• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2025 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "strong_auth_status_manager.h"
17 
18 #include <singleton.h>
19 
20 #include "screenlock_common.h"
21 #include "screenlock_inner_listener.h"
22 #include "screenlock_manager.h"
23 #include "screenlock_system_ability.h"
24 #include "system_ability_definition.h"
25 #include "system_ability.h"
26 
27 #include "context_appstate_observer.h"
28 #include "hisysevent_adapter.h"
29 #include "ipc_common.h"
30 #include "resource_node_pool.h"
31 #include "risk_event_manager.h"
32 #include "screenlock_status_listener.h"
33 #include "system_ability_listener.h"
34 #include "user_auth_service.h"
35 
36 #define LOG_TAG "USER_AUTH_SA"
37 namespace OHOS {
38 namespace UserIam {
39 namespace UserAuth {
40 using StrongAuthListener = ScreenLock::StrongAuthListener;
41 using ScreenLockManager = ScreenLock::ScreenLockManager;
42 using StrongAuthReasonFlags = ScreenLock::StrongAuthReasonFlags;
43 
44 class UserIamStrongAuthListener : public StrongAuthListener {
45 public:
46     using StrongAuthListener::StrongAuthListener;
47     ~UserIamStrongAuthListener() override = default;
48 
49     void OnStrongAuthChanged(int32_t userId, int32_t strongAuthStatus) override;
50 };
51 
52 class StrongAuthStatusManagerImpl final
53     : public StrongAuthStatusManager, public Singleton<StrongAuthStatusManagerImpl> {
54 public:
55     void RegisterStrongAuthListener() override;
56     void UnRegisterStrongAuthListener() override;
57     void StartSubscribe() override;
58     bool IsScreenLockStrongAuth(int32_t userId) override;
59     void SyncStrongAuthStatusForAllAccounts() override;
60 
61 private:
62     std::recursive_mutex mutex_;
63     sptr<SystemAbilityListener> screenLockSaStatusListener_ {nullptr};
64     sptr<StrongAuthListener> strongAuthListener_ {nullptr};
65 };
66 
OnStrongAuthChanged(int32_t userId,int32_t strongAuthStatus)67 void UserIamStrongAuthListener::OnStrongAuthChanged(int32_t userId, int32_t strongAuthStatus)
68 {
69     IAM_LOGI("strong auth state changed to %{public}d for userId %{public}d", strongAuthStatus, userId);
70     auto handler = ThreadHandler::GetSingleThreadInstance();
71     IF_FALSE_LOGE_AND_RETURN(handler != nullptr);
72 
73     handler->PostTask([userId, strongAuthStatus]() {
74         if (strongAuthStatus != static_cast<int32_t>(StrongAuthReasonFlags::AFTER_BOOT) &&
75             strongAuthStatus != static_cast<int32_t>(StrongAuthReasonFlags::NONE)) {
76             ScreenLockStrongAuthTrace screenLockStrongAuthTraceInfo = {};
77             screenLockStrongAuthTraceInfo.userId = userId;
78             screenLockStrongAuthTraceInfo.strongAuthReason = strongAuthStatus;
79             UserIam::UserAuth::ReportScreenLockStrongAuth(screenLockStrongAuthTraceInfo);
80         }
81         int32_t reasonFlag = static_cast<int32_t>(StrongAuthReasonFlags::NONE);
82         ScreenLockManager::GetInstance()->GetStrongAuth(userId, reasonFlag);
83         if (reasonFlag == static_cast<int32_t>(StrongAuthReasonFlags::NONE)) {
84             IAM_LOGI("screenlock not in strong auth status");
85             return;
86         }
87         if (reasonFlag == static_cast<int32_t>(StrongAuthReasonFlags::AFTER_BOOT)) {
88             IAM_LOGI("after boot strong auth omitted");
89             return;
90         }
91         RiskEventManager::GetInstance().HandleStrongAuthEvent(userId);
92     });
93 }
94 
RegisterStrongAuthListener()95 void StrongAuthStatusManagerImpl::RegisterStrongAuthListener()
96 {
97     IAM_LOGI("start");
98     std::lock_guard<std::recursive_mutex> lock(mutex_);
99     if (strongAuthListener_ != nullptr) {
100         return;
101     }
102 
103     const int32_t ALL_USER_ID = -1;
104     strongAuthListener_ =
105         sptr<StrongAuthListener>(new (std::nothrow) UserIamStrongAuthListener(ALL_USER_ID));
106     IF_FALSE_LOGE_AND_RETURN(strongAuthListener_ != nullptr);
107 
108     ScreenLockManager::GetInstance()->RegisterStrongAuthListener(strongAuthListener_);
109     IF_FALSE_LOGE_AND_RETURN(strongAuthListener_ != nullptr);
110     SyncStrongAuthStatusForAllAccounts();
111 }
112 
UnRegisterStrongAuthListener()113 void StrongAuthStatusManagerImpl::UnRegisterStrongAuthListener()
114 {
115     IAM_LOGI("start");
116     std::lock_guard<std::recursive_mutex> lock(mutex_);
117     if (strongAuthListener_ == nullptr) {
118         return;
119     }
120 
121     int32_t ret = ScreenLockManager::GetInstance()->UnRegisterStrongAuthListener(strongAuthListener_);
122     if (ret != SUCCESS) {
123         IAM_LOGE("UnRegisterStrongAuthListener fail");
124     }
125 
126     strongAuthListener_ = nullptr;
127 }
128 
SyncStrongAuthStatusForAllAccounts()129 void StrongAuthStatusManagerImpl::SyncStrongAuthStatusForAllAccounts()
130 {
131     IAM_LOGI("start");
132     std::lock_guard<std::recursive_mutex> lock(mutex_);
133     auto screenLockManager = ScreenLockManager::GetInstance();
134     IF_FALSE_LOGE_AND_RETURN(screenLockManager != nullptr);
135     IF_FALSE_LOGE_AND_RETURN(strongAuthListener_ != nullptr);
136 
137     std::vector<int32_t> userIdList;
138     IpcCommon::GetAllUserId(userIdList);
139     int32_t reasonFlag = static_cast<int32_t>(StrongAuthReasonFlags::NONE);
140     for (int32_t &userId : userIdList) {
141         screenLockManager->GetStrongAuth(userId, reasonFlag);
142         strongAuthListener_->OnStrongAuthChanged(userId, reasonFlag);
143         reasonFlag = static_cast<int32_t>(StrongAuthReasonFlags::NONE);
144     }
145 }
146 
StartSubscribe()147 void StrongAuthStatusManagerImpl::StartSubscribe()
148 {
149     IAM_LOGI("start");
150     std::lock_guard<std::recursive_mutex> lock(mutex_);
151     if (screenLockSaStatusListener_ != nullptr) {
152         return;
153     }
154     screenLockSaStatusListener_ = SystemAbilityListener::Subscribe(
155         "ScreenLockService", SCREENLOCK_SERVICE_ID,
156         []() {
157             StrongAuthStatusManager::Instance().RegisterStrongAuthListener();
158             ScreenlockStatusListenerManager::GetInstance().RegisterCommonEventListener();
159         },
160         []() { StrongAuthStatusManager::Instance().UnRegisterStrongAuthListener(); });
161     IF_FALSE_LOGE_AND_RETURN(screenLockSaStatusListener_ != nullptr);
162 }
163 
IsScreenLockStrongAuth(int32_t userId)164 bool StrongAuthStatusManagerImpl::IsScreenLockStrongAuth(int32_t userId)
165 {
166     int32_t reasonFlag = static_cast<int32_t>(StrongAuthReasonFlags::NONE);
167     auto screenLockManager = ScreenLockManager::GetInstance();
168     IF_FALSE_LOGE_AND_RETURN_VAL(screenLockManager != nullptr, false);
169     screenLockManager->GetStrongAuth(userId, reasonFlag);
170 
171     if (reasonFlag == static_cast<int32_t>(StrongAuthReasonFlags::NONE)) {
172         return false;
173     }
174     if (reasonFlag == static_cast<int32_t>(StrongAuthReasonFlags::AFTER_BOOT)) {
175         return false;
176     }
177     return true;
178 }
179 
Instance()180 StrongAuthStatusManager &StrongAuthStatusManager::Instance()
181 {
182     return StrongAuthStatusManagerImpl::GetInstance();
183 }
184 } // namespace UserAuth
185 } // namespace UserIam
186 } // namespace OHOS