1 /*
2 * Copyright (c) 2021 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "auth_manager.h"
17 #include "anonymous_string.h"
18 #include "dm_ability_manager.h"
19 #include "constants.h"
20 #include "msg_codec.h"
21 #include "device_manager_log.h"
22 #include "msg_codec.h"
23 #include "device_manager_errno.h"
24 #include "softbus_session.h"
25 #include "encrypt_utils.h"
26 #include "ipc_server_listener_adapter.h"
27
28 namespace OHOS {
29 namespace DistributedHardware {
30 IMPLEMENT_SINGLE_INSTANCE(AuthManager);
31
AuthDeviceGroup(std::string & hostPkgName,const DmDeviceInfo & devReqInfo,const DmAppImageInfo & imageInfo,std::string & extras)32 void AuthManager::AuthDeviceGroup(std::string &hostPkgName, const DmDeviceInfo &devReqInfo,
33 const DmAppImageInfo &imageInfo, std::string &extras)
34 {
35 AuthAppGroup(hostPkgName, devReqInfo, imageInfo, extras);
36 }
37
OnReceiveMsg(long long channelId,std::string & message)38 void AuthManager::OnReceiveMsg(long long channelId, std::string &message)
39 {
40 int32_t msgType = MsgCodec::DecodeMsgType(message);
41 DMLOG(DM_LOG_INFO, "message type is, %d", msgType);
42 switch (msgType) {
43 case MSG_TYPE_RESP_AUTH:
44 case MSG_TYPE_REQ_AUTH:
45 case MSG_TYPE_AUTH_BY_PIN:
46 OnReceiveMessage(channelId, message, msgType);
47 break;
48 default:
49 DMLOG(DM_LOG_INFO, "msgType not support yet, msgType: %d", msgType);
50 break;
51 }
52 }
53
AuthAppGroup(std::string & hostPkgName,const DmDeviceInfo & devReqInfo,const DmAppImageInfo & imageInfo,std::string & extrasJson)54 void AuthManager::AuthAppGroup(std::string &hostPkgName, const DmDeviceInfo &devReqInfo,
55 const DmAppImageInfo &imageInfo, std::string &extrasJson)
56 {
57 DMLOG(DM_LOG_INFO, "AuthManager::AuthAppGroup started");
58 nlohmann::json jsonObject = nlohmann::json::parse(extrasJson, nullptr, false);
59 if (jsonObject.is_discarded()) {
60 DMLOG(DM_LOG_ERROR, "extrasJson error");
61 return;
62 }
63 if (!jsonObject.contains(AUTH_TYPE)) {
64 DMLOG(DM_LOG_ERROR, "AuthAppGroup extrasJson error");
65 return;
66 }
67 if (!jsonObject.contains(TARGET_PKG_NAME_KEY)) {
68 DMLOG(DM_LOG_ERROR, "TARGET_PKG_NAME is not in extrasJson");
69 return;
70 }
71 std::string targetPkgName = jsonObject[TARGET_PKG_NAME_KEY];
72
73 if (!jsonObject.contains(DISPLAY_OWNER)) {
74 DMLOG(DM_LOG_WARN, "AuthAppGroup DISPLAY_OWNER error");
75 displayOwner_ = DISPLAY_OWNER_SYSTEM;
76 } else {
77 displayOwner_ = jsonObject[DISPLAY_OWNER];
78 }
79
80 if (!CanStartNewSession()) {
81 DMLOG(DM_LOG_ERROR, "previous session not completed yet");
82 mPendingReqSessionPtr_->NotifyHostAppAuthResult(ERROR_DUPLICATE_REQUEST);
83 return;
84 }
85 auto curSessionPtr = std::make_shared<RequestSession>(hostPkgName, targetPkgName, devReqInfo, imageInfo);
86 mPendingReqSessionPtr_ = curSessionPtr;
87 std::vector<std::string> msgInfo = curSessionPtr->GetRequestCommand(extrasJson);
88 int32_t channelId = SoftbusSession::GetInstance().SendMessages(devReqInfo.deviceId, msgInfo);
89 if (channelId > 0) {
90 DMLOG(DM_LOG_INFO, "open channel succeed, save channelId");
91 mPendingReqSessionPtr_->SetChannelId(channelId);
92 return;
93 }
94 DMLOG(DM_LOG_ERROR, "open channel failed, close this session");
95 mPendingReqSessionPtr_->Release();
96 mPendingReqSessionPtr_->NotifyHostAppAuthResult(ERROR_START_REMOTE_DM);
97 mPendingReqSessionPtr_ = nullptr;
98 }
99
CanStartNewSession()100 bool AuthManager::CanStartNewSession()
101 {
102 if (mPendingReqSessionPtr_ == nullptr || mPendingReqSessionPtr_->IsFinished()) {
103 return true;
104 }
105 return false;
106 }
107
OnUserOperate(int32_t action)108 void AuthManager::OnUserOperate(int32_t action)
109 {
110 if (action == FaAction::USER_OPERATION_TYPE_CANCEL_PINCODE_INPUT) {
111 if (mPendingReqSessionPtr_ == nullptr) {
112 DMLOG(DM_LOG_ERROR, "mPendingReqSessionPtr_ not exist");
113 return;
114 }
115 mPendingReqSessionPtr_->OnUserOperate(action);
116 return;
117 }
118
119 if (mPendingRespSessionPtr == nullptr) {
120 DMLOG(DM_LOG_ERROR, "mPendingRespSessionPtr not exist");
121 return;
122 }
123
124 mPendingRespSessionPtr->OnUserOperate(action);
125 }
126
OnReceiveMessage(long long channelId,std::string & message,int32_t msgType)127 void AuthManager::OnReceiveMessage(long long channelId, std::string &message, int32_t msgType)
128 {
129 DMLOG(DM_LOG_INFO, "AuthManager::OnReceiveMessage started");
130 if (msgType == MSG_TYPE_RESP_AUTH) {
131 DMLOG(DM_LOG_ERROR, "message type is MSG_TYPE_RESP_AUTH");
132 if (mPendingReqSessionPtr_ == nullptr || !mPendingReqSessionPtr_->IsMyChannelId(channelId)) {
133 DMLOG(DM_LOG_ERROR, "receive error message");
134 return;
135 }
136 mPendingReqSessionPtr_->OnReceiveMsg(message);
137 if (mPendingReqSessionPtr_->IsWaitingForScan()) {
138 DMLOG(DM_LOG_ERROR, "move Session To Wait Scan Map ");
139 MoveSessionToWaitScanMap();
140 }
141 } else if (msgType == MSG_TYPE_REQ_AUTH || msgType == MSG_TYPE_AUTH_BY_PIN) {
142 DMLOG(DM_LOG_INFO, "message type is MSG_TYPE_REQ_AUTH");
143 if (mPendingRespSessionPtr == nullptr) {
144 mPendingRespSessionPtr = std::make_shared<ResponseSession>();
145 }
146
147 if (!mPendingRespSessionPtr->IsMyChannelId(channelId)) {
148 DMLOG(DM_LOG_ERROR, "mPendingRespSessionPtr IsMyChannelId false!");
149 return;
150 }
151 mPendingRespSessionPtr->OnReceiveMsg(channelId, message);
152 } else {
153 DMLOG(DM_LOG_ERROR, "error message type");
154 }
155 }
156
MoveSessionToWaitScanMap()157 void AuthManager::MoveSessionToWaitScanMap()
158 {
159 DMLOG(DM_LOG_ERROR, "AuthManager::MoveSessionToWaitScanMap");
160 mWaitScanReqSessionMap_[mPendingReqSessionPtr_->GetToken()] = mPendingReqSessionPtr_;
161 mPendingReqSessionPtr_ = nullptr;
162 }
163
CheckAuthentication(std::string & authPara)164 int32_t AuthManager::CheckAuthentication(std::string &authPara)
165 {
166 DMLOG(DM_LOG_INFO, "AuthManager::CheckAuthentication started");
167 nlohmann::json authJson = nlohmann::json::parse(authPara, nullptr, false);
168 if (authJson.is_discarded()) {
169 DMLOG(DM_LOG_ERROR, "HichainAdapter::GetGroupIdByName parse group info error, json invalid.");
170 return AUTH_PARA_INVALID;
171 }
172 if (!authJson.contains(AUTH_TYPE) || authJson[AUTH_TYPE] != AUTH_TYPE_PIN) {
173 DMLOG(DM_LOG_ERROR, "error authPara msg");
174 return AUTH_PARA_INVALID;
175 }
176 DMLOG(DM_LOG_INFO, "PIN Code Auth");
177 authParam_ = authPara;
178 return CheckAuthenticationByPin(authJson);
179 }
180
NotifyHostOnCheckAuthResult(int64_t requestId,int errorCode)181 void AuthManager::NotifyHostOnCheckAuthResult(int64_t requestId, int errorCode)
182 {
183 DMLOG(DM_LOG_INFO, "notify host checkResult, requestId: %lld, errorcode: %d", requestId, errorCode);
184 for (auto iter = mWaitScanReqSessionMap_.begin(); iter != mWaitScanReqSessionMap_.end(); iter++) {
185 auto requestSessionPtr = iter->second;
186 if (requestSessionPtr != nullptr && requestSessionPtr->GetRequestId() == requestId) {
187 std::string deviceId = requestSessionPtr->GetRequestDeviceId();
188 DMLOG(DM_LOG_INFO, "notify host checkResult, deviceId: %s, requestId: %lld",
189 GetAnonyString(deviceId).c_str(), requestId);
190 IpcServerListenerAdapter::GetInstance().OnCheckAuthResult(deviceId, errorCode, 0);
191 return;
192 }
193 }
194
195 DMLOG(DM_LOG_ERROR, "notify host checkResult error, requestId: %lld", requestId);
196 }
197
CheckAuthenticationByPin(nlohmann::json & authJson)198 int32_t AuthManager::CheckAuthenticationByPin(nlohmann::json &authJson)
199 {
200 int32_t pinCode = authJson.contains(PIN_CODE_KEY) ? (int32_t)authJson[PIN_CODE_KEY] : DEFAULT_PIN_CODE;
201 int32_t pinToken = authJson.contains(PIN_TOKEN) ? (int32_t)authJson[PIN_TOKEN] : DEFAULT_PIN_TOKEN;
202 if (pinCode < MIN_PIN_CODE || pinCode >= (MIN_PIN_CODE + MAX_PIN_CODE)) {
203 DMLOG(DM_LOG_ERROR, "pinCode err, please check pinCode");
204 return PIN_CODE_CHECK_FAILED;
205 }
206
207 if (pinToken < MIN_PIN_TOKEN || pinToken >= (MIN_PIN_TOKEN + MAX_PIN_TOKEN)) {
208 DMLOG(DM_LOG_ERROR, "pinToken err, please check pinToken.");
209 return PIN_TOKEN_CHECK_FAILED;
210 }
211 OnPinInputResult(pinCode, pinToken);
212 DMLOG(DM_LOG_INFO, "CheckAuthenticationByPin authPara end");
213 return DEVICEMANAGER_OK;
214 }
215
OnPinInputResult(int32_t pinCode,int32_t pinToken)216 void AuthManager::OnPinInputResult(int32_t pinCode, int32_t pinToken)
217 {
218 DMLOG(DM_LOG_ERROR, "AuthManager::OnPinInputResult");
219 for (auto iter = mWaitScanReqSessionMap_.begin(); iter != mWaitScanReqSessionMap_.end(); iter++) {
220 auto requestSessionPtr = iter->second;
221 if (requestSessionPtr != nullptr && requestSessionPtr->IsMyPinToken(pinToken)) {
222 DMLOG(DM_LOG_INFO, "AuthManager:: OnPinInputResult");
223 requestSessionPtr->OnReceivePinCode(pinCode);
224 }
225 }
226 }
227
GetAuthenticationParam(DmAuthParam & authParam)228 int32_t AuthManager::GetAuthenticationParam(DmAuthParam &authParam)
229 {
230 AbilityRole role = DmAbilityManager::GetInstance().GetAbilityRole();
231 DMLOG(DM_LOG_INFO, "GetAuthenticationParam:: role = %d", (int32_t)role);
232 if (role == AbilityRole::ABILITY_ROLE_INITIATIVE) {
233 if (mPendingReqSessionPtr_ == nullptr) {
234 DMLOG(DM_LOG_ERROR, "AuthManager:: Get Auth params FAIL : mPendingReqSessionPtr_(nullptr)");
235 return FAIL;
236 }
237 authParam.authType = AUTH_TYPE_PIN; // Currently, only Support PinCode, authType not save.
238 authParam.direction = (int32_t)DmAbilityManager::GetInstance().GetAbilityRole();
239 authParam.pinToken = mPendingReqSessionPtr_->GetPinToken();
240 DMLOG(DM_LOG_INFO, "GetAuthenticationParam, role is ABILITY_ROLE_INITIATIVE");
241 return SUCCESS;
242 }
243
244 if (mPendingRespSessionPtr == nullptr) {
245 DMLOG(DM_LOG_ERROR, "AuthManager:: Get Auth params FAIL : mPendingRespSessionPtr(nullptr)");
246 return FAIL;
247 }
248
249 mPendingRespSessionPtr->BuildAuthenticationInfo(authParam);
250 return SUCCESS;
251 }
252
GetPincode(int64_t requestId)253 int32_t AuthManager::GetPincode(int64_t requestId)
254 {
255 if (mPendingRespSessionPtr == nullptr) {
256 DMLOG(DM_LOG_ERROR, "AuthManager:: GetPincode FAIL : mPendingRespSessionPtr(nullptr)");
257 return FAIL;
258 }
259
260 return mPendingRespSessionPtr->GetPinCodeByReqId(requestId);
261 }
262
GetAuthPara()263 std::string AuthManager::GetAuthPara()
264 {
265 return authParam_;
266 }
267
GetDisplayOwner()268 int32_t AuthManager::GetDisplayOwner()
269 {
270 return displayOwner_;
271 }
272 }
273 }
274