1 /*
2 * Copyright (C) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #ifndef IS_SO_CROP_H
16 #include "strongauthmanager.h"
17 #include "screenlock_common.h"
18 #include "sclock_log.h"
19 #include "screenlock_system_ability.h"
20 #include "user_auth_client_callback.h"
21 #include "user_auth_client_impl.h"
22 #include "os_account_manager.h"
23 #include "innerlistenermanager.h"
24
25 namespace OHOS {
26 namespace ScreenLock {
27 std::mutex StrongAuthManger::instanceLock_;
28 sptr<StrongAuthManger> StrongAuthManger::instance_;
29 using namespace OHOS::UserIam::UserAuth;
30 using namespace OHOS::AccountSA;
31
32 // 强认证默认时间 3days
33 const std::int64_t DEFAULT_STRONG_AUTH_TIMEOUT_MS = 3 * 24 * 60 * 60 * 1000;
34
StrongAuthManger()35 StrongAuthManger::StrongAuthManger() {}
36
~StrongAuthManger()37 StrongAuthManger::~StrongAuthManger() {}
38
authTimer()39 StrongAuthManger::authTimer::authTimer()
40 {
41 userId_ = 0;
42 }
43
authTimer(bool repeat,uint64_t interval,bool isExact,bool isIdle)44 StrongAuthManger::authTimer::authTimer(bool repeat, uint64_t interval, bool isExact, bool isIdle)
45 {
46 this->repeat = repeat;
47 this->interval = interval;
48 this->type = TIMER_TYPE_WAKEUP;
49 if (isExact) {
50 this->type = TIMER_TYPE_WAKEUP + TIMER_TYPE_REALTIME;
51 }
52 if (isIdle) {
53 this->type = TIMER_TYPE_IDLE;
54 }
55 userId_ = 0;
56 }
57
~authTimer()58 StrongAuthManger::authTimer::~authTimer() {}
59
OnTrigger()60 void StrongAuthManger::authTimer::OnTrigger()
61 {
62 SCLOCK_HILOGI("%{public}d, OnTrigger enter", userId_);
63 if (callBack_) {
64 callBack_(userId_);
65 }
66 }
67
SetType(const int & type)68 void StrongAuthManger::authTimer::SetType(const int &type)
69 {
70 this->type = type;
71 }
72
SetRepeat(bool repeat)73 void StrongAuthManger::authTimer::SetRepeat(bool repeat)
74 {
75 this->repeat = repeat;
76 }
77
SetInterval(const uint64_t & interval)78 void StrongAuthManger::authTimer::SetInterval(const uint64_t &interval)
79 {
80 this->interval = interval;
81 }
82
SetWantAgent(std::shared_ptr<AbilityRuntime::WantAgent::WantAgent> wantAgent)83 void StrongAuthManger::authTimer::SetWantAgent(std::shared_ptr<AbilityRuntime::WantAgent::WantAgent> wantAgent)
84 {
85 this->wantAgent = wantAgent;
86 }
87
SetCallbackInfo(const std::function<void (int32_t)> & callBack)88 void StrongAuthManger::authTimer::SetCallbackInfo(const std::function<void(int32_t)> &callBack)
89 {
90 this->callBack_ = callBack;
91 }
92
GetUserId()93 int32_t StrongAuthManger::authTimer::GetUserId()
94 {
95 return userId_;
96 }
97
SetUserId(int32_t userId)98 void StrongAuthManger::authTimer::SetUserId(int32_t userId)
99 {
100 userId_ = userId;
101 }
102
StrongAuthTimerCallback(int32_t userId)103 static void StrongAuthTimerCallback(int32_t userId)
104 {
105 SCLOCK_HILOGI("%{public}s, enter", __FUNCTION__);
106 uint64_t timerId = StrongAuthManger::GetInstance()->GetTimerId(userId);
107 int32_t reasonFlag = static_cast<int32_t>(StrongAuthReasonFlags::AFTER_TIMEOUT);
108 StrongAuthManger::GetInstance()->ResetStrongAuthTimer(userId);
109 StrongAuthManger::GetInstance()->SetStrongAuthStat(userId, reasonFlag);
110 ScreenLockSystemAbility::GetInstance()->StrongAuthChanged(userId, reasonFlag);
111 InnerListenerManager::GetInstance()->OnStrongAuthChanged(userId, reasonFlag);
112 return;
113 }
114
IsOsAccountUnlocked(int32_t osAccountId)115 static bool IsOsAccountUnlocked(int32_t osAccountId)
116 {
117 bool isUnlocked = false;
118 OHOS::ErrCode res = OHOS::AccountSA::OsAccountManager::IsOsAccountVerified(osAccountId, isUnlocked);
119 if (res != OHOS::ERR_OK) {
120 SCLOCK_HILOGE(" Check account verify status failed, res: %{public}d, accountId: %{public}d", res, osAccountId);
121 return false;
122 }
123 SCLOCK_HILOGI(" account verified status: %{public}d, accountId: %{public}d", isUnlocked, osAccountId);
124 return isUnlocked;
125 }
126
GetInstance()127 sptr<StrongAuthManger> StrongAuthManger::GetInstance()
128 {
129 if (instance_ == nullptr) {
130 std::lock_guard<std::mutex> autoLock(instanceLock_);
131 if (instance_ == nullptr) {
132 instance_ = new StrongAuthManger;
133 }
134 }
135 return instance_;
136 }
137
138
GetTimerId(int32_t userId)139 uint64_t StrongAuthManger::GetTimerId(int32_t userId)
140 {
141 uint64_t timerId = 0;
142 auto iter = strongAuthTimerInfo.find(userId);
143 if (iter != strongAuthTimerInfo.end()) {
144 timerId = iter->second;
145 }
146 return timerId;
147 }
148
RegistUserAuthSuccessEventListener()149 void StrongAuthManger::RegistUserAuthSuccessEventListener()
150 {
151 SCLOCK_HILOGD("RegistUserAuthSuccessEventListener start");
152 std::vector<UserIam::UserAuth::AuthType> authTypeList;
153 authTypeList.emplace_back(AuthType::PIN);
154 authTypeList.emplace_back(AuthType::FACE);
155 authTypeList.emplace_back(AuthType::FINGERPRINT);
156
157 if (listener_ == nullptr) {
158 sptr<UserIam::UserAuth::AuthEventListenerInterface> wrapper(new (std::nothrow) AuthEventListenerService());
159 if (wrapper == nullptr) {
160 SCLOCK_HILOGE("get listener failed");
161 return;
162 }
163 listener_ = wrapper;
164 int32_t ret = UserIam::UserAuth::UserAuthClientImpl::GetInstance().RegistUserAuthSuccessEventListener(
165 authTypeList, listener_);
166 SCLOCK_HILOGI("RegistUserAuthSuccessEventListener ret: %{public}d", ret);
167 }
168
169 return;
170 }
171
OnNotifyAuthSuccessEvent(int32_t userId,UserIam::UserAuth::AuthType authType,int32_t callerType,std::string & bundleName)172 void StrongAuthManger::AuthEventListenerService::OnNotifyAuthSuccessEvent(int32_t userId,
173 UserIam::UserAuth::AuthType authType, int32_t callerType, std::string &bundleName)
174 {
175 SCLOCK_HILOGI("OnNotifyAuthSuccessEvent: %{public}d, %{public}d, %{public}s, callerType: %{public}d", userId,
176 static_cast<int32_t>(authType), bundleName.c_str(), callerType);
177 if (authType == AuthType::PIN) {
178 StrongAuthManger::GetInstance()->SetStrongAuthStat(userId, static_cast<int32_t>(StrongAuthReasonFlags::NONE));
179 StrongAuthManger::GetInstance()->ResetStrongAuthTimer(userId);
180 }
181 return;
182 }
183
UnRegistUserAuthSuccessEventListener()184 void StrongAuthManger::UnRegistUserAuthSuccessEventListener()
185 {
186 if (listener_ != nullptr) {
187 int32_t ret =
188 UserIam::UserAuth::UserAuthClientImpl::GetInstance().UnRegistUserAuthSuccessEventListener(listener_);
189 SCLOCK_HILOGI("UnRegistUserAuthSuccessEventListener ret: %{public}d", ret);
190 }
191 }
192
StartStrongAuthTimer(int32_t userId)193 void StrongAuthManger::StartStrongAuthTimer(int32_t userId)
194 {
195 std::unique_lock<std::mutex> lock(strongAuthTimerMutex);
196 uint64_t timerId = GetTimerId(userId);
197 if (timerId != 0) {
198 SCLOCK_HILOGI("StrongAuthTimer exist. userId:%{public}d", userId);
199 return;
200 }
201
202 std::shared_ptr<authTimer> timer = std::make_shared<authTimer>(true, DEFAULT_STRONG_AUTH_TIMEOUT_MS, true, false);
203 timer->SetCallbackInfo(StrongAuthTimerCallback);
204 timer->SetUserId(userId);
205 timerId = MiscServices::TimeServiceClient::GetInstance()->CreateTimer(timer);
206 int64_t currentTime = MiscServices::TimeServiceClient::GetInstance()->GetBootTimeMs();
207 MiscServices::TimeServiceClient::GetInstance()->StartTimer(timerId, currentTime + DEFAULT_STRONG_AUTH_TIMEOUT_MS);
208 strongAuthTimerInfo.insert(std::make_pair(userId, timerId));
209 return;
210 }
211
ResetStrongAuthTimer(int32_t userId)212 void StrongAuthManger::ResetStrongAuthTimer(int32_t userId)
213 {
214 uint64_t timerId = GetTimerId(userId);
215 if (timerId == 0) {
216 StartStrongAuthTimer(userId);
217 return;
218 }
219 int64_t currentTime = MiscServices::TimeServiceClient::GetInstance()->GetBootTimeMs();
220 MiscServices::TimeServiceClient::GetInstance()->StopTimer(timerId);
221 MiscServices::TimeServiceClient::GetInstance()->StartTimer(timerId, currentTime + DEFAULT_STRONG_AUTH_TIMEOUT_MS);
222 return;
223 }
224
DestroyAllStrongAuthTimer()225 void StrongAuthManger::DestroyAllStrongAuthTimer()
226 {
227 for (auto iter = strongAuthStateInfo.begin(); iter != strongAuthStateInfo.end(); ++iter) {
228 DestroyStrongAuthTimer(iter->first);
229 }
230 return;
231 }
232
DestroyStrongAuthTimer(int32_t userId)233 void StrongAuthManger::DestroyStrongAuthTimer(int32_t userId)
234 {
235 std::unique_lock<std::mutex> lock(strongAuthTimerMutex);
236 uint64_t timerId = GetTimerId(userId);
237 if (timerId == 0) {
238 return;
239 }
240 MiscServices::TimeServiceClient::GetInstance()->StopTimer(timerId);
241 MiscServices::TimeServiceClient::GetInstance()->DestroyTimer(timerId);
242 strongAuthTimerInfo.erase(userId);
243 return;
244 }
245
SetStrongAuthStat(int32_t userId,int32_t reasonFlag)246 void StrongAuthManger::SetStrongAuthStat(int32_t userId, int32_t reasonFlag)
247 {
248 std::lock_guard<std::mutex> lock(strongAuthTimerMutex);
249 auto iter = strongAuthStateInfo.find(userId);
250 if (iter != strongAuthStateInfo.end()) {
251 iter->second = reasonFlag;
252 SCLOCK_HILOGI("SetStrongAuthStat, reasonFlag:%{public}u", reasonFlag);
253 return;
254 }
255 strongAuthStateInfo.insert(std::make_pair(userId, reasonFlag));
256 return;
257 }
258
GetStrongAuthStat(int32_t userId)259 int32_t StrongAuthManger::GetStrongAuthStat(int32_t userId)
260 {
261 std::lock_guard<std::mutex> lock(strongAuthTimerMutex);
262 int32_t reasonFlag = static_cast<int32_t>(StrongAuthReasonFlags::AFTER_BOOT);
263 auto iter = strongAuthStateInfo.find(userId);
264 if (IsOsAccountUnlocked(userId) && iter != strongAuthStateInfo.end()) {
265 reasonFlag = iter->second;
266 SCLOCK_HILOGI("GetStrongAuthStat, reasonFlag:%{public}u", reasonFlag);
267 }
268 return reasonFlag;
269 }
270 } // namespace ScreenLock
271 } // namespace OHOS
272 #endif // IS_SO_CROP_H