mirror of
https://gitee.com/openharmony/useriam_user_auth_framework
synced 2024-11-27 09:50:45 +00:00
remote auth check userid
Change-Id: I10445ae4a21ed9878adc81b063607892ecb8027e Signed-off-by: Tianshi Liu <tianshi.liu@huawei.com>
This commit is contained in:
parent
45eda45295
commit
ba8ea387a2
@ -34,6 +34,7 @@ namespace UserAuth {
|
|||||||
constexpr size_t MAX_CHALLENG_LEN = 32;
|
constexpr size_t MAX_CHALLENG_LEN = 32;
|
||||||
constexpr int32_t USER_AUTH_TIP_SINGLE_AUTH_RESULT = 9999;
|
constexpr int32_t USER_AUTH_TIP_SINGLE_AUTH_RESULT = 9999;
|
||||||
constexpr int INVALID_SOCKET_ID = -1;
|
constexpr int INVALID_SOCKET_ID = -1;
|
||||||
|
constexpr int INVALID_USER_ID = -1;
|
||||||
constexpr int32_t MAIN_USER_ID = 100;
|
constexpr int32_t MAIN_USER_ID = 100;
|
||||||
/**
|
/**
|
||||||
* @brief Defines authentication type.
|
* @brief Defines authentication type.
|
||||||
|
@ -64,7 +64,7 @@ void FiniteStateMachineImpl::ScheduleInner(FiniteStateMachine &machine)
|
|||||||
uint32_t event = 0;
|
uint32_t event = 0;
|
||||||
bool result = pendingEvents_.Pop(event);
|
bool result = pendingEvents_.Pop(event);
|
||||||
if (!result) {
|
if (!result) {
|
||||||
IAM_LOGE("fsm %{public}s pop event fail", name_.c_str());
|
IAM_LOGI("fsm %{public}s pop event fail", name_.c_str());
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -138,7 +138,7 @@ bool RemoteAuthContext::OnStart()
|
|||||||
bool RemoteAuthContext::StartAuth()
|
bool RemoteAuthContext::StartAuth()
|
||||||
{
|
{
|
||||||
std::lock_guard<std::recursive_mutex> lock(mutex_);
|
std::lock_guard<std::recursive_mutex> lock(mutex_);
|
||||||
IAM_LOGI("%{public}s start", GetDescription());
|
IAM_LOGI("%{public}s start remote auth", GetDescription());
|
||||||
|
|
||||||
IF_FALSE_LOGE_AND_RETURN_VAL(executorInfoMsg_.size() > 0, false);
|
IF_FALSE_LOGE_AND_RETURN_VAL(executorInfoMsg_.size() > 0, false);
|
||||||
|
|
||||||
@ -159,8 +159,14 @@ bool RemoteAuthContext::StartAuth()
|
|||||||
|
|
||||||
auth_->SetCollectorUdid(collectorUdid);
|
auth_->SetCollectorUdid(collectorUdid);
|
||||||
|
|
||||||
IAM_LOGI("%{public}s StartAuth success", GetDescription());
|
bool startAuthRet = SimpleAuthContext::OnStart();
|
||||||
return SimpleAuthContext::OnStart();
|
IF_FALSE_LOGE_AND_RETURN_VAL(startAuthRet, false);
|
||||||
|
IF_FALSE_LOGE_AND_RETURN_VAL(scheduleList_.size() == 1, false);
|
||||||
|
IF_FALSE_LOGE_AND_RETURN_VAL(scheduleList_[0] != nullptr, false);
|
||||||
|
|
||||||
|
IAM_LOGI("%{public}s start remote auth success, connectionName:%{public}s, scheduleId:%{public}s",
|
||||||
|
GetDescription(), connectionName_.c_str(), GET_MASKED_STRING(scheduleList_[0]->GetScheduleId()).c_str());
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
void RemoteAuthContext::StartAuthDelayed()
|
void RemoteAuthContext::StartAuthDelayed()
|
||||||
@ -227,7 +233,7 @@ bool RemoteAuthContext::SendQueryExecutorInfoMsg()
|
|||||||
IF_FALSE_LOGE_AND_RETURN(sharedThis != nullptr);
|
IF_FALSE_LOGE_AND_RETURN(sharedThis != nullptr);
|
||||||
StartAuthDelayed();
|
StartAuthDelayed();
|
||||||
});
|
});
|
||||||
IAM_LOGE("%{public}s query executor info success", GetDescription());
|
IAM_LOGI("%{public}s query executor info success", GetDescription());
|
||||||
};
|
};
|
||||||
|
|
||||||
ResultCode sendMsgRet = RemoteConnectionManager::GetInstance().SendMessage(connectionName_, endPointName_,
|
ResultCode sendMsgRet = RemoteConnectionManager::GetInstance().SendMessage(connectionName_, endPointName_,
|
||||||
|
@ -250,7 +250,7 @@ void SimpleAuthContext::InvokeResultCallback(const Authentication::AuthResultInf
|
|||||||
IF_FALSE_LOGE_AND_RETURN(setRemoteAuthResultMsg == true);
|
IF_FALSE_LOGE_AND_RETURN(setRemoteAuthResultMsg == true);
|
||||||
}
|
}
|
||||||
callback_->OnResult(resultInfo.result, finalResult);
|
callback_->OnResult(resultInfo.result, finalResult);
|
||||||
IAM_LOGI("%{public}s invoke result callback success", GetDescription());
|
IAM_LOGI("%{public}s invoke result callback success, result %{public}d", GetDescription(), resultInfo.result);
|
||||||
}
|
}
|
||||||
} // namespace UserAuth
|
} // namespace UserAuth
|
||||||
} // namespace UserIam
|
} // namespace UserIam
|
||||||
|
@ -24,7 +24,6 @@
|
|||||||
namespace OHOS {
|
namespace OHOS {
|
||||||
namespace UserIam {
|
namespace UserIam {
|
||||||
namespace UserAuth {
|
namespace UserAuth {
|
||||||
constexpr int INVALID_USER_ID = INT_MAX;
|
|
||||||
class TemplateCacheManager {
|
class TemplateCacheManager {
|
||||||
public:
|
public:
|
||||||
static TemplateCacheManager &GetInstance();
|
static TemplateCacheManager &GetInstance();
|
||||||
|
@ -249,7 +249,7 @@ int32_t RemoteExecutorProxy::OnBeginExecute(uint64_t scheduleId, const std::vect
|
|||||||
sharedSelf->OnErrorFinish(scheduleId);
|
sharedSelf->OnErrorFinish(scheduleId);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
IAM_LOGE("scheduleId %{public}s begin execute success", GET_MASKED_STRING(scheduleId).c_str());
|
IAM_LOGI("scheduleId %{public}s begin execute success", GET_MASKED_STRING(scheduleId).c_str());
|
||||||
};
|
};
|
||||||
|
|
||||||
ResultCode sendMsgRet = RemoteConnectionManager::GetInstance().SendMessage(connectionName_, endPointName_,
|
ResultCode sendMsgRet = RemoteConnectionManager::GetInstance().SendMessage(connectionName_, endPointName_,
|
||||||
|
@ -105,6 +105,29 @@ void GetResourceNodeByTypeAndRole(AuthType authType, ExecutorRole role,
|
|||||||
authTypeNodes.push_back(node);
|
authTypeNodes.push_back(node);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
std::string GetAuthParamStr(AuthParamInner &authParam, std::optional<RemoteAuthParam> &remoteAuthParam)
|
||||||
|
{
|
||||||
|
std::ostringstream authParamString;
|
||||||
|
authParamString << "userId:" << authParam.userId << " authType:" << authParam.authType
|
||||||
|
<< " atl:" << authParam.authTrustLevel;
|
||||||
|
if (remoteAuthParam.has_value()) {
|
||||||
|
const uint32_t NETWORK_ID_PRINT_LEN = 4;
|
||||||
|
const uint32_t TOKEN_ID_MIN_LEN = 2;
|
||||||
|
auto verifierNetworkIdStr = remoteAuthParam->verifierNetworkId.value_or("").substr(0, NETWORK_ID_PRINT_LEN);
|
||||||
|
auto collectorNetworkIdStr = remoteAuthParam->collectorNetworkId.value_or("").substr(0, NETWORK_ID_PRINT_LEN);
|
||||||
|
auto tokenIdStr = std::to_string(remoteAuthParam->collectorTokenId.value_or(0));
|
||||||
|
if (tokenIdStr.size() > TOKEN_ID_MIN_LEN) {
|
||||||
|
tokenIdStr = std::string(1, tokenIdStr[0]) + "****" + std::string(1, tokenIdStr[tokenIdStr.size() - 1]);
|
||||||
|
} else {
|
||||||
|
tokenIdStr = "";
|
||||||
|
}
|
||||||
|
|
||||||
|
authParamString << " isRemoteAuth:true" << " verifierNetworkId:" << verifierNetworkIdStr << "****"
|
||||||
|
" collectorNetworkId:" << collectorNetworkIdStr << "****" << " collectorTokenId:" << tokenIdStr;
|
||||||
|
}
|
||||||
|
return authParamString.str();
|
||||||
|
}
|
||||||
const bool REGISTER_RESULT = SystemAbility::MakeAndRegisterAbility(UserAuthService::GetInstance().get());
|
const bool REGISTER_RESULT = SystemAbility::MakeAndRegisterAbility(UserAuthService::GetInstance().get());
|
||||||
} // namespace
|
} // namespace
|
||||||
std::mutex UserAuthService::mutex_;
|
std::mutex UserAuthService::mutex_;
|
||||||
@ -492,9 +515,7 @@ bool UserAuthService::CheckAuthPermissionAndParam(AuthType authType, AuthTrustLe
|
|||||||
uint64_t UserAuthService::AuthUser(AuthParamInner &authParam, std::optional<RemoteAuthParam> &remoteAuthParam,
|
uint64_t UserAuthService::AuthUser(AuthParamInner &authParam, std::optional<RemoteAuthParam> &remoteAuthParam,
|
||||||
sptr<UserAuthCallbackInterface> &callback)
|
sptr<UserAuthCallbackInterface> &callback)
|
||||||
{
|
{
|
||||||
IAM_LOGI("start, userId:%{public}d authType:%{public}d atl:%{public}d remoteAuthParamHasValue:%{public}s",
|
IAM_LOGI("start, %{public}s", GetAuthParamStr(authParam, remoteAuthParam).c_str());
|
||||||
authParam.userId, authParam.authType, authParam.authTrustLevel,
|
|
||||||
Common::GetBoolStr(remoteAuthParam.has_value()));
|
|
||||||
auto contextCallback = GetAuthContextCallback(INNER_API_VERSION_10000, authParam.challenge, authParam.authType,
|
auto contextCallback = GetAuthContextCallback(INNER_API_VERSION_10000, authParam.challenge, authParam.authType,
|
||||||
authParam.authTrustLevel, callback);
|
authParam.authTrustLevel, callback);
|
||||||
if (contextCallback == nullptr) {
|
if (contextCallback == nullptr) {
|
||||||
@ -600,6 +621,12 @@ uint64_t UserAuthService::AuthRemoteUser(AuthParamInner &authParam, Authenticati
|
|||||||
return BAD_CONTEXT_ID;
|
return BAD_CONTEXT_ID;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (authParam.userId == INVALID_USER_ID) {
|
||||||
|
IAM_LOGE("userid must be set for remote auth");
|
||||||
|
failReason = INVALID_PARAMETERS;
|
||||||
|
return BAD_CONTEXT_ID;
|
||||||
|
}
|
||||||
|
|
||||||
std::string localNetworkId;
|
std::string localNetworkId;
|
||||||
bool getNetworkIdRet = DeviceManagerUtil::GetInstance().GetLocalDeviceNetWorkId(localNetworkId);
|
bool getNetworkIdRet = DeviceManagerUtil::GetInstance().GetLocalDeviceNetWorkId(localNetworkId);
|
||||||
IF_FALSE_LOGE_AND_RETURN_VAL(getNetworkIdRet, BAD_CONTEXT_ID);
|
IF_FALSE_LOGE_AND_RETURN_VAL(getNetworkIdRet, BAD_CONTEXT_ID);
|
||||||
|
Loading…
Reference in New Issue
Block a user