1 /*
2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "accesstoken_manager_proxy.h"
17
18 #include "accesstoken_log.h"
19 #include "access_token_error.h"
20
21 #include "parcel.h"
22 #include "string_ex.h"
23
24 namespace OHOS {
25 namespace Security {
26 namespace AccessToken {
27 namespace {
28 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "ATMProxy"};
29 static const int MAX_PERMISSION_SIZE = 1000;
30 #ifdef TOKEN_SYNC_ENABLE
31 static const int MAX_NATIVE_TOKEN_INFO_SIZE = 20480;
32 #endif
33 }
34
AccessTokenManagerProxy(const sptr<IRemoteObject> & impl)35 AccessTokenManagerProxy::AccessTokenManagerProxy(const sptr<IRemoteObject>& impl)
36 : IRemoteProxy<IAccessTokenManager>(impl) {
37 }
38
~AccessTokenManagerProxy()39 AccessTokenManagerProxy::~AccessTokenManagerProxy()
40 {}
41
SendRequest(IAccessTokenManager::InterfaceCode code,MessageParcel & data,MessageParcel & reply)42 bool AccessTokenManagerProxy::SendRequest(
43 IAccessTokenManager::InterfaceCode code, MessageParcel& data, MessageParcel& reply)
44 {
45 MessageOption option(MessageOption::TF_SYNC);
46
47 sptr<IRemoteObject> remote = Remote();
48 if (remote == nullptr) {
49 ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
50 return false;
51 }
52 int32_t requestResult = remote->SendRequest(
53 static_cast<uint32_t>(code), data, reply, option);
54 if (requestResult != NO_ERROR) {
55 ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult);
56 return false;
57 }
58 return true;
59 }
60
VerifyAccessToken(AccessTokenID tokenID,const std::string & permissionName)61 int AccessTokenManagerProxy::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName)
62 {
63 MessageParcel data;
64 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
65 if (!data.WriteUint32(tokenID)) {
66 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID");
67 return PERMISSION_DENIED;
68 }
69 if (!data.WriteString(permissionName)) {
70 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName");
71 return PERMISSION_DENIED;
72 }
73
74 MessageParcel reply;
75 MessageOption option(MessageOption::TF_SYNC);
76 sptr<IRemoteObject> remote = Remote();
77 if (remote == nullptr) {
78 ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
79 return PERMISSION_DENIED;
80 }
81 int32_t requestResult = remote->SendRequest(
82 static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::VERIFY_ACCESSTOKEN), data, reply, option);
83 if (requestResult != NO_ERROR) {
84 ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult);
85 return PERMISSION_DENIED;
86 }
87
88 int32_t result = reply.ReadInt32();
89 ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server data = %{public}d", result);
90 return result;
91 }
92
GetDefPermission(const std::string & permissionName,PermissionDefParcel & permissionDefResult)93 int AccessTokenManagerProxy::GetDefPermission(
94 const std::string& permissionName, PermissionDefParcel& permissionDefResult)
95 {
96 MessageParcel data;
97 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
98 if (!data.WriteString(permissionName)) {
99 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName");
100 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
101 }
102
103 MessageParcel reply;
104 if (!SendRequest(IAccessTokenManager::InterfaceCode::GET_DEF_PERMISSION, data, reply)) {
105 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
106 }
107
108 int32_t result = reply.ReadInt32();
109 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
110 if (result != RET_SUCCESS) {
111 return result;
112 }
113 sptr<PermissionDefParcel> resultSptr = reply.ReadParcelable<PermissionDefParcel>();
114 if (resultSptr == nullptr) {
115 ACCESSTOKEN_LOG_ERROR(LABEL, "read permission def parcel fail");
116 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
117 }
118 permissionDefResult = *resultSptr;
119 return result;
120 }
121
GetDefPermissions(AccessTokenID tokenID,std::vector<PermissionDefParcel> & permList)122 int AccessTokenManagerProxy::GetDefPermissions(AccessTokenID tokenID,
123 std::vector<PermissionDefParcel>& permList)
124 {
125 MessageParcel data;
126 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
127 if (!data.WriteUint32(tokenID)) {
128 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID");
129 return RET_FAILED;
130 }
131
132 MessageParcel reply;
133 if (!SendRequest(IAccessTokenManager::InterfaceCode::GET_DEF_PERMISSIONS, data, reply)) {
134 return RET_FAILED;
135 }
136
137 int32_t result = reply.ReadInt32();
138 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
139 if (result != RET_SUCCESS) {
140 return result;
141 }
142 int32_t size = reply.ReadInt32();
143 if (size > MAX_PERMISSION_SIZE) {
144 ACCESSTOKEN_LOG_ERROR(LABEL, "size = %{public}d get from request is invalid", size);
145 return RET_FAILED;
146 }
147 for (int i = 0; i < size; i++) {
148 sptr<PermissionDefParcel> permissionDef = reply.ReadParcelable<PermissionDefParcel>();
149 if (permissionDef != nullptr) {
150 permList.emplace_back(*permissionDef);
151 }
152 }
153 return result;
154 }
155
GetReqPermissions(AccessTokenID tokenID,std::vector<PermissionStateFullParcel> & reqPermList,bool isSystemGrant)156 int AccessTokenManagerProxy::GetReqPermissions(
157 AccessTokenID tokenID, std::vector<PermissionStateFullParcel>& reqPermList, bool isSystemGrant)
158 {
159 MessageParcel data;
160 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
161 if (!data.WriteUint32(tokenID)) {
162 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID");
163 return RET_FAILED;
164 }
165 if (!data.WriteInt32(isSystemGrant)) {
166 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write isSystemGrant");
167 return RET_FAILED;
168 }
169
170 MessageParcel reply;
171 if (!SendRequest(IAccessTokenManager::InterfaceCode::GET_REQ_PERMISSIONS, data, reply)) {
172 return RET_FAILED;
173 }
174
175 int32_t result = reply.ReadInt32();
176 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
177 if (result != RET_SUCCESS) {
178 return result;
179 }
180 int32_t size = reply.ReadInt32();
181 if (size > MAX_PERMISSION_SIZE) {
182 ACCESSTOKEN_LOG_ERROR(LABEL, "size = %{public}d get from request is invalid", size);
183 return RET_FAILED;
184 }
185 for (int i = 0; i < size; i++) {
186 sptr<PermissionStateFullParcel> permissionReq = reply.ReadParcelable<PermissionStateFullParcel>();
187 if (permissionReq != nullptr) {
188 reqPermList.emplace_back(*permissionReq);
189 }
190 }
191 return result;
192 }
193
GetPermissionFlag(AccessTokenID tokenID,const std::string & permissionName,int & flag)194 int AccessTokenManagerProxy::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, int& flag)
195 {
196 MessageParcel data;
197 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
198 if (!data.WriteUint32(tokenID)) {
199 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID");
200 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
201 }
202 if (!data.WriteString(permissionName)) {
203 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName");
204 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
205 }
206
207 MessageParcel reply;
208 if (!SendRequest(IAccessTokenManager::InterfaceCode::GET_PERMISSION_FLAG, data, reply)) {
209 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
210 }
211
212 int32_t result = reply.ReadInt32();
213 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
214 if (result != RET_SUCCESS) {
215 return result;
216 }
217 flag = reply.ReadInt32();
218 return result;
219 }
220
GetSelfPermissionsState(std::vector<PermissionListStateParcel> & permListParcel)221 PermissionOper AccessTokenManagerProxy::GetSelfPermissionsState(
222 std::vector<PermissionListStateParcel>& permListParcel)
223 {
224 MessageParcel data;
225 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
226 if (!data.WriteUint32(permListParcel.size())) {
227 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permListParcel size.");
228 return INVALID_OPER;
229 }
230 for (const auto& permission : permListParcel) {
231 if (!data.WriteParcelable(&permission)) {
232 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permListParcel.");
233 return INVALID_OPER;
234 }
235 }
236
237 MessageParcel reply;
238 if (!SendRequest(IAccessTokenManager::InterfaceCode::GET_PERMISSION_OPER_STATE, data, reply)) {
239 return INVALID_OPER;
240 }
241
242 PermissionOper result = static_cast<PermissionOper>(reply.ReadInt32());
243 size_t size = reply.ReadUint32();
244 if (size != permListParcel.size()) {
245 ACCESSTOKEN_LOG_ERROR(LABEL, "permListParcel size from server is invalid!");
246 return INVALID_OPER;
247 }
248 for (uint32_t i = 0; i < size; i++) {
249 sptr<PermissionListStateParcel> permissionReq = reply.ReadParcelable<PermissionListStateParcel>();
250 if (permissionReq != nullptr) {
251 permListParcel[i].permsState.state = permissionReq->permsState.state;
252 }
253 }
254
255 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
256 return result;
257 }
258
GrantPermission(AccessTokenID tokenID,const std::string & permissionName,int flag)259 int AccessTokenManagerProxy::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag)
260 {
261 MessageParcel data;
262 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
263 if (!data.WriteUint32(tokenID)) {
264 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID");
265 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
266 }
267 if (!data.WriteString(permissionName)) {
268 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName");
269 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
270 }
271 if (!data.WriteInt32(flag)) {
272 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write flag");
273 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
274 }
275
276 MessageParcel reply;
277 if (!SendRequest(IAccessTokenManager::InterfaceCode::GRANT_PERMISSION, data, reply)) {
278 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
279 }
280
281 int32_t result = reply.ReadInt32();
282 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
283 return result;
284 }
285
RevokePermission(AccessTokenID tokenID,const std::string & permissionName,int flag)286 int AccessTokenManagerProxy::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag)
287 {
288 MessageParcel data;
289 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
290 if (!data.WriteUint32(tokenID)) {
291 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID");
292 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
293 }
294 if (!data.WriteString(permissionName)) {
295 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName");
296 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
297 }
298 if (!data.WriteInt32(flag)) {
299 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write flag");
300 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
301 }
302
303 MessageParcel reply;
304 if (!SendRequest(IAccessTokenManager::InterfaceCode::REVOKE_PERMISSION, data, reply)) {
305 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
306 }
307
308 int32_t result = reply.ReadInt32();
309 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
310 return result;
311 }
312
ClearUserGrantedPermissionState(AccessTokenID tokenID)313 int AccessTokenManagerProxy::ClearUserGrantedPermissionState(AccessTokenID tokenID)
314 {
315 MessageParcel data;
316 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
317 if (!data.WriteUint32(tokenID)) {
318 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID");
319 return RET_FAILED;
320 }
321
322 MessageParcel reply;
323 if (!SendRequest(IAccessTokenManager::InterfaceCode::CLEAR_USER_GRANT_PERMISSION, data, reply)) {
324 return RET_FAILED;
325 }
326
327 int32_t result = reply.ReadInt32();
328 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
329 return result;
330 }
331
RegisterPermStateChangeCallback(const PermStateChangeScopeParcel & scope,const sptr<IRemoteObject> & callback)332 int32_t AccessTokenManagerProxy::RegisterPermStateChangeCallback(
333 const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback)
334 {
335 MessageParcel data;
336 if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
337 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
338 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
339 }
340 if (!data.WriteParcelable(&scope)) {
341 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write PermStateChangeScopeParcel.");
342 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
343 }
344 if (!data.WriteRemoteObject(callback)) {
345 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write remote object.");
346 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
347 }
348 MessageParcel reply;
349 if (!SendRequest(IAccessTokenManager::InterfaceCode::REGISTER_PERM_STATE_CHANGE_CALLBACK, data, reply)) {
350 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
351 }
352
353 int32_t result;
354 if (!reply.ReadInt32(result)) {
355 ACCESSTOKEN_LOG_ERROR(LABEL, "ReadInt32 fail");
356 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
357 }
358 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
359 return result;
360 }
361
UnRegisterPermStateChangeCallback(const sptr<IRemoteObject> & callback)362 int32_t AccessTokenManagerProxy::UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback)
363 {
364 MessageParcel data;
365 if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
366 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
367 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
368 }
369 if (!data.WriteRemoteObject(callback)) {
370 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write remote object.");
371 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
372 }
373
374 MessageParcel reply;
375 if (!SendRequest(IAccessTokenManager::InterfaceCode::UNREGISTER_PERM_STATE_CHANGE_CALLBACK, data, reply)) {
376 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
377 }
378
379 int32_t result;
380 if (!reply.ReadInt32(result)) {
381 ACCESSTOKEN_LOG_ERROR(LABEL, "ReadInt32 fail");
382 return AccessTokenError::ERR_SA_WORK_ABNORMAL;
383 }
384 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
385 return result;
386 }
387
AllocHapToken(const HapInfoParcel & hapInfo,const HapPolicyParcel & policyParcel)388 AccessTokenIDEx AccessTokenManagerProxy::AllocHapToken(
389 const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel)
390 {
391 MessageParcel data;
392 AccessTokenIDEx res;
393 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
394
395 if (!data.WriteParcelable(&hapInfo)) {
396 res.tokenIDEx = 0;
397 return res;
398 }
399 if (!data.WriteParcelable(&policyParcel)) {
400 res.tokenIDEx = 0;
401 return res;
402 }
403
404 MessageParcel reply;
405 MessageOption option(MessageOption::TF_SYNC);
406 sptr<IRemoteObject> remote = Remote();
407 if (remote == nullptr) {
408 ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
409 res.tokenIDEx = 0;
410 return res;
411 }
412 int32_t requestResult = remote->SendRequest(
413 static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::ALLOC_TOKEN_HAP), data, reply, option);
414 if (requestResult != NO_ERROR) {
415 ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult);
416 res.tokenIDEx = 0;
417 return res;
418 }
419
420 unsigned long long result = reply.ReadUint64();
421 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}llu", result);
422 res.tokenIDEx = result;
423 return res;
424 }
425
DeleteToken(AccessTokenID tokenID)426 int AccessTokenManagerProxy::DeleteToken(AccessTokenID tokenID)
427 {
428 MessageParcel data;
429 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
430
431 if (!data.WriteUint32(tokenID)) {
432 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID");
433 return RET_FAILED;
434 }
435
436 MessageParcel reply;
437 if (!SendRequest(IAccessTokenManager::InterfaceCode::TOKEN_DELETE, data, reply)) {
438 return RET_FAILED;
439 }
440
441 int result = reply.ReadInt32();
442 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
443 return result;
444 }
445
GetTokenType(AccessTokenID tokenID)446 int AccessTokenManagerProxy::GetTokenType(AccessTokenID tokenID)
447 {
448 MessageParcel data;
449 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
450
451 if (!data.WriteUint32(tokenID)) {
452 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID");
453 return RET_FAILED;
454 }
455
456 MessageParcel reply;
457 if (!SendRequest(IAccessTokenManager::InterfaceCode::GET_TOKEN_TYPE, data, reply)) {
458 return RET_FAILED;
459 }
460
461 int result = reply.ReadInt32();
462 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
463 return result;
464 }
465
CheckNativeDCap(AccessTokenID tokenID,const std::string & dcap)466 int AccessTokenManagerProxy::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap)
467 {
468 MessageParcel data;
469 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
470
471 if (!data.WriteUint32(tokenID)) {
472 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID");
473 return RET_FAILED;
474 }
475 if (!data.WriteString(dcap)) {
476 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write dcap");
477 return RET_FAILED;
478 }
479 MessageParcel reply;
480 if (!SendRequest(IAccessTokenManager::InterfaceCode::CHECK_NATIVE_DCAP, data, reply)) {
481 return RET_FAILED;
482 }
483
484 int result = reply.ReadInt32();
485 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
486 return result;
487 }
488
GetHapTokenID(int userID,const std::string & bundleName,int instIndex)489 AccessTokenID AccessTokenManagerProxy::GetHapTokenID(int userID, const std::string& bundleName, int instIndex)
490 {
491 MessageParcel data;
492 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
493
494 if (!data.WriteInt32(userID)) {
495 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write tokenID");
496 return 0;
497 }
498 if (!data.WriteString(bundleName)) {
499 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write dcap");
500 return 0;
501 }
502 if (!data.WriteInt32(instIndex)) {
503 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write dcap");
504 return 0;
505 }
506 MessageParcel reply;
507 MessageOption option(MessageOption::TF_SYNC);
508 sptr<IRemoteObject> remote = Remote();
509 if (remote == nullptr) {
510 ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
511 return 0;
512 }
513 int32_t requestResult = remote->SendRequest(
514 static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::GET_HAP_TOKEN_ID), data, reply, option);
515 if (requestResult != NO_ERROR) {
516 ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult);
517 return 0;
518 }
519
520 int result = reply.ReadInt32();
521 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
522 return result;
523 }
524
AllocLocalTokenID(const std::string & remoteDeviceID,AccessTokenID remoteTokenID)525 AccessTokenID AccessTokenManagerProxy::AllocLocalTokenID(
526 const std::string& remoteDeviceID, AccessTokenID remoteTokenID)
527 {
528 MessageParcel data;
529 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
530
531 if (!data.WriteString(remoteDeviceID)) {
532 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write dcap");
533 return 0;
534 }
535 if (!data.WriteUint32(remoteTokenID)) {
536 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write dcap");
537 return 0;
538 }
539 MessageParcel reply;
540 MessageOption option(MessageOption::TF_SYNC);
541 sptr<IRemoteObject> remote = Remote();
542 if (remote == nullptr) {
543 ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
544 return 0;
545 }
546 int32_t requestResult = remote->SendRequest(
547 static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::ALLOC_LOCAL_TOKEN_ID), data, reply, option);
548 if (requestResult != NO_ERROR) {
549 ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult);
550 return 0;
551 }
552
553 AccessTokenID result = reply.ReadUint32();
554 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
555 return result;
556 }
557
GetNativeTokenInfo(AccessTokenID tokenID,NativeTokenInfoParcel & nativeTokenInfoRes)558 int AccessTokenManagerProxy::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes)
559 {
560 MessageParcel data;
561 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
562 if (!data.WriteUint32(tokenID)) {
563 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName");
564 return RET_FAILED;
565 }
566
567 MessageParcel reply;
568 if (!SendRequest(IAccessTokenManager::InterfaceCode::GET_NATIVE_TOKENINFO, data, reply)) {
569 return RET_FAILED;
570 }
571
572 int32_t result = reply.ReadInt32();
573 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
574 if (result != RET_SUCCESS) {
575 return result;
576 }
577 sptr<NativeTokenInfoParcel> resultSptr = reply.ReadParcelable<NativeTokenInfoParcel>();
578 if (resultSptr == nullptr) {
579 ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable fail");
580 return RET_FAILED;
581 }
582 nativeTokenInfoRes = *resultSptr;
583 return result;
584 }
585
GetHapTokenInfo(AccessTokenID tokenID,HapTokenInfoParcel & hapTokenInfoRes)586 int AccessTokenManagerProxy::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes)
587 {
588 MessageParcel data;
589 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
590 if (!data.WriteUint32(tokenID)) {
591 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write permissionName");
592 return RET_FAILED;
593 }
594
595 MessageParcel reply;
596 if (!SendRequest(IAccessTokenManager::InterfaceCode::GET_HAP_TOKENINFO, data, reply)) {
597 return RET_FAILED;
598 }
599
600 int32_t result = reply.ReadInt32();
601 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
602 if (result != RET_SUCCESS) {
603 return result;
604 }
605 sptr<HapTokenInfoParcel> resultSptr = reply.ReadParcelable<HapTokenInfoParcel>();
606 if (resultSptr == nullptr) {
607 ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable fail");
608 return RET_FAILED;
609 }
610 hapTokenInfoRes = *resultSptr;
611 return result;
612 }
613
UpdateHapToken(AccessTokenID tokenID,const std::string & appIDDesc,int32_t apiVersion,const HapPolicyParcel & policyParcel)614 int AccessTokenManagerProxy::UpdateHapToken(
615 AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, const HapPolicyParcel& policyParcel)
616 {
617 MessageParcel data;
618 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
619 if (!data.WriteUint32(tokenID)) {
620 return RET_FAILED;
621 }
622 if (!data.WriteString(appIDDesc)) {
623 return RET_FAILED;
624 }
625 if (!data.WriteInt32(apiVersion)) {
626 return RET_FAILED;
627 }
628 if (!data.WriteParcelable(&policyParcel)) {
629 return RET_FAILED;
630 }
631
632 MessageParcel reply;
633 if (!SendRequest(IAccessTokenManager::InterfaceCode::UPDATE_HAP_TOKEN, data, reply)) {
634 return RET_FAILED;
635 }
636
637 int32_t result = reply.ReadInt32();
638 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
639 return result;
640 }
641
ReloadNativeTokenInfo()642 int32_t AccessTokenManagerProxy::ReloadNativeTokenInfo()
643 {
644 MessageParcel data;
645 if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
646 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
647 return RET_FAILED;
648 }
649 MessageParcel reply;
650 if (!SendRequest(IAccessTokenManager::InterfaceCode::RELOAD_NATIVE_TOKEN_INFO, data, reply)) {
651 return RET_FAILED;
652 }
653
654 int32_t result = reply.ReadInt32();
655 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
656 return result;
657 }
658
GetNativeTokenId(const std::string & processName)659 AccessTokenID AccessTokenManagerProxy::GetNativeTokenId(const std::string& processName)
660 {
661 MessageParcel data;
662 if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
663 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
664 return INVALID_TOKENID;
665 }
666
667 if (!data.WriteString(processName)) {
668 ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write processName");
669 return INVALID_TOKENID;
670 }
671 MessageParcel reply;
672 MessageOption option(MessageOption::TF_SYNC);
673 sptr<IRemoteObject> remote = Remote();
674 if (remote == nullptr) {
675 ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
676 return INVALID_TOKENID;
677 }
678 int32_t requestResult = remote->SendRequest(
679 static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::GET_NATIVE_TOKEN_ID), data, reply, option);
680 if (requestResult != NO_ERROR) {
681 ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d", requestResult);
682 return INVALID_TOKENID;
683 }
684 AccessTokenID result;
685 if (!reply.ReadUint32(result)) {
686 ACCESSTOKEN_LOG_INFO(LABEL, "readInt32 failed, result: %{public}d", result);
687 return INVALID_TOKENID;
688 }
689 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
690 return result;
691 }
692
693 #ifdef TOKEN_SYNC_ENABLE
GetHapTokenInfoFromRemote(AccessTokenID tokenID,HapTokenInfoForSyncParcel & hapSyncParcel)694 int AccessTokenManagerProxy::GetHapTokenInfoFromRemote(AccessTokenID tokenID,
695 HapTokenInfoForSyncParcel& hapSyncParcel)
696 {
697 MessageParcel data;
698 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
699 if (!data.WriteUint32(tokenID)) {
700 return RET_FAILED;
701 }
702
703 MessageParcel reply;
704 if (!SendRequest(IAccessTokenManager::InterfaceCode::GET_HAP_TOKEN_FROM_REMOTE, data, reply)) {
705 return RET_FAILED;
706 }
707
708 int32_t result = reply.ReadInt32();
709 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
710 if (result != RET_SUCCESS) {
711 return result;
712 }
713 sptr<HapTokenInfoForSyncParcel> hapResult = reply.ReadParcelable<HapTokenInfoForSyncParcel>();
714 if (hapResult == nullptr) {
715 ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable fail");
716 return RET_FAILED;
717 }
718 hapSyncParcel = *hapResult;
719 return result;
720 }
721
GetAllNativeTokenInfo(std::vector<NativeTokenInfoForSyncParcel> & nativeTokenInfoRes)722 int AccessTokenManagerProxy::GetAllNativeTokenInfo(std::vector<NativeTokenInfoForSyncParcel>& nativeTokenInfoRes)
723 {
724 MessageParcel data;
725 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
726
727 MessageParcel reply;
728 if (!SendRequest(IAccessTokenManager::InterfaceCode::GET_ALL_NATIVE_TOKEN_FROM_REMOTE, data, reply)) {
729 return RET_FAILED;
730 }
731
732 int32_t result = reply.ReadInt32();
733 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
734 if (result != RET_SUCCESS) {
735 return result;
736 }
737 int32_t size = reply.ReadInt32();
738 if (size > MAX_NATIVE_TOKEN_INFO_SIZE) {
739 ACCESSTOKEN_LOG_ERROR(LABEL, "size = %{public}d get from request is invalid", size);
740 return RET_FAILED;
741 }
742 for (int i = 0; i < size; i++) {
743 sptr<NativeTokenInfoForSyncParcel> nativeResult = reply.ReadParcelable<NativeTokenInfoForSyncParcel>();
744 if (nativeResult != nullptr) {
745 nativeTokenInfoRes.emplace_back(*nativeResult);
746 }
747 }
748
749 return result;
750 }
751
SetRemoteHapTokenInfo(const std::string & deviceID,HapTokenInfoForSyncParcel & hapSyncParcel)752 int AccessTokenManagerProxy::SetRemoteHapTokenInfo(const std::string& deviceID,
753 HapTokenInfoForSyncParcel& hapSyncParcel)
754 {
755 MessageParcel data;
756 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
757 if (!data.WriteString(deviceID)) {
758 return RET_FAILED;
759 }
760 if (!data.WriteParcelable(&hapSyncParcel)) {
761 return RET_FAILED;
762 }
763
764 MessageParcel reply;
765 if (!SendRequest(IAccessTokenManager::InterfaceCode::SET_REMOTE_HAP_TOKEN_INFO, data, reply)) {
766 return RET_FAILED;
767 }
768
769 int32_t result = reply.ReadInt32();
770 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
771 return result;
772 }
773
SetRemoteNativeTokenInfo(const std::string & deviceID,std::vector<NativeTokenInfoForSyncParcel> & nativeTokenInfoForSyncParcel)774 int AccessTokenManagerProxy::SetRemoteNativeTokenInfo(const std::string& deviceID,
775 std::vector<NativeTokenInfoForSyncParcel>& nativeTokenInfoForSyncParcel)
776 {
777 MessageParcel data;
778 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
779 if (!data.WriteString(deviceID)) {
780 return RET_FAILED;
781 }
782 if (!data.WriteUint32(nativeTokenInfoForSyncParcel.size())) {
783 return RET_FAILED;
784 }
785 for (const NativeTokenInfoForSyncParcel& parcel : nativeTokenInfoForSyncParcel) {
786 if (!data.WriteParcelable(&parcel)) {
787 return RET_FAILED;
788 }
789 }
790
791 MessageParcel reply;
792 if (!SendRequest(IAccessTokenManager::InterfaceCode::SET_REMOTE_NATIVE_TOKEN_INFO, data, reply)) {
793 return RET_FAILED;
794 }
795
796 int32_t result = reply.ReadInt32();
797 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
798 return result;
799 }
800
DeleteRemoteToken(const std::string & deviceID,AccessTokenID tokenID)801 int AccessTokenManagerProxy::DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID)
802 {
803 MessageParcel data;
804 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
805 if (!data.WriteString(deviceID)) {
806 return RET_FAILED;
807 }
808
809 if (!data.WriteUint32(tokenID)) {
810 return RET_FAILED;
811 }
812
813 MessageParcel reply;
814 if (!SendRequest(IAccessTokenManager::InterfaceCode::DELETE_REMOTE_TOKEN_INFO, data, reply)) {
815 return RET_FAILED;
816 }
817
818 int32_t result = reply.ReadInt32();
819 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
820 return result;
821 }
822
GetRemoteNativeTokenID(const std::string & deviceID,AccessTokenID tokenID)823 AccessTokenID AccessTokenManagerProxy::GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID)
824 {
825 MessageParcel data;
826 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
827 if (!data.WriteString(deviceID)) {
828 return 0;
829 }
830
831 if (!data.WriteUint32(tokenID)) {
832 return 0;
833 }
834
835 MessageParcel reply;
836 MessageOption option(MessageOption::TF_SYNC);
837 sptr<IRemoteObject> remote = Remote();
838 if (remote == nullptr) {
839 ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
840 return 0;
841 }
842 int32_t requestResult = remote->SendRequest(
843 static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::GET_NATIVE_REMOTE_TOKEN), data, reply, option);
844 if (requestResult != NO_ERROR) {
845 ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult);
846 return 0;
847 }
848
849 AccessTokenID result = reply.ReadUint32();
850 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
851 return result;
852 }
853
DeleteRemoteDeviceTokens(const std::string & deviceID)854 int AccessTokenManagerProxy::DeleteRemoteDeviceTokens(const std::string& deviceID)
855 {
856 MessageParcel data;
857 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
858 if (!data.WriteString(deviceID)) {
859 return RET_FAILED;
860 }
861
862 MessageParcel reply;
863 if (!SendRequest(IAccessTokenManager::InterfaceCode::DELETE_REMOTE_DEVICE_TOKEN, data, reply)) {
864 return RET_FAILED;
865 }
866
867 int32_t result = reply.ReadInt32();
868 ACCESSTOKEN_LOG_INFO(LABEL, "result from server data = %{public}d", result);
869 return result;
870 }
871 #endif
872
DumpTokenInfo(AccessTokenID tokenID,std::string & dumpInfo)873 void AccessTokenManagerProxy::DumpTokenInfo(AccessTokenID tokenID, std::string& dumpInfo)
874 {
875 MessageParcel data;
876 data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
877
878 if (!data.WriteUint32(tokenID)) {
879 return;
880 }
881 MessageParcel reply;
882 MessageOption option;
883 sptr<IRemoteObject> remote = Remote();
884 if (remote == nullptr) {
885 ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
886 return;
887 }
888 int32_t requestResult = remote->SendRequest(
889 static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::DUMP_TOKENINFO), data, reply, option);
890 if (requestResult != NO_ERROR) {
891 ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult);
892 return;
893 }
894 if (!reply.ReadString(dumpInfo)) {
895 ACCESSTOKEN_LOG_ERROR(LABEL, "ReadString failed.");
896 }
897 ACCESSTOKEN_LOG_DEBUG(LABEL, "result from server dumpInfo = %{public}s", dumpInfo.c_str());
898 }
899 } // namespace AccessToken
900 } // namespace Security
901 } // namespace OHOS
902