!683 add bundleName and challenge for authwidget

Merge pull request !683 from liuhanxiong/master

services/context/inc/context_factory.h

@@ -50,6 +50,7 @@ public:
         int32_t userId {0};
         uint32_t tokenId {0};
         int32_t callingUid {0};
+        std::string callingBundleName {""};
         std::vector<uint8_t> challenge {};
         std::vector<AuthType> authTypeList {};
         AuthTrustLevel atl {ATL1};

services/context/inc/widget_client.h

@@ -54,6 +54,10 @@ public:
     void Reset();
     void ForceStopAuth();
 
+    // extra info
+    void SetChallenge(const std::vector<uint8_t> &challenge);
+    void SetCallingBundleName(const std::string &callingBundleName);
+
 private:
     WidgetClient() = default;
     void SendCommand(const WidgetCommand &command);
@@ -69,6 +73,8 @@ private:
     std::string pinSubType_ {""};
     std::string sensorInfo_ {""};
     uint32_t authTokenId_ {0};
+    std::vector<uint8_t> challenge_ {};
+    std::string callingBundleName_ {""};
 };
 } // namespace UserAuth
 } // namespace UserIam

services/context/inc/widget_json.h

@@ -50,6 +50,11 @@ void from_json(const nlohmann::json &jsonNotice, WidgetNotice &notice);
 
 // WidgetCommand
 struct WidgetCommand {
+    struct ExtraInfo {
+        std::string callingBundleName {""};
+        std::vector<uint8_t> challenge {};
+    };
+
     struct Cmd {
         std::string event {""};
         std::string version {""};
@@ -60,6 +65,8 @@ struct WidgetCommand {
         int32_t remainAttempts = -1;
         std::string tip = {""};
         std::string sensorInfo {""};
+
+        ExtraInfo extraInfo;
     };
 
     uint64_t widgetContextId {0};

services/context/src/widget_client.cpp

@@ -112,6 +112,10 @@ void WidgetClient::SendCommand(const WidgetCommand &command)
 void WidgetClient::ReportWidgetResult(int32_t result, AuthType authType,
     int32_t lockoutDuration, int32_t remainAttempts)
 {
+    WidgetCommand::ExtraInfo extraInfo {
+        .callingBundleName = callingBundleName_,
+        .challenge = challenge_
+    };
     // sendCommand of CMD_NOTIFY_AUTH_RESULT
     WidgetCommand::Cmd cmd {
         .event = "CMD_NOTIFY_AUTH_RESULT",
@@ -119,7 +123,8 @@ void WidgetClient::ReportWidgetResult(int32_t result, AuthType authType,
         .type = AuthType2Str(authType),
         .result = result,
         .lockoutDuration = lockoutDuration,
-        .remainAttempts = remainAttempts
+        .remainAttempts = remainAttempts,
+        .extraInfo = extraInfo
     };
     if (authType == AuthType::FINGERPRINT && !sensorInfo_.empty()) {
         cmd.sensorInfo = sensorInfo_;
@@ -262,6 +267,16 @@ bool WidgetClient::IsValidNoticeType(const WidgetNotice &notice)
     }
     return true;
 }
+
+void WidgetClient::SetChallenge(const std::vector<uint8_t> &challenge)
+{
+    challenge_ = challenge;
+}
+
+void WidgetClient::SetCallingBundleName(const std::string &callingBundleName)
+{
+    callingBundleName_ = callingBundleName;
+}
 } // namespace UserAuth
 } // namespace UserIam
 } // namespace OHOS

services/context/src/widget_context.cpp

@@ -184,6 +184,8 @@ bool WidgetContext::OnStart()
     WidgetClient::Instance().SetWidgetParam(para_.widgetParam);
     WidgetClient::Instance().SetAuthTypeList(para_.authTypeList);
     WidgetClient::Instance().SetWidgetSchedule(schedule_);
+    WidgetClient::Instance().SetChallenge(para_.challenge);
+    WidgetClient::Instance().SetCallingBundleName(para_.callingBundleName);
     schedule_->StartSchedule();
 
     IAM_LOGI("WidgetContext start success.");

services/context/src/widget_json.cpp

@@ -54,6 +54,10 @@ const std::string JSON_AUTH_NAVI_BTN_TEXT = "navigationButtonText";
 const std::string JSON_UI_EXTENSION_TYPE = "ability.want.params.uiExtensionType";
 const std::string JSON_USER_IAM_CMD_DATA = "useriamCmdData";
 
+const std::string JSON_CHALLENGE = "challenge";
+const std::string JSON_CALLER_BUNDLE_NAME = "callingBundleName";
+const std::string JSON_CMD_EXTRA_INFO = "extraInfo";
+
 // utils
 AuthType Str2AuthType(const std::string &strAuthType)
 {
@@ -175,6 +179,10 @@ void to_json(nlohmann::json &jsonCommand, const WidgetCommand &command)
         if (cmd.tip != "") {
             jsonPayload[JSON_AUTH_TIP] = cmd.tip;
         }
+        auto jsonCmdExtraInfo = nlohmann::json({{JSON_CHALLENGE, cmd.extraInfo.challenge},
+            {JSON_CALLER_BUNDLE_NAME, cmd.extraInfo.callingBundleName}});
+        jsonPayload[JSON_CMD_EXTRA_INFO] = jsonCmdExtraInfo;
+
         jsonCmd[JSON_AUTH_PAYLOAD] = jsonPayload;
         jsonCmdList.push_back(jsonCmd);
     }

services/ipc/inc/ipc_common.h

@@ -42,6 +42,7 @@ class IpcCommon final : public NoCopyable {
 public:
     using Recipient = std::function<void()>;
     static int32_t GetCallingUserId(IPCObjectStub &stub, int32_t &userId);
+    static bool GetCallingBundleName(IPCObjectStub &stub, std::string &bundleName);
     static int32_t GetActiveUserId(std::optional<int32_t> &userId);
     static int32_t GetAllUserId(std::vector<int32_t> &userIds);
     static bool CheckPermission(IPCObjectStub &stub, Permission permission);

services/ipc/src/ipc_common.cpp

@@ -74,6 +74,26 @@ int32_t IpcCommon::GetCallingUserId(IPCObjectStub &stub, int32_t &userId)
     return SUCCESS;
 }
 
+bool IpcCommon::GetCallingBundleName(IPCObjectStub &stub, std::string &bundleName)
+{
+    uint32_t tokenId = GetAccessTokenId(stub);
+    using namespace Security::AccessToken;
+    ATokenTypeEnum callingType = AccessTokenKit::GetTokenTypeFlag(tokenId);
+    if (callingType != TOKEN_HAP) {
+        IAM_LOGE("failed to get calling type");
+        return false;
+    }
+    HapTokenInfo hapTokenInfo;
+    int result = AccessTokenKit::GetHapTokenInfo(tokenId, hapTokenInfo);
+    if (result != SUCCESS) {
+        IAM_LOGE("failed to get hap token info, result = %{public}d", result);
+        return false;
+    }
+    bundleName = hapTokenInfo.bundleName;
+    IAM_LOGI("get callingInfo, bundleName is %{public}s", bundleName.c_str());
+    return true;
+}
+
 int32_t IpcCommon::GetActiveUserId(std::optional<int32_t> &userId)
 {
     if (userId.has_value() && userId.value() != 0) {

services/ipc/src/user_auth_service.cpp

@@ -561,6 +561,11 @@ uint64_t UserAuthService::StartWidgetContext(int32_t userId, const std::shared_p
     para.userId = userId;
     para.tokenId = IpcCommon::GetAccessTokenId(*this);
     para.callingUid = GetCallingUid();
+    std::string bundleName = "";
+    if (!IpcCommon::GetCallingBundleName(*this, bundleName)) {
+        IAM_LOGE("get calling bundle name failed");
+    }
+    para.callingBundleName = bundleName;
     if (!AuthWidgetHelper::InitWidgetContextParam(userId, authParam, validType, widgetParam, para)) {
         IAM_LOGE("init widgetContext failed");
         contextCallback->OnResult(ResultCode::GENERAL_ERROR, extraInfo);

test/unittest/services/mocks/mock_ipc_common.cpp

@@ -24,6 +24,7 @@
 
 namespace {
     const uint32_t TEST_USER_ID = 548781;
+    const std::string TEST_CALLER_BUNDLE_NAME = "com.ohos.useriam.authwidgettest";
 }
 
 namespace OHOS {
@@ -43,6 +44,12 @@ int32_t IpcCommon::GetCallingUserId(IPCObjectStub &stub, int32_t &userId)
     return SUCCESS;
 }
 
+bool IpcCommon::GetCallingBundleName(IPCObjectStub &stub, std::string &bundleName)
+{
+    bundleName = TEST_CALLER_BUNDLE_NAME;
+    return true;
+}
+
 int32_t IpcCommon::GetActiveUserId(std::optional<int32_t> &userId)
 {
     if (userId.has_value() && userId.value() != 0) {

test/unittest/services/mocks/mock_ipc_common.h

@@ -42,6 +42,7 @@ enum Permission {
 class IpcCommon final : public NoCopyable {
 public:
     static int32_t GetCallingUserId(IPCObjectStub &stub, int32_t &userId);
+    static bool GetCallingBundleName(IPCObjectStub &stub, std::string &bundleName);
     static int32_t GetActiveUserId(std::optional<int32_t> &userId);
     static int32_t GetAllUserId(std::vector<int32_t> &userIds);
     static bool CheckPermission(IPCObjectStub &stub, Permission permission);