openharmony/useriam_user_auth_framework
1
0
Fork 0
mirror of https://gitee.com/openharmony/useriam_user_auth_framework synced 2024-11-26 17:31:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

!1138 代码差异同步

Browse Source 
Merge pull request !1138 from 李永飞/OpenHarmony-5.0.1-Release
This commit is contained in:
openharmony_ci 2024-11-21 08:22:47 +00:00 committed by Gitee
commit 2f3693f6ae
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
33 changed files with 447 additions and 170 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
common/utils/iam_defines.h
View File

@ -23,6 +23,7 @@ namespace UserIam {
namespace UserAuth {
const int32_t INVALID_AUTH_TYPE = -1;
const int32_t INNER_API_VERSION_10000 = 10000;
const int32_t INNER_API_VERSION_20000 = 20000;
enum OperationType : uint32_t {
TRACE_ADD_CREDENTIAL = 0,

2
frameworks/js/napi/user_auth/inc/user_auth_instance_v10.h
View File

@ -51,7 +51,7 @@ private:
std::shared_ptr<JsRefHolder> GetCallback(napi_env env, napi_value value);
static napi_value DoGetEnrolledStateResult(napi_env env, EnrolledState enrolledState);
AuthParamInner authParam_ = {};
WidgetAuthParam authParam_ = {};
WidgetParam widgetParam_ = {};
uint64_t contextId_ = 0;

2
frameworks/js/napi/user_auth/src/auth_instance_v9.cpp
View File

@ -68,7 +68,7 @@ UserAuthResultCode AuthInstanceV9::GetAvailableStatus(napi_env env, napi_callbac
}
AuthType authType = AuthType(type);
AuthTrustLevel authTrustLevel = AuthTrustLevel(level);
int32_t status = UserAuthClientImpl::Instance().GetAvailableStatus(API_VERSION_9, authType, authTrustLevel);
int32_t status = UserAuthClientImpl::Instance().GetNorthAvailableStatus(API_VERSION_9, authType, authTrustLevel);
IAM_LOGI("result = %{public}d", status);
if (status == PIN_EXPIRED) {
return UserAuthResultCode::PIN_EXPIRED;

2
frameworks/js/napi/user_auth/src/user_auth_impl.cpp
View File

@ -70,7 +70,7 @@ napi_value UserAuthImpl::GetAvailableStatus(napi_env env, napi_callback_info inf
NAPI_CALL(env, napi_create_int32(env, checkRet, &result));
return result;
}
int32_t status = UserAuthClientImpl::Instance().GetAvailableStatus(API_VERSION_8, authType, authTrustLevel);
int32_t status = UserAuthClientImpl::Instance().GetNorthAvailableStatus(API_VERSION_8, authType, authTrustLevel);
IAM_LOGI("result = %{public}d", status);
NAPI_CALL(env, napi_create_int32(env, UserAuthNapiHelper::GetResultCodeV8(status), &result));
return result;

12
frameworks/native/client/inc/user_auth_client_impl.h
View File

@ -32,7 +32,8 @@ class UserAuthClientImpl final : public UserAuthClient, NoCopyable {
public:
static UserAuthClientImpl& Instance();
int32_t GetAvailableStatus(AuthType authType, AuthTrustLevel authTrustLevel);
int32_t GetAvailableStatus(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel);
int32_t GetNorthAvailableStatus(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel);
int32_t GetAvailableStatus(int32_t userId, AuthType authType, AuthTrustLevel authTrustLevel) override;
void GetProperty(int32_t userId, const GetPropertyRequest &request,
const std::shared_ptr<GetPropCallback> &callback) override;
void SetProperty(int32_t userId, const SetPropertyRequest &request,
@ -46,8 +47,10 @@ public:
const std::shared_ptr<IdentificationCallback> &callback) override;
int32_t CancelIdentification(uint64_t contextId) override;
int32_t GetVersion(int32_t &version);
uint64_t BeginWidgetAuth(int32_t apiVersion, const AuthParamInner &authParam,
const WidgetParam &widgetParam, const std::shared_ptr<AuthenticationCallback> &callback);
uint64_t BeginWidgetAuth(const WidgetAuthParam &authParam, const WidgetParam &widgetParam,
const std::shared_ptr<AuthenticationCallback> &callback) override;
uint64_t BeginWidgetAuth(int32_t apiVersion, const WidgetAuthParam &authParam, const WidgetParam &widgetParam,
const std::shared_ptr<AuthenticationCallback> &callback);
int32_t SetWidgetCallback(int32_t version, const std::shared_ptr<IUserAuthWidgetCallback> &callback);
int32_t Notice(NoticeType noticeType, const std::string &eventData);
int32_t GetEnrolledState(int32_t apiVersion, AuthType authType, EnrolledState &enrolledState);
@ -62,6 +65,8 @@ public:
private:
ResultCode SetPropertyInner(int32_t userId, const SetPropertyRequest &request,
const std::shared_ptr<SetPropCallback> &callback);
uint64_t BeginWidgetAuthInner(int32_t apiVersion, const AuthParamInner &authParam,
const WidgetParam &widgetParam, const std::shared_ptr<AuthenticationCallback> &callback);
friend class UserAuthClient;
UserAuthClientImpl() = default;
@ -77,7 +82,6 @@ private:
sptr<UserAuthInterface> proxy_ {nullptr};
sptr<IRemoteObject::DeathRecipient> deathRecipient_ {nullptr};
constexpr static int32_t MINIMUM_VERSION {0};
constexpr static uint64_t INVALID_SESSION_ID {0};
std::mutex mutex_;
};
} // namespace UserAuth

82
frameworks/native/client/src/user_auth_client_impl.cpp
View File

@ -20,6 +20,7 @@
#include "auth_common.h"
#include "callback_manager.h"
#include "iam_check.h"
#include "iam_defines.h"
#include "iam_logger.h"
#include "iam_para2str.h"
#include "iam_ptr.h"
@ -81,10 +82,16 @@ void NorthAuthenticationCallback::OnResult(int32_t result, const Attributes &ext
int32_t UserAuthClientImpl::GetAvailableStatus(AuthType authType, AuthTrustLevel authTrustLevel)
{
IAM_LOGI("start, authType:%{public}d authTrustLevel:%{public}u", authType, authTrustLevel);
return GetAvailableStatus(INT32_MAX, authType, authTrustLevel);
auto proxy = GetProxy();
if (!proxy) {
IAM_LOGE("proxy is nullptr");
return GENERAL_ERROR;
}
return proxy->GetAvailableStatus(INNER_API_VERSION_10000, authType, authTrustLevel);
}
int32_t UserAuthClientImpl::GetAvailableStatus(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel)
int32_t UserAuthClientImpl::GetNorthAvailableStatus(int32_t apiVersion, AuthType authType,
AuthTrustLevel authTrustLevel)
{
IAM_LOGI("start, apiVersion:%{public}d authType:%{public}d authTrustLevel:%{public}u",
apiVersion, authType, authTrustLevel);
@ -96,6 +103,18 @@ int32_t UserAuthClientImpl::GetAvailableStatus(int32_t apiVersion, AuthType auth
return proxy->GetAvailableStatus(apiVersion, authType, authTrustLevel);
}
int32_t UserAuthClientImpl::GetAvailableStatus(int32_t userId, AuthType authType, AuthTrustLevel authTrustLevel)
{
IAM_LOGI("start, userId:%{public}d authType:%{public}d authTrustLevel:%{public}u",
userId, authType, authTrustLevel);
auto proxy = GetProxy();
if (!proxy) {
IAM_LOGE("proxy is nullptr");
return GENERAL_ERROR;
}
return proxy->GetAvailableStatus(INNER_API_VERSION_10000, userId, authType, authTrustLevel);
}
void UserAuthClientImpl::GetProperty(int32_t userId, const GetPropertyRequest &request,
const std::shared_ptr<GetPropCallback> &callback)
{
@ -190,7 +209,7 @@ uint64_t UserAuthClientImpl::BeginAuthentication(const AuthParam &authParam,
if (!callback) {
IAM_LOGE("auth callback is nullptr");
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
auto proxy = GetProxy();
@ -198,7 +217,7 @@ uint64_t UserAuthClientImpl::BeginAuthentication(const AuthParam &authParam,
IAM_LOGE("proxy is nullptr");
Attributes extraInfo;
callback->OnResult(GENERAL_ERROR, extraInfo);
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
sptr<UserAuthCallbackInterface> wrapper(new (std::nothrow) UserAuthCallbackService(callback));
@ -206,7 +225,7 @@ uint64_t UserAuthClientImpl::BeginAuthentication(const AuthParam &authParam,
IAM_LOGE("failed to create wrapper");
Attributes extraInfo;
callback->OnResult(GENERAL_ERROR, extraInfo);
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
AuthParamInner authParamInner = {
.userId = authParam.userId,
@ -225,7 +244,7 @@ uint64_t UserAuthClientImpl::BeginNorthAuthentication(int32_t apiVersion, const
IAM_LOGI("start, apiVersion:%{public}d authType:%{public}d atl:%{public}u", apiVersion, authType, atl);
if (!callback) {
IAM_LOGE("auth callback is nullptr");
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
auto northCallback = Common::MakeShared<NorthAuthenticationCallback>(callback);
@ -233,7 +252,7 @@ uint64_t UserAuthClientImpl::BeginNorthAuthentication(int32_t apiVersion, const
IAM_LOGE("auth callback is nullptr");
Attributes extraInfo;
callback->OnResult(GENERAL_ERROR, extraInfo);
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
auto proxy = GetProxy();
@ -241,7 +260,7 @@ uint64_t UserAuthClientImpl::BeginNorthAuthentication(int32_t apiVersion, const
IAM_LOGE("proxy is nullptr");
Attributes extraInfo;
callback->OnResult(GENERAL_ERROR, extraInfo);
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
sptr<UserAuthCallbackInterface> wrapper(new (std::nothrow) UserAuthCallbackService(northCallback));
@ -249,7 +268,7 @@ uint64_t UserAuthClientImpl::BeginNorthAuthentication(int32_t apiVersion, const
IAM_LOGE("failed to create wrapper");
Attributes extraInfo;
callback->OnResult(GENERAL_ERROR, extraInfo);
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
return proxy->Auth(apiVersion, challenge, authType, atl, wrapper);
}
@ -272,7 +291,7 @@ uint64_t UserAuthClientImpl::BeginIdentification(const std::vector<uint8_t> &cha
IAM_LOGI("start, authType:%{public}d", authType);
if (!callback) {
IAM_LOGE("identify callback is nullptr");
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
auto proxy = GetProxy();
@ -280,7 +299,7 @@ uint64_t UserAuthClientImpl::BeginIdentification(const std::vector<uint8_t> &cha
IAM_LOGE("proxy is nullptr");
Attributes extraInfo;
callback->OnResult(GENERAL_ERROR, extraInfo);
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
sptr<UserAuthCallbackInterface> wrapper(new (std::nothrow) UserAuthCallbackService(callback));
@ -288,7 +307,7 @@ uint64_t UserAuthClientImpl::BeginIdentification(const std::vector<uint8_t> &cha
IAM_LOGE("failed to create wrapper");
Attributes extraInfo;
callback->OnResult(GENERAL_ERROR, extraInfo);
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
return proxy->Identify(challenge, authType, wrapper);
}
@ -391,22 +410,51 @@ UserAuthClient &UserAuthClient::GetInstance()
return UserAuthClientImpl::Instance();
}
uint64_t UserAuthClientImpl::BeginWidgetAuth(int32_t apiVersion, const AuthParamInner &authParam,
uint64_t UserAuthClientImpl::BeginWidgetAuth(const WidgetAuthParam &authParam, const WidgetParam &widgetParam,
const std::shared_ptr<AuthenticationCallback> &callback)
{
IAM_LOGI("start, authTypeSize:%{public}zu authTrustLevel:%{public}u", authParam.authTypes.size(),
authParam.authTrustLevel);
AuthParamInner authParamInner = {
.userId = authParam.userId,
.isUserIdSpecified = true,
.challenge = authParam.challenge,
.authTypes = authParam.authTypes,
.authTrustLevel = authParam.authTrustLevel,
.reuseUnlockResult = authParam.reuseUnlockResult,
};
return BeginWidgetAuthInner(INNER_API_VERSION_20000, authParamInner, widgetParam, callback);
}
uint64_t UserAuthClientImpl::BeginWidgetAuth(int32_t apiVersion, const WidgetAuthParam &authParam,
const WidgetParam &widgetParam, const std::shared_ptr<AuthenticationCallback> &callback)
{
IAM_LOGI("start, apiVersion:%{public}d authTypeSize:%{public}zu authTrustLevel:%{public}u",
apiVersion, authParam.authTypes.size(), authParam.authTrustLevel);
// parameter verification
AuthParamInner authParamInner = {
.isUserIdSpecified = false,
.challenge = authParam.challenge,
.authTypes = authParam.authTypes,
.authTrustLevel = authParam.authTrustLevel,
.reuseUnlockResult = authParam.reuseUnlockResult,
};
return BeginWidgetAuthInner(apiVersion, authParamInner, widgetParam, callback);
}
uint64_t UserAuthClientImpl::BeginWidgetAuthInner(int32_t apiVersion, const AuthParamInner &authParam,
const WidgetParam &widgetParam, const std::shared_ptr<AuthenticationCallback> &callback)
{
if (!callback) {
IAM_LOGE("auth callback is nullptr");
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
auto proxy = GetProxy();
if (!proxy) {
IAM_LOGE("proxy is nullptr");
Attributes extraInfo;
callback->OnResult(static_cast<int32_t>(ResultCode::GENERAL_ERROR), extraInfo);
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
sptr<UserAuthCallbackInterface> wrapper(new (std::nothrow) UserAuthCallbackService(callback));
@ -414,7 +462,7 @@ uint64_t UserAuthClientImpl::BeginWidgetAuth(int32_t apiVersion, const AuthParam
IAM_LOGE("failed to create wrapper");
Attributes extraInfo;
callback->OnResult(static_cast<int32_t>(ResultCode::GENERAL_ERROR), extraInfo);
return INVALID_SESSION_ID;
return BAD_CONTEXT_ID;
}
return proxy->AuthWidget(apiVersion, authParam, widgetParam, wrapper);
}

1
frameworks/native/client/user_auth_client_map
View File

@ -19,6 +19,7 @@
OHOS::UserIam::UserAuth::UserAuthClientImpl::BeginNorthAuthentication*;
OHOS::UserIam::UserAuth::UserAuthClientImpl::BeginWidgetAuth*;
OHOS::UserIam::UserAuth::UserAuthClientImpl::GetVersion*;
OHOS::UserIam::UserAuth::UserAuthClientImpl::GetNorthAvailableStatus*;
OHOS::UserIam::UserAuth::UserAuthClientImpl::GetAvailableStatus*;
OHOS::UserIam::UserAuth::UserAuthClientImpl::SetWidgetCallback*;
OHOS::UserIam::UserAuth::UserAuthClientImpl::Notice*;

51
frameworks/native/ipc/common_defines/user_auth_common_defines.h
View File

@ -41,7 +41,7 @@ const std::string NOTICE_VERSION_STR = "1";
const std::string CMD_NOTIFY_AUTH_START = "CMD_NOTIFY_AUTH_START";
const std::string CMD_NOTIFY_AUTH_RESULT = "CMD_NOTIFY_AUTH_RESULT";
const std::string CMD_NOTIFY_AUTH_TIP = "CMD_NOTIFY_AUTH_TIP";
const uint64_t MAX_ALLOWABLE_REUSE_DURATION = 5 * 60 * 1000;
const uint64_t BAD_CONTEXT_ID = 0;
/**
* @brief Notice type for user authentication.
@ -51,48 +51,14 @@ enum NoticeType : int32_t {
WIDGET_NOTICE = 1,
};
/**
* @brief Window mode type for user authentication widget.
*/
enum WindowModeType : int32_t {
/** Window mode type is dialog box. */
DIALOG_BOX = 1,
/** Window mode type is full screen. */
FULLSCREEN = 2,
/** Window mode type is not set */
UNKNOWN_WINDOW_MODE = 3,
};
/**
* @brief The mode for reusing unlock authentication result.
*/
enum ReuseMode : uint32_t {
/** Authentication type relevant.The unlock authentication result can be reused only when the result is within
* valid duration as well as it comes from one of specified UserAuthTypes of the AuthParam. */
AUTH_TYPE_RELEVANT = 1,
/** Authentication type irrelevant.The unlock authentication result can be reused as long as the result is within
* valid duration. */
AUTH_TYPE_IRRELEVANT = 2,
};
/**
* @brief Reuse unlock authentication result.
*/
struct ReuseUnlockResult {
/** Whether to reuse unlock result, ReuseUnlockResult is valid only when isReuse is true.*/
bool isReuse {false};
/** The mode for reusing unlock authentication result. */
ReuseMode reuseMode {AUTH_TYPE_IRRELEVANT};
/** The allowable reuse duration.The value of duration should be between 0 and MAX_ALLOWABLE_REUSE_DURATION. */
uint64_t reuseDuration {0};
};
/**
* @brief Auth parameter.
*/
struct AuthParamInner {
/** user id */
int32_t userId;
/** is userId specified */
bool isUserIdSpecified;
/** challenge value */
std::vector<uint8_t> challenge;
/** Credential type for authentication. */
@ -117,17 +83,6 @@ struct EnrolledState {
uint16_t credentialCount {0};
};
/**
* @brief Auth widget parameter.
*/
struct WidgetParam {
/** Title of widget. */
std::string title;
/** The description text of navigation button. */
std::string navigationButtonText;
/** Full screen or not. */
WindowModeType windowMode;
};
} // namespace UserAuth
} // namespace UserIam
} // namespace OHOS

3
frameworks/native/ipc/common_defines/user_auth_interface.h
View File

@ -33,6 +33,9 @@ namespace UserIam {
namespace UserAuth {
class UserAuthInterface : public IRemoteBroker {
public:
virtual int32_t GetAvailableStatus(int32_t apiVersion, int32_t userId, AuthType authType,
AuthTrustLevel authTrustLevel) = 0;
virtual int32_t GetAvailableStatus(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel) = 0;
virtual void GetProperty(int32_t userId, AuthType authType,

7
frameworks/native/ipc/inc/user_auth_proxy.h
View File

@ -28,6 +28,8 @@ class UserAuthProxy : public IRemoteProxy<UserAuthInterface>, public NoCopyable
public:
explicit UserAuthProxy(const sptr<IRemoteObject> &object);
~UserAuthProxy() override = default;
int32_t GetAvailableStatus(int32_t apiVersion, int32_t userId, AuthType authType,
AuthTrustLevel authTrustLevel) override;
int32_t GetAvailableStatus(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel) override;
void GetProperty(int32_t userId, AuthType authType,
const std::vector<Attributes::AttributeKey> &keys,
@ -61,7 +63,10 @@ private:
bool WriteOptionalString(MessageParcel &data, const std::optional<std::string> &str);
bool WriteOptionalUint32(MessageParcel &data, const std::optional<uint32_t> &val);
bool SendRequest(uint32_t code, MessageParcel &data, MessageParcel &reply);
bool WriteWidgetParam(MessageParcel &data, const AuthParamInner &authParam, const WidgetParam &widgetParam);
bool WriteWidgetAuthParam(MessageParcel &data, const AuthParamInner &authParam);
bool WriteWidgetParam(MessageParcel &data, const WidgetParam &widgetParam);
int32_t GetAvailableStatusInner(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel,
MessageParcel &data);
};
} // namespace UserAuth
} // namespace UserIam

3
frameworks/native/ipc/inc/user_auth_stub.h
View File

@ -41,7 +41,8 @@ private:
int32_t CancelAuthOrIdentifyStub(MessageParcel &data, MessageParcel &reply);
int32_t GetVersionStub(MessageParcel &data, MessageParcel &reply);
int32_t NoticeStub(MessageParcel &data, MessageParcel &reply);
bool ReadWidgetParam(MessageParcel &data, AuthParamInner &authParam, WidgetParam &widgetParam);
bool ReadWidgetAuthParam(MessageParcel &data, AuthParamInner &authParam);
bool ReadWidgetParam(MessageParcel &data, WidgetParam &widgetParam);
int32_t RegisterWidgetCallbackStub(MessageParcel &data, MessageParcel &reply);
int32_t GetEnrolledStateStub(MessageParcel &data, MessageParcel &reply);
int32_t RegistUserAuthSuccessEventListenerStub(MessageParcel &data, MessageParcel &reply);

2
frameworks/native/ipc/src/co_auth_proxy.cpp
View File

@ -19,6 +19,7 @@
#include "iam_common_defines.h"
#include "iam_logger.h"
#include "user_auth_common_defines.h"
#define LOG_TAG "AUTH_EXECUTOR_MGR_SDK"
@ -73,7 +74,6 @@ int32_t CoAuthProxy::WriteExecutorInfo(const ExecutorRegisterInfo &info, Message
uint64_t CoAuthProxy::ExecutorRegister(const ExecutorRegisterInfo &info, sptr<ExecutorCallbackInterface> &callback)
{
IAM_LOGI("start");
const uint64_t BAD_CONTEXT_ID = 0;
if (callback == nullptr) {
IAM_LOGE("callback is nullptr");
return BAD_CONTEXT_ID;

59
frameworks/native/ipc/src/user_auth_proxy.cpp
View File

@ -26,7 +26,6 @@ namespace OHOS {
namespace UserIam {
namespace UserAuth {
namespace {
const uint64_t BAD_CONTEXT_ID = 0;
const uint32_t MAX_ATTR_COUNT = 512;
} // namespace
@ -34,15 +33,44 @@ UserAuthProxy::UserAuthProxy(const sptr<IRemoteObject> &object) : IRemoteProxy<U
{
}
int32_t UserAuthProxy::GetAvailableStatus(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel)
int32_t UserAuthProxy::GetAvailableStatus(int32_t apiVersion, int32_t userId, AuthType authType,
AuthTrustLevel authTrustLevel)
{
MessageParcel data;
MessageParcel reply;
if (!data.WriteInterfaceToken(UserAuthProxy::GetDescriptor())) {
IAM_LOGE("failed to write descriptor");
return WRITE_PARCEL_ERROR;
}
bool isSpecificUserId = true;
if (!data.WriteBool(isSpecificUserId)) {
IAM_LOGE("failed to write isSpecificUserId");
return WRITE_PARCEL_ERROR;
}
if (!data.WriteInt32(userId)) {
IAM_LOGE("failed to write userId");
return WRITE_PARCEL_ERROR;
}
return GetAvailableStatusInner(apiVersion, authType, authTrustLevel, data);
}
int32_t UserAuthProxy::GetAvailableStatus(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel)
{
MessageParcel data;
if (!data.WriteInterfaceToken(UserAuthProxy::GetDescriptor())) {
IAM_LOGE("failed to write descriptor");
return WRITE_PARCEL_ERROR;
}
bool isSpecificUserId = false;
if (!data.WriteBool(isSpecificUserId)) {
IAM_LOGE("failed to write isSpecificUserId");
return WRITE_PARCEL_ERROR;
}
return GetAvailableStatusInner(apiVersion, authType, authTrustLevel, data);
}
int32_t UserAuthProxy::GetAvailableStatusInner(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel,
MessageParcel &data)
{
if (!data.WriteInt32(authType)) {
IAM_LOGE("failed to write authType");
return WRITE_PARCEL_ERROR;
@ -56,6 +84,7 @@ int32_t UserAuthProxy::GetAvailableStatus(int32_t apiVersion, AuthType authType,
return WRITE_PARCEL_ERROR;
}
MessageParcel reply;
bool ret = SendRequest(UserAuthInterfaceCode::USER_AUTH_GET_AVAILABLE_STATUS, data, reply);
if (!ret) {
IAM_LOGE("failed to send get available status IPC request");
@ -318,7 +347,12 @@ uint64_t UserAuthProxy::AuthWidget(int32_t apiVersion, const AuthParamInner &aut
return BAD_CONTEXT_ID;
}
if (!WriteWidgetParam(data, authParam, widgetParam)) {
if (!WriteWidgetAuthParam(data, authParam)) {
IAM_LOGE("failed to write widget auth param");
return BAD_CONTEXT_ID;
}
if (!WriteWidgetParam(data, widgetParam)) {
IAM_LOGE("failed to write widget param");
return BAD_CONTEXT_ID;
}
@ -345,9 +379,16 @@ uint64_t UserAuthProxy::AuthWidget(int32_t apiVersion, const AuthParamInner &aut
return result;
}
bool UserAuthProxy::WriteWidgetParam(MessageParcel &data, const AuthParamInner &authParam,
const WidgetParam &widgetParam)
bool UserAuthProxy::WriteWidgetAuthParam(MessageParcel &data, const AuthParamInner &authParam)
{
if (!data.WriteInt32(authParam.userId)) {
IAM_LOGE("failed to write userId");
return false;
}
if (!data.WriteBool(authParam.isUserIdSpecified)) {
IAM_LOGE("failed to write isUserIdSpecified");
return false;
}
if (!data.WriteUInt8Vector(authParam.challenge)) {
IAM_LOGE("failed to write challenge");
return false;
@ -378,7 +419,11 @@ bool UserAuthProxy::WriteWidgetParam(MessageParcel &data, const AuthParamInner &
return false;
}
}
return true;
}
bool UserAuthProxy::WriteWidgetParam(MessageParcel &data, const WidgetParam &widgetParam)
{
if (!data.WriteString(widgetParam.title)) {
IAM_LOGE("failed to write title");
return false;

55
frameworks/native/ipc/src/user_auth_stub.cpp
View File

@ -93,7 +93,16 @@ int32_t UserAuthStub::GetAvailableStatusStub(MessageParcel &data, MessageParcel
int32_t authType;
uint32_t authTrustLevel;
int32_t apiVersion;
int32_t userId;
bool isSpecificUserId = false;
if (!data.ReadBool(isSpecificUserId)) {
IAM_LOGE("failed to read isSpecificUserId");
return READ_PARCEL_ERROR;
}
if (isSpecificUserId && !data.ReadInt32(userId)) {
IAM_LOGE("failed to read userId");
return READ_PARCEL_ERROR;
}
if (!data.ReadInt32(authType)) {
IAM_LOGE("failed to read authType");
return READ_PARCEL_ERROR;
@ -103,12 +112,19 @@ int32_t UserAuthStub::GetAvailableStatusStub(MessageParcel &data, MessageParcel
return READ_PARCEL_ERROR;
}
if (!data.ReadInt32(apiVersion)) {
IAM_LOGE("failed to read authType");
IAM_LOGE("failed to read apiVersion");
return READ_PARCEL_ERROR;
}
int32_t result = GetAvailableStatus(apiVersion,
static_cast<AuthType>(authType), static_cast<AuthTrustLevel>(authTrustLevel));
int32_t result = GENERAL_ERROR;
if (isSpecificUserId) {
result = GetAvailableStatus(apiVersion, userId, static_cast<AuthType>(authType),
static_cast<AuthTrustLevel>(authTrustLevel));
} else {
result = GetAvailableStatus(apiVersion, static_cast<AuthType>(authType),
static_cast<AuthTrustLevel>(authTrustLevel));
}
if (!reply.WriteInt32(result)) {
IAM_LOGE("failed to write GetAvailableStatus result");
return WRITE_PARCEL_ERROR;
@ -248,7 +264,12 @@ int32_t UserAuthStub::AuthWidgetStub(MessageParcel &data, MessageParcel &reply)
AuthParamInner authParam;
WidgetParam widgetParam;
if (!ReadWidgetParam(data, authParam, widgetParam)) {
if (!ReadWidgetAuthParam(data, authParam)) {
IAM_LOGE("failed to read widget auth param");
return ResultCode::READ_PARCEL_ERROR;
}
if (!ReadWidgetParam(data, widgetParam)) {
IAM_LOGE("failed to read widget param");
return ResultCode::READ_PARCEL_ERROR;
}
@ -278,8 +299,16 @@ int32_t UserAuthStub::AuthWidgetStub(MessageParcel &data, MessageParcel &reply)
return ResultCode::SUCCESS;
}
bool UserAuthStub::ReadWidgetParam(MessageParcel &data, AuthParamInner &authParam, WidgetParam &widgetParam)
bool UserAuthStub::ReadWidgetAuthParam(MessageParcel &data, AuthParamInner &authParam)
{
if (!data.ReadInt32(authParam.userId)) {
IAM_LOGE("failed to read userId");
return false;
}
if (!data.ReadBool(authParam.isUserIdSpecified)) {
IAM_LOGE("failed to read isUserIdSpecified");
return false;
}
if (!data.ReadUInt8Vector(&authParam.challenge)) {
IAM_LOGE("failed to read challenge");
return false;
@ -317,9 +346,19 @@ bool UserAuthStub::ReadWidgetParam(MessageParcel &data, AuthParamInner &authPara
}
}
authParam.reuseUnlockResult.reuseMode = static_cast<ReuseMode>(reuseMode);
return true;
}
widgetParam.title = data.ReadString();
widgetParam.navigationButtonText = data.ReadString();
bool UserAuthStub::ReadWidgetParam(MessageParcel &data, WidgetParam &widgetParam)
{
if (!data.ReadString(widgetParam.title)) {
IAM_LOGE("failed to read title");
return READ_PARCEL_ERROR;
}
if (!data.ReadString(widgetParam.navigationButtonText)) {
IAM_LOGE("failed to read navigationButtonText");
return READ_PARCEL_ERROR;
}
int32_t winMode;
if (!data.ReadInt32(winMode)) {
IAM_LOGE("failed to read window mode");

24
interfaces/inner_api/user_auth_client.h
View File

@ -130,6 +130,7 @@ public:
* @return Return set result(0:success; other:failed).
*/
virtual int32_t SetGlobalConfigParam(const GlobalConfigParam &param) = 0;
/**
* @brief Prepare remote authentication.
* @param networkId Network id of remote device.
@ -139,6 +140,29 @@ public:
*/
virtual int32_t PrepareRemoteAuth(const std::string &networkId,
const std::shared_ptr<PrepareRemoteAuthCallback> &callback) = 0;
/**
* @brief Begin widget authentication.
*
* @param authParam, authentication paramater for widgetAuth.
* @param widgetParam, widget paramater for widgetAuth.
* @param callback Callback of user authentication result.
*
* @return Return context ID of authentication.
*/
virtual uint64_t BeginWidgetAuth(const WidgetAuthParam &authParam, const WidgetParam &widgetParam,
const std::shared_ptr<AuthenticationCallback> &callback) = 0;
/**
* @brief Get available status.
*
* @param userId System userId, generated by account subsystem.
* @param authType Auth type supported by executor.
* @param authTrustLevel, auth trust level.
*
* @return Return get result(0:success; other:failed).
*/
virtual int32_t GetAvailableStatus(int32_t userId, AuthType authType, AuthTrustLevel authTrustLevel) = 0;
};
} // namespace UserAuth
} // namespace UserIam

66
interfaces/inner_api/user_auth_client_defines.h
View File

@ -32,6 +32,8 @@
namespace OHOS {
namespace UserIam {
namespace UserAuth {
const uint64_t MAX_ALLOWABLE_REUSE_DURATION = 5 * 60 * 1000;
/**
* @brief Remote auth parameter.
*/
@ -62,6 +64,70 @@ struct AuthParam {
std::optional<RemoteAuthParam> remoteAuthParam;
};
/**
* @brief Window mode type for user authentication widget.
*/
enum WindowModeType : int32_t {
/** Window mode type is dialog box. */
DIALOG_BOX = 1,
/** Window mode type is full screen. */
FULLSCREEN = 2,
/** Window mode type is not set */
UNKNOWN_WINDOW_MODE = 3,
};
/**
* @brief The mode for reusing unlock authentication result.
*/
enum ReuseMode : uint32_t {
/** Authentication type relevant.The unlock authentication result can be reused only when the result is within
* valid duration as well as it comes from one of specified UserAuthTypes of the AuthParam. */
AUTH_TYPE_RELEVANT = 1,
/** Authentication type irrelevant.The unlock authentication result can be reused as long as the result is within
* valid duration. */
AUTH_TYPE_IRRELEVANT = 2,
};
/**
* @brief Reuse unlock authentication result.
*/
struct ReuseUnlockResult {
/** Whether to reuse unlock result, ReuseUnlockResult is valid only when isReuse is true.*/
bool isReuse {false};
/** The mode for reusing unlock authentication result. */
ReuseMode reuseMode {AUTH_TYPE_IRRELEVANT};
/** The allowable reuse duration.The value of duration should be between 0 and MAX_ALLOWABLE_REUSE_DURATION. */
uint64_t reuseDuration {0};
};
/**
* @brief Auth widget parameter.
*/
struct WidgetParam {
/** Title of widget. */
std::string title;
/** The description text of navigation button. */
std::string navigationButtonText;
/** Full screen or not. */
WindowModeType windowMode;
};
/**
* @brief Auth widget parameter.
*/
struct WidgetAuthParam {
/** user id */
int32_t userId;
/** challenge value */
std::vector<uint8_t> challenge;
/** Credential type for authentication. */
std::vector<AuthType> authTypes;
/** Trust level of authentication result. */
AuthTrustLevel authTrustLevel;
/** Reuse unlock authentication result. */
ReuseUnlockResult reuseUnlockResult;
};
/**
* @brief Executor property needed to get.
*/

1
services/context/BUILD.gn
View File

@ -76,6 +76,7 @@ ohos_source_set("userauth_service_context") {
"ability_runtime:abilitykit_native",
"ability_runtime:app_manager",
"ability_runtime:extension_manager",
"access_token:libaccesstoken_sdk",
"c_utils:utils",
"drivers_interface_user_auth:libuser_auth_proxy_2.0",
"hilog:libhilog",

1
services/context/inc/context.h
View File

@ -29,7 +29,6 @@ namespace OHOS {
namespace UserIam {
namespace UserAuth {
constexpr uint64_t REUSE_AUTH_RESULT_CONTEXT_ID = 1;
constexpr uint64_t BAD_CONTEXT_ID = 0;
enum ContextState {
STATE_INIT,

3
services/context/inc/context_factory.h
View File

@ -43,10 +43,9 @@ public:
};
struct AuthWidgetContextPara {
int32_t userId {0};
int32_t userId {INVALID_USER_ID};
int32_t sdkVersion {0};
uint32_t tokenId {0};
std::string callingBundleName {""};
std::string callerName {""};
std::vector<uint8_t> challenge {};
std::vector<AuthType> authTypeList {};

1
services/context/inc/widget_context.h
View File

@ -105,6 +105,7 @@ private:
std::string BuildStartCommand(const WidgetRotatePara &widgetRotatePara);
void ProcessRotatePara(WidgetCmdParameters &widgetCmdParameters, const WidgetRotatePara &widgetRotatePara);
bool isValidRotate(const WidgetRotatePara &widgetRotatePara);
std::string GetCallingBundleName();
private:
struct TaskInfo {

16
services/context/src/widget_context.cpp
View File

@ -16,6 +16,7 @@
#include <algorithm>
#include "accesstoken_kit.h"
#include "auth_widget_helper.h"
#include "context_helper.h"
#include "context_pool.h"
@ -176,6 +177,7 @@ std::shared_ptr<Context> WidgetContext::BuildTask(const std::vector<uint8_t> &ch
para.challenge = challenge;
para.endAfterFirstFail = endAfterFirstFail;
para.callerName = para_.callerName;
para.callerType = para_.callerType;
para.sdkVersion = para_.sdkVersion;
para.authIntent = authIntent;
para.isOsAccountVerified = para_.isOsAccountVerified;
@ -205,7 +207,7 @@ bool WidgetContext::OnStart()
WidgetClient::Instance().SetAuthTypeList(para_.authTypeList);
WidgetClient::Instance().SetWidgetSchedule(schedule_);
WidgetClient::Instance().SetChallenge(para_.challenge);
WidgetClient::Instance().SetCallingBundleName(para_.callingBundleName);
WidgetClient::Instance().SetCallingBundleName(GetCallingBundleName());
schedule_->StartSchedule();
IAM_LOGI("WidgetContext start success.");
@ -228,6 +230,7 @@ bool WidgetContext::OnStop()
void WidgetContext::AuthResult(int32_t resultCode, int32_t authType, const Attributes &finalResult)
{
IAM_LOGI("recv task result: %{public}d, authType: %{public}d", resultCode, authType);
std::lock_guard<std::recursive_mutex> lock(mutex_);
int32_t remainTimes = -1;
int32_t freezingTime = -1;
if (!finalResult.GetInt32Value(Attributes::ATTR_REMAIN_TIMES, remainTimes)) {
@ -258,6 +261,7 @@ void WidgetContext::AuthResult(int32_t resultCode, int32_t authType, const Attri
void WidgetContext::AuthTipInfo(int32_t tipType, int32_t authType, const Attributes &extraInfo)
{
IAM_LOGI("recv tip: %{public}d, authType: %{public}d", tipType, authType);
std::lock_guard<std::recursive_mutex> lock(mutex_);
std::vector<uint8_t> tipInfo;
bool getTipInfoRet = extraInfo.GetUint8ArrayValue(Attributes::ATTR_EXTRA_INFO, tipInfo);
IF_FALSE_LOGE_AND_RETURN(getTipInfoRet);
@ -488,7 +492,6 @@ bool WidgetContext::DisconnectExtension()
void WidgetContext::End(const ResultCode &resultCode)
{
IAM_LOGI("in End, resultCode: %{public}d", static_cast<int32_t>(resultCode));
WidgetClient::Instance().Reset();
StopAllRunTask(resultCode);
IF_FALSE_LOGE_AND_RETURN(callerCallback_ != nullptr);
Attributes attr;
@ -522,6 +525,7 @@ void WidgetContext::End(const ResultCode &resultCode)
void WidgetContext::StopAllRunTask(const ResultCode &resultCode)
{
std::lock_guard<std::recursive_mutex> lock(mutex_);
WidgetClient::Instance().Reset();
for (auto &taskInfo : runTaskInfoList_) {
IAM_LOGI("stop task");
if (taskInfo.task == nullptr) {
@ -609,6 +613,14 @@ void WidgetContext::ProcessRotatePara(WidgetCmdParameters &widgetCmdParameters,
}
}
}
std::string WidgetContext::GetCallingBundleName()
{
if (para_.callerType == Security::AccessToken::TOKEN_HAP) {
return para_.callerName;
}
return "";
}
} // namespace UserAuth
} // namespace UserIam
} // namespace OHOS

8
services/ipc/inc/user_auth_service.h
View File

@ -39,6 +39,8 @@ public:
UserAuthService();
~UserAuthService() override = default;
int32_t GetAvailableStatus(int32_t apiVersion, int32_t userId, AuthType authType,
AuthTrustLevel authTrustLevel) override;
int32_t GetAvailableStatus(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel) override;
void GetProperty(int32_t userId, AuthType authType,
const std::vector<Attributes::AttributeKey> &keys,
@ -98,8 +100,8 @@ private:
bool CheckAuthTypeIsValid(std::vector<AuthType> authType);
int32_t CheckValidSolution(int32_t userId, const AuthParamInner &authParam, const WidgetParam &widgetParam,
std::vector<AuthType> &validType);
int32_t GetCallerInfo(ContextFactory::AuthWidgetContextPara &para,
std::shared_ptr<ContextCallback> &contextCallback, bool &isBackgroundApplication);
int32_t GetCallerInfo(bool isUserIdSpecified, int32_t userId, ContextFactory::AuthWidgetContextPara &para,
bool &isBackgroundApplication, std::shared_ptr<ContextCallback> &contextCallback);
void FillGetPropertyKeys(AuthType authType, const std::vector<Attributes::AttributeKey> &keys,
std::vector<uint32_t> &uint32Keys);
void FillGetPropertyValue(AuthType authType, const std::vector<Attributes::AttributeKey> &keys, Attributes &values);
@ -107,6 +109,8 @@ private:
int32_t PrepareRemoteAuthInner(const std::string &networkId);
bool GetAndUpateOsAccountVerifiedState(int32_t userId);
std::shared_ptr<ResourceNode> GetResourseNode(AuthType authType);
int32_t GetAvailableStatusInner(int32_t apiVersion, int32_t userId, AuthType authType,
AuthTrustLevel authTrustLevel);
static std::mutex mutex_;
static std::shared_ptr<UserAuthService> instance_;

80
services/ipc/src/user_auth_service.cpp
View File

@ -191,9 +191,22 @@ bool UserAuthService::CheckAuthTrustLevel(AuthTrustLevel authTrustLevel)
return true;
}
int32_t UserAuthService::GetAvailableStatus(int32_t apiVersion, int32_t userId, AuthType authType,
AuthTrustLevel authTrustLevel)
{
IAM_LOGI("start with userId");
if (!IpcCommon::CheckPermission(*this, ACCESS_USER_AUTH_INTERNAL_PERMISSION)) {
IAM_LOGE("failed to check permission");
return CHECK_PERMISSION_FAILED;
}
return GetAvailableStatusInner(apiVersion, userId, authType, authTrustLevel);
}
int32_t UserAuthService::GetAvailableStatus(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel)
{
IAM_LOGI("start");
IAM_LOGI("start without userId");
if (!IpcCommon::CheckPermission(*this, ACCESS_USER_AUTH_INTERNAL_PERMISSION) &&
!IpcCommon::CheckPermission(*this, ACCESS_BIOMETRIC_PERMISSION)) {
IAM_LOGE("failed to check permission");
@ -204,15 +217,21 @@ int32_t UserAuthService::GetAvailableStatus(int32_t apiVersion, AuthType authTyp
IAM_LOGE("authType not support");
return TYPE_NOT_SUPPORT;
}
int32_t userId = INVALID_USER_ID;
if (IpcCommon::GetCallingUserId(*this, userId) != SUCCESS) {
IAM_LOGE("failed to get userId");
return GENERAL_ERROR;
}
return GetAvailableStatusInner(apiVersion, userId, authType, authTrustLevel);
}
int32_t UserAuthService::GetAvailableStatusInner(int32_t apiVersion, int32_t userId, AuthType authType,
AuthTrustLevel authTrustLevel)
{
if (!CheckAuthTrustLevel(authTrustLevel)) {
IAM_LOGE("authTrustLevel is not in correct range");
return TRUST_LEVEL_NOT_SUPPORT;
}
int32_t userId;
if (IpcCommon::GetCallingUserId(*this, userId) != SUCCESS) {
IAM_LOGE("failed to get callingUserId");
return GENERAL_ERROR;
}
auto hdi = HdiWrapper::GetHdiInstance();
if (hdi == nullptr) {
IAM_LOGE("hdi interface is nullptr");
@ -431,7 +450,7 @@ uint64_t UserAuthService::Auth(int32_t apiVersion, const std::vector<uint8_t> &c
contextCallback->OnResult(checkRet, extraInfo);
return BAD_CONTEXT_ID;
}
int32_t userId;
int32_t userId = INVALID_USER_ID;
if (IpcCommon::GetCallingUserId(*this, userId) != SUCCESS) {
IAM_LOGE("get callingUserId failed");
contextCallback->OnResult(GENERAL_ERROR, extraInfo);
@ -814,7 +833,11 @@ int32_t UserAuthService::CheckAuthPermissionAndParam(const AuthParamInner &authP
IAM_LOGE("normal app can't set window mode.");
return INVALID_PARAMETERS;
}
if (!IpcCommon::CheckPermission(*this, ACCESS_BIOMETRIC_PERMISSION)) {
if (!authParam.isUserIdSpecified && !IpcCommon::CheckPermission(*this, ACCESS_BIOMETRIC_PERMISSION)) {
IAM_LOGE("CheckPermission failed");
return CHECK_PERMISSION_FAILED;
}
if (authParam.isUserIdSpecified && !IpcCommon::CheckPermission(*this, ACCESS_USER_AUTH_INTERNAL_PERMISSION)) {
IAM_LOGE("CheckPermission failed");
return CHECK_PERMISSION_FAILED;
}
@ -893,35 +916,31 @@ int32_t UserAuthService::CheckValidSolution(int32_t userId, const AuthParamInner
return SUCCESS;
}
int32_t UserAuthService::GetCallerInfo(ContextFactory::AuthWidgetContextPara &para,
std::shared_ptr<ContextCallback> &contextCallback, bool &isBackgroundApplication)
int32_t UserAuthService::GetCallerInfo(bool isUserIdSpecified, int32_t userId,
ContextFactory::AuthWidgetContextPara &para, bool &isBackgroundApplication,
std::shared_ptr<ContextCallback> &contextCallback)
{
std::string callerName = "";
int32_t callerType = 0;
static_cast<void>(IpcCommon::GetCallerName(*this, callerName, callerType));
contextCallback->SetTraceCallerName(callerName);
contextCallback->SetTraceCallerType(callerType);
para.callerName = callerName;
para.callerType = callerType;
if (para.callerType == Security::AccessToken::TOKEN_HAP) {
para.callingBundleName = callerName;
}
static_cast<void>(IpcCommon::GetCallerName(*this, para.callerName, para.callerType));
contextCallback->SetTraceCallerName(para.callerName);
contextCallback->SetTraceCallerType(para.callerType);
static_cast<void>(IpcCommon::GetCallingAppID(*this, para.callingAppID));
if (para.sdkVersion < INNER_API_VERSION_10000 && para.callerType == Security::AccessToken::TOKEN_HAP &&
(!IpcCommon::CheckForegroundApplication(para.callerName))) {
isBackgroundApplication = true;
}
contextCallback->SetTraceIsBackgroundApplication(isBackgroundApplication);
int32_t userId;
Attributes extraInfo;
if (IpcCommon::GetCallingUserId(*this, userId) != SUCCESS) {
if (isUserIdSpecified) {
para.userId = userId;
contextCallback->SetTraceUserId(para.userId);
return SUCCESS;
}
if (IpcCommon::GetCallingUserId(*this, para.userId) != SUCCESS) {
IAM_LOGE("get callingUserId failed");
return GENERAL_ERROR;
}
contextCallback->SetTraceUserId(userId);
para.userId = userId;
std::string callingAppID = "";
static_cast<void>(IpcCommon::GetCallingAppID(*this, callingAppID));
para.callingAppID = callingAppID;
contextCallback->SetTraceUserId(para.userId);
return SUCCESS;
}
@ -938,7 +957,8 @@ uint64_t UserAuthService::AuthWidget(int32_t apiVersion, const AuthParamInner &a
para.sdkVersion = apiVersion;
Attributes extraInfo;
bool isBackgroundApplication = false;
int32_t checkRet = GetCallerInfo(para, contextCallback, isBackgroundApplication);
int32_t checkRet = GetCallerInfo(authParam.isUserIdSpecified, authParam.userId, para, isBackgroundApplication,
contextCallback);
if (checkRet != SUCCESS) {
contextCallback->OnResult(checkRet, extraInfo);
return BAD_CONTEXT_ID;
@ -1084,7 +1104,7 @@ int32_t UserAuthService::GetEnrolledState(int32_t apiVersion, AuthType authType,
return TYPE_NOT_SUPPORT;
}
int32_t userId;
int32_t userId = INVALID_USER_ID;
if (IpcCommon::GetCallingUserId(*this, userId) != SUCCESS) {
IAM_LOGE("failed to get callingUserId");
return GENERAL_ERROR;

7
test/fuzztest/clients/userauthclient_fuzzer/user_auth_client_fuzzer.cpp
View File

@ -118,6 +118,10 @@ void FuzzClientGetAvailableStatus(Parcel &parcel)
IAM_LOGI("start");
auto authType = static_cast<AuthType>(parcel.ReadInt32());
auto atl = static_cast<AuthTrustLevel>(parcel.ReadUint32());
auto userId = static_cast<AuthTrustLevel>(parcel.ReadInt32());
auto apiVersion = static_cast<AuthTrustLevel>(parcel.ReadInt32());
UserAuthClientImpl::Instance().GetAvailableStatus(userId, authType, atl);
UserAuthClientImpl::Instance().GetNorthAvailableStatus(apiVersion, authType, atl);
UserAuthClientImpl::Instance().GetAvailableStatus(authType, atl);
IAM_LOGI("end");
}
@ -255,7 +259,7 @@ void FuzzBeginWidgetAuth(Parcel &parcel)
{
IAM_LOGI("start");
int32_t apiVersion = parcel.ReadInt32();
AuthParamInner authParam;
WidgetAuthParam authParam;
WidgetParam widgetParam;
Common::FillFuzzUint8Vector(parcel, authParam.challenge);
std::vector<int32_t> atList;
@ -269,6 +273,7 @@ void FuzzBeginWidgetAuth(Parcel &parcel)
widgetParam.windowMode = static_cast<WindowModeType>(parcel.ReadInt32());
auto callback = Common::MakeShared<DummyAuthenticationCallback>();
UserAuthClientImpl::Instance().BeginWidgetAuth(apiVersion, authParam, widgetParam, callback);
UserAuthClientImpl::Instance().BeginWidgetAuth(authParam, widgetParam, callback);
IAM_LOGI("end");
}

1
test/fuzztest/common_fuzzer/BUILD.gn
View File

@ -280,6 +280,7 @@ ohos_source_set("userauth_service_context_fuzzer") {
"ability_runtime:abilitykit_native",
"ability_runtime:app_manager",
"ability_runtime:extension_manager",
"access_token:libaccesstoken_sdk",
"c_utils:utils",
"common_event_service:cesfwk_innerkits",
"drivers_interface_user_auth:libuser_auth_proxy_2.0",

2
test/fuzztest/dummy/mock_ipc_common.cpp
View File

@ -36,7 +36,7 @@ bool IpcCommon::skipFlag_ = false;
int32_t IpcCommon::GetCallingUserId(IPCObjectStub &stub, int32_t &userId)
{
if (userId != 0 || skipFlag_) {
if (userId != INVALID_USER_ID || skipFlag_) {
return FAIL;
}
userId = TEST_USER_ID;

6
test/fuzztest/services/userauthservice_fuzzer/user_auth_service_fuzzer.cpp
View File

@ -156,7 +156,8 @@ void FuzzGetAvailableStatusOtherScene(Parcel &parcel)
int32_t pin = 1;
AuthType authType = static_cast<AuthType>(pin);
AuthTrustLevel authTrustLevel = static_cast<AuthTrustLevel>(parcel.ReadInt32());
g_userAuthService.GetAvailableStatus(apiVersion, authType, authTrustLevel);
int32_t userId = parcel.ReadInt32();
g_userAuthService.GetAvailableStatus(apiVersion, userId, authType, authTrustLevel);
IAM_LOGI("end");
}
@ -166,7 +167,8 @@ void FuzzGetAvailableStatus(Parcel &parcel)
int32_t apiVersion = parcel.ReadInt32();
AuthType authType = static_cast<AuthType>(parcel.ReadInt32());
AuthTrustLevel authTrustLevel = static_cast<AuthTrustLevel>(parcel.ReadInt32());
g_userAuthService.GetAvailableStatus(apiVersion, authType, authTrustLevel);
int32_t userId = parcel.ReadInt32();
g_userAuthService.GetAvailableStatus(apiVersion, userId, authType, authTrustLevel);
FuzzGetAvailableStatusOtherScene(parcel);
IAM_LOGI("end");
}

22
test/unittest/inner_api/src/user_auth_client_test.cpp
View File

@ -101,20 +101,17 @@ HWTEST_F(UserAuthClientTest, UserAuthClientGetAvailableStatus001, TestSize.Level
HWTEST_F(UserAuthClientTest, UserAuthClientGetAvailableStatus002, TestSize.Level0)
{
int32_t testApiVersion = 9;
int32_t testApiVersion = 10000;
AuthType testAuthType = FACE;
AuthTrustLevel testAtl = ATL1;
auto service = Common::MakeShared<MockUserAuthService>();
EXPECT_NE(service, nullptr);
EXPECT_CALL(*service, GetAvailableStatus(_, _, _)).Times(1);
EXPECT_CALL(*service, GetAvailableStatus(_, _, _, _)).Times(1);
ON_CALL(*service, GetAvailableStatus)
.WillByDefault(
[&testApiVersion, &testAuthType, &testAtl](int32_t apiVersion, AuthType authType,
[&testApiVersion, &testAuthType, &testAtl](int32_t apiVersion, int32_t userId, AuthType authType,
AuthTrustLevel authTrustLevel) {
EXPECT_EQ(apiVersion, testApiVersion);
EXPECT_EQ(authType, testAuthType);
EXPECT_EQ(authTrustLevel, testAtl);
return SUCCESS;
}
);
@ -546,19 +543,21 @@ HWTEST_F(UserAuthClientTest, UserAuthClientGetVersion003, TestSize.Level0)
HWTEST_F(UserAuthClientTest, UserAuthClientBeginWidgetAuth001, TestSize.Level0)
{
static const int32_t apiVersion = 0;
AuthParamInner authParam;
WidgetAuthParam authParam;
WidgetParam widgetParam;
std::shared_ptr<MockAuthenticationCallback> testCallback = nullptr;
testCallback = Common::MakeShared<MockAuthenticationCallback>();
uint64_t widgetAuth = UserAuthClientImpl::Instance().BeginWidgetAuth(apiVersion, authParam,
widgetParam, testCallback);
EXPECT_EQ(widgetAuth, 0);
widgetAuth = UserAuthClientImpl::Instance().BeginWidgetAuth(authParam, widgetParam, testCallback);
EXPECT_EQ(widgetAuth, 0);
}
HWTEST_F(UserAuthClientTest, UserAuthClientBeginWidgetAuth002, TestSize.Level0)
{
static const int32_t apiVersion = 0;
AuthParamInner authParam;
WidgetAuthParam authParam;
WidgetParam widgetParam;
std::shared_ptr<MockAuthenticationCallback> testCallback = nullptr;
uint64_t widgetAuth = UserAuthClientImpl::Instance().BeginWidgetAuth(apiVersion, authParam,
@ -571,7 +570,7 @@ HWTEST_F(UserAuthClientTest, UserAuthClientBeginWidgetAuth003, TestSize.Level0)
int32_t testVersion = 0;
AuthParamInner testParam = {};
testParam.challenge = {0};
testParam.authType = {ALL};
testParam.authTypes = {ALL};
WidgetParam testWidgetParam = {};
testWidgetParam.title = "title";
auto testCallback = Common::MakeShared<MockAuthenticationCallback>();
@ -587,7 +586,7 @@ HWTEST_F(UserAuthClientTest, UserAuthClientBeginWidgetAuth003, TestSize.Level0)
const AuthParamInner &authParam, const WidgetParam &widgetParam,
sptr<UserAuthCallbackInterface> &callback) {
EXPECT_EQ(apiVersion, testVersion);
EXPECT_EQ(authParam.authType, testParam.authType);
EXPECT_EQ(authParam.authTypes, testParam.authTypes);
EXPECT_EQ(widgetParam.title, testWidgetParam.title);
if (callback != nullptr) {
Attributes extraInfo;
@ -600,7 +599,8 @@ HWTEST_F(UserAuthClientTest, UserAuthClientBeginWidgetAuth003, TestSize.Level0)
sptr<MockRemoteObject> obj = new MockRemoteObject();
sptr<IRemoteObject::DeathRecipient> dr(nullptr);
CallRemoteObject(service, obj, dr);
uint64_t widgetAuth = UserAuthClientImpl::Instance().BeginWidgetAuth(testVersion, testParam,
WidgetAuthParam testAuthParam = {};
uint64_t widgetAuth = UserAuthClientImpl::Instance().BeginWidgetAuth(testVersion, testAuthParam,
testWidgetParam, testCallback);
EXPECT_EQ(widgetAuth, testContextVersion);
dr->OnRemoteDied(obj);

13
test/unittest/inner_api/src/user_auth_proxy_test.cpp
View File

@ -87,27 +87,26 @@ HWTEST_F(UserAuthProxyTest, UserAuthProxyGetAvailableStatus, TestSize.Level0)
static const int32_t testApiVersion = 0;
static const AuthType testAuthType = FACE;
static const AuthTrustLevel testAuthTrustLevel = ATL3;
static const int32_t testUserId = 100;
sptr<MockRemoteObject> obj(new (std::nothrow) MockRemoteObject());
EXPECT_NE(obj, nullptr);
auto proxy = Common::MakeShared<UserAuthProxy>(obj);
EXPECT_NE(proxy, nullptr);
auto service = Common::MakeShared<MockUserAuthService>();
EXPECT_NE(service, nullptr);
EXPECT_CALL(*service, GetAvailableStatus(_, _, _))
EXPECT_CALL(*service, GetAvailableStatus(_, _, _, _))
.Times(Exactly(1))
.WillOnce([](int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel) {
EXPECT_EQ(testApiVersion, apiVersion);
EXPECT_EQ(testAuthType, authType);
EXPECT_EQ(testAuthTrustLevel, authTrustLevel);
.WillOnce([](int32_t apiVersion, int32_t userId, AuthType authType, AuthTrustLevel authTrustLevel) {
return SUCCESS;
});
EXPECT_CALL(*obj, SendRequest(_, _, _, _)).Times(1);
EXPECT_CALL(*obj, SendRequest(_, _, _, _)).Times(2);
ON_CALL(*obj, SendRequest)
.WillByDefault([&service](uint32_t code, MessageParcel &data, MessageParcel &reply, MessageOption &option) {
service->OnRemoteRequest(code, data, reply, option);
return SUCCESS;
});
proxy->GetAvailableStatus(testApiVersion, testAuthType, testAuthTrustLevel);
EXPECT_EQ(proxy->GetAvailableStatus(testApiVersion, testUserId, testAuthType, testAuthTrustLevel), SUCCESS);
EXPECT_EQ(proxy->GetAvailableStatus(testApiVersion, testAuthType, testAuthTrustLevel), SUCCESS);
}
HWTEST_F(UserAuthProxyTest, UserAuthProxyGetProperty, TestSize.Level0)

2
test/unittest/services/mocks/mock_ipc_common.cpp
View File

@ -36,7 +36,7 @@ bool IpcCommon::skipFlag_ = false;
int32_t IpcCommon::GetCallingUserId(IPCObjectStub &stub, int32_t &userId)
{
if (userId != 0 || skipFlag_) {
if (userId != INVALID_USER_ID || skipFlag_) {
return FAIL;
}
userId = TEST_USER_ID;

8
test/unittest/services/mocks/mock_user_auth_service.h
View File

@ -26,7 +26,13 @@ class MockUserAuthService final : public UserAuthStub {
public:
MOCK_METHOD3(GetEnrolledState, int32_t(int32_t apiVersion, AuthType authType, EnrolledState &enrolledState));
MOCK_METHOD3(GetAvailableStatus, int32_t(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel));
MOCK_METHOD4(GetAvailableStatus, int32_t(int32_t apiVersion, int32_t userId, AuthType authType,
AuthTrustLevel authTrustLevel));
int32_t GetAvailableStatus(int32_t apiVersion, AuthType authType, AuthTrustLevel authTrustLevel)
{
return 0;
}
MOCK_METHOD4(GetProperty,
void(int32_t userId, AuthType authType, const std::vector<Attributes::AttributeKey> &keys,

57
test/unittest/services/src/user_auth_service_test.cpp
View File

@ -131,9 +131,10 @@ HWTEST_F(UserAuthServiceTest, UserAuthServiceGetEnrolledState004, TestSize.Level
HWTEST_F(UserAuthServiceTest, UserAuthServiceGetAvailableStatus001, TestSize.Level0)
{
UserAuthService service;
int32_t testApiVersion = 8;
int32_t testApiVersion = 10000;
AuthType testAuthType = FACE;
AuthTrustLevel testAuthTrustLevel = ATL3;
int32_t testUserId = 100;
auto mockHdi = MockIUserAuthInterface::Holder::GetInstance().Get();
EXPECT_NE(mockHdi, nullptr);
EXPECT_CALL(*mockHdi, GetAvailableStatus(_, _, _, _))
@ -145,19 +146,21 @@ HWTEST_F(UserAuthServiceTest, UserAuthServiceGetAvailableStatus001, TestSize.Lev
}
);
IpcCommon::AddPermission(ACCESS_USER_AUTH_INTERNAL_PERMISSION);
EXPECT_EQ(SUCCESS, service.GetAvailableStatus(testApiVersion, testAuthType, testAuthTrustLevel));
EXPECT_EQ(SUCCESS, service.GetAvailableStatus(testApiVersion, testUserId, testAuthType, testAuthTrustLevel));
IpcCommon::DeleteAllPermission();
}
HWTEST_F(UserAuthServiceTest, UserAuthServiceGetAvailableStatus002, TestSize.Level0)
{
UserAuthService service;
int32_t testApiVersion = 8;
int32_t testApiVersion = 10000;
AuthType testAuthType = FACE;
int32_t testUserId = 100;
AuthTrustLevel testAuthTrustLevel = static_cast<AuthTrustLevel>(90000);
IpcCommon::AddPermission(ACCESS_USER_AUTH_INTERNAL_PERMISSION);
EXPECT_EQ(TRUST_LEVEL_NOT_SUPPORT, service.GetAvailableStatus(testApiVersion, testAuthType, testAuthTrustLevel));
EXPECT_EQ(TRUST_LEVEL_NOT_SUPPORT, service.GetAvailableStatus(testApiVersion, testUserId, testAuthType,
testAuthTrustLevel));
testAuthTrustLevel = ATL2;
auto mockHdi = MockIUserAuthInterface::Holder::GetInstance().Get();
@ -170,16 +173,18 @@ HWTEST_F(UserAuthServiceTest, UserAuthServiceGetAvailableStatus002, TestSize.Lev
return SUCCESS;
}
);
EXPECT_EQ(TRUST_LEVEL_NOT_SUPPORT, service.GetAvailableStatus(testApiVersion, testAuthType, testAuthTrustLevel));
EXPECT_EQ(TRUST_LEVEL_NOT_SUPPORT, service.GetAvailableStatus(testApiVersion, testUserId, testAuthType,
testAuthTrustLevel));
IpcCommon::DeleteAllPermission();
}
HWTEST_F(UserAuthServiceTest, UserAuthServiceGetAvailableStatus003, TestSize.Level0)
{
UserAuthService service;
int32_t testApiVersion = 8;
int32_t testApiVersion = 10000;
AuthType testAuthType = FACE;
AuthTrustLevel testAuthTrustLevel = ATL2;
int32_t testUserId = 100;
auto mockHdi = MockIUserAuthInterface::Holder::GetInstance().Get();
EXPECT_NE(mockHdi, nullptr);
@ -187,16 +192,49 @@ HWTEST_F(UserAuthServiceTest, UserAuthServiceGetAvailableStatus003, TestSize.Lev
return HDF_FAILURE;
});
IpcCommon::AddPermission(ACCESS_USER_AUTH_INTERNAL_PERMISSION);
EXPECT_EQ(GENERAL_ERROR, service.GetAvailableStatus(testApiVersion, testUserId, testAuthType, testAuthTrustLevel));
EXPECT_EQ(GENERAL_ERROR, service.GetAvailableStatus(testApiVersion, testAuthType, testAuthTrustLevel));
testApiVersion = 9;
EXPECT_EQ(GENERAL_ERROR, service.GetAvailableStatus(testApiVersion, testAuthType, testAuthTrustLevel));
EXPECT_EQ(GENERAL_ERROR, service.GetAvailableStatus(testApiVersion, testUserId, testAuthType, testAuthTrustLevel));
IpcCommon::DeleteAllPermission();
}
HWTEST_F(UserAuthServiceTest, UserAuthServiceGetAvailableStatus004, TestSize.Level0)
{
int32_t testApiVersion = 8;
int32_t testApiVersion = 10000;
AuthType testAuthType = PIN;
AuthTrustLevel testAuthTrustLevel = ATL2;
int32_t testUserId = 100;
auto service = Common::MakeShared<UserAuthService>();
EXPECT_NE(service, nullptr);
int32_t ret = service->GetAvailableStatus(testApiVersion, testUserId, testAuthType, testAuthTrustLevel);
EXPECT_EQ(ret, CHECK_PERMISSION_FAILED);
ret = service->GetAvailableStatus(testApiVersion, testAuthType, testAuthTrustLevel);
EXPECT_EQ(ret, CHECK_PERMISSION_FAILED);
testAuthType = FACE;
ret = service->GetAvailableStatus(testUserId, testApiVersion, testAuthType, testAuthTrustLevel);
EXPECT_EQ(ret, CHECK_PERMISSION_FAILED);
IpcCommon::AddPermission(ACCESS_BIOMETRIC_PERMISSION);
testAuthTrustLevel = static_cast<AuthTrustLevel>(0);
ret = service->GetAvailableStatus(testApiVersion, testUserId, testAuthType, testAuthTrustLevel);
EXPECT_EQ(ret, CHECK_PERMISSION_FAILED);
IpcCommon::AddPermission(ACCESS_USER_AUTH_INTERNAL_PERMISSION);
testAuthTrustLevel = static_cast<AuthTrustLevel>(0);
ret = service->GetAvailableStatus(testApiVersion, testUserId, testAuthType, testAuthTrustLevel);
EXPECT_EQ(ret, TRUST_LEVEL_NOT_SUPPORT);
IpcCommon::DeleteAllPermission();
}
HWTEST_F(UserAuthServiceTest, UserAuthServiceGetAvailableStatus005, TestSize.Level0)
{
int32_t testApiVersion = 10000;
AuthType testAuthType = PIN;
AuthTrustLevel testAuthTrustLevel = ATL2;
@ -205,6 +243,9 @@ HWTEST_F(UserAuthServiceTest, UserAuthServiceGetAvailableStatus004, TestSize.Lev
int32_t ret = service->GetAvailableStatus(testApiVersion, testAuthType, testAuthTrustLevel);
EXPECT_EQ(ret, CHECK_PERMISSION_FAILED);
ret = service->GetAvailableStatus(testApiVersion, testAuthType, testAuthTrustLevel);
EXPECT_EQ(ret, CHECK_PERMISSION_FAILED);
testAuthType = FACE;
ret = service->GetAvailableStatus(testApiVersion, testAuthType, testAuthTrustLevel);
EXPECT_EQ(ret, CHECK_PERMISSION_FAILED);

17
test/unittest/services/src/user_auth_stub_test.cpp
View File

@ -115,17 +115,10 @@ HWTEST_F(UserAuthStubTest, UserAuthStubGetAvailableStatusStub002, TestSize.Level
AuthType testAuthType = FACE;
AuthTrustLevel testAuthTrustLevel = ATL3;
int32_t testApiVersion = 8;
EXPECT_CALL(service, GetAvailableStatus(_, _, _)).Times(1);
ON_CALL(service, GetAvailableStatus)
.WillByDefault(
[&testAuthType, &testAuthTrustLevel, &testApiVersion](int32_t apiVersion, AuthType authType,
AuthTrustLevel authTrustLevel) {
EXPECT_EQ(apiVersion, testApiVersion);
EXPECT_EQ(authType, testAuthType);
EXPECT_EQ(authTrustLevel, testAuthTrustLevel);
return SUCCESS;
}
);
int32_t testUserId = 100;
EXPECT_CALL(service, GetAvailableStatus(_, _, _, _)).WillRepeatedly([]() {
return SUCCESS;
});
MessageParcel data;
MessageParcel reply;
@ -133,6 +126,8 @@ HWTEST_F(UserAuthStubTest, UserAuthStubGetAvailableStatusStub002, TestSize.Level
uint32_t code = static_cast<uint32_t>(UserAuthInterfaceCode::USER_AUTH_GET_AVAILABLE_STATUS);
EXPECT_TRUE(data.WriteInterfaceToken(UserAuthInterface::GetDescriptor()));
EXPECT_TRUE(data.WriteBool(true));
EXPECT_TRUE(data.WriteInt32(testUserId));
EXPECT_TRUE(data.WriteInt32(testAuthType));
EXPECT_TRUE(data.WriteUint32(testAuthTrustLevel));
EXPECT_TRUE(data.WriteInt32(testApiVersion));