1 /*
2 * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "account_iam_client.h"
17
18 #include "accesstoken_kit.h"
19 #include "account_error_no.h"
20 #include "account_iam_callback_service.h"
21 #include "account_log_wrapper.h"
22 #include "account_proxy.h"
23 #include "account_permission_manager.h"
24 #include "ipc_skeleton.h"
25 #include "ohos_account_kits_impl.h"
26 #include "os_account_manager.h"
27 #ifdef HAS_PIN_AUTH_PART
28 #include "pinauth_register.h"
29 #endif
30
31 namespace OHOS {
32 namespace AccountSA {
33 namespace {
34 const char PERMISSION_ACCESS_PIN_AUTH[] = "ohos.permission.ACCESS_PIN_AUTH";
35 const char PERMISSION_MANAGE_USER_IDM[] = "ohos.permission.MANAGE_USER_IDM";
36 const char PERMISSION_ACCESS_USER_AUTH_INTERNAL[] = "ohos.permission.ACCESS_USER_AUTH_INTERNAL";
37 }
38
GetInstance()39 AccountIAMClient &AccountIAMClient::GetInstance()
40 {
41 static AccountIAMClient *instance = new (std::nothrow) AccountIAMClient();
42 return *instance;
43 }
44
OpenSession(int32_t userId,std::vector<uint8_t> & challenge)45 int32_t AccountIAMClient::OpenSession(int32_t userId, std::vector<uint8_t> &challenge)
46 {
47 auto proxy = GetAccountIAMProxy();
48 if (proxy == nullptr) {
49 return ERR_ACCOUNT_COMMON_GET_PROXY;
50 }
51 return proxy->OpenSession(userId, challenge);
52 }
53
CloseSession(int32_t userId)54 int32_t AccountIAMClient::CloseSession(int32_t userId)
55 {
56 auto proxy = GetAccountIAMProxy();
57 if (proxy == nullptr) {
58 return ERR_ACCOUNT_COMMON_GET_PROXY;
59 }
60 return proxy->CloseSession(userId);
61 }
62
AddCredential(int32_t userId,const CredentialParameters & credInfo,const std::shared_ptr<IDMCallback> & callback)63 void AccountIAMClient::AddCredential(
64 int32_t userId, const CredentialParameters& credInfo, const std::shared_ptr<IDMCallback> &callback)
65 {
66 if (callback == nullptr) {
67 ACCOUNT_LOGE("the callback for adding credential is nullptr");
68 return;
69 }
70 Attributes emptyResult;
71 auto proxy = GetAccountIAMProxy();
72 if (proxy == nullptr) {
73 callback->OnResult(ERR_ACCOUNT_COMMON_GET_PROXY, emptyResult);
74 return;
75 }
76 if ((userId == -1) && (!GetCurrentUserId(userId))) {
77 ACCOUNT_LOGE("fail to add credential for invalid userId");
78 callback->OnResult(ERR_ACCOUNT_COMMON_INVALID_PARAMETER, emptyResult);
79 return;
80 }
81 if (credInfo.authType == AuthType::PIN) {
82 SetAuthSubType(userId, static_cast<int32_t>(credInfo.pinType.value_or(PinSubType::PIN_MAX)));
83 }
84 sptr<IIDMCallback> wrapper = new (std::nothrow) IDMCallbackService(userId, callback);
85 proxy->AddCredential(userId, credInfo, wrapper);
86 }
87
UpdateCredential(int32_t userId,const CredentialParameters & credInfo,const std::shared_ptr<IDMCallback> & callback)88 void AccountIAMClient::UpdateCredential(
89 int32_t userId, const CredentialParameters& credInfo, const std::shared_ptr<IDMCallback> &callback)
90 {
91 if (callback == nullptr) {
92 ACCOUNT_LOGE("the callback for updating credential is nullptr");
93 return;
94 }
95 Attributes emptyResult;
96 auto proxy = GetAccountIAMProxy();
97 if (proxy == nullptr) {
98 callback->OnResult(ERR_ACCOUNT_COMMON_GET_PROXY, emptyResult);
99 return;
100 }
101 if ((userId == -1) && (!GetCurrentUserId(userId))) {
102 ACCOUNT_LOGE("fail to update credential for invalid userId");
103 callback->OnResult(ERR_ACCOUNT_COMMON_INVALID_PARAMETER, emptyResult);
104 return;
105 }
106 if (credInfo.authType == AuthType::PIN) {
107 SetAuthSubType(userId, static_cast<int32_t>(credInfo.pinType.value_or(PinSubType::PIN_MAX)));
108 }
109 sptr<IIDMCallback> wrapper = new (std::nothrow) IDMCallbackService(userId, callback);
110 proxy->UpdateCredential(userId, credInfo, wrapper);
111 }
112
DelCred(int32_t userId,uint64_t credentialId,const std::vector<uint8_t> & authToken,const std::shared_ptr<IDMCallback> & callback)113 void AccountIAMClient::DelCred(int32_t userId, uint64_t credentialId, const std::vector<uint8_t> &authToken,
114 const std::shared_ptr<IDMCallback>& callback)
115 {
116 if (callback == nullptr) {
117 ACCOUNT_LOGE("the callback for deleting credential is nullptr");
118 return;
119 }
120 Attributes emptyResult;
121 auto proxy = GetAccountIAMProxy();
122 if (proxy == nullptr) {
123 callback->OnResult(ERR_ACCOUNT_COMMON_GET_PROXY, emptyResult);
124 return;
125 }
126 if ((userId == -1) && (!GetCurrentUserId(userId))) {
127 callback->OnResult(ERR_ACCOUNT_COMMON_INVALID_PARAMETER, emptyResult);
128 return;
129 }
130 sptr<IIDMCallback> wrapper = new (std::nothrow) IDMCallbackService(userId, callback);
131 proxy->DelCred(userId, credentialId, authToken, wrapper);
132 }
133
DelUser(int32_t userId,const std::vector<uint8_t> & authToken,const std::shared_ptr<IDMCallback> & callback)134 void AccountIAMClient::DelUser(
135 int32_t userId, const std::vector<uint8_t> &authToken, const std::shared_ptr<IDMCallback> &callback)
136 {
137 if (callback == nullptr) {
138 ACCOUNT_LOGE("the callback for deleting user is nullptr");
139 return;
140 }
141 Attributes emptyResult;
142 auto proxy = GetAccountIAMProxy();
143 if (proxy == nullptr) {
144 callback->OnResult(ERR_ACCOUNT_COMMON_GET_PROXY, emptyResult);
145 return;
146 }
147 if ((userId == -1) && (!GetCurrentUserId(userId))) {
148 callback->OnResult(ERR_ACCOUNT_COMMON_INVALID_PARAMETER, emptyResult);
149 return;
150 }
151 sptr<IIDMCallback> wrapper = new (std::nothrow) IDMCallbackService(userId, callback);
152 proxy->DelUser(userId, authToken, wrapper);
153 }
154
GetCredentialInfo(int32_t userId,AuthType authType,const std::shared_ptr<GetCredInfoCallback> & callback)155 int32_t AccountIAMClient::GetCredentialInfo(
156 int32_t userId, AuthType authType, const std::shared_ptr<GetCredInfoCallback> &callback)
157 {
158 if (callback == nullptr) {
159 ACCOUNT_LOGE("The callback for get credential info is nullptr");
160 return ERR_ACCOUNT_COMMON_NULL_PTR_ERROR;
161 }
162 std::vector<CredentialInfo> infoList;
163 auto proxy = GetAccountIAMProxy();
164 if (proxy == nullptr) {
165 callback->OnCredentialInfo(ERR_ACCOUNT_COMMON_GET_PROXY, infoList);
166 return ERR_ACCOUNT_COMMON_GET_PROXY;
167 }
168 sptr<IGetCredInfoCallback> wrapper = new (std::nothrow) GetCredInfoCallbackService(callback);
169 ErrCode result = proxy->GetCredentialInfo(userId, authType, wrapper);
170 if (result != ERR_OK) {
171 callback->OnCredentialInfo(result, infoList);
172 }
173 return result;
174 }
175
Cancel(int32_t userId)176 int32_t AccountIAMClient::Cancel(int32_t userId)
177 {
178 auto proxy = GetAccountIAMProxy();
179 if (proxy == nullptr) {
180 return ERR_ACCOUNT_COMMON_GET_PROXY;
181 }
182 return proxy->Cancel(userId);
183 }
184
185 #ifdef HAS_PIN_AUTH_PART
StartDomainAuth(int32_t userId,const std::shared_ptr<IDMCallback> & callback)186 uint64_t AccountIAMClient::StartDomainAuth(int32_t userId, const std::shared_ptr<IDMCallback> &callback)
187 {
188 std::lock_guard<std::mutex> lock(domainMutex_);
189 Attributes emptyResult;
190 if (domainInputer_ == nullptr) {
191 ACCOUNT_LOGE("the registered inputer is not found or invalid");
192 callback->OnResult(ERR_ACCOUNT_IAM_KIT_INPUTER_NOT_REGISTERED, emptyResult);
193 return 0;
194 }
195 domainInputer_->OnGetData(IAMAuthType::DOMAIN, std::vector<uint8_t>(),
196 std::make_shared<DomainCredentialRecipient>(userId, callback));
197 return 0;
198 }
199 #endif
200
PrepareRemoteAuth(const std::string & remoteNetworkId,const std::shared_ptr<PreRemoteAuthCallback> & callback)201 int32_t AccountIAMClient::PrepareRemoteAuth(
202 const std::string &remoteNetworkId, const std::shared_ptr<PreRemoteAuthCallback> &callback)
203 {
204 if (callback == nullptr) {
205 ACCOUNT_LOGE("Callback for PrepareRemoteAuth is nullptr.");
206 return ERR_ACCOUNT_COMMON_NULL_PTR_ERROR;
207 }
208 auto proxy = GetAccountIAMProxy();
209 if (proxy == nullptr) {
210 callback->OnResult(ERR_ACCOUNT_COMMON_GET_PROXY);
211 return ERR_ACCOUNT_COMMON_GET_PROXY;
212 }
213 sptr<IPreRemoteAuthCallback> wrapper = new (std::nothrow) PreRemoteAuthCallbackService(callback);
214 return proxy->PrepareRemoteAuth(remoteNetworkId, wrapper);
215 }
216
Auth(AuthOptions & authOptions,const std::vector<uint8_t> & challenge,AuthType authType,AuthTrustLevel authTrustLevel,const std::shared_ptr<IDMCallback> & callback)217 uint64_t AccountIAMClient::Auth(AuthOptions& authOptions, const std::vector<uint8_t> &challenge,
218 AuthType authType, AuthTrustLevel authTrustLevel, const std::shared_ptr<IDMCallback> &callback)
219 {
220 return AuthUser(authOptions, challenge, authType, authTrustLevel, callback);
221 }
222
AuthUser(AuthOptions & authOptions,const std::vector<uint8_t> & challenge,AuthType authType,AuthTrustLevel authTrustLevel,const std::shared_ptr<IDMCallback> & callback)223 uint64_t AccountIAMClient::AuthUser(
224 AuthOptions &authOptions, const std::vector<uint8_t> &challenge, AuthType authType,
225 AuthTrustLevel authTrustLevel, const std::shared_ptr<IDMCallback> &callback)
226 {
227 uint64_t contextId = 0;
228 if (callback == nullptr) {
229 ACCOUNT_LOGE("callback is nullptr");
230 return contextId;
231 }
232 Attributes emptyResult;
233 auto proxy = GetAccountIAMProxy();
234 if (proxy == nullptr) {
235 callback->OnResult(ERR_ACCOUNT_COMMON_GET_PROXY, emptyResult);
236 return contextId;
237 }
238 if ((!authOptions.hasRemoteAuthOptions) && (authOptions.accountId == -1) &&
239 (!GetCurrentUserId(authOptions.accountId))) {
240 callback->OnResult(ERR_ACCOUNT_COMMON_INVALID_PARAMETER, emptyResult);
241 return contextId;
242 }
243 #ifdef HAS_PIN_AUTH_PART
244 if (static_cast<int32_t>(authType) == static_cast<int32_t>(IAMAuthType::DOMAIN)) {
245 return StartDomainAuth(authOptions.accountId, callback);
246 }
247 #endif
248 sptr<IIDMCallback> wrapper = new (std::nothrow) IDMCallbackService(authOptions.accountId, callback);
249 AuthParam authParam;
250 authParam.challenge = challenge;
251 authParam.authType = authType;
252 authParam.authTrustLevel = authTrustLevel;
253 authParam.userId = authOptions.accountId;
254 authParam.authIntent = authOptions.authIntent;
255 if (authOptions.hasRemoteAuthOptions) {
256 authParam.remoteAuthParam = RemoteAuthParam();
257 if (authOptions.remoteAuthOptions.hasVerifierNetworkId) {
258 authParam.remoteAuthParam.value().verifierNetworkId = authOptions.remoteAuthOptions.verifierNetworkId;
259 }
260 if (authOptions.remoteAuthOptions.hasCollectorNetworkId) {
261 authParam.remoteAuthParam.value().collectorNetworkId = authOptions.remoteAuthOptions.collectorNetworkId;
262 }
263 if (authOptions.remoteAuthOptions.hasCollectorTokenId) {
264 authParam.remoteAuthParam.value().collectorTokenId = authOptions.remoteAuthOptions.collectorTokenId;
265 }
266 }
267 ErrCode result = proxy->AuthUser(authParam, wrapper, contextId);
268 if (result != ERR_OK) {
269 ACCOUNT_LOGE("Failed to auth user, result = %{public}d", result);
270 callback->OnResult(result, emptyResult);
271 }
272 return contextId;
273 }
274
CancelAuth(uint64_t contextId)275 int32_t AccountIAMClient::CancelAuth(uint64_t contextId)
276 {
277 auto proxy = GetAccountIAMProxy();
278 if (proxy == nullptr) {
279 return ERR_ACCOUNT_COMMON_GET_PROXY;
280 }
281 return proxy->CancelAuth(contextId);
282 }
283
GetAvailableStatus(AuthType authType,AuthTrustLevel authTrustLevel,int32_t & status)284 int32_t AccountIAMClient::GetAvailableStatus(AuthType authType, AuthTrustLevel authTrustLevel, int32_t &status)
285 {
286 auto proxy = GetAccountIAMProxy();
287 if (proxy == nullptr) {
288 return ERR_ACCOUNT_COMMON_GET_PROXY;
289 }
290 if (authTrustLevel < UserIam::UserAuth::ATL1 || authTrustLevel > UserIam::UserAuth::ATL4) {
291 ACCOUNT_LOGE("authTrustLevel is not in correct range");
292 return ERR_ACCOUNT_COMMON_INVALID_PARAMETER;
293 }
294 if (authType < UserIam::UserAuth::ALL) {
295 ACCOUNT_LOGE("authType is not in correct range");
296 return ERR_ACCOUNT_COMMON_INVALID_PARAMETER;
297 }
298 return proxy->GetAvailableStatus(authType, authTrustLevel, status);
299 }
300
GetProperty(int32_t userId,const GetPropertyRequest & request,const std::shared_ptr<GetSetPropCallback> & callback)301 void AccountIAMClient::GetProperty(
302 int32_t userId, const GetPropertyRequest &request, const std::shared_ptr<GetSetPropCallback> &callback)
303 {
304 if (callback == nullptr) {
305 ACCOUNT_LOGE("the callback for getting property is nullptr");
306 return;
307 }
308 Attributes emptyResult;
309 auto proxy = GetAccountIAMProxy();
310 if (proxy == nullptr) {
311 callback->OnResult(ERR_ACCOUNT_COMMON_GET_PROXY, emptyResult);
312 return;
313 }
314 sptr<IGetSetPropCallback> wrapper = new (std::nothrow) GetSetPropCallbackService(callback);
315 proxy->GetProperty(userId, request, wrapper);
316 }
317
GetPropertyByCredentialId(uint64_t credentialId,std::vector<Attributes::AttributeKey> & keys,const std::shared_ptr<GetSetPropCallback> & callback)318 void AccountIAMClient::GetPropertyByCredentialId(uint64_t credentialId,
319 std::vector<Attributes::AttributeKey> &keys, const std::shared_ptr<GetSetPropCallback> &callback)
320 {
321 if (callback == nullptr) {
322 ACCOUNT_LOGE("The callback for getting property is nullptr");
323 return;
324 }
325 Attributes emptyResult;
326 auto proxy = GetAccountIAMProxy();
327 if (proxy == nullptr) {
328 callback->OnResult(ERR_ACCOUNT_COMMON_GET_PROXY, emptyResult);
329 return;
330 }
331 sptr<IGetSetPropCallback> wrapper = new (std::nothrow) GetSetPropCallbackService(callback);
332 proxy->GetPropertyByCredentialId(credentialId, keys, wrapper);
333 }
334
SetProperty(int32_t userId,const SetPropertyRequest & request,const std::shared_ptr<GetSetPropCallback> & callback)335 void AccountIAMClient::SetProperty(
336 int32_t userId, const SetPropertyRequest &request, const std::shared_ptr<GetSetPropCallback> &callback)
337 {
338 if (callback == nullptr) {
339 ACCOUNT_LOGE("the callback for setting property is nullptr");
340 return;
341 }
342 Attributes emptyResult;
343 auto proxy = GetAccountIAMProxy();
344 if (proxy == nullptr) {
345 callback->OnResult(ERR_ACCOUNT_COMMON_GET_PROXY, emptyResult);
346 return;
347 }
348 sptr<IGetSetPropCallback> wrapper = new (std::nothrow) GetSetPropCallbackService(callback);
349 proxy->SetProperty(userId, request, wrapper);
350 }
351
GetEnrolledId(int32_t accountId,AuthType authType,const std::shared_ptr<GetEnrolledIdCallback> & callback)352 void AccountIAMClient::GetEnrolledId(
353 int32_t accountId, AuthType authType, const std::shared_ptr<GetEnrolledIdCallback> &callback)
354 {
355 if (callback == nullptr) {
356 ACCOUNT_LOGE("The callback for get enrolled id is nullptr");
357 return;
358 }
359 uint64_t emptyResult = 0;
360 auto proxy = GetAccountIAMProxy();
361 if (proxy == nullptr) {
362 callback->OnEnrolledId(ERR_ACCOUNT_COMMON_GET_PROXY, emptyResult);
363 return;
364 }
365 sptr<IGetEnrolledIdCallback> wrapper = new (std::nothrow) GetEnrolledIdCallbackService(callback);
366 if (wrapper == nullptr) {
367 ACCOUNT_LOGE("The wrapper is nullptr");
368 callback->OnEnrolledId(ERR_ACCOUNT_COMMON_INSUFFICIENT_MEMORY_ERROR, emptyResult);
369 return;
370 }
371 proxy->GetEnrolledId(accountId, authType, wrapper);
372 }
373
CheckSelfPermission(const std::string & permissionName)374 bool AccountIAMClient::CheckSelfPermission(const std::string &permissionName)
375 {
376 Security::AccessToken::AccessTokenID tokenId = IPCSkeleton::GetSelfTokenID();
377 ErrCode result = Security::AccessToken::AccessTokenKit::VerifyAccessToken(tokenId, permissionName);
378 return result == Security::AccessToken::TypePermissionState::PERMISSION_GRANTED;
379 }
380
381 #ifdef HAS_PIN_AUTH_PART
RegisterPINInputer(const std::shared_ptr<IInputer> & inputer)382 ErrCode AccountIAMClient::RegisterPINInputer(const std::shared_ptr<IInputer> &inputer)
383 {
384 std::lock_guard<std::mutex> lock(pinMutex_);
385 ErrCode result = AccountPermissionManager::CheckSystemApp(false);
386 if (result != ERR_OK) {
387 ACCOUNT_LOGE("is not system application, result = %{public}u.", result);
388 return result;
389 }
390 if (pinInputer_ != nullptr) {
391 ACCOUNT_LOGE("inputer is already registered");
392 return ERR_ACCOUNT_IAM_KIT_INPUTER_ALREADY_REGISTERED;
393 }
394 int32_t userId = -1;
395 if (!GetCurrentUserId(userId)) {
396 return ERR_ACCOUNT_IAM_KIT_GET_USERID_FAIL;
397 }
398 auto iamInputer = std::make_shared<IAMInputer>(userId, inputer);
399 if (UserIam::PinAuth::PinAuthRegister::GetInstance().RegisterInputer(iamInputer)) {
400 pinInputer_ = inputer;
401 ACCOUNT_LOGI("Register inputer successful!");
402 return ERR_OK;
403 }
404 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
405 }
406
RegisterDomainInputer(const std::shared_ptr<IInputer> & inputer)407 ErrCode AccountIAMClient::RegisterDomainInputer(const std::shared_ptr<IInputer> &inputer)
408 {
409 std::lock_guard<std::mutex> lock(domainMutex_);
410 if (domainInputer_ != nullptr) {
411 ACCOUNT_LOGE("inputer is already registered");
412 return ERR_ACCOUNT_IAM_KIT_INPUTER_ALREADY_REGISTERED;
413 }
414 domainInputer_ = inputer;
415 return ERR_OK;
416 }
417
RegisterInputer(int32_t authType,const std::shared_ptr<IInputer> & inputer)418 ErrCode AccountIAMClient::RegisterInputer(int32_t authType, const std::shared_ptr<IInputer> &inputer)
419 {
420 ErrCode result = AccountPermissionManager::CheckSystemApp(false);
421 if (result != ERR_OK) {
422 ACCOUNT_LOGE("is not system application, result = %{public}u.", result);
423 return result;
424 }
425 if ((!CheckSelfPermission(PERMISSION_ACCESS_USER_AUTH_INTERNAL)) &&
426 (!CheckSelfPermission(PERMISSION_MANAGE_USER_IDM))) {
427 ACCOUNT_LOGE("failed to check permission");
428 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
429 }
430 if (inputer == nullptr) {
431 ACCOUNT_LOGE("inputer is nullptr");
432 return ERR_ACCOUNT_COMMON_INVALID_PARAMETER;
433 }
434 switch (authType) {
435 case IAMAuthType::DOMAIN:
436 return RegisterDomainInputer(inputer);
437 default:
438 ACCOUNT_LOGE("Unsupport auth type = %{public}d", authType);
439 return ERR_ACCOUNT_IAM_UNSUPPORTED_AUTH_TYPE;
440 }
441 }
442
UnregisterInputer(int32_t authType)443 ErrCode AccountIAMClient::UnregisterInputer(int32_t authType)
444 {
445 ErrCode result = AccountPermissionManager::CheckSystemApp(false);
446 if (result != ERR_OK) {
447 ACCOUNT_LOGE("is not system application, result = %{public}u.", result);
448 return result;
449 }
450 if ((!CheckSelfPermission(PERMISSION_ACCESS_USER_AUTH_INTERNAL)) &&
451 (!CheckSelfPermission(PERMISSION_MANAGE_USER_IDM))) {
452 ACCOUNT_LOGE("failed to check permission");
453 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
454 }
455 switch (authType) {
456 case IAMAuthType::DOMAIN:
457 return UnregisterDomainInputer();
458 default:
459 ACCOUNT_LOGE("Unsupport auth type = %{public}d", authType);
460 return ERR_ACCOUNT_IAM_UNSUPPORTED_AUTH_TYPE;
461 }
462 return ERR_OK;
463 }
464
UnregisterPINInputer()465 ErrCode AccountIAMClient::UnregisterPINInputer()
466 {
467 ErrCode result = AccountPermissionManager::CheckSystemApp(false);
468 if (result != ERR_OK) {
469 ACCOUNT_LOGE("is not system application, result = %{public}u.", result);
470 return result;
471 }
472 if (!CheckSelfPermission(PERMISSION_ACCESS_PIN_AUTH)) {
473 ACCOUNT_LOGE("failed to check permission");
474 return ERR_ACCOUNT_COMMON_PERMISSION_DENIED;
475 }
476 UserIam::PinAuth::PinAuthRegister::GetInstance().UnRegisterInputer();
477 std::lock_guard<std::mutex> lock(pinMutex_);
478 pinInputer_ = nullptr;
479 ACCOUNT_LOGI("Unregister PIN inputer successful!");
480 return ERR_OK;
481 }
482
UnregisterDomainInputer()483 ErrCode AccountIAMClient::UnregisterDomainInputer()
484 {
485 std::lock_guard<std::mutex> lock(domainMutex_);
486 domainInputer_ = nullptr;
487 return ERR_OK;
488 }
489 #endif
490
GetAccountState(int32_t userId)491 IAMState AccountIAMClient::GetAccountState(int32_t userId)
492 {
493 auto proxy = GetAccountIAMProxy();
494 if (proxy == nullptr) {
495 return IDLE;
496 }
497 return proxy->GetAccountState(userId);
498 }
499
SetAuthSubType(int32_t userId,int32_t authSubType)500 void AccountIAMClient::SetAuthSubType(int32_t userId, int32_t authSubType)
501 {
502 std::lock_guard<std::mutex> lock(mutex_);
503 auto it = credentialMap_.find(userId);
504 if (it != credentialMap_.end()) {
505 return;
506 }
507 credentialMap_[userId] = {
508 .type = authSubType
509 };
510 }
511
GetAuthSubType(int32_t userId)512 int32_t AccountIAMClient::GetAuthSubType(int32_t userId)
513 {
514 std::lock_guard<std::mutex> lock(mutex_);
515 auto it = credentialMap_.find(userId);
516 if (it != credentialMap_.end()) {
517 return it->second.type;
518 }
519 return 0;
520 }
521
GetCurrentUserId(int32_t & userId)522 bool AccountIAMClient::GetCurrentUserId(int32_t &userId)
523 {
524 std::vector<int32_t> userIds;
525 if ((OsAccountManager::QueryActiveOsAccountIds(userIds) != ERR_OK) || userIds.empty()) {
526 ACCOUNT_LOGE("fail to get activated os account ids");
527 return false;
528 }
529 userId = userIds[0];
530 return true;
531 }
532
ResetAccountIAMProxy(const wptr<IRemoteObject> & remote)533 void AccountIAMClient::ResetAccountIAMProxy(const wptr<IRemoteObject>& remote)
534 {
535 std::lock_guard<std::mutex> lock(mutex_);
536 if (proxy_ == nullptr) {
537 ACCOUNT_LOGE("proxy is nullptr");
538 return;
539 }
540 auto serviceRemote = proxy_->AsObject();
541 if ((serviceRemote != nullptr) && (serviceRemote == remote.promote())) {
542 serviceRemote->RemoveDeathRecipient(deathRecipient_);
543 proxy_ = nullptr;
544 }
545 }
546
OnRemoteDied(const wptr<IRemoteObject> & remote)547 void AccountIAMClient::AccountIAMDeathRecipient::OnRemoteDied(const wptr<IRemoteObject> &remote)
548 {
549 if (remote == nullptr) {
550 ACCOUNT_LOGE("remote is nullptr");
551 return;
552 }
553 AccountIAMClient::GetInstance().ResetAccountIAMProxy(remote);
554 }
555
GetAccountIAMProxy()556 sptr<IAccountIAM> AccountIAMClient::GetAccountIAMProxy()
557 {
558 std::lock_guard<std::mutex> lock(mutex_);
559 if (proxy_ != nullptr) {
560 return proxy_;
561 }
562 sptr<IRemoteObject> object = OhosAccountKitsImpl::GetInstance().GetAccountIAMService();
563 if (object == nullptr) {
564 ACCOUNT_LOGE("failed to get account iam service");
565 return nullptr;
566 }
567 deathRecipient_ = new (std::nothrow) AccountIAMDeathRecipient();
568 if (deathRecipient_ == nullptr) {
569 ACCOUNT_LOGE("failed to create account iam death recipient");
570 return nullptr;
571 }
572 if (!object->AddDeathRecipient(deathRecipient_)) {
573 ACCOUNT_LOGE("failed to add account iam death recipient");
574 deathRecipient_ = nullptr;
575 return nullptr;
576 }
577 proxy_ = iface_cast<IAccountIAM>(object);
578 if (proxy_ == nullptr) {
579 ACCOUNT_LOGE("failed to get account iam proxy");
580 }
581 return proxy_;
582 }
583 } // namespace AccountSA
584 } // namespace OHOS
585