1 /*
2 * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "inner_app_account_manager.h"
17
18 #include "ability_manager_adapter.h"
19 #include "account_info.h"
20 #include "account_log_wrapper.h"
21 #include "app_account_authenticator_session.h"
22 #include "app_account_control_manager.h"
23 #include "app_account_subscribe_manager.h"
24 #include "app_account_authorization_extension_stub.h"
25 #include "bundle_manager_adapter.h"
26
27 namespace OHOS {
28 namespace AccountSA {
InnerAppAccountManager()29 InnerAppAccountManager::InnerAppAccountManager()
30 : controlManager_(AppAccountControlManager::GetInstance()),
31 subscribeManager_(AppAccountSubscribeManager::GetInstance()),
32 sessionManager_(AppAccountAuthenticatorSessionManager::GetInstance())
33 {}
34
~InnerAppAccountManager()35 InnerAppAccountManager::~InnerAppAccountManager()
36 {}
37
AddAccount(const std::string & name,const std::string & extraInfo,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)38 ErrCode InnerAppAccountManager::AddAccount(const std::string &name, const std::string &extraInfo,
39 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
40 {
41 AppAccountInfo appAccountInfo(name, bundleName);
42 appAccountInfo.SetAppIndex(appIndex);
43 return controlManager_.AddAccount(name, extraInfo, uid, bundleName, appAccountInfo);
44 }
45
AddAccountImplicitly(const AuthenticatorSessionRequest & request)46 ErrCode InnerAppAccountManager::AddAccountImplicitly(const AuthenticatorSessionRequest &request)
47 {
48 return sessionManager_.AddAccountImplicitly(request);
49 }
50
CreateAccount(const std::string & name,const CreateAccountOptions & options,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)51 ErrCode InnerAppAccountManager::CreateAccount(const std::string &name, const CreateAccountOptions &options,
52 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
53 {
54 AppAccountInfo appAccountInfo(name, bundleName);
55 appAccountInfo.SetAppIndex(appIndex);
56 return controlManager_.CreateAccount(name, options, uid, bundleName, appAccountInfo);
57 }
58
CreateAccountImplicitly(const AuthenticatorSessionRequest & request)59 ErrCode InnerAppAccountManager::CreateAccountImplicitly(const AuthenticatorSessionRequest &request)
60 {
61 return sessionManager_.CreateAccountImplicitly(request);
62 }
63
DeleteAccount(const std::string & name,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)64 ErrCode InnerAppAccountManager::DeleteAccount(
65 const std::string &name, const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
66 {
67 AppAccountInfo appAccountInfo(name, bundleName);
68 appAccountInfo.SetAppIndex(appIndex);
69 ErrCode result = controlManager_.DeleteAccount(name, uid, bundleName, appAccountInfo);
70 if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(appAccountInfo, uid, bundleName))) {
71 ACCOUNT_LOGE("failed to publish account");
72 }
73 return result;
74 }
75
GetAccountExtraInfo(const std::string & name,std::string & extraInfo,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)76 ErrCode InnerAppAccountManager::GetAccountExtraInfo(const std::string &name, std::string &extraInfo,
77 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
78 {
79 return controlManager_.GetAccountExtraInfo(name, extraInfo, uid, bundleName, appIndex);
80 }
81
SetAccountExtraInfo(const std::string & name,const std::string & extraInfo,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)82 ErrCode InnerAppAccountManager::SetAccountExtraInfo(const std::string &name, const std::string &extraInfo,
83 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
84 {
85 AppAccountInfo appAccountInfo(name, bundleName);
86 appAccountInfo.SetAppIndex(appIndex);
87 ErrCode result = controlManager_.SetAccountExtraInfo(name, extraInfo, uid, bundleName, appAccountInfo);
88 if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(appAccountInfo, uid, bundleName))) {
89 ACCOUNT_LOGE("failed to publish account");
90 }
91 return result;
92 }
93
EnableAppAccess(const std::string & name,const std::string & authorizedApp,AppAccountCallingInfo & appAccountCallingInfo,const uint32_t apiVersion)94 ErrCode InnerAppAccountManager::EnableAppAccess(const std::string &name, const std::string &authorizedApp,
95 AppAccountCallingInfo &appAccountCallingInfo, const uint32_t apiVersion)
96 {
97 AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
98 appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
99 ErrCode result = controlManager_.EnableAppAccess(
100 name, authorizedApp, appAccountCallingInfo, appAccountInfo, apiVersion);
101 if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(
102 appAccountInfo, appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName))) {
103 ACCOUNT_LOGE("failed to publish account");
104 }
105 return result;
106 }
107
DisableAppAccess(const std::string & name,const std::string & authorizedApp,AppAccountCallingInfo & appAccountCallingInfo,const uint32_t apiVersion)108 ErrCode InnerAppAccountManager::DisableAppAccess(const std::string &name, const std::string &authorizedApp,
109 AppAccountCallingInfo &appAccountCallingInfo, const uint32_t apiVersion)
110 {
111 AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
112 appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
113 ErrCode result = controlManager_.DisableAppAccess(
114 name, authorizedApp, appAccountCallingInfo, appAccountInfo, apiVersion);
115 if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(
116 appAccountInfo, appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName))) {
117 ACCOUNT_LOGE("failed to publish account");
118 }
119 return result;
120 }
121
CheckAppAccess(const std::string & name,const std::string & authorizedApp,bool & isAccessible,const AppAccountCallingInfo & appAccountCallingInfo)122 ErrCode InnerAppAccountManager::CheckAppAccess(const std::string &name, const std::string &authorizedApp,
123 bool &isAccessible, const AppAccountCallingInfo &appAccountCallingInfo)
124 {
125 return controlManager_.CheckAppAccess(name, authorizedApp, isAccessible, appAccountCallingInfo);
126 }
127
CheckAppAccountSyncEnable(const std::string & name,bool & syncEnable,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)128 ErrCode InnerAppAccountManager::CheckAppAccountSyncEnable(const std::string &name, bool &syncEnable,
129 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
130 {
131 return controlManager_.CheckAppAccountSyncEnable(name, syncEnable, uid, bundleName, appIndex);
132 }
133
SetAppAccountSyncEnable(const std::string & name,const bool & syncEnable,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)134 ErrCode InnerAppAccountManager::SetAppAccountSyncEnable(const std::string &name, const bool &syncEnable,
135 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
136 {
137 AppAccountInfo appAccountInfo(name, bundleName);
138 appAccountInfo.SetAppIndex(appIndex);
139 return controlManager_.SetAppAccountSyncEnable(name, syncEnable, uid, bundleName, appAccountInfo);
140 }
141
GetAssociatedData(const std::string & name,const std::string & key,std::string & value,const uid_t & uid)142 ErrCode InnerAppAccountManager::GetAssociatedData(const std::string &name, const std::string &key,
143 std::string &value, const uid_t &uid)
144 {
145 return controlManager_.GetAssociatedData(name, key, value, uid);
146 }
147
SetAssociatedData(const std::string & name,const std::string & key,const std::string & value,const AppAccountCallingInfo & appAccountCallingInfo)148 ErrCode InnerAppAccountManager::SetAssociatedData(const std::string &name, const std::string &key,
149 const std::string &value, const AppAccountCallingInfo &appAccountCallingInfo)
150 {
151 ErrCode result = controlManager_.SetAssociatedData(name, key, value, appAccountCallingInfo);
152 if (result != ERR_OK) {
153 return result;
154 }
155 AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
156 appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
157 if (!subscribeManager_.PublishAccount(appAccountInfo,
158 appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName)) {
159 ACCOUNT_LOGE("failed to publish account");
160 }
161 return result;
162 }
163
GetAccountCredential(const std::string & name,const std::string & credentialType,std::string & credential,const AppAccountCallingInfo & appAccountCallingInfo)164 ErrCode InnerAppAccountManager::GetAccountCredential(const std::string &name, const std::string &credentialType,
165 std::string &credential, const AppAccountCallingInfo &appAccountCallingInfo)
166 {
167 return controlManager_.GetAccountCredential(name, credentialType, credential, appAccountCallingInfo);
168 }
169
SetAccountCredential(const std::string & name,const std::string & credentialType,const std::string & credential,const AppAccountCallingInfo & appAccountCallingInfo)170 ErrCode InnerAppAccountManager::SetAccountCredential(const std::string &name, const std::string &credentialType,
171 const std::string &credential, const AppAccountCallingInfo &appAccountCallingInfo)
172 {
173 ErrCode result = controlManager_.SetAccountCredential(name, credentialType, credential, appAccountCallingInfo);
174 if (result != ERR_OK) {
175 return result;
176 }
177 AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
178 appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
179 if (!subscribeManager_.PublishAccount(appAccountInfo,
180 appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName)) {
181 ACCOUNT_LOGE("failed to publish account");
182 }
183 return result;
184 }
185
DeleteAccountCredential(const std::string & name,const std::string & credentialType,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)186 ErrCode InnerAppAccountManager::DeleteAccountCredential(const std::string &name, const std::string &credentialType,
187 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
188 {
189 AppAccountCallingInfo appAccountCallingInfo;
190 appAccountCallingInfo.callingUid = uid;
191 appAccountCallingInfo.bundleName = bundleName;
192 appAccountCallingInfo.appIndex = appIndex;
193 ErrCode result = controlManager_.SetAccountCredential(name, credentialType, "", appAccountCallingInfo, true);
194 if (result != ERR_OK) {
195 return result;
196 }
197 AppAccountInfo appAccountInfo(name, bundleName);
198 appAccountInfo.SetAppIndex(appIndex);
199 if (!subscribeManager_.PublishAccount(appAccountInfo, uid, bundleName)) {
200 ACCOUNT_LOGE("failed to publish account");
201 }
202 return result;
203 }
204
Authenticate(const AuthenticatorSessionRequest & request)205 ErrCode InnerAppAccountManager::Authenticate(const AuthenticatorSessionRequest &request)
206 {
207 std::string token;
208 ErrCode ret = ERR_OK;
209 bool isApi9 = request.options.GetBoolParam(Constants::API_V9, false);
210 if (isApi9) {
211 ret = controlManager_.GetOAuthToken(request, token, Constants::API_VERSION9);
212 } else {
213 ret = controlManager_.GetOAuthToken(request, token);
214 }
215 if (ret == ERR_OK) {
216 if ((request.callback != nullptr) && (request.callback->AsObject() != nullptr)) {
217 AAFwk::Want result;
218 result.SetParam(Constants::KEY_NAME, request.name);
219 result.SetParam(Constants::KEY_AUTH_TYPE, request.authType);
220 result.SetParam(Constants::KEY_TOKEN, token);
221 request.callback->OnResult(ERR_OK, result);
222 }
223 return ERR_OK;
224 }
225 if (isApi9) {
226 return sessionManager_.Auth(request);
227 }
228 return sessionManager_.Authenticate(request);
229 }
230
RequestConnection(const int32_t & uid,const AuthorizationRequest & request)231 RequestConnection::RequestConnection(const int32_t &uid, const AuthorizationRequest &request)
232 :uid_(uid), request_(request)
233 {}
234
~RequestConnection()235 RequestConnection::~RequestConnection()
236 {}
237
OnAbilityConnectDone(const AppExecFwk::ElementName & element,const sptr<IRemoteObject> & remoteObject,int32_t resultCode)238 void RequestConnection::OnAbilityConnectDone(
239 const AppExecFwk::ElementName &element, const sptr<IRemoteObject> &remoteObject, int32_t resultCode)
240 {
241 AAFwk::WantParams errResult;
242 sptr<IAppAccountAuthorizationExtension>
243 authenticationProxy_ = iface_cast<IAppAccountAuthorizationExtension>(remoteObject);
244 if ((!authenticationProxy_) || (!authenticationProxy_->AsObject())) {
245 ACCOUNT_LOGE("failed to cast app account authenticator proxy, callerUid = %{public}d", uid_);
246 AsyncCallbackError businessError;
247 businessError.code = ERR_JS_SYSTEM_SERVICE_EXCEPTION;
248 request_.callback->OnResult(businessError, errResult);
249 return;
250 }
251 resultCode = authenticationProxy_->StartAuthorization(request_);
252 if (resultCode != ERR_OK) {
253 AsyncCallbackError businessError;
254 businessError.code = ERR_JS_SYSTEM_SERVICE_EXCEPTION;
255 request_.callback->OnResult(businessError, errResult);
256 }
257 return;
258 }
259
OnAbilityDisconnectDone(const AppExecFwk::ElementName & element,int resultCode)260 void RequestConnection::OnAbilityDisconnectDone(const AppExecFwk::ElementName &element, int resultCode)
261 {}
262
ExecuteRequest(AuthorizationRequest & request,const std::string & bundleName,const std::string & abilityName,const AppExecFwk::ExtensionAbilityInfo & extensionInfo)263 ErrCode InnerAppAccountManager::ExecuteRequest(
264 AuthorizationRequest &request, const std::string &bundleName,
265 const std::string &abilityName, const AppExecFwk::ExtensionAbilityInfo &extensionInfo)
266 {
267 AAFwk::Want want;
268 want.SetElementName(bundleName, extensionInfo.name);
269 sptr<RequestConnection> conn_ = new (std::nothrow) RequestConnection(request.callerUid, request);
270 if (conn_ == nullptr) {
271 ACCOUNT_LOGE("failed to create connect callback");
272 return ERR_JS_SYSTEM_SERVICE_EXCEPTION;
273 }
274 int32_t userId = request.callerUid / UID_TRANSFORM_DIVISOR;
275 ErrCode errCode = AbilityManagerAdapter::GetInstance()->ConnectAbility(want, conn_, nullptr, userId);
276 if (errCode != ERR_OK) {
277 ACCOUNT_LOGE("failed to connect ability");
278 return ERR_JS_SYSTEM_SERVICE_EXCEPTION;
279 }
280 return ERR_OK;
281 }
282
GetOAuthToken(const AuthenticatorSessionRequest & request,std::string & token,const uint32_t apiVersion)283 ErrCode InnerAppAccountManager::GetOAuthToken(
284 const AuthenticatorSessionRequest &request, std::string &token, const uint32_t apiVersion)
285 {
286 return controlManager_.GetOAuthToken(request, token, apiVersion);
287 }
288
SetOAuthToken(const AuthenticatorSessionRequest & request)289 ErrCode InnerAppAccountManager::SetOAuthToken(const AuthenticatorSessionRequest &request)
290 {
291 ErrCode result = controlManager_.SetOAuthToken(request);
292 if (result != ERR_OK) {
293 return result;
294 }
295 AppAccountInfo appAccountInfo(request.name, request.callerBundleName);
296 appAccountInfo.SetAppIndex(request.appIndex);
297 if (!subscribeManager_.PublishAccount(appAccountInfo, request.callerUid, request.callerBundleName)) {
298 ACCOUNT_LOGE("failed to publish account");
299 }
300 return ERR_OK;
301 }
302
DeleteOAuthToken(const AuthenticatorSessionRequest & request,const uint32_t apiVersion)303 ErrCode InnerAppAccountManager::DeleteOAuthToken(const AuthenticatorSessionRequest &request, const uint32_t apiVersion)
304 {
305 return controlManager_.DeleteOAuthToken(request, apiVersion);
306 }
307
SetOAuthTokenVisibility(const AuthenticatorSessionRequest & request,const uint32_t apiVersion)308 ErrCode InnerAppAccountManager::SetOAuthTokenVisibility(
309 const AuthenticatorSessionRequest &request, const uint32_t apiVersion)
310 {
311 return controlManager_.SetOAuthTokenVisibility(request, apiVersion);
312 }
313
CheckOAuthTokenVisibility(const AuthenticatorSessionRequest & request,bool & isVisible,const uint32_t apiVersion)314 ErrCode InnerAppAccountManager::CheckOAuthTokenVisibility(
315 const AuthenticatorSessionRequest &request, bool &isVisible, const uint32_t apiVersion)
316 {
317 return controlManager_.CheckOAuthTokenVisibility(request, isVisible, apiVersion);
318 }
319
GetAuthenticatorInfo(const AuthenticatorSessionRequest & request,AuthenticatorInfo & info)320 ErrCode InnerAppAccountManager::GetAuthenticatorInfo(
321 const AuthenticatorSessionRequest &request, AuthenticatorInfo &info)
322 {
323 return AppAccountAuthenticatorManager::GetAuthenticatorInfo(
324 request.owner, request.callerUid / UID_TRANSFORM_DIVISOR, info);
325 }
326
GetAllOAuthTokens(const AuthenticatorSessionRequest & request,std::vector<OAuthTokenInfo> & tokenInfos)327 ErrCode InnerAppAccountManager::GetAllOAuthTokens(
328 const AuthenticatorSessionRequest &request, std::vector<OAuthTokenInfo> &tokenInfos)
329 {
330 return controlManager_.GetAllOAuthTokens(request, tokenInfos);
331 }
332
GetOAuthList(const AuthenticatorSessionRequest & request,std::set<std::string> & oauthList,const uint32_t apiVersion)333 ErrCode InnerAppAccountManager::GetOAuthList(
334 const AuthenticatorSessionRequest &request, std::set<std::string> &oauthList, const uint32_t apiVersion)
335 {
336 return controlManager_.GetOAuthList(request, oauthList, apiVersion);
337 }
338
GetAuthenticatorCallback(const AuthenticatorSessionRequest & request,sptr<IRemoteObject> & callback)339 ErrCode InnerAppAccountManager::GetAuthenticatorCallback(
340 const AuthenticatorSessionRequest &request, sptr<IRemoteObject> &callback)
341 {
342 callback = nullptr;
343 return sessionManager_.GetAuthenticatorCallback(request, callback);
344 }
345
GetAllAccounts(const std::string & owner,std::vector<AppAccountInfo> & appAccounts,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)346 ErrCode InnerAppAccountManager::GetAllAccounts(const std::string &owner, std::vector<AppAccountInfo> &appAccounts,
347 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
348 {
349 return controlManager_.GetAllAccounts(owner, appAccounts, uid, bundleName, appIndex);
350 }
351
GetAllAccessibleAccounts(std::vector<AppAccountInfo> & appAccounts,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)352 ErrCode InnerAppAccountManager::GetAllAccessibleAccounts(std::vector<AppAccountInfo> &appAccounts,
353 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
354 {
355 return controlManager_.GetAllAccessibleAccounts(appAccounts, uid, bundleName, appIndex);
356 }
357
SelectAccountsByOptions(const SelectAccountsOptions & options,const sptr<IAppAccountAuthenticatorCallback> & callback,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)358 ErrCode InnerAppAccountManager::SelectAccountsByOptions(
359 const SelectAccountsOptions &options, const sptr<IAppAccountAuthenticatorCallback> &callback,
360 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
361 {
362 AuthenticatorSessionRequest request;
363 return controlManager_.SelectAccountsByOptions(options, callback, uid, bundleName, appIndex);
364 }
365
VerifyCredential(const AuthenticatorSessionRequest & request)366 ErrCode InnerAppAccountManager::VerifyCredential(const AuthenticatorSessionRequest &request)
367 {
368 return sessionManager_.VerifyCredential(request);
369 }
370
CheckAccountLabels(const AuthenticatorSessionRequest & request)371 ErrCode InnerAppAccountManager::CheckAccountLabels(const AuthenticatorSessionRequest &request)
372 {
373 return sessionManager_.CheckAccountLabels(request);
374 }
375
SetAuthenticatorProperties(const AuthenticatorSessionRequest & request)376 ErrCode InnerAppAccountManager::SetAuthenticatorProperties(const AuthenticatorSessionRequest &request)
377 {
378 return sessionManager_.SetAuthenticatorProperties(request);
379 }
380
SubscribeAppAccount(const AppAccountSubscribeInfo & subscribeInfo,const sptr<IRemoteObject> & eventListener,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)381 ErrCode InnerAppAccountManager::SubscribeAppAccount(const AppAccountSubscribeInfo &subscribeInfo,
382 const sptr<IRemoteObject> &eventListener, const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
383 {
384 auto subscribeInfoPtr = std::make_shared<AppAccountSubscribeInfo>(subscribeInfo);
385 return subscribeManager_.SubscribeAppAccount(subscribeInfoPtr, eventListener, uid, bundleName, appIndex);
386 }
387
UnsubscribeAppAccount(const sptr<IRemoteObject> & eventListener)388 ErrCode InnerAppAccountManager::UnsubscribeAppAccount(const sptr<IRemoteObject> &eventListener)
389 {
390 return subscribeManager_.UnsubscribeAppAccount(eventListener);
391 }
392
OnPackageRemoved(const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)393 ErrCode InnerAppAccountManager::OnPackageRemoved(
394 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
395 {
396 return controlManager_.OnPackageRemoved(uid, bundleName, appIndex);
397 }
398
OnUserRemoved(int32_t userId)399 ErrCode InnerAppAccountManager::OnUserRemoved(int32_t userId)
400 {
401 return controlManager_.OnUserRemoved(userId);
402 }
403 } // namespace AccountSA
404 } // namespace OHOS
405