { + AuthResult extraInfo; + callback->onResult(ret, extraInfo); + return; + } callerID = this->GetCallingUid(); callerName = std::to_string(callerID); @@ -108,7 +116,7 @@ void UserAuthService::GetProperty(const GetPropertyRequest request, sptr& callback) @@ -137,6 +145,28 @@ void UserAuthService::SetProperty(const SetPropertyRequest request, sptrGetFirstTokenID(); + if (tokenID == 0) { + tokenID = this->GetCallingTokenID(); + } + Security::AccessToken::ATokenTypeEnum callingType = Security::AccessToken::AccessTokenKit::GetTokenType(tokenID); + if (callingType != Security::AccessToken::TOKEN_HAP) { + USERAUTH_HILOGE(MODULE_SERVICE, "CallingType is not hap."); + return TYPE_NOT_SUPPORT; + } + Security::AccessToken::HapTokenInfo hapTokenInfo; + int result = Security::AccessToken::AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfo); + if (result != SUCCESS) { + USERAUTH_HILOGE(MODULE_SERVICE, "Get hap token info failed."); + return TYPE_NOT_SUPPORT; + } + userID = (int32_t)hapTokenInfo.userID; + USERAUTH_HILOGE(MODULE_SERVICE, "GetCallingUserID is %{public}d", userID); + return SUCCESS; +} + uint64_t UserAuthService::Auth(const uint64_t challenge, const AuthType authType, const AuthTurstLevel authTurstLevel, sptr& callback) @@ -154,7 +184,7 @@ uint64_t UserAuthService::Auth(const uint64_t challenge, const AuthType authType if (GetControllerData(callback, extraInfo, authTurstLevel, callerID, callerName, contextID) == FAIL) { return ret; } - result = userauthController_.GetUserID(userID); + result = this->GetCallingUserID(userID); if (result != SUCCESS) { USERAUTH_HILOGE(MODULE_SERVICE, "UserAuthService Auth GetUserID is ERROR!"); callback->onResult(FAIL, extraInfo); @@ -175,6 +205,7 @@ uint64_t UserAuthService::Auth(const uint64_t challenge, const AuthType authType coAuthInfo.callerID = callerID; coAuthInfo.contextID = contextID; coAuthInfo.pkgName = callerName; + coAuthInfo.userID = userID; sptr dr = new UserAuthServiceCallbackDeathRecipient(callback); if ((!callback->AsObject()->AddDeathRecipient(dr))) { USERAUTH_HILOGE(MODULE_SERVICE, "Failed to add death recipient UserAuthServiceCallbackDeathRecipient");