remote auth check userid

Change-Id: I10445ae4a21ed9878adc81b063607892ecb8027e Signed-off-by: Tianshi Liu <tianshi.liu@huawei.com>
2024-11-23 07:39:51 +00:00 · 2024-05-22 00:57:34 +08:00 · 2024-05-22 00:57:34 +08:00 · ba8ea387a2
commit ba8ea387a2
parent 45eda45295
7 changed files with 44 additions and 11 deletions
--- a/interfaces/inner_api/iam_common_defines.h
+++ b/interfaces/inner_api/iam_common_defines.h
@ -34,6 +34,7 @@ namespace UserAuth {
 constexpr size_t MAX_CHALLENG_LEN = 32;
 constexpr int32_t USER_AUTH_TIP_SINGLE_AUTH_RESULT = 9999;
 constexpr int INVALID_SOCKET_ID = -1;
+constexpr int INVALID_USER_ID = -1;
 constexpr int32_t MAIN_USER_ID = 100;
 /**
 * @brief Defines authentication type.
--- a/services/base/src/finite_state_machine_impl.cpp
+++ b/services/base/src/finite_state_machine_impl.cpp
@ -64,7 +64,7 @@ void FiniteStateMachineImpl::ScheduleInner(FiniteStateMachine &machine)
        uint32_t event = 0;
        bool result = pendingEvents_.Pop(event);
        if (!result) {
-            IAM_LOGE("fsm %{public}s pop event fail", name_.c_str());
+            IAM_LOGI("fsm %{public}s pop event fail", name_.c_str());
            break;
        }

--- a/services/context/src/remote_auth_context.cpp
+++ b/services/context/src/remote_auth_context.cpp
@ -138,7 +138,7 @@ bool RemoteAuthContext::OnStart()
 bool RemoteAuthContext::StartAuth()
 {
    std::lock_guard<std::recursive_mutex> lock(mutex_);
-    IAM_LOGI("%{public}s start", GetDescription());
+    IAM_LOGI("%{public}s start remote auth", GetDescription());

    IF_FALSE_LOGE_AND_RETURN_VAL(executorInfoMsg_.size() > 0, false);

@ -159,8 +159,14 @@ bool RemoteAuthContext::StartAuth()

    auth_->SetCollectorUdid(collectorUdid);

-    IAM_LOGI("%{public}s StartAuth success", GetDescription());
-    return SimpleAuthContext::OnStart();
+    bool startAuthRet =  SimpleAuthContext::OnStart();
+    IF_FALSE_LOGE_AND_RETURN_VAL(startAuthRet, false);
+    IF_FALSE_LOGE_AND_RETURN_VAL(scheduleList_.size() == 1, false);
+    IF_FALSE_LOGE_AND_RETURN_VAL(scheduleList_[0] != nullptr, false);
+
+    IAM_LOGI("%{public}s start remote auth success, connectionName:%{public}s, scheduleId:%{public}s",
+        GetDescription(), connectionName_.c_str(), GET_MASKED_STRING(scheduleList_[0]->GetScheduleId()).c_str());
+    return true;
 }

 void RemoteAuthContext::StartAuthDelayed()
@ -227,7 +233,7 @@ bool RemoteAuthContext::SendQueryExecutorInfoMsg()
            IF_FALSE_LOGE_AND_RETURN(sharedThis != nullptr);
            StartAuthDelayed();
        });
-        IAM_LOGE("%{public}s query executor info success", GetDescription());
+        IAM_LOGI("%{public}s query executor info success", GetDescription());
    };

    ResultCode sendMsgRet = RemoteConnectionManager::GetInstance().SendMessage(connectionName_, endPointName_,
--- a/services/context/src/simple_auth_context.cpp
+++ b/services/context/src/simple_auth_context.cpp
@ -250,7 +250,7 @@ void SimpleAuthContext::InvokeResultCallback(const Authentication::AuthResultInf
        IF_FALSE_LOGE_AND_RETURN(setRemoteAuthResultMsg == true);
    }
    callback_->OnResult(resultInfo.result, finalResult);
-    IAM_LOGI("%{public}s invoke result callback success", GetDescription());
+    IAM_LOGI("%{public}s invoke result callback success, result %{public}d", GetDescription(), resultInfo.result);
 }
 } // namespace UserAuth
 } // namespace UserIam
--- a/services/core/inc/template_cache_manager.h
+++ b/services/core/inc/template_cache_manager.h
@ -24,7 +24,6 @@
 namespace OHOS {
 namespace UserIam {
 namespace UserAuth {
-constexpr int INVALID_USER_ID = INT_MAX;
 class TemplateCacheManager {
 public:
    static TemplateCacheManager &GetInstance();
--- a/services/core/src/remote_executor_proxy.cpp
+++ b/services/core/src/remote_executor_proxy.cpp
@ -249,7 +249,7 @@ int32_t RemoteExecutorProxy::OnBeginExecute(uint64_t scheduleId, const std::vect
            sharedSelf->OnErrorFinish(scheduleId);
            return;
        }
-        IAM_LOGE("scheduleId %{public}s begin execute success", GET_MASKED_STRING(scheduleId).c_str());
+        IAM_LOGI("scheduleId %{public}s begin execute success", GET_MASKED_STRING(scheduleId).c_str());
    };

    ResultCode sendMsgRet = RemoteConnectionManager::GetInstance().SendMessage(connectionName_, endPointName_,
--- a/services/ipc/src/user_auth_service.cpp
+++ b/services/ipc/src/user_auth_service.cpp
@ -105,6 +105,29 @@ void GetResourceNodeByTypeAndRole(AuthType authType, ExecutorRole role,
            authTypeNodes.push_back(node);
        });
 }
+
+std::string GetAuthParamStr(AuthParamInner &authParam, std::optional<RemoteAuthParam> &remoteAuthParam)
+{
+    std::ostringstream authParamString;
+    authParamString << "userId:" << authParam.userId << " authType:" << authParam.authType
+                    << " atl:" << authParam.authTrustLevel;
+    if (remoteAuthParam.has_value()) {
+        const uint32_t NETWORK_ID_PRINT_LEN = 4;
+        const uint32_t TOKEN_ID_MIN_LEN = 2;
+        auto verifierNetworkIdStr = remoteAuthParam->verifierNetworkId.value_or("").substr(0, NETWORK_ID_PRINT_LEN);
+        auto collectorNetworkIdStr = remoteAuthParam->collectorNetworkId.value_or("").substr(0, NETWORK_ID_PRINT_LEN);
+        auto tokenIdStr = std::to_string(remoteAuthParam->collectorTokenId.value_or(0));
+        if (tokenIdStr.size() > TOKEN_ID_MIN_LEN) {
+            tokenIdStr = std::string(1, tokenIdStr[0]) + "****" + std::string(1, tokenIdStr[tokenIdStr.size() - 1]);
+        } else {
+            tokenIdStr = "";
+        }
+
+        authParamString << " isRemoteAuth:true" << " verifierNetworkId:" << verifierNetworkIdStr << "****"
+            " collectorNetworkId:" << collectorNetworkIdStr << "****" << " collectorTokenId:" << tokenIdStr;
+    }
+    return authParamString.str();
+}
 const bool REGISTER_RESULT = SystemAbility::MakeAndRegisterAbility(UserAuthService::GetInstance().get());
 } // namespace
 std::mutex UserAuthService::mutex_;
@ -492,9 +515,7 @@ bool UserAuthService::CheckAuthPermissionAndParam(AuthType authType, AuthTrustLe
 uint64_t UserAuthService::AuthUser(AuthParamInner &authParam, std::optional<RemoteAuthParam> &remoteAuthParam,
    sptr<UserAuthCallbackInterface> &callback)
 {
-    IAM_LOGI("start, userId:%{public}d authType:%{public}d atl:%{public}d remoteAuthParamHasValue:%{public}s",
-        authParam.userId, authParam.authType, authParam.authTrustLevel,
-        Common::GetBoolStr(remoteAuthParam.has_value()));
+    IAM_LOGI("start, %{public}s", GetAuthParamStr(authParam, remoteAuthParam).c_str());
    auto contextCallback = GetAuthContextCallback(INNER_API_VERSION_10000, authParam.challenge, authParam.authType,
        authParam.authTrustLevel, callback);
    if (contextCallback == nullptr) {
@ -600,6 +621,12 @@ uint64_t UserAuthService::AuthRemoteUser(AuthParamInner &authParam, Authenticati
        return BAD_CONTEXT_ID;
    }

+    if (authParam.userId == INVALID_USER_ID) {
+        IAM_LOGE("userid must be set for remote auth");
+        failReason = INVALID_PARAMETERS;
+        return BAD_CONTEXT_ID;
+    }
+
    std::string localNetworkId;
    bool getNetworkIdRet = DeviceManagerUtil::GetInstance().GetLocalDeviceNetWorkId(localNetworkId);
    IF_FALSE_LOGE_AND_RETURN_VAL(getNetworkIdRet, BAD_CONTEXT_ID);