1 /*
2 * Copyright (C) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <memory>
17 #include <string>
18 #include <tuple>
19 #include <vector>
20 #include "app_details_data_mgr.h"
21 #include "ipc_skeleton.h"
22 #include "app_domain_verify_mgr_service.h"
23 #include "system_ability_definition.h"
24 #include "domain_url_util.h"
25 #include "app_domain_verify_agent_client.h"
26 #include "app_domain_verify_error.h"
27 #include "bundle_info_query.h"
28 namespace OHOS {
29 namespace AppDomainVerify {
30 constexpr const char* GET_DOMAIN_VERIFY_INFO = "ohos.permission.GET_APP_DOMAIN_BUNDLE_INFO";
31 const bool REGISTER_RESULT = SystemAbility::MakeAndRegisterAbility(new (std::nothrow) AppDomainVerifyMgrService());
32 const std::string HTTPS = "https";
33 const std::set<std::string> SCHEME_WHITE_SET = { HTTPS };
34 const std::string FUZZY_HOST_START = "*.";
35
AppDomainVerifyMgrService()36 AppDomainVerifyMgrService::AppDomainVerifyMgrService() : SystemAbility(APP_DOMAIN_VERIFY_MANAGER_SA_ID, true)
37 {
38 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "new instance create.");
39 appDetailsDataMgr_ = std::make_shared<AppDetailsDataMgr>();
40 }
41
~AppDomainVerifyMgrService()42 AppDomainVerifyMgrService::~AppDomainVerifyMgrService()
43 {
44 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "instance dead.");
45 }
46
VerifyDomain(const std::string & appIdentifier,const std::string & bundleName,const std::string & fingerprint,const std::vector<SkillUri> & skillUris)47 void AppDomainVerifyMgrService::VerifyDomain(const std::string& appIdentifier, const std::string& bundleName,
48 const std::string& fingerprint, const std::vector<SkillUri>& skillUris)
49 {
50 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
51 if (!PermissionManager::IsSACall()) {
52 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
53 return;
54 }
55 AppVerifyBaseInfo appVerifyBaseInfo;
56 appVerifyBaseInfo.appIdentifier = appIdentifier;
57 appVerifyBaseInfo.bundleName = bundleName;
58 appVerifyBaseInfo.fingerprint = fingerprint;
59
60 VerifyResultInfo verifyResultInfo;
61 verifyResultInfo.appIdentifier = appIdentifier;
62
63 CollectDomains(skillUris, verifyResultInfo);
64 DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->InsertVerifyStatus(bundleName, verifyResultInfo);
65 AppDomainVerifyAgentClient::GetInstance()->SingleVerify(appVerifyBaseInfo, verifyResultInfo);
66 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
67 }
68
ClearDomainVerifyStatus(const std::string & appIdentifier,const std::string & bundleName)69 bool AppDomainVerifyMgrService::ClearDomainVerifyStatus(const std::string& appIdentifier, const std::string& bundleName)
70 {
71 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called, bundlename:%{public}s", bundleName.c_str());
72 if (!PermissionManager::IsSACall()) {
73 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
74 return false;
75 }
76 bool res = DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->DeleteVerifyStatus(bundleName);
77 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
78 return res;
79 }
80
FilterAbilities(const OHOS::AAFwk::Want & want,const std::vector<OHOS::AppExecFwk::AbilityInfo> & originAbilityInfos,std::vector<OHOS::AppExecFwk::AbilityInfo> & filteredAbilityInfos)81 bool AppDomainVerifyMgrService::FilterAbilities(const OHOS::AAFwk::Want& want,
82 const std::vector<OHOS::AppExecFwk::AbilityInfo>& originAbilityInfos,
83 std::vector<OHOS::AppExecFwk::AbilityInfo>& filteredAbilityInfos)
84 {
85 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
86 if (!PermissionManager::IsSACall()) {
87 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
88 return false;
89 }
90 if (!IsWantImplicit(want)) {
91 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "want is not implicit.");
92 return false;
93 }
94
95 std::string uriString = want.GetUriString();
96 std::string scheme = UrlUtil::GetScheme(uriString);
97 std::string host = UrlUtil::GetHost(uriString);
98 if (scheme.empty() || host.empty()) {
99 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "uriString is not valid.");
100 return false;
101 }
102 std::string hostVerifyKey = scheme + "://" + host;
103 for (auto it = originAbilityInfos.begin(); it != originAbilityInfos.end(); ++it) {
104 // todo bms AbilityInfo contains appIdentifier
105 VerifyResultInfo verifyResultInfo;
106 // get from emory variable, non-IO operation.
107 if (DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->GetVerifyStatus(
108 it->bundleName, verifyResultInfo)) {
109 auto itr = verifyResultInfo.hostVerifyStatusMap.find(hostVerifyKey);
110 if (itr != verifyResultInfo.hostVerifyStatusMap.end() &&
111 std::get<0>(itr->second) == InnerVerifyStatus::STATE_SUCCESS) {
112 filteredAbilityInfos.emplace_back(*it);
113 }
114 }
115 }
116 if (filteredAbilityInfos.empty()) {
117 !IsUrlInBlackList(hostVerifyKey) ?
118 deferredLinkMgr_->PutDeferredLink(
119 { .domain = hostVerifyKey, .url = uriString, .timeStamp = GetSecondsSince1970ToNow() }) :
120 void();
121 } else {
122 // Calling openlink may call FilterAbilities multiple times, the link will be stored when matching default
123 // browser's abilities, so remove it if the link matches verified abilities.
124 deferredLinkMgr_->RemoveDeferredLink({ .domain = hostVerifyKey, .url = uriString });
125 }
126
127 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
128 return true;
129 }
130
QueryDomainVerifyStatus(const std::string & bundleName,DomainVerifyStatus & domainVerificationState)131 bool AppDomainVerifyMgrService::QueryDomainVerifyStatus(
132 const std::string& bundleName, DomainVerifyStatus& domainVerificationState)
133 {
134 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
135 if (!PermissionManager::IsSACall()) {
136 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
137 return false;
138 }
139 VerifyResultInfo verifyResultInfo;
140 bool res = DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->GetVerifyStatus(bundleName, verifyResultInfo);
141 domainVerificationState = DomainVerifyStatus::STATE_NONE;
142 for (auto it = verifyResultInfo.hostVerifyStatusMap.begin();
143 res && it != verifyResultInfo.hostVerifyStatusMap.end(); ++it) {
144 if (std::get<0>(it->second) == InnerVerifyStatus::STATE_SUCCESS) {
145 domainVerificationState = DomainVerifyStatus::STATE_VERIFIED;
146 break;
147 }
148 }
149 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
150 return res;
151 }
152
QueryAllDomainVerifyStatus(BundleVerifyStatusInfo & bundleVerifyStatusInfo)153 bool AppDomainVerifyMgrService::QueryAllDomainVerifyStatus(BundleVerifyStatusInfo& bundleVerifyStatusInfo)
154 {
155 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
156 if (!PermissionManager::IsSACall()) {
157 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
158 return false;
159 }
160 bundleVerifyStatusInfo.bundleVerifyStatusInfoMap_ =
161 DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->GetAllVerifyStatus();
162 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
163 return true;
164 }
165
SaveDomainVerifyStatus(const std::string & bundleName,const VerifyResultInfo & verifyResultInfo)166 bool AppDomainVerifyMgrService::SaveDomainVerifyStatus(
167 const std::string& bundleName, const VerifyResultInfo& verifyResultInfo)
168 {
169 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
170 if (!PermissionManager::IsSACall()) {
171 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
172 return false;
173 }
174 bool res = DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->UpdateVerifyStatus(
175 bundleName, verifyResultInfo);
176 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
177 return res;
178 }
IsAtomicServiceUrl(const std::string & url)179 bool AppDomainVerifyMgrService::IsAtomicServiceUrl(const std::string& url)
180 {
181 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
182 if (!PermissionManager::IsSACall()) {
183 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
184 return false;
185 }
186 if (!InitConfigMgr()) {
187 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "InitConfigMgr failed.");
188 return false;
189 }
190 return whiteListConfigMgr_->IsInWhiteList(url);
191 }
ConvertToExplicitWant(OHOS::AAFwk::Want & implicitWant,sptr<IConvertCallback> & callback)192 void AppDomainVerifyMgrService::ConvertToExplicitWant(OHOS::AAFwk::Want& implicitWant, sptr<IConvertCallback>& callback)
193 {
194 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
195 if (!PermissionManager::IsSACall()) {
196 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
197 return;
198 }
199 AppDomainVerifyAgentClient::GetInstance()->ConvertToExplicitWant(implicitWant, callback);
200 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
201 }
202
UpdateWhiteListUrls(const std::vector<std::string> & urls)203 void AppDomainVerifyMgrService::UpdateWhiteListUrls(const std::vector<std::string>& urls)
204 {
205 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
206 if (!PermissionManager::IsSACall()) {
207 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
208 return;
209 }
210 if (!InitConfigMgr()) {
211 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "InitConfigMgr failed.");
212 return;
213 }
214 std::unordered_set<std::string> whiteList(urls.begin(), urls.end());
215 whiteListConfigMgr_->UpdateWhiteList(whiteList);
216 }
217
QueryAssociatedDomains(const std::string & bundleName,std::vector<std::string> & domains)218 int AppDomainVerifyMgrService::QueryAssociatedDomains(const std::string& bundleName, std::vector<std::string>& domains)
219 {
220 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
221 auto ret = CheckPermission();
222 if (ret != ErrorCode::E_OK) {
223 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "CheckPermission failed:%{public}d", ret);
224 return ret;
225 }
226 return DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->QueryAssociatedDomains(bundleName, domains) ?
227 E_OK :
228 E_INTERNAL_ERR;
229 }
QueryAssociatedBundleNames(const std::string & domain,std::vector<std::string> & bundleNames)230 int AppDomainVerifyMgrService::QueryAssociatedBundleNames(
231 const std::string& domain, std::vector<std::string>& bundleNames)
232 {
233 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
234 auto ret = CheckPermission();
235 if (ret != ErrorCode::E_OK) {
236 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "CheckPermission failed:%{public}d", ret);
237 return ret;
238 }
239 return DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->QueryAssociatedBundleNames(domain, bundleNames) ?
240 E_OK :
241 E_INTERNAL_ERR;
242 }
243
QueryAppDetailsWant(const std::string & url,AAFwk::Want & want)244 int AppDomainVerifyMgrService::QueryAppDetailsWant(const std::string& url, AAFwk::Want& want)
245 {
246 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
247 if (!PermissionManager::IsSACall()) {
248 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
249 return AppDetailsCode::QUERY_FAIL;
250 }
251 std::string bundleName;
252 auto ret = appDetailsDataMgr_->QueryAppDetailsWant(url, want, bundleName);
253 if (ret == AppDetailsCode::QUERY_SUCC) {
254 VerifyResultInfo info;
255 if (DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->GetVerifyStatus(bundleName, info)) {
256 return AppDetailsCode::QUERY_FAIL;
257 }
258 return AppDetailsCode::QUERY_SUCC;
259 }
260 return AppDetailsCode::QUERY_FAIL;
261 }
262
IsWantImplicit(const OHOS::AAFwk::Want & want)263 bool AppDomainVerifyMgrService::IsWantImplicit(const OHOS::AAFwk::Want& want)
264 {
265 auto element = want.GetElement();
266 std::string bundleName = element.GetBundleName();
267 std::string abilityName = element.GetAbilityName();
268 // want is explicit query
269 if (!bundleName.empty() && !abilityName.empty()) {
270 return false;
271 }
272 return true;
273 }
274
275 // sa_main进程统一调用
OnStart()276 void AppDomainVerifyMgrService::OnStart()
277 {
278 APP_DOMAIN_VERIFY_HILOGD(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "OnStart");
279 bool res = Publish(this);
280 if (!res) {
281 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "Publish failed");
282 }
283 }
284
OnStop()285 void AppDomainVerifyMgrService::OnStop()
286 {
287 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
288 }
OnDump()289 void AppDomainVerifyMgrService::OnDump()
290 {
291 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "OnDump");
292 }
293
Dump(int fd,const std::vector<std::u16string> & args)294 int AppDomainVerifyMgrService::Dump(int fd, const std::vector<std::u16string>& args)
295 {
296 std::string dumpString{};
297 DumpAllVerifyInfos(dumpString);
298 (void)write(fd, dumpString.c_str(), dumpString.size());
299 return 0;
300 }
DumpAllVerifyInfos(std::string & dumpString)301 void AppDomainVerifyMgrService::DumpAllVerifyInfos(std::string& dumpString)
302 {
303 BundleVerifyStatusInfo allBundleVerifyStatusInfo;
304 if (!QueryAllDomainVerifyStatus(allBundleVerifyStatusInfo)) {
305 return;
306 }
307 for (const auto& bundleVerifyStatusInfo : allBundleVerifyStatusInfo.bundleVerifyStatusInfoMap_) {
308 dumpString.append(bundleVerifyStatusInfo.first + ":\n");
309 auto verifyResultInfo = bundleVerifyStatusInfo.second;
310 dumpString.append(" appIdentifier:" + verifyResultInfo.appIdentifier);
311 dumpString.append("\n");
312 dumpString.append(" domain verify status:\n");
313 for (const auto& hostVerifyStatus : verifyResultInfo.hostVerifyStatusMap) {
314 dumpString.append(
315 " " + hostVerifyStatus.first + ":" + InnerVerifyStatusMap[std::get<0>(hostVerifyStatus.second)]);
316 dumpString.append("\n");
317 }
318 }
319 }
InitConfigMgr()320 bool AppDomainVerifyMgrService::InitConfigMgr()
321 {
322 if (whiteListConfigMgr_ != nullptr) {
323 return true;
324 }
325 std::lock_guard<std::mutex> lock(initConfigMutex_);
326 if (whiteListConfigMgr_ == nullptr) {
327 whiteListConfigMgr_ = std::make_shared<WhiteListConfigMgr>();
328 }
329 if (whiteListConfigMgr_ == nullptr) {
330 return false;
331 }
332 return true;
333 }
CheckPermission()334 int AppDomainVerifyMgrService::CheckPermission()
335 {
336 if (!PermissionManager::CheckPermission(GET_DOMAIN_VERIFY_INFO)) {
337 APP_DOMAIN_VERIFY_HILOGE(
338 APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "CheckPermission failed %{public}s.", GET_DOMAIN_VERIFY_INFO);
339 return ErrorCode::E_PERMISSION_DENIED;
340 }
341
342 if (!PermissionManager::IsSystemAppCall()) {
343 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "IsSystemAppCall failed .");
344 return ErrorCode::E_IS_NOT_SYS_APP;
345 }
346 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "CheckPermission ok .");
347 return ErrorCode::E_OK;
348 }
CollectDomains(const std::vector<SkillUri> & skillUris,VerifyResultInfo & verifyResultInfo)349 void AppDomainVerifyMgrService::CollectDomains(
350 const std::vector<SkillUri>& skillUris, VerifyResultInfo& verifyResultInfo)
351 {
352 for (auto it = skillUris.begin(); it != skillUris.end(); ++it) {
353 if (it->scheme.empty() || it->host.empty() || !UrlUtil::IsValidAppDomainVerifyHost(it->host) ||
354 SCHEME_WHITE_SET.find(it->scheme) == SCHEME_WHITE_SET.end()) {
355 APP_DOMAIN_VERIFY_HILOGW(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "invalid skillUri skip.");
356 continue;
357 }
358
359 std::string host = it->host;
360 if (it->host.substr(0, FUZZY_HOST_START.size()) == FUZZY_HOST_START) {
361 // Hosts with *.
362 host = it->host.substr(FUZZY_HOST_START.size());
363 }
364 // validUris remove duplicates
365 auto uri = it->scheme + "://" + host;
366 verifyResultInfo.hostVerifyStatusMap.insert(
367 make_pair(uri, std::make_tuple(InnerVerifyStatus::UNKNOWN, std::string(), 0)));
368 }
369 }
QueryVerifiedBundleWithDomains(std::string & bundleName,std::vector<std::string> & domains)370 int AppDomainVerifyMgrService::QueryVerifiedBundleWithDomains(
371 std::string& bundleName, std::vector<std::string>& domains)
372 {
373 if (!BundleInfoQuery::GetBundleNameForUid(IPCSkeleton::GetCallingUid(), bundleName)) {
374 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "get caller's bundleName error");
375 return ErrorCode::E_INTERNAL_ERR;
376 }
377 if (bundleName.empty()) {
378 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "can not get caller's bundleName");
379 return ErrorCode::E_PARAM_ERROR;
380 }
381 std::string appIdentifier;
382 std::string fingerPrint;
383 if (!BundleInfoQuery::GetBundleInfo(bundleName, appIdentifier, fingerPrint)) {
384 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "get appIdentifier error");
385 return ErrorCode::E_INTERNAL_ERR;
386 }
387 if (appIdentifier.empty()) {
388 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "can not get caller's appIdentifier");
389 return ErrorCode::E_PARAM_ERROR;
390 }
391 VerifyResultInfo verifyResultInfo;
392 if (!DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->GetVerifyStatus(bundleName, verifyResultInfo)) {
393 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "can not get verifyResultInfo");
394 return ErrorCode::E_INTERNAL_ERR;
395 }
396 if (verifyResultInfo.appIdentifier != appIdentifier) {
397 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "bundle's appIdentifier not match");
398 return ErrorCode::E_PARAM_ERROR;
399 }
400 std::for_each(std::begin(verifyResultInfo.hostVerifyStatusMap), std::end(verifyResultInfo.hostVerifyStatusMap),
401 [&domains](const auto& item) {
402 if (std::get<0>(item.second) == InnerVerifyStatus::STATE_SUCCESS) {
403 domains.push_back(item.first);
404 }
405 });
406 return ErrorCode::E_OK;
407 }
408
GetDeferredLink(std::string & link)409 int AppDomainVerifyMgrService::GetDeferredLink(std::string& link)
410 {
411 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
412 std::string bundleName;
413 std::vector<std::string> domains;
414 auto ret = QueryVerifiedBundleWithDomains(bundleName, domains);
415 if (ret != ErrorCode::E_OK) {
416 APP_DOMAIN_VERIFY_HILOGE(
417 APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "QueryVerifiedBundleWithDomains error:%{public}d.", ret);
418 return ret;
419 }
420 if (domains.empty()) {
421 APP_DOMAIN_VERIFY_HILOGD(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "domains empty, will return.");
422 return ErrorCode::E_OK;
423 }
424 link = deferredLinkMgr_->GetDeferredLink(bundleName, domains);
425 APP_DOMAIN_VERIFY_HILOGD(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "get link, %{private}s.", link.c_str());
426 return ErrorCode::E_OK;
427 }
428
IsUrlInBlackList(const std::string & url)429 bool AppDomainVerifyMgrService::IsUrlInBlackList(const std::string& url)
430 {
431 return IsAtomicServiceUrl(url);
432 }
433 } // namespace AppDomainVerify
434 } // namespace OHOS
435