openharmony/useriam_user_auth_framework
1
0
Fork 0
mirror of https://gitee.com/openharmony/useriam_user_auth_framework synced 2024-11-23 07:39:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix code

Browse Source 
Signed-off-by: liuziwei <liuziwei12@huawei.com>
This commit is contained in:
liuziwei 2024-07-05 17:56:52 +08:00
parent c335bf06c2
commit 7cada3caa2
11 changed files with 7 additions and 248 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
param/useriam.para
View File

@ -12,4 +12,3 @@
# limitations under the License. # limitations under the License.
bootevent.useriam.fwkready=false bootevent.useriam.fwkready=false
persist.useriam.enable.fingerprintauth=true

1
param/useriam.para.dac
View File

@ -12,4 +12,3 @@
# limitations under the License. # limitations under the License.
bootevent.useriam.fwkready=useriam:useriam:0755 bootevent.useriam.fwkready=useriam:useriam:0755
persist.useriam.enable.fingerprintauth=useriam:useriam:0775

1
services/core/BUILD.gn
View File

@ -68,7 +68,6 @@ ohos_source_set("userauth_service_core") {
"src/schedule_node_impl.cpp", "src/schedule_node_impl.cpp",
"src/schedule_resource_node_listener.cpp", "src/schedule_resource_node_listener.cpp",
"src/secure_user_info_impl.cpp", "src/secure_user_info_impl.cpp",
"src/system_param_manager.cpp",
"src/template_cache_manager.cpp", "src/template_cache_manager.cpp",
"src/update_pin_param_impl.cpp", "src/update_pin_param_impl.cpp",
"src/user_idm_database_impl.cpp", "src/user_idm_database_impl.cpp",

42
services/core/inc/system_param_manager.h
View File

@ -1,42 +0,0 @@
/*
* Copyright (c) 2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef SYSTEM_PARAM_MANAGER
#define SYSTEM_PARAM_MANAGER
#include <mutex>
namespace OHOS {
namespace UserIam {
namespace UserAuth {
class SystemParamManager {
public:
static SystemParamManager &GetInstance();
void Start();
void UpdateFingerAuthEnable(bool isFingerAuthEnable);
bool IsAuthTypeEnable(int32_t authType);
private:
SystemParamManager();
~SystemParamManager() = default;
std::recursive_mutex recursiveMutex_;
bool isFingerAuthEnable_ = false;
};
} // namespace UserAuth
} // namespace UserIam
} // namespace OHOS
#endif // SYSTEM_PARAM_MANAGER

5
services/core/src/auth_widget_helper.cpp
View File

@ -21,7 +21,6 @@
#include "iam_check.h" #include "iam_check.h"
#include "iam_logger.h" #include "iam_logger.h"
#include "resource_node_pool.h" #include "resource_node_pool.h"
#include "system_param_manager.h"
#include "user_idm_database.h" #include "user_idm_database.h"
#include "widget_client.h" #include "widget_client.h"
@ -137,10 +136,6 @@ int32_t AuthWidgetHelper::CheckValidSolution(int32_t userId,
std::vector<int32_t> validTypes; std::vector<int32_t> validTypes;
uint32_t inputAtl = atl; uint32_t inputAtl = atl;
for (auto &type : authTypeList) { for (auto &type : authTypeList) {
if (!SystemParamManager::GetInstance().IsAuthTypeEnable(type)) {
IAM_LOGE("authType:%{public}d not enable", type);
continue;
}
inputAuthType.emplace_back(static_cast<int32_t>(type)); inputAuthType.emplace_back(static_cast<int32_t>(type));
} }
int32_t result = hdi->GetValidSolution(userId, inputAuthType, inputAtl, validTypes); int32_t result = hdi->GetValidSolution(userId, inputAuthType, inputAtl, validTypes);

159
services/core/src/system_param_manager.cpp
View File

@ -1,159 +0,0 @@
/*
* Copyright (c) 2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "system_param_manager.h"
#include "iservice_registry.h"
#include "parameter.h"
#include "system_ability_definition.h"
#include "system_ability_status_change_stub.h"
#include "iam_check.h"
#include "iam_common_defines.h"
#include "iam_logger.h"
#define LOG_TAG "USER_AUTH_SA"
namespace OHOS {
namespace UserIam {
namespace UserAuth {
namespace {
const char SYSTEM_VALUE_TRUE[] = "true";
const char IAM_ENABLE_FINGERPRINT_PARAM[] = "persist.useriam.enable.fingerprintauth";
bool IsEnableValue(const char *value)
{
return (strcmp(value, SYSTEM_VALUE_TRUE) == 0);
}
void ParameterChange(const char *key, const char *value, void *context)
{
if ((key == nullptr) || (value == nullptr)) {
IAM_LOGE("return invalid param");
return;
}
IAM_LOGI("receive param %{public}s:%{public}s", key, value);
if (strcmp(key, IAM_ENABLE_FINGERPRINT_PARAM) != 0) {
IAM_LOGE("event key mismatch");
return;
}
SystemParamManager::GetInstance().UpdateFingerAuthEnable(IsEnableValue(value));
}
}
class SystemParamServiceStatusListener : public OHOS::SystemAbilityStatusChangeStub, public NoCopyable {
public:
static void Subscribe();
void OnAddSystemAbility(int32_t systemAbilityId, const std::string &deviceId) override;
void OnRemoveSystemAbility(int32_t systemAbilityId, const std::string &deviceId) override;
private:
static sptr<SystemParamServiceStatusListener> GetInstance();
SystemParamServiceStatusListener() {};
~SystemParamServiceStatusListener() override {};
};
void SystemParamServiceStatusListener::OnAddSystemAbility(int32_t systemAbilityId, const std::string &deviceId)
{
if (systemAbilityId != PARAM_WATCHER_DISTRIBUTED_SERVICE_ID) {
return;
}
IAM_LOGI("param watcher service add process begin");
int32_t ret = WatchParameter(IAM_ENABLE_FINGERPRINT_PARAM, ParameterChange, nullptr);
if (ret != 0) {
IAM_LOGE("WatchParameter fail %{public}d", ret);
}
IAM_LOGI("param watcher service add process finish");
}
void SystemParamServiceStatusListener::OnRemoveSystemAbility(int32_t systemAbilityId, const std::string &deviceId)
{
if (systemAbilityId != PARAM_WATCHER_DISTRIBUTED_SERVICE_ID) {
return;
}
IAM_LOGE("param watcher service remove process begin");
int32_t ret = RemoveParameterWatcher(IAM_ENABLE_FINGERPRINT_PARAM, ParameterChange, nullptr);
if (ret != 0) {
IAM_LOGE("RemoveParameterWatcher fail %{public}d", ret);
}
IAM_LOGI("param watcher service remove process finish");
}
sptr<SystemParamServiceStatusListener> SystemParamServiceStatusListener::GetInstance()
{
static sptr<SystemParamServiceStatusListener> listener(new (std::nothrow) SystemParamServiceStatusListener());
if (listener == nullptr) {
IAM_LOGE("SystemParamServiceStatusListener is null");
}
return listener;
}
void SystemParamServiceStatusListener::Subscribe()
{
auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
if (sam == nullptr) {
IAM_LOGE("failed to get SA manager");
return;
}
auto instance = GetInstance();
IF_FALSE_LOGE_AND_RETURN(instance != NULL);
int32_t ret = sam->SubscribeSystemAbility(PARAM_WATCHER_DISTRIBUTED_SERVICE_ID, instance);
if (ret != ERR_OK) {
IAM_LOGE("failed to subscribe param watcher service status");
return;
}
IAM_LOGI("subscribe param watcher service status success");
}
SystemParamManager::SystemParamManager()
{}
SystemParamManager &SystemParamManager::GetInstance()
{
static SystemParamManager systemParamManager;
return systemParamManager;
}
void SystemParamManager::Start()
{
SystemParamServiceStatusListener::Subscribe();
}
void SystemParamManager::UpdateFingerAuthEnable(bool isFingerAuthEnable)
{
std::lock_guard<std::recursive_mutex> lock(recursiveMutex_);
IAM_LOGI("UpdateFingerAuthEnable %{public}d", isFingerAuthEnable);
isFingerAuthEnable_ = isFingerAuthEnable;
}
bool SystemParamManager::IsAuthTypeEnable(int32_t authType)
{
std::lock_guard<std::recursive_mutex> lock(recursiveMutex_);
if ((authType == AuthType::FINGERPRINT) && !isFingerAuthEnable_) {
IAM_LOGI("fingerprint not enable");
return false;
}
return true;
}
} // namespace UserAuth
} // namespace UserIam
} // namespace OHOS

2
services/ipc/inc/user_idm_service.h
View File

@ -60,8 +60,6 @@ protected:
void OnStop() override; void OnStop() override;
private: private:
bool CheckEnrollPermissionAndEnableStatus(
const std::shared_ptr<ContextCallback> &contextCallback, AuthType authType);
int32_t CancelCurrentEnroll(); int32_t CancelCurrentEnroll();
void CancelCurrentEnrollIfExist(); void CancelCurrentEnrollIfExist();
int32_t GetSecInfoInner(int32_t userId, SecUserInfo &secUserInfo); int32_t GetSecInfoInner(int32_t userId, SecUserInfo &secUserInfo);

17
services/ipc/src/user_auth_service.cpp
View File

@ -35,7 +35,6 @@
#include "ipc_common.h" #include "ipc_common.h"
#include "ipc_skeleton.h" #include "ipc_skeleton.h"
#include "keyguard_status_listener.h" #include "keyguard_status_listener.h"
#include "system_param_manager.h"
#include "soft_bus_manager.h" #include "soft_bus_manager.h"
#include "widget_client.h" #include "widget_client.h"
#include "remote_msg_util.h" #include "remote_msg_util.h"
@ -159,7 +158,6 @@ void UserAuthService::OnStart()
if (!Publish(this)) { if (!Publish(this)) {
IAM_LOGE("failed to publish service"); IAM_LOGE("failed to publish service");
} }
SystemParamManager::GetInstance().Start();
SoftBusManager::GetInstance().Start(); SoftBusManager::GetInstance().Start();
KeyguardStatusListenerManager::GetInstance().RegisterKeyguardStatusSwitchCallback(); KeyguardStatusListenerManager::GetInstance().RegisterKeyguardStatusSwitchCallback();
} }
@ -188,8 +186,7 @@ int32_t UserAuthService::GetAvailableStatus(int32_t apiVersion, AuthType authTyp
IAM_LOGE("failed to check permission"); IAM_LOGE("failed to check permission");
return CHECK_PERMISSION_FAILED; return CHECK_PERMISSION_FAILED;
} }
if ((apiVersion <= API_VERSION_8 && authType == PIN) || if (apiVersion <= API_VERSION_8 && authType == PIN) {
!SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) {
IAM_LOGE("authType not support"); IAM_LOGE("authType not support");
return TYPE_NOT_SUPPORT; return TYPE_NOT_SUPPORT;
} }
@ -368,7 +365,7 @@ int32_t UserAuthService::CheckAuthPermissionAndParam(int32_t authType, const int
IAM_LOGE("failed to check foreground application"); IAM_LOGE("failed to check foreground application");
return CHECK_PERMISSION_FAILED; return CHECK_PERMISSION_FAILED;
} }
if ((authType == PIN) || !SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) { if (authType == PIN) {
IAM_LOGE("authType not support"); IAM_LOGE("authType not support");
return TYPE_NOT_SUPPORT; return TYPE_NOT_SUPPORT;
} }
@ -509,11 +506,6 @@ bool UserAuthService::CheckAuthPermissionAndParam(AuthType authType, AuthTrustLe
contextCallback->OnResult(CHECK_PERMISSION_FAILED, extraInfo); contextCallback->OnResult(CHECK_PERMISSION_FAILED, extraInfo);
return false; return false;
} }
if (!SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) {
IAM_LOGE("auth type not support");
contextCallback->OnResult(TYPE_NOT_SUPPORT, extraInfo);
return false;
}
return true; return true;
} }
@ -692,7 +684,7 @@ uint64_t UserAuthService::Identify(const std::vector<uint8_t> &challenge, AuthTy
callback->OnResult(GENERAL_ERROR, extraInfo); callback->OnResult(GENERAL_ERROR, extraInfo);
return BAD_CONTEXT_ID; return BAD_CONTEXT_ID;
} }
if ((authType == PIN) || !SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) { if (authType == PIN) {
IAM_LOGE("type not support %{public}d", authType); IAM_LOGE("type not support %{public}d", authType);
contextCallback->OnResult(TYPE_NOT_SUPPORT, extraInfo); contextCallback->OnResult(TYPE_NOT_SUPPORT, extraInfo);
return BAD_CONTEXT_ID; return BAD_CONTEXT_ID;
@ -1061,8 +1053,7 @@ int32_t UserAuthService::GetEnrolledState(int32_t apiVersion, AuthType authType,
return CHECK_PERMISSION_FAILED; return CHECK_PERMISSION_FAILED;
} }
if (apiVersion < API_VERSION_12 || if (apiVersion < API_VERSION_12) {
!SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) {
IAM_LOGE("failed to check apiVersion"); IAM_LOGE("failed to check apiVersion");
return TYPE_NOT_SUPPORT; return TYPE_NOT_SUPPORT;
} }

25
services/ipc/src/user_idm_service.cpp
View File

@ -32,7 +32,6 @@
#include "publish_event_adapter.h" #include "publish_event_adapter.h"
#include "resource_node_pool.h" #include "resource_node_pool.h"
#include "resource_node_utils.h" #include "resource_node_utils.h"
#include "system_param_manager.h"
#include "user_idm_callback_proxy.h" #include "user_idm_callback_proxy.h"
#include "user_idm_database.h" #include "user_idm_database.h"
#include "user_idm_session_controller.h" #include "user_idm_session_controller.h"
@ -204,24 +203,6 @@ int32_t UserIdmService::GetSecInfo(int32_t userId, const sptr<IdmGetSecureUserIn
return ret; return ret;
} }
bool UserIdmService::CheckEnrollPermissionAndEnableStatus(
const std::shared_ptr<ContextCallback> &contextCallback, AuthType authType)
{
Attributes extraInfo;
if (!IpcCommon::CheckPermission(*this, MANAGE_USER_IDM_PERMISSION)) {
IAM_LOGE("failed to check permission");
contextCallback->OnResult(CHECK_PERMISSION_FAILED, extraInfo);
return false;
}
if (!SystemParamManager::GetInstance().IsAuthTypeEnable(authType)) {
IAM_LOGE("authType not support");
contextCallback->OnResult(TYPE_NOT_SUPPORT, extraInfo);
return false;
}
return true;
}
void UserIdmService::StartEnroll(Enrollment::EnrollmentPara &para, void UserIdmService::StartEnroll(Enrollment::EnrollmentPara &para,
const std::shared_ptr<ContextCallback> &contextCallback, Attributes &extraInfo) const std::shared_ptr<ContextCallback> &contextCallback, Attributes &extraInfo)
{ {
@ -262,9 +243,9 @@ void UserIdmService::AddCredential(int32_t userId, const CredentialPara &credPar
contextCallback->SetTraceCallerType(callerType); contextCallback->SetTraceCallerType(callerType);
contextCallback->SetTraceUserId(userId); contextCallback->SetTraceUserId(userId);
contextCallback->SetTraceAuthType(credPara.authType); contextCallback->SetTraceAuthType(credPara.authType);
if (!IpcCommon::CheckPermission(*this, MANAGE_USER_IDM_PERMISSION)) {
if (!CheckEnrollPermissionAndEnableStatus(contextCallback, credPara.authType)) { IAM_LOGE("failed to check permission");
IAM_LOGE("CheckEnrollPermissionAndEnableStatus fail"); contextCallback->OnResult(CHECK_PERMISSION_FAILED, extraInfo);
return; return;
} }

1
test/fuzztest/common_fuzzer/BUILD.gn
View File

@ -176,7 +176,6 @@ ohos_source_set("userauth_service_core_fuzzer") {
"../../../services/core/src/schedule_node_impl.cpp", "../../../services/core/src/schedule_node_impl.cpp",
"../../../services/core/src/schedule_resource_node_listener.cpp", "../../../services/core/src/schedule_resource_node_listener.cpp",
"../../../services/core/src/secure_user_info_impl.cpp", "../../../services/core/src/secure_user_info_impl.cpp",
"../../../services/core/src/system_param_manager.cpp",
"../../../services/core/src/template_cache_manager.cpp", "../../../services/core/src/template_cache_manager.cpp",
"../../../services/core/src/update_pin_param_impl.cpp", "../../../services/core/src/update_pin_param_impl.cpp",
"../../../services/core/src/user_idm_database_impl.cpp", "../../../services/core/src/user_idm_database_impl.cpp",

1
test/unittest/services/BUILD.gn
View File

@ -89,7 +89,6 @@ ohos_unittest("iam_services_test") {
"../../../services/core/src/schedule_node_impl.cpp", "../../../services/core/src/schedule_node_impl.cpp",
"../../../services/core/src/schedule_resource_node_listener.cpp", "../../../services/core/src/schedule_resource_node_listener.cpp",
"../../../services/core/src/secure_user_info_impl.cpp", "../../../services/core/src/secure_user_info_impl.cpp",
"../../../services/core/src/system_param_manager.cpp",
"../../../services/core/src/template_cache_manager.cpp", "../../../services/core/src/template_cache_manager.cpp",
"../../../services/core/src/update_pin_param_impl.cpp", "../../../services/core/src/update_pin_param_impl.cpp",
"../../../services/core/src/user_idm_database_impl.cpp", "../../../services/core/src/user_idm_database_impl.cpp",