1 /*
2 * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "inner_app_account_manager.h"
17
18 #include "ability_manager_adapter.h"
19 #include "account_info.h"
20 #include "account_log_wrapper.h"
21 #include "app_account_authenticator_session.h"
22 #include "app_account_control_manager.h"
23 #include "app_account_subscribe_manager.h"
24 #include "bundle_manager_adapter.h"
25
26 namespace OHOS {
27 namespace AccountSA {
InnerAppAccountManager()28 InnerAppAccountManager::InnerAppAccountManager()
29 : controlManager_(AppAccountControlManager::GetInstance()),
30 subscribeManager_(AppAccountSubscribeManager::GetInstance()),
31 sessionManager_(AppAccountAuthenticatorSessionManager::GetInstance())
32 {
33 ACCOUNT_LOGI("Constructed");
34 }
35
~InnerAppAccountManager()36 InnerAppAccountManager::~InnerAppAccountManager()
37 {
38 ACCOUNT_LOGI("Destroyed");
39 controlManager_.CloseDataStorage();
40 }
41
AddAccount(const std::string & name,const std::string & extraInfo,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)42 ErrCode InnerAppAccountManager::AddAccount(const std::string &name, const std::string &extraInfo,
43 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
44 {
45 AppAccountInfo appAccountInfo(name, bundleName);
46 appAccountInfo.SetAppIndex(appIndex);
47 return controlManager_.AddAccount(name, extraInfo, uid, bundleName, appAccountInfo);
48 }
49
AddAccountImplicitly(const AuthenticatorSessionRequest & request)50 ErrCode InnerAppAccountManager::AddAccountImplicitly(const AuthenticatorSessionRequest &request)
51 {
52 return sessionManager_.AddAccountImplicitly(request);
53 }
54
CreateAccount(const std::string & name,const CreateAccountOptions & options,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)55 ErrCode InnerAppAccountManager::CreateAccount(const std::string &name, const CreateAccountOptions &options,
56 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
57 {
58 AppAccountInfo appAccountInfo(name, bundleName);
59 appAccountInfo.SetAppIndex(appIndex);
60 return controlManager_.CreateAccount(name, options, uid, bundleName, appAccountInfo);
61 }
62
CreateAccountImplicitly(const AuthenticatorSessionRequest & request)63 ErrCode InnerAppAccountManager::CreateAccountImplicitly(const AuthenticatorSessionRequest &request)
64 {
65 return sessionManager_.CreateAccountImplicitly(request);
66 }
67
DeleteAccount(const std::string & name,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)68 ErrCode InnerAppAccountManager::DeleteAccount(
69 const std::string &name, const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
70 {
71 AppAccountInfo appAccountInfo(name, bundleName);
72 appAccountInfo.SetAppIndex(appIndex);
73 // After deleting the account, the AuthorizedApp information not exists in the appAccountInfo
74 std::shared_ptr<AppAccountDataStorage> dataStoragePtr =
75 controlManager_.GetDataStorage(uid);
76 auto ret = controlManager_.GetAccountInfoFromDataStorage(appAccountInfo, dataStoragePtr);
77 if (ret != ERR_OK) {
78 ACCOUNT_LOGE("Failed to get account info from data storage, result %{public}d.", ret);
79 return ret;
80 }
81 std::set<std::string> authorizedApps;
82 appAccountInfo.GetAuthorizedApps(authorizedApps);
83 ErrCode result = controlManager_.DeleteAccount(name, uid, bundleName, appAccountInfo);
84 AppAccountInfo appAccountInfoTemp(name, bundleName);
85 appAccountInfoTemp.SetAppIndex(appIndex);
86 if (result == ERR_OK) {
87 appAccountInfoTemp.SetAuthorizedApps(authorizedApps);
88 }
89 if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(appAccountInfoTemp, uid, bundleName))) {
90 ACCOUNT_LOGE("failed to publish account");
91 }
92 return result;
93 }
94
GetAccountExtraInfo(const std::string & name,std::string & extraInfo,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)95 ErrCode InnerAppAccountManager::GetAccountExtraInfo(const std::string &name, std::string &extraInfo,
96 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
97 {
98 return controlManager_.GetAccountExtraInfo(name, extraInfo, uid, bundleName, appIndex);
99 }
100
SetAccountExtraInfo(const std::string & name,const std::string & extraInfo,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)101 ErrCode InnerAppAccountManager::SetAccountExtraInfo(const std::string &name, const std::string &extraInfo,
102 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
103 {
104 AppAccountInfo appAccountInfo(name, bundleName);
105 appAccountInfo.SetAppIndex(appIndex);
106 ErrCode result = controlManager_.SetAccountExtraInfo(name, extraInfo, uid, bundleName, appAccountInfo);
107 if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(appAccountInfo, uid, bundleName))) {
108 ACCOUNT_LOGE("failed to publish account");
109 }
110 return result;
111 }
112
EnableAppAccess(const std::string & name,const std::string & authorizedApp,AppAccountCallingInfo & appAccountCallingInfo,const uint32_t apiVersion)113 ErrCode InnerAppAccountManager::EnableAppAccess(const std::string &name, const std::string &authorizedApp,
114 AppAccountCallingInfo &appAccountCallingInfo, const uint32_t apiVersion)
115 {
116 AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
117 appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
118 ErrCode result = controlManager_.EnableAppAccess(
119 name, authorizedApp, appAccountCallingInfo, appAccountInfo, apiVersion);
120 if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(
121 appAccountInfo, appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName))) {
122 ACCOUNT_LOGE("failed to publish account");
123 }
124 return result;
125 }
126
DisableAppAccess(const std::string & name,const std::string & authorizedApp,AppAccountCallingInfo & appAccountCallingInfo,const uint32_t apiVersion)127 ErrCode InnerAppAccountManager::DisableAppAccess(const std::string &name, const std::string &authorizedApp,
128 AppAccountCallingInfo &appAccountCallingInfo, const uint32_t apiVersion)
129 {
130 AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
131 appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
132 ErrCode result = controlManager_.DisableAppAccess(
133 name, authorizedApp, appAccountCallingInfo, appAccountInfo, apiVersion);
134 if (result == ERR_OK) {
135 // After DisableAppAccess, the AuthorizedApp information not exists in the appAccountInfo
136 appAccountInfo.EnableAppAccess(authorizedApp, apiVersion);
137 }
138 if ((result == ERR_OK) && (!subscribeManager_.PublishAccount(
139 appAccountInfo, appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName))) {
140 ACCOUNT_LOGE("failed to publish account");
141 }
142 return result;
143 }
144
CheckAppAccess(const std::string & name,const std::string & authorizedApp,bool & isAccessible,const AppAccountCallingInfo & appAccountCallingInfo)145 ErrCode InnerAppAccountManager::CheckAppAccess(const std::string &name, const std::string &authorizedApp,
146 bool &isAccessible, const AppAccountCallingInfo &appAccountCallingInfo)
147 {
148 return controlManager_.CheckAppAccess(name, authorizedApp, isAccessible, appAccountCallingInfo);
149 }
150
CheckAppAccountSyncEnable(const std::string & name,bool & syncEnable,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)151 ErrCode InnerAppAccountManager::CheckAppAccountSyncEnable(const std::string &name, bool &syncEnable,
152 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
153 {
154 return controlManager_.CheckAppAccountSyncEnable(name, syncEnable, uid, bundleName, appIndex);
155 }
156
SetAppAccountSyncEnable(const std::string & name,const bool & syncEnable,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)157 ErrCode InnerAppAccountManager::SetAppAccountSyncEnable(const std::string &name, const bool &syncEnable,
158 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
159 {
160 AppAccountInfo appAccountInfo(name, bundleName);
161 appAccountInfo.SetAppIndex(appIndex);
162 return controlManager_.SetAppAccountSyncEnable(name, syncEnable, uid, bundleName, appAccountInfo);
163 }
164
GetAssociatedData(const std::string & name,const std::string & key,std::string & value,const uid_t & uid)165 ErrCode InnerAppAccountManager::GetAssociatedData(const std::string &name, const std::string &key,
166 std::string &value, const uid_t &uid)
167 {
168 return controlManager_.GetAssociatedData(name, key, value, uid);
169 }
170
SetAssociatedData(const std::string & name,const std::string & key,const std::string & value,const AppAccountCallingInfo & appAccountCallingInfo)171 ErrCode InnerAppAccountManager::SetAssociatedData(const std::string &name, const std::string &key,
172 const std::string &value, const AppAccountCallingInfo &appAccountCallingInfo)
173 {
174 ErrCode result = controlManager_.SetAssociatedData(name, key, value, appAccountCallingInfo);
175 if (result != ERR_OK) {
176 return result;
177 }
178 // Need to query the real appAccountInfo in the database.
179 AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
180 appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
181 std::shared_ptr<AppAccountDataStorage> dataStoragePtr =
182 controlManager_.GetDataStorage(appAccountCallingInfo.callingUid);
183 auto ret = controlManager_.GetAccountInfoFromDataStorage(appAccountInfo, dataStoragePtr);
184 if (ret != ERR_OK) {
185 ACCOUNT_LOGE("Failed to get account info from data storage, result %{public}d.", ret);
186 return ret;
187 }
188 if (!subscribeManager_.PublishAccount(appAccountInfo,
189 appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName)) {
190 ACCOUNT_LOGE("failed to publish account");
191 }
192 return result;
193 }
194
GetAccountCredential(const std::string & name,const std::string & credentialType,std::string & credential,const AppAccountCallingInfo & appAccountCallingInfo)195 ErrCode InnerAppAccountManager::GetAccountCredential(const std::string &name, const std::string &credentialType,
196 std::string &credential, const AppAccountCallingInfo &appAccountCallingInfo)
197 {
198 return controlManager_.GetAccountCredential(name, credentialType, credential, appAccountCallingInfo);
199 }
200
SetAccountCredential(const std::string & name,const std::string & credentialType,const std::string & credential,const AppAccountCallingInfo & appAccountCallingInfo)201 ErrCode InnerAppAccountManager::SetAccountCredential(const std::string &name, const std::string &credentialType,
202 const std::string &credential, const AppAccountCallingInfo &appAccountCallingInfo)
203 {
204 ErrCode result = controlManager_.SetAccountCredential(name, credentialType, credential, appAccountCallingInfo);
205 if (result != ERR_OK) {
206 return result;
207 }
208 AppAccountInfo appAccountInfo(name, appAccountCallingInfo.bundleName);
209 appAccountInfo.SetAppIndex(appAccountCallingInfo.appIndex);
210 // Need to query the real appAccountInfo in the database.
211 std::shared_ptr<AppAccountDataStorage> dataStoragePtr =
212 controlManager_.GetDataStorage(appAccountCallingInfo.callingUid);
213 auto ret = controlManager_.GetAccountInfoFromDataStorage(appAccountInfo, dataStoragePtr);
214 if (ret != ERR_OK) {
215 ACCOUNT_LOGE("Failed to get account info from data storage, result %{public}d.", ret);
216 return ret;
217 }
218 if (!subscribeManager_.PublishAccount(appAccountInfo,
219 appAccountCallingInfo.callingUid, appAccountCallingInfo.bundleName)) {
220 ACCOUNT_LOGE("failed to publish account");
221 }
222 return result;
223 }
224
DeleteAccountCredential(const std::string & name,const std::string & credentialType,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)225 ErrCode InnerAppAccountManager::DeleteAccountCredential(const std::string &name, const std::string &credentialType,
226 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
227 {
228 AppAccountCallingInfo appAccountCallingInfo;
229 appAccountCallingInfo.callingUid = uid;
230 appAccountCallingInfo.bundleName = bundleName;
231 appAccountCallingInfo.appIndex = appIndex;
232 ErrCode result = controlManager_.DeleteAccountCredential(name, credentialType, appAccountCallingInfo);
233 if (result != ERR_OK) {
234 return result;
235 }
236 AppAccountInfo appAccountInfo(name, bundleName);
237 appAccountInfo.SetAppIndex(appIndex);
238 // Need to query the real appAccountInfo in the database.
239 std::shared_ptr<AppAccountDataStorage> dataStoragePtr =
240 controlManager_.GetDataStorage(appAccountCallingInfo.callingUid);
241 auto ret = controlManager_.GetAccountInfoFromDataStorage(appAccountInfo, dataStoragePtr);
242 if (ret != ERR_OK) {
243 ACCOUNT_LOGE("Failed to get account info from data storage, result %{public}d.", ret);
244 return ret;
245 }
246 if (!subscribeManager_.PublishAccount(appAccountInfo, uid, bundleName)) {
247 ACCOUNT_LOGE("failed to publish account");
248 }
249 return result;
250 }
251
Authenticate(const AuthenticatorSessionRequest & request)252 ErrCode InnerAppAccountManager::Authenticate(const AuthenticatorSessionRequest &request)
253 {
254 std::string token;
255 ErrCode ret = ERR_OK;
256 bool isApi9 = request.options.GetBoolParam(Constants::API_V9, false);
257 if (isApi9) {
258 ret = controlManager_.GetOAuthToken(request, token, Constants::API_VERSION9);
259 } else {
260 ret = controlManager_.GetOAuthToken(request, token);
261 }
262 if (ret == ERR_OK) {
263 if ((request.callback != nullptr) && (request.callback->AsObject() != nullptr)) {
264 AAFwk::Want result;
265 result.SetParam(Constants::KEY_NAME, request.name);
266 result.SetParam(Constants::KEY_AUTH_TYPE, request.authType);
267 result.SetParam(Constants::KEY_TOKEN, token);
268 request.callback->OnResult(ERR_OK, result);
269 }
270 return ERR_OK;
271 }
272 if (isApi9) {
273 return sessionManager_.Auth(request);
274 }
275 return sessionManager_.Authenticate(request);
276 }
277
GetOAuthToken(const AuthenticatorSessionRequest & request,std::string & token,const uint32_t apiVersion)278 ErrCode InnerAppAccountManager::GetOAuthToken(
279 const AuthenticatorSessionRequest &request, std::string &token, const uint32_t apiVersion)
280 {
281 return controlManager_.GetOAuthToken(request, token, apiVersion);
282 }
283
SetOAuthToken(const AuthenticatorSessionRequest & request)284 ErrCode InnerAppAccountManager::SetOAuthToken(const AuthenticatorSessionRequest &request)
285 {
286 ErrCode result = controlManager_.SetOAuthToken(request);
287 if (result != ERR_OK) {
288 return result;
289 }
290 AppAccountInfo appAccountInfo(request.name, request.callerBundleName);
291 appAccountInfo.SetAppIndex(request.appIndex);
292 // Need to query the real appAccountInfo in the database.
293 std::shared_ptr<AppAccountDataStorage> dataStoragePtr =
294 controlManager_.GetDataStorage(request.callerUid);
295 auto ret = controlManager_.GetAccountInfoFromDataStorage(appAccountInfo, dataStoragePtr);
296 if (ret != ERR_OK) {
297 ACCOUNT_LOGE("Failed to get account info from data storage, result %{public}d.", ret);
298 return ret;
299 }
300 if (!subscribeManager_.PublishAccount(appAccountInfo, request.callerUid, request.callerBundleName)) {
301 ACCOUNT_LOGE("failed to publish account");
302 }
303 return ERR_OK;
304 }
305
DeleteOAuthToken(const AuthenticatorSessionRequest & request,const uint32_t apiVersion)306 ErrCode InnerAppAccountManager::DeleteOAuthToken(const AuthenticatorSessionRequest &request, const uint32_t apiVersion)
307 {
308 return controlManager_.DeleteOAuthToken(request, apiVersion);
309 }
310
SetOAuthTokenVisibility(const AuthenticatorSessionRequest & request,const uint32_t apiVersion)311 ErrCode InnerAppAccountManager::SetOAuthTokenVisibility(
312 const AuthenticatorSessionRequest &request, const uint32_t apiVersion)
313 {
314 return controlManager_.SetOAuthTokenVisibility(request, apiVersion);
315 }
316
CheckOAuthTokenVisibility(const AuthenticatorSessionRequest & request,bool & isVisible,const uint32_t apiVersion)317 ErrCode InnerAppAccountManager::CheckOAuthTokenVisibility(
318 const AuthenticatorSessionRequest &request, bool &isVisible, const uint32_t apiVersion)
319 {
320 return controlManager_.CheckOAuthTokenVisibility(request, isVisible, apiVersion);
321 }
322
GetAuthenticatorInfo(const AuthenticatorSessionRequest & request,AuthenticatorInfo & info)323 ErrCode InnerAppAccountManager::GetAuthenticatorInfo(
324 const AuthenticatorSessionRequest &request, AuthenticatorInfo &info)
325 {
326 return AppAccountAuthenticatorManager::GetAuthenticatorInfo(
327 request.owner, request.callerUid / UID_TRANSFORM_DIVISOR, info);
328 }
329
GetAllOAuthTokens(const AuthenticatorSessionRequest & request,std::vector<OAuthTokenInfo> & tokenInfos)330 ErrCode InnerAppAccountManager::GetAllOAuthTokens(
331 const AuthenticatorSessionRequest &request, std::vector<OAuthTokenInfo> &tokenInfos)
332 {
333 return controlManager_.GetAllOAuthTokens(request, tokenInfos);
334 }
335
GetOAuthList(const AuthenticatorSessionRequest & request,std::set<std::string> & oauthList,const uint32_t apiVersion)336 ErrCode InnerAppAccountManager::GetOAuthList(
337 const AuthenticatorSessionRequest &request, std::set<std::string> &oauthList, const uint32_t apiVersion)
338 {
339 return controlManager_.GetOAuthList(request, oauthList, apiVersion);
340 }
341
GetAuthenticatorCallback(const AuthenticatorSessionRequest & request,sptr<IRemoteObject> & callback)342 ErrCode InnerAppAccountManager::GetAuthenticatorCallback(
343 const AuthenticatorSessionRequest &request, sptr<IRemoteObject> &callback)
344 {
345 callback = nullptr;
346 return sessionManager_.GetAuthenticatorCallback(request, callback);
347 }
348
GetAllAccounts(const std::string & owner,std::vector<AppAccountInfo> & appAccounts,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)349 ErrCode InnerAppAccountManager::GetAllAccounts(const std::string &owner, std::vector<AppAccountInfo> &appAccounts,
350 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
351 {
352 return controlManager_.GetAllAccounts(owner, appAccounts, uid, bundleName, appIndex);
353 }
354
GetAllAccessibleAccounts(std::vector<AppAccountInfo> & appAccounts,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)355 ErrCode InnerAppAccountManager::GetAllAccessibleAccounts(std::vector<AppAccountInfo> &appAccounts,
356 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
357 {
358 return controlManager_.GetAllAccessibleAccounts(appAccounts, uid, bundleName, appIndex);
359 }
360
SelectAccountsByOptions(const SelectAccountsOptions & options,const sptr<IAppAccountAuthenticatorCallback> & callback,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)361 ErrCode InnerAppAccountManager::SelectAccountsByOptions(
362 const SelectAccountsOptions &options, const sptr<IAppAccountAuthenticatorCallback> &callback,
363 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
364 {
365 AuthenticatorSessionRequest request;
366 return controlManager_.SelectAccountsByOptions(options, callback, uid, bundleName, appIndex);
367 }
368
VerifyCredential(const AuthenticatorSessionRequest & request)369 ErrCode InnerAppAccountManager::VerifyCredential(const AuthenticatorSessionRequest &request)
370 {
371 return sessionManager_.VerifyCredential(request);
372 }
373
CheckAccountLabels(const AuthenticatorSessionRequest & request)374 ErrCode InnerAppAccountManager::CheckAccountLabels(const AuthenticatorSessionRequest &request)
375 {
376 return sessionManager_.CheckAccountLabels(request);
377 }
378
SetAuthenticatorProperties(const AuthenticatorSessionRequest & request)379 ErrCode InnerAppAccountManager::SetAuthenticatorProperties(const AuthenticatorSessionRequest &request)
380 {
381 return sessionManager_.SetAuthenticatorProperties(request);
382 }
383
SubscribeAppAccount(const AppAccountSubscribeInfo & subscribeInfo,const sptr<IRemoteObject> & eventListener,const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)384 ErrCode InnerAppAccountManager::SubscribeAppAccount(const AppAccountSubscribeInfo &subscribeInfo,
385 const sptr<IRemoteObject> &eventListener, const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
386 {
387 auto subscribeInfoPtr = std::make_shared<AppAccountSubscribeInfo>(subscribeInfo);
388 return subscribeManager_.SubscribeAppAccount(subscribeInfoPtr, eventListener, uid, bundleName, appIndex);
389 }
390
UnsubscribeAppAccount(const sptr<IRemoteObject> & eventListener,std::vector<std::string> & owners)391 ErrCode InnerAppAccountManager::UnsubscribeAppAccount(const sptr<IRemoteObject> &eventListener,
392 std::vector<std::string> &owners)
393 {
394 return subscribeManager_.UnsubscribeAppAccount(eventListener, owners);
395 }
396
OnPackageRemoved(const uid_t & uid,const std::string & bundleName,const uint32_t & appIndex)397 ErrCode InnerAppAccountManager::OnPackageRemoved(
398 const uid_t &uid, const std::string &bundleName, const uint32_t &appIndex)
399 {
400 return controlManager_.OnPackageRemoved(uid, bundleName, appIndex);
401 }
402
OnUserRemoved(int32_t userId)403 ErrCode InnerAppAccountManager::OnUserRemoved(int32_t userId)
404 {
405 return controlManager_.OnUserRemoved(userId);
406 }
407 } // namespace AccountSA
408 } // namespace OHOS
409