• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "accesstoken_remote_token_manager.h"
17 
18 #include "accesstoken_id_manager.h"
19 #include "accesstoken_log.h"
20 #include "access_token_error.h"
21 #include "data_validator.h"
22 #include "constant_common.h"
23 namespace OHOS {
24 namespace Security {
25 namespace AccessToken {
26 namespace {
27 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE,
28     SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenRemoteTokenManager"};
29 }
AccessTokenRemoteTokenManager()30 AccessTokenRemoteTokenManager::AccessTokenRemoteTokenManager()
31 {}
32 
~AccessTokenRemoteTokenManager()33 AccessTokenRemoteTokenManager::~AccessTokenRemoteTokenManager()
34 {
35 }
36 
GetInstance()37 AccessTokenRemoteTokenManager& AccessTokenRemoteTokenManager::GetInstance()
38 {
39     static AccessTokenRemoteTokenManager instance;
40     return instance;
41 }
42 
MapRemoteDeviceTokenToLocal(const std::string & deviceID,AccessTokenID remoteID)43 AccessTokenID AccessTokenRemoteTokenManager::MapRemoteDeviceTokenToLocal(const std::string& deviceID,
44     AccessTokenID remoteID)
45 {
46     if (!DataValidator::IsDeviceIdValid(deviceID) || !DataValidator::IsTokenIDValid(remoteID)) {
47         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s or token %{public}x is invalid.",
48             ConstantCommon::EncryptDevId(deviceID).c_str(), remoteID);
49         return 0;
50     }
51     ATokenTypeEnum tokeType = AccessTokenIDManager::GetInstance().GetTokenIdTypeEnum(remoteID);
52     if ((tokeType <= TOKEN_INVALID) || (tokeType >= TOKEN_TYPE_BUTT)) {
53         ACCESSTOKEN_LOG_ERROR(
54             LABEL, "token %{public}x type is invalid.", remoteID);
55         return 0;
56     }
57     int dlpType = AccessTokenIDManager::GetInstance().GetTokenIdDlpFlag(remoteID);
58 
59     AccessTokenID mapID = 0;
60     Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->remoteDeviceLock_);
61     std::map<AccessTokenID, AccessTokenID>* mapPtr = nullptr;
62     if (remoteDeviceMap_.count(deviceID) > 0) {
63         AccessTokenRemoteDevice& device = remoteDeviceMap_[deviceID];
64         if (device.MappingTokenIDPairMap_.count(remoteID) > 0) {
65             mapID = device.MappingTokenIDPairMap_[remoteID];
66             ACCESSTOKEN_LOG_ERROR(
67                 LABEL, "device %{public}s token %{public}x has already mapped, maptokenID is %{public}x.",
68                 ConstantCommon::EncryptDevId(deviceID).c_str(), remoteID, mapID);
69             return mapID;
70         }
71         mapPtr = &device.MappingTokenIDPairMap_;
72     } else {
73         AccessTokenRemoteDevice device;
74         device.DeviceID_ = deviceID;
75         remoteDeviceMap_[deviceID] = device;
76         mapPtr = &remoteDeviceMap_[deviceID].MappingTokenIDPairMap_;
77     }
78 
79     mapID = AccessTokenIDManager::GetInstance().CreateAndRegisterTokenId(tokeType, dlpType);
80     if (mapID == 0) {
81         ACCESSTOKEN_LOG_ERROR(
82             LABEL, "device %{public}s token %{public}x map local Token failed.",
83             ConstantCommon::EncryptDevId(deviceID).c_str(), remoteID);
84         return 0;
85     }
86     mapPtr->insert(std::pair<AccessTokenID, AccessTokenID>(remoteID, mapID));
87     return mapID;
88 }
89 
GetDeviceAllRemoteTokenID(const std::string & deviceID,std::vector<AccessTokenID> & remoteIDs)90 int AccessTokenRemoteTokenManager::GetDeviceAllRemoteTokenID(const std::string& deviceID,
91     std::vector<AccessTokenID>& remoteIDs)
92 {
93     if (!DataValidator::IsDeviceIdValid(deviceID)) {
94         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s is valid.", ConstantCommon::EncryptDevId(deviceID).c_str());
95         return AccessTokenError::ERR_PARAM_INVALID;
96     }
97     Utils::UniqueReadGuard<Utils::RWLock> infoGuard(this->remoteDeviceLock_);
98     if (remoteDeviceMap_.count(deviceID) < 1) {
99         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s has not mapping.",
100             ConstantCommon::EncryptDevId(deviceID).c_str());
101         return AccessTokenError::ERR_DEVICE_NOT_EXIST;
102     }
103 
104     std::transform(remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.begin(),
105         remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.end(),
106         std::back_inserter(remoteIDs), [](const auto& mapEntry) {
107             return mapEntry.first;
108         });
109     return RET_SUCCESS;
110 }
111 
GetDeviceMappingTokenID(const std::string & deviceID,AccessTokenID remoteID)112 AccessTokenID AccessTokenRemoteTokenManager::GetDeviceMappingTokenID(const std::string& deviceID,
113     AccessTokenID remoteID)
114 {
115     if (!DataValidator::IsDeviceIdValid(deviceID) || !DataValidator::IsTokenIDValid(remoteID)) {
116         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s or token %{public}x is invalid.",
117             ConstantCommon::EncryptDevId(deviceID).c_str(), remoteID);
118         return 0;
119     }
120 
121     Utils::UniqueReadGuard<Utils::RWLock> infoGuard(this->remoteDeviceLock_);
122     if (remoteDeviceMap_.count(deviceID) < 1 ||
123         remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.count(remoteID) < 1) {
124         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s has not mapping.",
125             ConstantCommon::EncryptDevId(deviceID).c_str());
126         return 0;
127     }
128 
129     return remoteDeviceMap_[deviceID].MappingTokenIDPairMap_[remoteID];
130 }
131 
RemoveDeviceMappingTokenID(const std::string & deviceID,AccessTokenID remoteID)132 int AccessTokenRemoteTokenManager::RemoveDeviceMappingTokenID(const std::string& deviceID,
133     AccessTokenID remoteID)
134 {
135     if (!DataValidator::IsDeviceIdValid(deviceID) || !DataValidator::IsTokenIDValid(remoteID)) {
136         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s or token %{public}x is invalid.",
137             ConstantCommon::EncryptDevId(deviceID).c_str(), remoteID);
138         return RET_FAILED;
139     }
140 
141     Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->remoteDeviceLock_);
142     if (remoteDeviceMap_.count(deviceID) < 1 ||
143         remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.count(remoteID) < 1) {
144         ACCESSTOKEN_LOG_ERROR(LABEL, "device %{public}s has not mapping.",
145             ConstantCommon::EncryptDevId(deviceID).c_str());
146         return RET_FAILED;
147     }
148 
149     AccessTokenID mapID = remoteDeviceMap_[deviceID].MappingTokenIDPairMap_[remoteID];
150     AccessTokenIDManager::GetInstance().ReleaseTokenId(mapID);
151 
152     remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.erase(remoteID);
153 
154     if (remoteDeviceMap_[deviceID].MappingTokenIDPairMap_.empty()) {
155         remoteDeviceMap_.erase(deviceID);
156     }
157     return RET_SUCCESS;
158 }
159 } // namespace AccessToken
160 } // namespace Security
161 } // namespace OHOS
162