From 4fb8dff26d03d93ee3c76441620b5562469f1e36 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9F=A9=E9=9C=87?= Date: Wed, 9 Feb 2022 10:03:06 +0800 Subject: [PATCH] use real userid MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 韩震 Change-Id: I548ea4b6d8a1ce62f99ea9b4d59e3bc885d72123 --- .../innerkits/native/include/userauth_info.h | 1 + services/BUILD.gn | 2 + services/include/userauth_adapter.h | 12 +++--- services/include/userauth_controller.h | 3 +- services/include/userauth_excallback_impl.h | 3 +- services/include/userauth_service.h | 1 + services/src/userauth_adapter.cpp | 30 +++++--------- services/src/userauth_controller.cpp | 8 +--- services/src/userauth_excallback_impl.cpp | 15 +++---- services/src/userauth_service.cpp | 39 +++++++++++++++++-- 10 files changed, 67 insertions(+), 47 deletions(-) mode change 100755 => 100644 interfaces/innerkits/native/include/userauth_info.h mode change 100755 => 100644 services/BUILD.gn diff --git a/interfaces/innerkits/native/include/userauth_info.h b/interfaces/innerkits/native/include/userauth_info.h old mode 100755 new mode 100644 index 7a60d349d..e826536d7 --- a/interfaces/innerkits/native/include/userauth_info.h +++ b/interfaces/innerkits/native/include/userauth_info.h @@ -112,6 +112,7 @@ struct CoAuthInfo { AuthType authType; uint64_t callerID; uint64_t contextID; + int32_t userID; std::string pkgName; std::vector sessionIds; }; diff --git a/services/BUILD.gn b/services/BUILD.gn old mode 100755 new mode 100644 index db18f921d..dae1c3a0f --- a/services/BUILD.gn +++ b/services/BUILD.gn @@ -18,6 +18,7 @@ config("userauth_private_config") { "include", "//base/user_iam/auth_executor_mgr/common/interface", "//foundation/distributedschedule/samgr/interfaces/innerkits/samgr_proxy/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", ] } @@ -40,6 +41,7 @@ ohos_shared_library("userauthservice") { deps = [ "${userauth_innerkits_path}/native:userauth_framework", + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", "//base/startup/syspara_lite/interfaces/innerkits/native/syspara:syspara", "//base/user_iam/auth_executor_mgr/common:useriam_common_lib", "//base/user_iam/auth_executor_mgr/interfaces/innerkits:coauth_framework", diff --git a/services/include/userauth_adapter.h b/services/include/userauth_adapter.h index 7ad3d7ecf..d445d59c9 100644 --- a/services/include/userauth_adapter.h +++ b/services/include/userauth_adapter.h @@ -35,25 +35,23 @@ public: int32_t GetAuthTrustLevel(int32_t userId, uint32_t authType, uint32_t &authTrustLevel); /* Get the executor authentication properties */ - void GetPropAuthInfo(uint64_t callerUID, std::string pkgName, GetPropertyRequest requset, + void GetPropAuthInfo(int32_t userID, uint64_t callerUID, std::string pkgName, GetPropertyRequest requset, sptr& callback); /** This method is called to set the executor properties * after the callback of the coAuth is called to obtain the scheduling token * and the authentication result is successful. * */ - void CoauthSetPropAuthInfo(int32_t resultCode, uint64_t callerUID, std::string pkgName, UserAuthToken authToken, - SetPropertyRequest requset, sptr& callback); + void CoauthSetPropAuthInfo(int32_t userID, int32_t resultCode, uint64_t callerUID, std::string pkgName, + UserAuthToken authToken, SetPropertyRequest requset, sptr& callback); /* Set the executor authentication properties for freez or unfreez */ void SetPropAuthInfo(uint64_t callerUID, std::string pkgName, int32_t resultCode, UserAuthToken authToken, SetPropertyRequest requset, std::vector templateIds, sptr& callback); /* get the executor authentication properties for Coauth */ - void GetPropAuthInfoCoauth(uint64_t callerUID, std::string pkgName, int32_t resultCode, UserAuthToken authToken, - GetPropertyRequest requset, sptr& callback); - /* get userID */ - int32_t GetUserID(int32_t &userID); + void GetPropAuthInfoCoauth(int32_t userID, uint64_t callerUID, std::string pkgName, int32_t resultCode, + UserAuthToken authToken, GetPropertyRequest requset, sptr& callback); int32_t GenerateSolution(AuthSolution param, std::vector &sessionIds); int32_t RequestAuthResult(uint64_t contextId, std::vector scheduleToken, UserAuthToken &authToken, std::vector &sessionIds); diff --git a/services/include/userauth_controller.h b/services/include/userauth_controller.h index 079c765d7..b25893332 100644 --- a/services/include/userauth_controller.h +++ b/services/include/userauth_controller.h @@ -27,11 +27,10 @@ namespace UserAuth { class UserAuthController { public: int32_t GetAuthTrustLevel(int32_t userId, uint32_t authType, uint32_t &authTrustLevel); - void GetPropAuthInfo(std::string pkgName, uint64_t callerUID, GetPropertyRequest getPropertyRequest, + void GetPropAuthInfo(int32_t userID, std::string pkgName, uint64_t callerUID, GetPropertyRequest getPropertyRequest, sptr& callback); int32_t SetExecutorProp(uint64_t callerUID, std::string pkgName, SetPropertyRequest setPropertyrequest, sptr& callback); - int32_t GetUserID(int32_t &userID); int32_t AddContextID(uint64_t contextID); int32_t IsContextIDExist(uint64_t contextID); int32_t GenerateContextID(uint64_t &contextID); diff --git a/services/include/userauth_excallback_impl.h b/services/include/userauth_excallback_impl.h index e20ad8d66..fa9a7c024 100644 --- a/services/include/userauth_excallback_impl.h +++ b/services/include/userauth_excallback_impl.h @@ -46,6 +46,7 @@ private: int32_t callbackNowCount_ = 0; uint64_t callbackContextID_ = 0; std::string pkgName_ = ""; + int32_t userID_ = 0; uint64_t callerUid_ = 0; bool isResultDoneFlag_ = false; sptr callback_ { nullptr }; @@ -53,7 +54,7 @@ private: std::mutex mutex_; static std::mutex coauthCallbackmutex_; static std::map> saveCoauthCallback_; - void OnFinishHandleExtend(SetPropertyRequest setPropertyRequest, AuthResult authResult, int32_t ret, + void OnFinishHandleExtend(int32_t userID, SetPropertyRequest setPropertyRequest, AuthResult authResult, int32_t ret, UserAuthToken authToken); }; diff --git a/services/include/userauth_service.h b/services/include/userauth_service.h index 03e22009a..1311866f2 100644 --- a/services/include/userauth_service.h +++ b/services/include/userauth_service.h @@ -45,6 +45,7 @@ public: int32_t GetVersion() override; private: + int32_t GetCallingUserID(int32_t &userID); int32_t GetControllerData(sptr& callback, AuthResult &extraInfo, const AuthTurstLevel authTurstLevel, uint64_t &callerID, std::string &callerName, uint64_t &contextID); diff --git a/services/src/userauth_adapter.cpp b/services/src/userauth_adapter.cpp index 9c589411d..5cacdaad2 100644 --- a/services/src/userauth_adapter.cpp +++ b/services/src/userauth_adapter.cpp @@ -26,8 +26,6 @@ namespace OHOS { namespace UserIAM { namespace UserAuth { -const int32_t cUserId = 0; - UserAuthAdapter &UserAuthAdapter::GetInstance() { static UserAuthAdapter instance; @@ -45,15 +43,15 @@ int32_t UserAuthAdapter::GetAuthTrustLevel(int32_t userId, uint32_t authType, ui return ret; } -void UserAuthAdapter::GetPropAuthInfo(uint64_t callerUID, std::string pkgName, GetPropertyRequest requset, - sptr& callback) +void UserAuthAdapter::GetPropAuthInfo(int32_t userID, uint64_t callerUID, std::string pkgName, + GetPropertyRequest requset, sptr& callback) { USERAUTH_HILOGD(MODULE_SERVICE, "UserAuth GetPropAuthInfo is start!"); using namespace UserIDM; std::shared_ptr getInfoCallback = std::make_shared(callback, requset, callerUID, pkgName); - int32_t ret = UserIDMClient::GetInstance().GetAuthInfo(static_cast(requset.authType), - getInfoCallback); + int32_t ret = UserIDMClient::GetInstance().GetAuthInfo(userID, + static_cast(requset.authType), getInfoCallback); if (ret != SUCCESS) { USERAUTH_HILOGE(MODULE_SERVICE, "UserAuth GetPropAuthInfo ERROR!"); } @@ -136,7 +134,7 @@ int32_t UserAuthAdapter::SetProPropAuthInfo(OHOS::UserIAM::AuthResPool::AuthAttr } return ret; } -void UserAuthAdapter::GetPropAuthInfoCoauth(uint64_t callerUID, std::string pkgName, int32_t resultCode, +void UserAuthAdapter::GetPropAuthInfoCoauth(int32_t userID, uint64_t callerUID, std::string pkgName, int32_t resultCode, UserAuthToken authToken, GetPropertyRequest requset, sptr& callback) { @@ -145,15 +143,15 @@ void UserAuthAdapter::GetPropAuthInfoCoauth(uint64_t callerUID, std::string pkgN std::shared_ptr getInfoCallback = std::make_shared(callback, callerUID, pkgName, resultCode, authToken, requset); - int32_t ret = UserIDMClient::GetInstance().GetAuthInfo(static_cast(requset.authType), - getInfoCallback); + int32_t ret = UserIDMClient::GetInstance().GetAuthInfo(userID, + static_cast(requset.authType), getInfoCallback); if (ret != SUCCESS) { USERAUTH_HILOGE(MODULE_SERVICE, "UserAuth GetPropAuthInfoCoauth ERROR!"); } USERAUTH_HILOGD(MODULE_SERVICE, "UserAuth GetPropAuthInfoCoauth is end!"); } -void UserAuthAdapter::CoauthSetPropAuthInfo(int32_t resultCode, uint64_t callerUID, std::string pkgName, +void UserAuthAdapter::CoauthSetPropAuthInfo(int32_t userID, int32_t resultCode, uint64_t callerUID, std::string pkgName, UserAuthToken authToken, SetPropertyRequest requset, sptr& callback) { @@ -162,22 +160,14 @@ void UserAuthAdapter::CoauthSetPropAuthInfo(int32_t resultCode, uint64_t callerU std::shared_ptr setPropCallback = std::make_shared(callback, callerUID, pkgName, resultCode, authToken, requset); - int32_t ret = UserIDMClient::GetInstance().GetAuthInfo(static_cast(requset.authType), - setPropCallback); + int32_t ret = UserIDMClient::GetInstance().GetAuthInfo(userID, + static_cast(requset.authType), setPropCallback); if (ret != SUCCESS) { USERAUTH_HILOGE(MODULE_SERVICE, "UserAuth CoauthSetPropAuthInfo ERROR!"); } USERAUTH_HILOGD(MODULE_SERVICE, "UserAuth CoauthSetPropAuthInfo is end!"); } -int32_t UserAuthAdapter::GetUserID(int32_t &userID) -{ - USERAUTH_HILOGD(MODULE_SERVICE, "UserAuth GetUserID is start!"); - // 打桩 IAMTA - userID = cUserId; - return SUCCESS; -} - int32_t UserAuthAdapter::GenerateSolution(AuthSolution param, std::vector &sessionIds) { USERAUTH_HILOGD(MODULE_SERVICE, "UserAuth GenerateSolution is start!"); diff --git a/services/src/userauth_controller.cpp b/services/src/userauth_controller.cpp index 2beb1145f..8a28a8ea3 100644 --- a/services/src/userauth_controller.cpp +++ b/services/src/userauth_controller.cpp @@ -29,15 +29,11 @@ int32_t UserAuthController::SetExecutorProp(uint64_t callerUID, std::string pkgN { return UserAuthAdapter::GetInstance().SetExecutorProp(callerUID, pkgName, setPropertyrequest, callback); } -void UserAuthController::GetPropAuthInfo(std::string pkgName, uint64_t callerUID, +void UserAuthController::GetPropAuthInfo(int32_t userID, std::string pkgName, uint64_t callerUID, GetPropertyRequest getPropertyRequest, sptr& callback) { - UserAuthAdapter::GetInstance().GetPropAuthInfo(callerUID, pkgName, getPropertyRequest, callback); -} -int32_t UserAuthController::GetUserID(int32_t &userID) -{ - return UserAuthAdapter::GetInstance().GetUserID(userID); + UserAuthAdapter::GetInstance().GetPropAuthInfo(userID, callerUID, pkgName, getPropertyRequest, callback); } int32_t UserAuthController::GenerateSolution(AuthSolution param, std::vector &sessionIds) { diff --git a/services/src/userauth_excallback_impl.cpp b/services/src/userauth_excallback_impl.cpp index cb449e97e..b5e8cbf4d 100644 --- a/services/src/userauth_excallback_impl.cpp +++ b/services/src/userauth_excallback_impl.cpp @@ -118,6 +118,7 @@ UserAuthCallbackImplCoAuth::UserAuthCallbackImplCoAuth(const sptr &scheduleToken) { @@ -146,14 +147,14 @@ void UserAuthCallbackImplCoAuth::OnAcquireInfo(uint32_t acquire) return; } } -void UserAuthCallbackImplCoAuth::OnFinishHandleExtend(SetPropertyRequest setPropertyRequest, AuthResult authResult, - int32_t ret, UserAuthToken authToken) +void UserAuthCallbackImplCoAuth::OnFinishHandleExtend(int32_t userID, SetPropertyRequest setPropertyRequest, + AuthResult authResult, int32_t ret, UserAuthToken authToken) { if (authType_ == UserAuth::PIN) { USERAUTH_HILOGD(MODULE_SERVICE, "RequestAuthResult SUCCESS"); setPropertyRequest.authType = authType_; setPropertyRequest.key = SetPropertyType::THAW_TEMPLATE; - UserAuthAdapter::GetInstance().CoauthSetPropAuthInfo(ret, callerUid_, pkgName_, + UserAuthAdapter::GetInstance().CoauthSetPropAuthInfo(userID, ret, callerUid_, pkgName_, authToken, setPropertyRequest, callback_); } else { USERAUTH_HILOGD(MODULE_SERVICE, "RequestAuthResult SUCCESS NOT INFO"); @@ -194,21 +195,21 @@ void UserAuthCallbackImplCoAuth::OnFinishHandle(uint32_t resultCode, std::vector } if (resultCode != LOCKED) { if (ret == SUCCESS) { - OnFinishHandleExtend(setPropertyRequest, authResult, ret, authToken); + OnFinishHandleExtend(userID_, setPropertyRequest, authResult, ret, authToken); } else { USERAUTH_HILOGD(MODULE_SERVICE, "RequestAuthResult NOT SUCCESS"); getPropertyRequest.authType = authType_; getPropertyRequest.keys.push_back(UserAuth::REMAIN_TIMES); getPropertyRequest.keys.push_back(UserAuth::FREEZING_TIME); - UserAuthAdapter::GetInstance().GetPropAuthInfoCoauth(callerUid_, pkgName_, ret, + UserAuthAdapter::GetInstance().GetPropAuthInfoCoauth(userID_, callerUid_, pkgName_, ret, authToken, getPropertyRequest, callback_); } } else { USERAUTH_HILOGD(MODULE_SERVICE, "UserAuthCallbackImplCoAuth resultCode == LOCKED"); setPropertyRequest.authType = authType_; setPropertyRequest.key = SetPropertyType::FREEZE_TEMPLATE; - UserAuthAdapter::GetInstance().CoauthSetPropAuthInfo(ret, callerUid_, pkgName_, authToken, setPropertyRequest, - callback_); + UserAuthAdapter::GetInstance().CoauthSetPropAuthInfo(userID_, ret, callerUid_, pkgName_, authToken, + setPropertyRequest, callback_); } if (sessionIds.size() != 0) { for (auto const &item : sessionIds) { diff --git a/services/src/userauth_service.cpp b/services/src/userauth_service.cpp index c62701c68..205757fcd 100644 --- a/services/src/userauth_service.cpp +++ b/services/src/userauth_service.cpp @@ -17,6 +17,7 @@ #include #include "userauth_hilog_wrapper.h" #include "useriam_common.h" +#include "accesstoken_kit.h" #include "userauth_service.h" namespace OHOS { @@ -72,7 +73,7 @@ int32_t UserAuthService::GetAvailableStatus(const AuthType authType, const AuthT return result; } - ret = userauthController_.GetUserID(userID); + ret = this->GetCallingUserID(userID); if (ret != SUCCESS) { USERAUTH_HILOGE(MODULE_SERVICE, "UserAuthService GetAvailableStatus GetUserID is ERROR!"); return result; @@ -100,6 +101,14 @@ void UserAuthService::GetProperty(const GetPropertyRequest request, sptrGetCallingUserID(userID); + if (ret != SUCCESS) { + AuthResult extraInfo; + callback->onResult(ret, extraInfo); + return; + } sptr dr = new UserAuthServiceCallbackDeathRecipient(callback); if ((!callback->AsObject()->AddDeathRecipient(dr))) { @@ -109,7 +118,7 @@ void UserAuthService::GetProperty(const GetPropertyRequest request, sptrGetCallingUid(); callerName = std::to_string(callerID); - userauthController_.GetPropAuthInfo(callerName, callerID, request, callback); + userauthController_.GetPropAuthInfo(userID, callerName, callerID, request, callback); } void UserAuthService::SetProperty(const SetPropertyRequest request, sptr& callback) @@ -139,6 +148,28 @@ void UserAuthService::SetProperty(const SetPropertyRequest request, sptrGetFirstTokenID(); + if (tokenID == 0) { + tokenID = this->GetCallingTokenID(); + } + Security::AccessToken::ATokenTypeEnum callingType = Security::AccessToken::AccessTokenKit::GetTokenType(tokenID); + if (callingType != Security::AccessToken::TOKEN_HAP) { + USERAUTH_HILOGE(MODULE_SERVICE, "CallingType is not hap."); + return TYPE_NOT_SUPPORT; + } + Security::AccessToken::HapTokenInfo hapTokenInfo; + int result = Security::AccessToken::AccessTokenKit::GetHapTokenInfo(tokenID, hapTokenInfo); + if (result != SUCCESS) { + USERAUTH_HILOGE(MODULE_SERVICE, "Get hap token info failed."); + return TYPE_NOT_SUPPORT; + } + userID = (int32_t)hapTokenInfo.userID; + USERAUTH_HILOGE(MODULE_SERVICE, "GetCallingUserID is %{public}d", userID); + return SUCCESS; +} + uint64_t UserAuthService::Auth(const uint64_t challenge, const AuthType authType, const AuthTurstLevel authTurstLevel, sptr& callback) @@ -162,8 +193,7 @@ uint64_t UserAuthService::Auth(const uint64_t challenge, const AuthType authType if (GetControllerData(callback, extraInfo, authTurstLevel, callerID, callerName, contextID) == FAIL) { return ret; } - - result = userauthController_.GetUserID(userID); + result = this->GetCallingUserID(userID); if (result != SUCCESS) { USERAUTH_HILOGE(MODULE_SERVICE, "UserAuthService Auth GetUserID is ERROR!"); callback->onResult(FAIL, extraInfo); @@ -186,6 +216,7 @@ uint64_t UserAuthService::Auth(const uint64_t challenge, const AuthType authType coAuthInfo.callerID = callerID; coAuthInfo.contextID = contextID; coAuthInfo.pkgName = callerName; + coAuthInfo.userID = userID; result = userauthController_.coAuth(coAuthInfo, callback); if (result != SUCCESS) { USERAUTH_HILOGE(MODULE_SERVICE, "UserAuthService Auth coAuth is ERROR!"); -- Gitee