• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "accesstoken_remote_token_manager.h"
17 
18 #include "accesstoken_id_manager.h"
19 #include "accesstoken_log.h"
20 #include "data_validator.h"
21 #include "constant_common.h"
22 namespace OHOS {
23 namespace Security {
24 namespace AccessToken {
25 namespace {
26 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE,
27     SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenRemoteTokenManager"};
28 }
AccessTokenRemoteTokenManager()29 AccessTokenRemoteTokenManager::AccessTokenRemoteTokenManager()
30 {}
31 
~AccessTokenRemoteTokenManager()32 AccessTokenRemoteTokenManager::~AccessTokenRemoteTokenManager()
33 {
34 }
35 
GetInstance()36 AccessTokenRemoteTokenManager& AccessTokenRemoteTokenManager::GetInstance()
37 {
38     static AccessTokenRemoteTokenManager instance;
39     return instance;
40 }
41 
MapRemoteDeviceTokenToLocal(const std::string & deviceID,AccessTokenID remoteID)42 AccessTokenID AccessTokenRemoteTokenManager::MapRemoteDeviceTokenToLocal(const std::string& deviceID,
43     AccessTokenID remoteID)
44 {
45     if (!DataValidator::IsDeviceIdValid(deviceID) || !DataValidator::IsTokenIDValid(remoteID)) {
46         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s or token %{public}x is invalid.",
47             ConstantCommon::EncryptDevId(deviceID).c_str(), remoteID);
48         return 0;
49     }
50     ATokenTypeEnum tokeType = AccessTokenIDManager::GetInstance().GetTokenIdTypeEnum(remoteID);
51     if ((tokeType <= TOKEN_INVALID) || (tokeType >= TOKEN_TYPE_BUTT)) {
52         ACCESSTOKEN_LOG_ERROR(
53             LABEL, "token %{public}x type is invalid.", remoteID);
54         return 0;
55     }
56     int dlpType = AccessTokenIDManager::GetInstance().GetTokenIdDlpFlag(remoteID);
57 
58     AccessTokenID mapID = 0;
59     Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->remoteDeviceLock_);
60     std::map<AccessTokenID, AccessTokenID>* mapPtr = nullptr;
61     if (remoteDeviceMap_.count(deviceID) > 0) {
62         AccessTokenRemoteDevice& device = remoteDeviceMap_[deviceID];
63         if (device.MappingTokenIDPairMap_.count(remoteID) > 0) {
64             mapID = device.MappingTokenIDPairMap_[remoteID];
65             ACCESSTOKEN_LOG_ERROR(
66                 LABEL, "device %{public}s token %{public}x has already mapped, maptokenID is %{public}x.",
67                 ConstantCommon::EncryptDevId(deviceID).c_str(), remoteID, mapID);
68             return mapID;
69         }
70         mapPtr = &device.MappingTokenIDPairMap_;
71     } else {
72         AccessTokenRemoteDevice device;
73         device.DeviceID_ = deviceID;
74         remoteDeviceMap_[deviceID] = device;
75         mapPtr = &remoteDeviceMap_[deviceID].MappingTokenIDPairMap_;
76     }
77 
78     mapID = AccessTokenIDManager::GetInstance().CreateAndRegisterTokenId(tokeType, dlpType);
79     if (mapID == 0) {
80         ACCESSTOKEN_LOG_ERROR(
81             LABEL, "device %{public}s token %{public}x map local Token failed.",
82             ConstantCommon::EncryptDevId(deviceID).c_str(), remoteID);
83         return 0;
84     }
85     mapPtr->insert(std::pair<AccessTokenID, AccessTokenID>(remoteID, mapID));
86     return mapID;
87 }
88 
GetDeviceAllRemoteTokenID(const std::string & deviceID,std::vector<AccessTokenID> & remoteIDs)89 int AccessTokenRemoteTokenManager::GetDeviceAllRemoteTokenID(const std::string& deviceID,
90     std::vector<AccessTokenID>& remoteIDs)
91 {
92     if (!DataValidator::IsDeviceIdValid(deviceID)) {
93         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s is valid.", ConstantCommon::EncryptDevId(deviceID).c_str());
94         return RET_FAILED;
95     }
96     Utils::UniqueReadGuard<Utils::RWLock> infoGuard(this->remoteDeviceLock_);
97     if (remoteDeviceMap_.count(deviceID) < 1) {
98         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s has not mapping.",
99             ConstantCommon::EncryptDevId(deviceID).c_str());
100         return RET_FAILED;
101     }
102 
103     std::transform(remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.begin(),
104         remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.end(),
105         std::back_inserter(remoteIDs), [](const auto& mapEntry) {
106             return mapEntry.first;
107         });
108     return RET_SUCCESS;
109 }
110 
GetDeviceMappingTokenID(const std::string & deviceID,AccessTokenID remoteID)111 AccessTokenID AccessTokenRemoteTokenManager::GetDeviceMappingTokenID(const std::string& deviceID,
112     AccessTokenID remoteID)
113 {
114     if (!DataValidator::IsDeviceIdValid(deviceID) || !DataValidator::IsTokenIDValid(remoteID)) {
115         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s or token %{public}x is invalid.",
116             ConstantCommon::EncryptDevId(deviceID).c_str(), remoteID);
117         return 0;
118     }
119 
120     Utils::UniqueReadGuard<Utils::RWLock> infoGuard(this->remoteDeviceLock_);
121     if (remoteDeviceMap_.count(deviceID) < 1 ||
122         remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.count(remoteID) < 1) {
123         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s has not mapping.",
124             ConstantCommon::EncryptDevId(deviceID).c_str());
125         return 0;
126     }
127 
128     return remoteDeviceMap_[deviceID].MappingTokenIDPairMap_[remoteID];
129 }
130 
RemoveDeviceMappingTokenID(const std::string & deviceID,AccessTokenID remoteID)131 int AccessTokenRemoteTokenManager::RemoveDeviceMappingTokenID(const std::string& deviceID,
132     AccessTokenID remoteID)
133 {
134     if (!DataValidator::IsDeviceIdValid(deviceID) || !DataValidator::IsTokenIDValid(remoteID)) {
135         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s or token %{public}x is invalid.",
136             ConstantCommon::EncryptDevId(deviceID).c_str(), remoteID);
137         return RET_FAILED;
138     }
139 
140     Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->remoteDeviceLock_);
141     if (remoteDeviceMap_.count(deviceID) < 1 ||
142         remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.count(remoteID) < 1) {
143         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s has not mapping.",
144             ConstantCommon::EncryptDevId(deviceID).c_str());
145         return RET_FAILED;
146     }
147 
148     AccessTokenID mapID = remoteDeviceMap_[deviceID].MappingTokenIDPairMap_[remoteID];
149     AccessTokenIDManager::GetInstance().ReleaseTokenId(mapID);
150 
151     remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.erase(remoteID);
152 
153     if (remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.empty()) {
154         remoteDeviceMap_.erase(deviceID);
155     }
156     return RET_SUCCESS;
157 }
158 } // namespace AccessToken
159 } // namespace Security
160 } // namespace OHOS
161