openharmony/useriam_user_auth_framework
1
0
Fork 0
mirror of https://gitee.com/openharmony/useriam_user_auth_framework synced 2024-11-23 07:39:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
265 Commits 172 Branches 33 Tags 37 MiB
C++ 98.9%
C 0.6%
JavaScript 0.4%
3bfa39f228
Go to file
Tianshi Liu 3bfa39f228 add userauth executor 
Change-Id: Ieffd57c3e485abeabc0232618336f99d3e167805
Signed-off-by: Tianshi Liu <tianshi.liu@huawei.com>
2022-05-08 22:46:36 +08:00
common add userauth executor 2022-05-08 22:46:36 +08:00
figures update docs 2022-03-16 17:55:32 +08:00
frameworks Singleton Refactoring 2022-05-07 10:56:48 +08:00
interfaces Singleton Refactoring 2022-05-07 10:56:48 +08:00
sa_profile fix code 2022-05-06 09:33:02 +08:00
services !162 增加new nothrow空指针判断 2022-05-08 01:53:39 +00:00
test fix code 2022-04-27 11:42:00 +08:00
.gitignore add userauth executor 2022-05-08 22:46:36 +08:00
bundle.json add userauth executor 2022-05-08 22:46:36 +08:00
LICENSE fix UserAuth issue 2022-03-12 20:47:37 +08:00
OAT.xml fix issue 2022-03-24 19:04:27 +08:00
README_ZH.md fix: word spell fix. 2022-03-24 12:36:27 +08:00
README.md fix: word spell fix. 2022-03-24 12:36:27 +08:00

README.md

Unified User Authentication (userauth)

Introduction

As a basic component of the User Identity & Access Management (IAM) subsystem, Unified User Authentication (userauth) implements unified user authentication and provides biometric feature authentication APIs to third-party applications.

Figure 1 userauth architecture

userauth_architecture

The userauth APIs support user authentication of the target Authentication Trust Level (ATL). The target ATL is specified by the service. The target user ID can be specified by the service (system service or basic system application) or obtained from the system context (third-party application).

Directory Structure

//base/user_iam/user_auth
├── frameworks			# Framework code
├── interfaces			# Directory for storing external interfaces
│   └── innerkits		# Header files exposed to the internal subsystems
├── sa_profile			# Profile of the Service ability
├── services			# Implementation of the Service ability
├── test				# Directory for storing test code
├── utils				# Directory for storing utility code
├── bundle.json			# Component description file
└── userauth.gni		# Build configuration

Usage

Available APIs

Table 1 APIs for unified user authentication

API Description
getAvailableStatus(authType : AuthType, authTrustLevel : AuthTrustLevel) : number; Obtains the available authentication status.
auth(challenge: BigInt, authType : AuthType, authTrustLevel: AuthTrustLevel, callback: IUserAuthCallback): BigInt; Performs user authentication.

Usage Guidelines

  • Vendors must implement the following in a Trusted Execution Environment (TEE):
  1. Authentication scheme: Determine the user authentication scheme based on the user credentials entered and the target ATL.
  2. Authentication result evaluation: Evaluate whether the authentication reaches the target ATL based on the authentication result returned by the executor.
  • The APIs defined in the header file common\interface\userauth_interface.h in the useriam_auth_executor_mgr repository must be implemented in a TEE, and the security of user authentication scheme and result evaluation must be ensured.

Repositories Involved

useriam_auth_executor_mgr

useriam_user_idm

useriam_user_auth

useriam_pin_auth

useriam_faceauth