• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "inner_app_account_manager.h"
17 
18 #include "ability_manager_adapter.h"
19 #include "account_info.h"
20 #include "account_log_wrapper.h"
21 #include "app_account_authenticator_session.h"
22 #include "app_account_control_manager.h"
23 #include "app_account_subscribe_manager.h"
24 #include "app_account_authorization_extension_stub.h"
25 #include "bundle_manager_adapter.h"
26 
27 namespace OHOS {
28 namespace AccountSA {
InnerAppAccountManager()29 InnerAppAccountManager::InnerAppAccountManager()
30     : controlManager_(AppAccountControlManager::GetInstance()),
31       subscribeManager_(AppAccountSubscribeManager::GetInstance()),
32       sessionManager_(AppAccountAuthenticatorSessionManager::GetInstance())
33 {}
34 
~InnerAppAccountManager()35 InnerAppAccountManager::~InnerAppAccountManager()
36 {}
37 
AddAccount(const std::string & name,const std::string & extraInfo,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)38 ErrCode InnerAppAccountManager::AddAccount(const std::string &name, const std::string &extraInfo,
39     const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
40 {
41     AppAccountInfo appAccountInfo(name, bundleName);
42     appAccountInfo.SetAppIndex(appIndex);
43     return controlManager_.AddAccount(name, extraInfo, uid, bundleName, appAccountInfo);
44 }
45 
AddAccountImplicitly(const AuthenticatorSessionRequest & request)46 ErrCode InnerAppAccountManager::AddAccountImplicitly(const AuthenticatorSessionRequest &request)
47 {
48     return sessionManager_.AddAccountImplicitly(request);
49 }
50 
CreateAccount(const std::string & name,const CreateAccountOptions & options,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)51 ErrCode InnerAppAccountManager::CreateAccount(const std::string &name, const CreateAccountOptions &options,
52     const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
53 {
54     AppAccountInfo appAccountInfo(name, bundleName);
55     appAccountInfo.SetAppIndex(appIndex);
56     return controlManager_.CreateAccount(name, options, uid, bundleName, appAccountInfo);
57 }
58 
CreateAccountImplicitly(const AuthenticatorSessionRequest & request)59 ErrCode InnerAppAccountManager::CreateAccountImplicitly(const AuthenticatorSessionRequest &request)
60 {
61     return sessionManager_.CreateAccountImplicitly(request);
62 }
63 
DeleteAccount(const std::string & name,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)64 ErrCode InnerAppAccountManager::DeleteAccount(
65     const std::string &name, const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
66 {
67     AppAccountInfo appAccountInfo(name, bundleName);
68     appAccountInfo.SetAppIndex(appIndex);
69     ErrCode result = controlManager_.DeleteAccount(name, uid, bundleName, appAccountInfo);
70     if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(appAccountInfo, uid, bundleName))) {
71         ACCOUNT_LOGE("failed to publish account");
72     }
73     return result;
74 }
75 
GetAccountExtraInfo(const std::string & name,std::string & extraInfo,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)76 ErrCode InnerAppAccountManager::GetAccountExtraInfo(const std::string &name, std::string &extraInfo,
77     const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
78 {
79     return controlManager_.GetAccountExtraInfo(name, extraInfo, uid, bundleName, appIndex);
80 }
81 
SetAccountExtraInfo(const std::string & name,const std::string & extraInfo,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)82 ErrCode InnerAppAccountManager::SetAccountExtraInfo(const std::string &name, const std::string &extraInfo,
83     const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
84 {
85     AppAccountInfo appAccountInfo(name, bundleName);
86     appAccountInfo.SetAppIndex(appIndex);
87     ErrCode result = controlManager_.SetAccountExtraInfo(name, extraInfo, uid, bundleName, appAccountInfo);
88     if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(appAccountInfo, uid, bundleName))) {
89         ACCOUNT_LOGE("failed to publish account");
90     }
91     return result;
92 }
93 
EnableAppAccess(const std::string & name,const std::string & authorizedApp,AppAccountCallingInfo & appAccountCallingInfo,const uint32_t apiVersion)94 ErrCode InnerAppAccountManager::EnableAppAccess(const std::string &name, const std::string &authorizedApp,
95     AppAccountCallingInfo &appAccountCallingInfo, const uint32_t apiVersion)
96 {
97     AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
98     appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
99     ErrCode result = controlManager_.EnableAppAccess(
100         name, authorizedApp, appAccountCallingInfo, appAccountInfo, apiVersion);
101     if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(
102         appAccountInfo, appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName))) {
103         ACCOUNT_LOGE("failed to publish account");
104     }
105     return result;
106 }
107 
DisableAppAccess(const std::string & name,const std::string & authorizedApp,AppAccountCallingInfo & appAccountCallingInfo,const uint32_t apiVersion)108 ErrCode InnerAppAccountManager::DisableAppAccess(const std::string &name, const std::string &authorizedApp,
109     AppAccountCallingInfo &appAccountCallingInfo, const uint32_t apiVersion)
110 {
111     AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
112     appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
113     ErrCode result = controlManager_.DisableAppAccess(
114         name, authorizedApp, appAccountCallingInfo, appAccountInfo, apiVersion);
115     if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(
116         appAccountInfo, appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName))) {
117         ACCOUNT_LOGE("failed to publish account");
118     }
119     return result;
120 }
121 
CheckAppAccess(const std::string & name,const std::string & authorizedApp,bool & isAccessible,const AppAccountCallingInfo & appAccountCallingInfo)122 ErrCode InnerAppAccountManager::CheckAppAccess(const std::string &name, const std::string &authorizedApp,
123     bool &isAccessible, const AppAccountCallingInfo &appAccountCallingInfo)
124 {
125     return controlManager_.CheckAppAccess(name, authorizedApp, isAccessible, appAccountCallingInfo);
126 }
127 
CheckAppAccountSyncEnable(const std::string & name,bool & syncEnable,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)128 ErrCode InnerAppAccountManager::CheckAppAccountSyncEnable(const std::string &name, bool &syncEnable,
129     const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
130 {
131     return controlManager_.CheckAppAccountSyncEnable(name, syncEnable, uid, bundleName, appIndex);
132 }
133 
SetAppAccountSyncEnable(const std::string & name,const bool & syncEnable,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)134 ErrCode InnerAppAccountManager::SetAppAccountSyncEnable(const std::string &name, const bool &syncEnable,
135     const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
136 {
137     AppAccountInfo appAccountInfo(name, bundleName);
138     appAccountInfo.SetAppIndex(appIndex);
139     return controlManager_.SetAppAccountSyncEnable(name, syncEnable, uid, bundleName, appAccountInfo);
140 }
141 
GetAssociatedData(const std::string & name,const std::string & key,std::string & value,const uid_t & uid)142 ErrCode InnerAppAccountManager::GetAssociatedData(const std::string &name, const std::string &key,
143     std::string &value, const uid_t &uid)
144 {
145     return controlManager_.GetAssociatedData(name, key, value, uid);
146 }
147 
SetAssociatedData(const std::string & name,const std::string & key,const std::string & value,const AppAccountCallingInfo & appAccountCallingInfo)148 ErrCode InnerAppAccountManager::SetAssociatedData(const std::string &name, const std::string &key,
149     const std::string &value, const AppAccountCallingInfo &appAccountCallingInfo)
150 {
151     ErrCode result = controlManager_.SetAssociatedData(name, key, value, appAccountCallingInfo);
152     if (result != ERR_OK) {
153         return result;
154     }
155     AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
156     appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
157     if (!subscribeManager_.PublishAccount(appAccountInfo,
158         appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName)) {
159         ACCOUNT_LOGE("failed to publish account");
160     }
161     return result;
162 }
163 
GetAccountCredential(const std::string & name,const std::string & credentialType,std::string & credential,const AppAccountCallingInfo & appAccountCallingInfo)164 ErrCode InnerAppAccountManager::GetAccountCredential(const std::string &name, const std::string &credentialType,
165     std::string &credential, const AppAccountCallingInfo &appAccountCallingInfo)
166 {
167     return controlManager_.GetAccountCredential(name, credentialType, credential, appAccountCallingInfo);
168 }
169 
SetAccountCredential(const std::string & name,const std::string & credentialType,const std::string & credential,const AppAccountCallingInfo & appAccountCallingInfo)170 ErrCode InnerAppAccountManager::SetAccountCredential(const std::string &name, const std::string &credentialType,
171     const std::string &credential, const AppAccountCallingInfo &appAccountCallingInfo)
172 {
173     ErrCode result = controlManager_.SetAccountCredential(name, credentialType, credential, appAccountCallingInfo);
174     if (result != ERR_OK) {
175         return result;
176     }
177     AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
178     appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
179     if (!subscribeManager_.PublishAccount(appAccountInfo,
180         appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName)) {
181         ACCOUNT_LOGE("failed to publish account");
182     }
183     return result;
184 }
185 
DeleteAccountCredential(const std::string & name,const std::string & credentialType,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)186 ErrCode InnerAppAccountManager::DeleteAccountCredential(const std::string &name, const std::string &credentialType,
187     const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
188 {
189     AppAccountCallingInfo appAccountCallingInfo;
190     appAccountCallingInfo.callingUid = uid;
191     appAccountCallingInfo.bundleName = bundleName;
192     appAccountCallingInfo.appIndex = appIndex;
193     ErrCode result = controlManager_.SetAccountCredential(name, credentialType, "", appAccountCallingInfo, true);
194     if (result != ERR_OK) {
195         return result;
196     }
197     AppAccountInfo appAccountInfo(name, bundleName);
198     appAccountInfo.SetAppIndex(appIndex);
199     if (!subscribeManager_.PublishAccount(appAccountInfo, uid, bundleName)) {
200         ACCOUNT_LOGE("failed to publish account");
201     }
202     return result;
203 }
204 
Authenticate(const AuthenticatorSessionRequest & request)205 ErrCode InnerAppAccountManager::Authenticate(const AuthenticatorSessionRequest &request)
206 {
207     std::string token;
208     ErrCode ret = ERR_OK;
209     bool isApi9 = request.options.GetBoolParam(Constants::API_V9, false);
210     if (isApi9) {
211         ret = controlManager_.GetOAuthToken(request, token, Constants::API_VERSION9);
212     } else {
213         ret = controlManager_.GetOAuthToken(request, token);
214     }
215     if (ret == ERR_OK) {
216         if ((request.callback != nullptr) && (request.callback->AsObject() != nullptr)) {
217             AAFwk::Want result;
218             result.SetParam(Constants::KEY_NAME, request.name);
219             result.SetParam(Constants::KEY_AUTH_TYPE, request.authType);
220             result.SetParam(Constants::KEY_TOKEN, token);
221             request.callback->OnResult(ERR_OK, result);
222         }
223         return ERR_OK;
224     }
225     if (isApi9) {
226         return sessionManager_.Auth(request);
227     }
228     return sessionManager_.Authenticate(request);
229 }
230 
RequestConnection(const int32_t & uid,const AuthorizationRequest & request)231 RequestConnection::RequestConnection(const int32_t &uid, const AuthorizationRequest &request)
232     :uid_(uid), request_(request)
233 {}
234 
~RequestConnection()235 RequestConnection::~RequestConnection()
236 {}
237 
OnAbilityConnectDone(const AppExecFwk::ElementName & element,const sptr<IRemoteObject> & remoteObject,int32_t resultCode)238 void RequestConnection::OnAbilityConnectDone(
239     const AppExecFwk::ElementName &element, const sptr<IRemoteObject> &remoteObject, int32_t resultCode)
240 {
241     AAFwk::WantParams errResult;
242     sptr<IAppAccountAuthorizationExtension>
243         authenticationProxy_ = iface_cast<IAppAccountAuthorizationExtension>(remoteObject);
244     if ((!authenticationProxy_) || (!authenticationProxy_->AsObject())) {
245         ACCOUNT_LOGE("failed to cast app account authenticator proxy, callerUid = %{public}d", uid_);
246         AsyncCallbackError businessError;
247         businessError.code = ERR_JS_SYSTEM_SERVICE_EXCEPTION;
248         request_.callback->OnResult(businessError, errResult);
249         return;
250     }
251     resultCode = authenticationProxy_->StartAuthorization(request_);
252     if (resultCode != ERR_OK) {
253         AsyncCallbackError businessError;
254         businessError.code = ERR_JS_SYSTEM_SERVICE_EXCEPTION;
255         request_.callback->OnResult(businessError, errResult);
256     }
257     return;
258 }
259 
OnAbilityDisconnectDone(const AppExecFwk::ElementName & element,int resultCode)260 void RequestConnection::OnAbilityDisconnectDone(const AppExecFwk::ElementName &element, int resultCode)
261 {}
262 
ExecuteRequest(AuthorizationRequest & request,const std::string & bundleName,const std::string & abilityName,const AppExecFwk::ExtensionAbilityInfo & extensionInfo)263 ErrCode InnerAppAccountManager::ExecuteRequest(
264     AuthorizationRequest &request, const std::string &bundleName,
265     const std::string &abilityName, const AppExecFwk::ExtensionAbilityInfo &extensionInfo)
266 {
267     AAFwk::Want want;
268     want.SetElementName(bundleName, extensionInfo.name);
269     sptr<RequestConnection> conn_ = new (std::nothrow) RequestConnection(request.callerUid, request);
270     if (conn_ == nullptr) {
271         ACCOUNT_LOGE("failed to create connect callback");
272         return ERR_JS_SYSTEM_SERVICE_EXCEPTION;
273     }
274     int32_t userId = request.callerUid / UID_TRANSFORM_DIVISOR;
275     ErrCode errCode = AbilityManagerAdapter::GetInstance()->ConnectAbility(want, conn_, nullptr, userId);
276     if (errCode != ERR_OK) {
277         ACCOUNT_LOGE("failed to connect ability");
278         return ERR_JS_SYSTEM_SERVICE_EXCEPTION;
279     }
280     return ERR_OK;
281 }
282 
GetOAuthToken(const AuthenticatorSessionRequest & request,std::string & token,const uint32_t apiVersion)283 ErrCode InnerAppAccountManager::GetOAuthToken(
284     const AuthenticatorSessionRequest &request, std::string &token, const uint32_t apiVersion)
285 {
286     return controlManager_.GetOAuthToken(request, token, apiVersion);
287 }
288 
SetOAuthToken(const AuthenticatorSessionRequest & request)289 ErrCode InnerAppAccountManager::SetOAuthToken(const AuthenticatorSessionRequest &request)
290 {
291     ErrCode result = controlManager_.SetOAuthToken(request);
292     if (result != ERR_OK) {
293         return result;
294     }
295     AppAccountInfo appAccountInfo(request.name, request.callerBundleName);
296     appAccountInfo.SetAppIndex(request.appIndex);
297     if (!subscribeManager_.PublishAccount(appAccountInfo, request.callerUid, request.callerBundleName)) {
298         ACCOUNT_LOGE("failed to publish account");
299     }
300     return ERR_OK;
301 }
302 
DeleteOAuthToken(const AuthenticatorSessionRequest & request,const uint32_t apiVersion)303 ErrCode InnerAppAccountManager::DeleteOAuthToken(const AuthenticatorSessionRequest &request, const uint32_t apiVersion)
304 {
305     return controlManager_.DeleteOAuthToken(request, apiVersion);
306 }
307 
SetOAuthTokenVisibility(const AuthenticatorSessionRequest & request,const uint32_t apiVersion)308 ErrCode InnerAppAccountManager::SetOAuthTokenVisibility(
309     const AuthenticatorSessionRequest &request, const uint32_t apiVersion)
310 {
311     return controlManager_.SetOAuthTokenVisibility(request, apiVersion);
312 }
313 
CheckOAuthTokenVisibility(const AuthenticatorSessionRequest & request,bool & isVisible,const uint32_t apiVersion)314 ErrCode InnerAppAccountManager::CheckOAuthTokenVisibility(
315     const AuthenticatorSessionRequest &request, bool &isVisible, const uint32_t apiVersion)
316 {
317     return controlManager_.CheckOAuthTokenVisibility(request, isVisible, apiVersion);
318 }
319 
GetAuthenticatorInfo(const AuthenticatorSessionRequest & request,AuthenticatorInfo & info)320 ErrCode InnerAppAccountManager::GetAuthenticatorInfo(
321     const AuthenticatorSessionRequest &request, AuthenticatorInfo &info)
322 {
323     return AppAccountAuthenticatorManager::GetAuthenticatorInfo(
324         request.owner, request.callerUid / UID_TRANSFORM_DIVISOR, info);
325 }
326 
GetAllOAuthTokens(const AuthenticatorSessionRequest & request,std::vector<OAuthTokenInfo> & tokenInfos)327 ErrCode InnerAppAccountManager::GetAllOAuthTokens(
328     const AuthenticatorSessionRequest &request, std::vector<OAuthTokenInfo> &tokenInfos)
329 {
330     return controlManager_.GetAllOAuthTokens(request, tokenInfos);
331 }
332 
GetOAuthList(const AuthenticatorSessionRequest & request,std::set<std::string> & oauthList,const uint32_t apiVersion)333 ErrCode InnerAppAccountManager::GetOAuthList(
334     const AuthenticatorSessionRequest &request, std::set<std::string> &oauthList, const uint32_t apiVersion)
335 {
336     return controlManager_.GetOAuthList(request, oauthList, apiVersion);
337 }
338 
GetAuthenticatorCallback(const AuthenticatorSessionRequest & request,sptr<IRemoteObject> & callback)339 ErrCode InnerAppAccountManager::GetAuthenticatorCallback(
340     const AuthenticatorSessionRequest &request, sptr<IRemoteObject> &callback)
341 {
342     callback = nullptr;
343     return sessionManager_.GetAuthenticatorCallback(request, callback);
344 }
345 
GetAllAccounts(const std::string & owner,std::vector<AppAccountInfo> & appAccounts,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)346 ErrCode InnerAppAccountManager::GetAllAccounts(const std::string &owner, std::vector<AppAccountInfo> &appAccounts,
347     const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
348 {
349     return controlManager_.GetAllAccounts(owner, appAccounts, uid, bundleName, appIndex);
350 }
351 
GetAllAccessibleAccounts(std::vector<AppAccountInfo> & appAccounts,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)352 ErrCode InnerAppAccountManager::GetAllAccessibleAccounts(std::vector<AppAccountInfo> &appAccounts,
353     const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
354 {
355     return controlManager_.GetAllAccessibleAccounts(appAccounts, uid, bundleName, appIndex);
356 }
357 
SelectAccountsByOptions(const SelectAccountsOptions & options,const sptr<IAppAccountAuthenticatorCallback> & callback,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)358 ErrCode InnerAppAccountManager::SelectAccountsByOptions(
359     const SelectAccountsOptions &options, const sptr<IAppAccountAuthenticatorCallback> &callback,
360     const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
361 {
362     AuthenticatorSessionRequest request;
363     return controlManager_.SelectAccountsByOptions(options, callback, uid, bundleName, appIndex);
364 }
365 
VerifyCredential(const AuthenticatorSessionRequest & request)366 ErrCode InnerAppAccountManager::VerifyCredential(const AuthenticatorSessionRequest &request)
367 {
368     return sessionManager_.VerifyCredential(request);
369 }
370 
CheckAccountLabels(const AuthenticatorSessionRequest & request)371 ErrCode InnerAppAccountManager::CheckAccountLabels(const AuthenticatorSessionRequest &request)
372 {
373     return sessionManager_.CheckAccountLabels(request);
374 }
375 
SetAuthenticatorProperties(const AuthenticatorSessionRequest & request)376 ErrCode InnerAppAccountManager::SetAuthenticatorProperties(const AuthenticatorSessionRequest &request)
377 {
378     return sessionManager_.SetAuthenticatorProperties(request);
379 }
380 
SubscribeAppAccount(const AppAccountSubscribeInfo & subscribeInfo,const sptr<IRemoteObject> & eventListener,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)381 ErrCode InnerAppAccountManager::SubscribeAppAccount(const AppAccountSubscribeInfo &subscribeInfo,
382     const sptr<IRemoteObject> &eventListener, const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
383 {
384     auto subscribeInfoPtr = std::make_shared<AppAccountSubscribeInfo>(subscribeInfo);
385     return subscribeManager_.SubscribeAppAccount(subscribeInfoPtr, eventListener, uid, bundleName, appIndex);
386 }
387 
UnsubscribeAppAccount(const sptr<IRemoteObject> & eventListener)388 ErrCode InnerAppAccountManager::UnsubscribeAppAccount(const sptr<IRemoteObject> &eventListener)
389 {
390     return subscribeManager_.UnsubscribeAppAccount(eventListener);
391 }
392 
OnPackageRemoved(const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)393 ErrCode InnerAppAccountManager::OnPackageRemoved(
394     const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
395 {
396     return controlManager_.OnPackageRemoved(uid, bundleName, appIndex);
397 }
398 
OnUserRemoved(int32_t userId)399 ErrCode InnerAppAccountManager::OnUserRemoved(int32_t userId)
400 {
401     return controlManager_.OnUserRemoved(userId);
402 }
403 }  // namespace AccountSA
404 }  // namespace OHOS
405