openharmony/useriam_user_auth_framework
1
0
Fork 0
mirror of https://gitee.com/openharmony/useriam_user_auth_framework synced 2024-11-23 07:39:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,606 Commits 172 Branches 33 Tags 37 MiB
C++ 98.9%
C 0.6%
JavaScript 0.4%
c906b55412
Go to file
openharmony_ci c906b55412
!1127 AuthUser抢占认证 
Merge pull request !1127 from liuziwei/master
2024-11-14 04:50:37 +00:00
common fix: AuthTypeToStr add authType 2024-11-04 15:21:21 +08:00
figures update readme 2022-07-08 10:36:37 +08:00
frameworks first 2024-11-12 20:33:15 +08:00
interfaces/inner_api Add ReEnroll flag in resultInfo 2024-11-02 14:23:28 +08:00
param fix code 2024-07-05 17:58:46 +08:00
sa_profile UserAuth SA侧自定义事件没有权限控制,需要增加发送方的发送权限和接收方的权限校验 2024-08-24 02:17:33 +00:00
services fix code 2024-11-14 10:52:01 +08:00
test !1127 AuthUser抢占认证 2024-11-14 04:50:37 +00:00
user_auth_icon symbol资源替换 2024-09-23 11:12:38 +08:00
.gitignore add userauth executor 2022-05-08 22:46:36 +08:00
bundle.json 独立编译 2024-10-08 15:40:05 +08:00
cfi_blocklist.txt fix : Security and privacy compliance 2023-09-02 07:21:54 +00:00
CODEOWNERS move ipc code to single .h file and add CODEOWNERS file 2023-07-01 06:29:14 +00:00
hisysevent.yaml fix code 2024-10-14 19:55:08 +08:00
LICENSE fix UserAuth issue 2022-03-12 20:47:37 +08:00
OAT.xml fix : update pin_auth user_auth idl to 2_0 2024-04-02 11:59:49 +08:00
README_ZH.md update readme 2022-07-11 14:22:45 +08:00
README.md fix : update pin_auth user_auth idl to 2_0 2024-04-02 11:59:49 +08:00

README.md

Unified User Authentication (userauth)

Introduction

As a basic component of the User Identity & Access Management (IAM) subsystem, Unified User Authentication (userauth) implements unified user authentication and provides biometric feature authentication APIs to third-party applications.

Figure 1 userauth architecture

userauth_architecture

The userauth APIs support user authentication of the target Authentication Trust Level (ATL). The target ATL is specified by the service. The target user ID can be specified by the service (system service or basic system application) or obtained from the system context (third-party application).

Directory Structure

//base/useriam/user_auth_framework
├── frameworks          # Framework code
├── interfaces          # Directory for storing external interfaces
│   └── innerkits       # Header files exposed to the internal subsystems
├── sa_profile          # Profile of the Service ability
├── services            # Implementation of the Service ability
├── test                # Directory for storing test code
├── utils               # Directory for storing utility code
├── bundle.json         # Component description file
└── userauth.gni        # Build configuration

Usage

Available APIs

Table 1 APIs for unified user authentication

API Description
getAvailableStatus(authType : AuthType, authTrustLevel : AuthTrustLevel) : number; Obtains the available authentication status.
auth(challenge: BigInt, authType : AuthType, authTrustLevel: AuthTrustLevel, callback: IUserAuthCallback): BigInt; Performs user authentication.

Usage Guidelines

  • Vendors must implement the following in a Trusted Execution Environment (TEE):
  1. Authentication scheme: Determine the user authentication scheme based on the user credentials entered and the target ATL.
  2. Authentication result evaluation: Evaluate whether the authentication reaches the target ATL based on the authentication result returned by the executor.
  • The APIs defined in the header file user_auth/v1_0/IUserAuthInterface.idl in the drivers_interface repository must be implemented in a TEE, and the security of user authentication scheme and result evaluation must be ensured.

Repositories Involved

useriam_user_auth_framework

useriam_pin_auth

useriam_face_auth

drivers_peripheral

drivers_interface