1 /*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "account_iam_callback.h"
17
18 #include "account_log_wrapper.h"
19 #include "iinner_os_account_manager.h"
20 #include "inner_account_iam_manager.h"
21 #include "user_auth_client.h"
22 #include "user_idm_client.h"
23
24 namespace OHOS {
25 namespace AccountSA {
26 using UserIDMClient = UserIam::UserAuth::UserIdmClient;
27 using UserAuthClient = UserIam::UserAuth::UserAuthClient;
28
AuthCallback(uint32_t userId,AuthType authType,const sptr<IIDMCallback> & callback)29 AuthCallback::AuthCallback(uint32_t userId, AuthType authType, const sptr<IIDMCallback> &callback)
30 : userId_(userId), authType_(authType), innerCallback_(callback)
31 {}
32
OnResult(int32_t result,const Attributes & extraInfo)33 void AuthCallback::OnResult(int32_t result, const Attributes &extraInfo)
34 {
35 InnerAccountIAMManager::GetInstance().SetState(userId_, AFTER_OPEN_SESSION);
36 if (innerCallback_ == nullptr) {
37 ACCOUNT_LOGE("innerCallback_ is nullptr");
38 return;
39 }
40 if (result != 0 || authType_ != AuthType::PIN) {
41 innerCallback_->OnResult(result, extraInfo);
42 return;
43 }
44 std::vector<uint8_t> token;
45 std::vector<uint8_t> secret;
46 extraInfo.GetUint8ArrayValue(Attributes::ATTR_SIGNATURE, token);
47 extraInfo.GetUint8ArrayValue(Attributes::ATTR_ROOT_SECRET, secret);
48 int32_t activeResult =
49 InnerAccountIAMManager::GetInstance().ActivateUserKey(userId_, token, secret);
50 if (activeResult != 0) {
51 ACCOUNT_LOGE("failed to activate user key");
52 int32_t remainTimes = 0;
53 int32_t freezingTime = 0;
54 extraInfo.GetInt32Value(Attributes::AttributeKey::ATTR_REMAIN_TIMES, remainTimes);
55 extraInfo.GetInt32Value(Attributes::AttributeKey::ATTR_FREEZING_TIME, freezingTime);
56 Attributes errInfo;
57 errInfo.SetInt32Value(Attributes::AttributeKey::ATTR_REMAIN_TIMES, remainTimes);
58 errInfo.SetInt32Value(Attributes::AttributeKey::ATTR_FREEZING_TIME, freezingTime);
59 innerCallback_->OnResult(ResultCode::FAIL, errInfo);
60 } else {
61 innerCallback_->OnResult(result, extraInfo);
62 (void)IInnerOsAccountManager::GetInstance()->SetOsAccountIsVerified(userId_, true);
63 }
64 }
65
OnAcquireInfo(int32_t module,uint32_t acquireInfo,const Attributes & extraInfo)66 void AuthCallback::OnAcquireInfo(int32_t module, uint32_t acquireInfo, const Attributes &extraInfo)
67 {
68 if (innerCallback_ == nullptr) {
69 ACCOUNT_LOGE("innerCallback_ is nullptr");
70 return;
71 }
72 innerCallback_->OnAcquireInfo(module, acquireInfo, extraInfo);
73 }
74
IDMAuthCallback(uint32_t userId,const CredentialParameters & credInfo,int32_t oldResult,const Attributes & reqResult,const sptr<IIDMCallback> & idmCallback)75 IDMAuthCallback::IDMAuthCallback(uint32_t userId, const CredentialParameters &credInfo,
76 int32_t oldResult, const Attributes &reqResult, const sptr<IIDMCallback> &idmCallback)
77 : userId_(userId), credInfo_(credInfo), oldResult_(oldResult), idmCallback_(idmCallback)
78 {
79 reqResult.GetUint64Value(Attributes::AttributeKey::ATTR_CREDENTIAL_ID, credentialId_);
80 reqResult_.SetUint64Value(Attributes::AttributeKey::ATTR_CREDENTIAL_ID, credentialId_);
81 }
82
OnResult(int32_t result,const Attributes & extraInfo)83 void IDMAuthCallback::OnResult(int32_t result, const Attributes &extraInfo)
84 {
85 if (idmCallback_ == nullptr) {
86 ACCOUNT_LOGE("inner callback is nullptr");
87 return;
88 }
89 if (result != 0) {
90 idmCallback_->OnResult(ResultCode::FAIL, reqResult_);
91 InnerAccountIAMManager::GetInstance().SetState(userId_, AFTER_OPEN_SESSION);
92 return;
93 }
94 std::vector<uint8_t> token;
95 std::vector<uint8_t> secret;
96 extraInfo.GetUint8ArrayValue(Attributes::ATTR_SIGNATURE, token);
97 extraInfo.GetUint8ArrayValue(Attributes::ATTR_ROOT_SECRET, secret);
98 int32_t updateKeyResult = InnerAccountIAMManager::GetInstance().UpdateUserKey(
99 userId_, credentialId_, token, secret);
100 if (updateKeyResult == 0) {
101 InnerAccountIAMManager::GetInstance().SetState(userId_, AFTER_OPEN_SESSION);
102 idmCallback_->OnResult(oldResult_, reqResult_);
103 return;
104 }
105 IAMState state = InnerAccountIAMManager::GetInstance().GetState(userId_);
106 if (state == AFTER_ADD_CRED) {
107 ACCOUNT_LOGE("failed to unlock user key, delete the added credential");
108 InnerAccountIAMManager::GetInstance().SetState(userId_, ROLL_BACK_ADD_CRED);
109 auto delCallback = std::make_shared<DelCredCallback>(userId_, credentialId_, token, idmCallback_);
110 UserIDMClient::GetInstance().DeleteCredential(userId_, credentialId_, token, delCallback);
111 } else if (state == AFTER_UPDATE_CRED) {
112 ACCOUNT_LOGE("failed to unlock user key, restore the old credential");
113 InnerAccountIAMManager::GetInstance().SetState(userId_, ROLL_BACK_UPDATE_CRED);
114 credInfo_.token = token;
115 auto updateCallback = std::make_shared<UpdateCredCallback>(userId_, credInfo_, idmCallback_);
116 UserIDMClient::GetInstance().UpdateCredential(0, credInfo_, updateCallback);
117 } else {
118 InnerAccountIAMManager::GetInstance().SetState(userId_, AFTER_OPEN_SESSION);
119 idmCallback_->OnResult(oldResult_, reqResult_);
120 }
121 }
122
OnAcquireInfo(int32_t module,uint32_t acquireInfo,const Attributes & extraInfo)123 void IDMAuthCallback::OnAcquireInfo(int32_t module, uint32_t acquireInfo, const Attributes &extraInfo)
124 {
125 ACCOUNT_LOGW("unsupported operation");
126 }
127
AddCredCallback(uint32_t userId,const CredentialParameters & credInfo,const sptr<IIDMCallback> & callback)128 AddCredCallback::AddCredCallback(uint32_t userId, const CredentialParameters &credInfo,
129 const sptr<IIDMCallback> &callback)
130 : userId_(userId), credInfo_(credInfo), innerCallback_(callback)
131 {}
132
OnResult(int32_t result,const Attributes & extraInfo)133 void AddCredCallback::OnResult(int32_t result, const Attributes &extraInfo)
134 {
135 if (innerCallback_ == nullptr) {
136 ACCOUNT_LOGE("inner callback is nullptr");
137 return;
138 }
139 if (result != 0 || credInfo_.authType != AuthType::PIN) {
140 ACCOUNT_LOGE("failed to add credential, result = %{public}d", result);
141 innerCallback_->OnResult(result, extraInfo);
142 InnerAccountIAMManager::GetInstance().SetState(userId_, AFTER_OPEN_SESSION);
143 return;
144 }
145 InnerAccountIAMManager::GetInstance().SetState(userId_, AFTER_ADD_CRED);
146 std::vector<uint8_t> challenge;
147 InnerAccountIAMManager::GetInstance().GetChallenge(userId_, challenge);
148 auto callback = std::make_shared<IDMAuthCallback>(userId_, credInfo_, result, extraInfo, innerCallback_);
149 UserAuthClient::GetInstance().BeginAuthentication(
150 userId_, challenge, AuthType::PIN, AuthTrustLevel::ATL4, callback);
151 }
152
OnAcquireInfo(int32_t module,uint32_t acquireInfo,const Attributes & extraInfo)153 void AddCredCallback::OnAcquireInfo(int32_t module, uint32_t acquireInfo, const Attributes &extraInfo)
154 {
155 if (innerCallback_ == nullptr) {
156 ACCOUNT_LOGE("innerCallback_ is nullptr");
157 return;
158 }
159 innerCallback_->OnAcquireInfo(module, acquireInfo, extraInfo);
160 }
161
UpdateCredCallback(uint32_t userId,const CredentialParameters & credInfo,const sptr<IIDMCallback> & callback)162 UpdateCredCallback::UpdateCredCallback(
163 uint32_t userId, const CredentialParameters &credInfo, const sptr<IIDMCallback> &callback)
164 : userId_(userId), credInfo_(credInfo), innerCallback_(callback)
165 {}
166
OnResult(int32_t result,const Attributes & extraInfo)167 void UpdateCredCallback::OnResult(int32_t result, const Attributes &extraInfo)
168 {
169 if (innerCallback_ == nullptr) {
170 ACCOUNT_LOGE("inner callback is nullptr");
171 return;
172 }
173 IAMState state = InnerAccountIAMManager::GetInstance().GetState(userId_);
174 if (state == ROLL_BACK_UPDATE_CRED) {
175 if (result != 0) {
176 ACCOUNT_LOGE("roll back credential failed");
177 }
178 InnerAccountIAMManager::GetInstance().SetState(userId_, AFTER_OPEN_SESSION);
179 Attributes errResult;
180 innerCallback_->OnResult(ResultCode::FAIL, errResult);
181 return;
182 }
183 if (result != 0 || credInfo_.authType != AuthType::PIN) {
184 ACCOUNT_LOGE("failed to update credential");
185 innerCallback_->OnResult(result, extraInfo);
186 InnerAccountIAMManager::GetInstance().SetState(userId_, AFTER_OPEN_SESSION);
187 return;
188 }
189 InnerAccountIAMManager::GetInstance().SetState(userId_, AFTER_UPDATE_CRED);
190 std::vector<uint8_t> challenge;
191 InnerAccountIAMManager::GetInstance().GetChallenge(userId_, challenge);
192 auto callback = std::make_shared<IDMAuthCallback>(userId_, credInfo_, result, extraInfo, innerCallback_);
193 UserAuthClient::GetInstance().BeginAuthentication(
194 userId_, challenge, AuthType::PIN, AuthTrustLevel::ATL4, callback);
195 }
196
OnAcquireInfo(int32_t module,uint32_t acquireInfo,const Attributes & extraInfo)197 void UpdateCredCallback::OnAcquireInfo(int32_t module, uint32_t acquireInfo, const Attributes &extraInfo)
198 {
199 if (innerCallback_ == nullptr) {
200 ACCOUNT_LOGE("innerCallback_ is nullptr");
201 return;
202 }
203 innerCallback_->OnAcquireInfo(module, acquireInfo, extraInfo);
204 }
205
DelCredCallback(int32_t userId,uint64_t credentialId,const std::vector<uint8_t> & authToken,const sptr<IIDMCallback> & callback)206 DelCredCallback::DelCredCallback(int32_t userId, uint64_t credentialId, const std::vector<uint8_t> &authToken,
207 const sptr<IIDMCallback> &callback)
208 : userId_(userId), credentialId_(credentialId), authToken_(authToken), innerCallback_(callback)
209 {}
210
OnResult(int32_t result,const Attributes & extraInfo)211 void DelCredCallback::OnResult(int32_t result, const Attributes &extraInfo)
212 {
213 if (innerCallback_ == nullptr) {
214 ACCOUNT_LOGE("innerCallback_ is nullptr");
215 return;
216 }
217 IAMState state = InnerAccountIAMManager::GetInstance().GetState(userId_);
218 if (state == ROLL_BACK_ADD_CRED) {
219 if (result != 0) {
220 ACCOUNT_LOGE("roll back credential failed");
221 }
222 InnerAccountIAMManager::GetInstance().SetState(userId_, AFTER_OPEN_SESSION);
223 Attributes errResult;
224 innerCallback_->OnResult(ResultCode::FAIL, errResult);
225 return;
226 }
227 if (result != 0) {
228 InnerAccountIAMManager::GetInstance().RestoreUserKey(userId_, credentialId_, authToken_);
229 }
230 InnerAccountIAMManager::GetInstance().SetState(userId_, AFTER_OPEN_SESSION);
231 innerCallback_->OnResult(result, extraInfo);
232 }
233
OnAcquireInfo(int32_t module,uint32_t acquireInfo,const Attributes & extraInfo)234 void DelCredCallback::OnAcquireInfo(int32_t module, uint32_t acquireInfo, const Attributes &extraInfo)
235 {
236 if (innerCallback_ == nullptr) {
237 ACCOUNT_LOGE("inner callback is nullptr");
238 return;
239 }
240 innerCallback_->OnAcquireInfo(module, acquireInfo, extraInfo);
241 }
242
GetCredInfoCallbackWrapper(int32_t userId,int32_t authType,const sptr<IGetCredInfoCallback> & callback)243 GetCredInfoCallbackWrapper::GetCredInfoCallbackWrapper(
244 int32_t userId, int32_t authType, const sptr<IGetCredInfoCallback> &callback)
245 : userId_(userId), authType_(authType), innerCallback_(callback)
246 {}
247
OnCredentialInfo(const std::vector<CredentialInfo> & infoList)248 void GetCredInfoCallbackWrapper::OnCredentialInfo(const std::vector<CredentialInfo> &infoList)
249 {
250 if (innerCallback_ == nullptr) {
251 return;
252 }
253 if (authType_ == 0) {
254 bool isAvailable = InnerAccountIAMManager::GetInstance().CheckDomainAuthAvailable(userId_);
255 if (isAvailable) {
256 std::vector<CredentialInfo> newInfoList = infoList;
257 CredentialInfo info;
258 info.authType = static_cast<AuthType>(IAMAuthType::DOMAIN);
259 info.pinType = static_cast<PinSubType>(IAMAuthSubType::DOMAIN_MIXED);
260 newInfoList.emplace_back(info);
261 return innerCallback_->OnCredentialInfo(newInfoList);
262 }
263 }
264 return innerCallback_->OnCredentialInfo(infoList);
265 }
266
GetPropCallbackWrapper(const sptr<IGetSetPropCallback> & callback)267 GetPropCallbackWrapper::GetPropCallbackWrapper(const sptr<IGetSetPropCallback> &callback) : innerCallback_(callback)
268 {}
269
OnResult(int32_t result,const Attributes & extraInfo)270 void GetPropCallbackWrapper::OnResult(int32_t result, const Attributes &extraInfo)
271 {
272 if (innerCallback_ == nullptr) {
273 ACCOUNT_LOGE("inner callback is nullptr");
274 return;
275 }
276 innerCallback_->OnResult(result, extraInfo);
277 }
278
SetPropCallbackWrapper(const sptr<IGetSetPropCallback> & callback)279 SetPropCallbackWrapper::SetPropCallbackWrapper(const sptr<IGetSetPropCallback> &callback) : innerCallback_(callback)
280 {}
281
OnResult(int32_t result,const Attributes & extraInfo)282 void SetPropCallbackWrapper::OnResult(int32_t result, const Attributes &extraInfo)
283 {
284 if (innerCallback_ == nullptr) {
285 ACCOUNT_LOGE("inner callback is nullptr");
286 return;
287 }
288 innerCallback_->OnResult(result, extraInfo);
289 }
290 } // namespace AccountSA
291 } // namespace OHOS
292