1 /*
2 * Copyright (C) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <memory>
17 #include <string>
18 #include <tuple>
19 #include <vector>
20 #include "app_details_data_mgr.h"
21 #include "ipc_skeleton.h"
22 #include "app_domain_verify_mgr_service.h"
23 #include "system_ability_definition.h"
24 #include "domain_url_util.h"
25 #include "app_domain_verify_agent_client.h"
26 #include "app_domain_verify_error.h"
27 #include "bundle_info_query.h"
28 #include "sa_interface/app_domain_verify_mgr_service.h"
29
30 namespace OHOS {
31 namespace AppDomainVerify {
32 constexpr const char* GET_DOMAIN_VERIFY_INFO = "ohos.permission.GET_APP_DOMAIN_BUNDLE_INFO";
33 const bool REGISTER_RESULT = SystemAbility::MakeAndRegisterAbility(new (std::nothrow) AppDomainVerifyMgrService());
34 const std::string HTTPS = "https";
35 const std::set<std::string> SCHEME_WHITE_SET = { HTTPS };
36 const std::string FUZZY_HOST_START = "*.";
37
AppDomainVerifyMgrService()38 AppDomainVerifyMgrService::AppDomainVerifyMgrService() : SystemAbility(APP_DOMAIN_VERIFY_MANAGER_SA_ID, true)
39 {
40 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "new instance create.");
41 appDetailsDataMgr_ = std::make_shared<AppDetailsDataMgr>();
42 }
43
~AppDomainVerifyMgrService()44 AppDomainVerifyMgrService::~AppDomainVerifyMgrService()
45 {
46 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "instance dead.");
47 }
48
VerifyDomain(const std::string & appIdentifier,const std::string & bundleName,const std::string & fingerprint,const std::vector<SkillUri> & skillUris)49 void AppDomainVerifyMgrService::VerifyDomain(const std::string& appIdentifier, const std::string& bundleName,
50 const std::string& fingerprint, const std::vector<SkillUri>& skillUris)
51 {
52 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
53 if (!PermissionManager::IsSACall()) {
54 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
55 return;
56 }
57 AppVerifyBaseInfo appVerifyBaseInfo;
58 appVerifyBaseInfo.appIdentifier = appIdentifier;
59 appVerifyBaseInfo.bundleName = bundleName;
60 appVerifyBaseInfo.fingerprint = fingerprint;
61
62 VerifyResultInfo verifyResultInfo;
63 verifyResultInfo.appIdentifier = appIdentifier;
64
65 CollectDomains(skillUris, verifyResultInfo);
66 DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->InsertVerifyStatus(bundleName, verifyResultInfo);
67 AppDomainVerifyAgentClient::GetInstance()->SingleVerify(appVerifyBaseInfo, verifyResultInfo);
68 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
69 }
70
ClearDomainVerifyStatus(const std::string & appIdentifier,const std::string & bundleName)71 bool AppDomainVerifyMgrService::ClearDomainVerifyStatus(const std::string& appIdentifier, const std::string& bundleName)
72 {
73 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called, bundlename:%{public}s", bundleName.c_str());
74 if (!PermissionManager::IsSACall()) {
75 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
76 return false;
77 }
78 bool res = DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->DeleteVerifyStatus(bundleName);
79 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
80 return res;
81 }
82
FilterAbilities(const OHOS::AAFwk::Want & want,const std::vector<OHOS::AppExecFwk::AbilityInfo> & originAbilityInfos,std::vector<OHOS::AppExecFwk::AbilityInfo> & filteredAbilityInfos)83 bool AppDomainVerifyMgrService::FilterAbilities(const OHOS::AAFwk::Want& want,
84 const std::vector<OHOS::AppExecFwk::AbilityInfo>& originAbilityInfos,
85 std::vector<OHOS::AppExecFwk::AbilityInfo>& filteredAbilityInfos)
86 {
87 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
88 if (!PermissionManager::IsSACall()) {
89 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
90 return false;
91 }
92 if (!IsWantImplicit(want)) {
93 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "want is not implicit.");
94 return false;
95 }
96
97 std::string uriString = want.GetUriString();
98 std::string scheme = UrlUtil::GetScheme(uriString);
99 std::string host = UrlUtil::GetHost(uriString);
100 if (scheme.empty() || host.empty()) {
101 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "uriString is not valid.");
102 return false;
103 }
104 std::string hostVerifyKey = scheme + "://" + host;
105 for (auto it = originAbilityInfos.begin(); it != originAbilityInfos.end(); ++it) {
106 // todo bms AbilityInfo contains appIdentifier
107 VerifyResultInfo verifyResultInfo;
108 // get from emory variable, non-IO operation.
109 if (DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->GetVerifyStatus(
110 it->bundleName, verifyResultInfo)) {
111 auto itr = verifyResultInfo.hostVerifyStatusMap.find(hostVerifyKey);
112 if (itr != verifyResultInfo.hostVerifyStatusMap.end() &&
113 std::get<0>(itr->second) == InnerVerifyStatus::STATE_SUCCESS) {
114 filteredAbilityInfos.emplace_back(*it);
115 }
116 }
117 }
118 if (filteredAbilityInfos.empty()) {
119 !IsUrlInBlackList(hostVerifyKey) ?
120 deferredLinkMgr_->PutDeferredLink(
121 { .domain = hostVerifyKey, .url = uriString, .timeStamp = GetSecondsSince1970ToNow() }) :
122 void();
123 } else {
124 // Calling openlink may call FilterAbilities multiple times, the link will be stored when matching default
125 // browser's abilities, so remove it if the link matches verified abilities.
126 deferredLinkMgr_->RemoveDeferredLink({ .domain = hostVerifyKey, .url = uriString });
127 }
128
129 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
130 return true;
131 }
132
QueryDomainVerifyStatus(const std::string & bundleName,DomainVerifyStatus & domainVerificationState)133 bool AppDomainVerifyMgrService::QueryDomainVerifyStatus(
134 const std::string& bundleName, DomainVerifyStatus& domainVerificationState)
135 {
136 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
137 if (!PermissionManager::IsSACall()) {
138 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
139 return false;
140 }
141 VerifyResultInfo verifyResultInfo;
142 bool res = DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->GetVerifyStatus(bundleName, verifyResultInfo);
143 domainVerificationState = DomainVerifyStatus::STATE_NONE;
144 for (auto it = verifyResultInfo.hostVerifyStatusMap.begin();
145 res && it != verifyResultInfo.hostVerifyStatusMap.end(); ++it) {
146 if (std::get<0>(it->second) == InnerVerifyStatus::STATE_SUCCESS) {
147 domainVerificationState = DomainVerifyStatus::STATE_VERIFIED;
148 break;
149 }
150 }
151 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
152 return res;
153 }
154
QueryAllDomainVerifyStatus(BundleVerifyStatusInfo & bundleVerifyStatusInfo)155 bool AppDomainVerifyMgrService::QueryAllDomainVerifyStatus(BundleVerifyStatusInfo& bundleVerifyStatusInfo)
156 {
157 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
158 if (!PermissionManager::IsSACall()) {
159 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
160 return false;
161 }
162 bundleVerifyStatusInfo.bundleVerifyStatusInfoMap_ =
163 DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->GetAllVerifyStatus();
164 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
165 return true;
166 }
167
SaveDomainVerifyStatus(const std::string & bundleName,const VerifyResultInfo & verifyResultInfo)168 bool AppDomainVerifyMgrService::SaveDomainVerifyStatus(
169 const std::string& bundleName, const VerifyResultInfo& verifyResultInfo)
170 {
171 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
172 if (!PermissionManager::IsSACall()) {
173 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
174 return false;
175 }
176 bool res = DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->UpdateVerifyStatus(
177 bundleName, verifyResultInfo);
178 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "call end");
179 return res;
180 }
IsAtomicServiceUrl(const std::string & url)181 bool AppDomainVerifyMgrService::IsAtomicServiceUrl(const std::string& url)
182 {
183 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
184 if (!PermissionManager::IsSACall()) {
185 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
186 return false;
187 }
188 if (!InitConfigMgr()) {
189 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "InitConfigMgr failed.");
190 return false;
191 }
192 return whiteListConfigMgr_->IsInWhiteList(url);
193 }
ConvertToExplicitWant(OHOS::AAFwk::Want & implicitWant,sptr<IConvertCallback> & callback)194 void AppDomainVerifyMgrService::ConvertToExplicitWant(OHOS::AAFwk::Want& implicitWant, sptr<IConvertCallback>& callback)
195 {
196 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
197 if (!PermissionManager::IsSACall()) {
198 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
199 return;
200 }
201 AppDomainVerifyAgentClient::GetInstance()->ConvertToExplicitWant(implicitWant, callback);
202 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
203 }
204
UpdateWhiteListUrls(const std::vector<std::string> & urls)205 void AppDomainVerifyMgrService::UpdateWhiteListUrls(const std::vector<std::string>& urls)
206 {
207 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
208 if (!PermissionManager::IsSACall()) {
209 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
210 return;
211 }
212 if (!InitConfigMgr()) {
213 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "InitConfigMgr failed.");
214 return;
215 }
216 std::unordered_set<std::string> whiteList(urls.begin(), urls.end());
217 whiteListConfigMgr_->UpdateWhiteList(whiteList);
218 }
219
QueryAssociatedDomains(const std::string & bundleName,std::vector<std::string> & domains)220 int AppDomainVerifyMgrService::QueryAssociatedDomains(const std::string& bundleName, std::vector<std::string>& domains)
221 {
222 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
223 auto ret = CheckPermission();
224 if (ret != ErrorCode::E_OK) {
225 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "CheckPermission failed:%{public}d", ret);
226 return ret;
227 }
228 return DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->QueryAssociatedDomains(bundleName, domains) ?
229 E_OK :
230 E_INTERNAL_ERR;
231 }
QueryAssociatedBundleNames(const std::string & domain,std::vector<std::string> & bundleNames)232 int AppDomainVerifyMgrService::QueryAssociatedBundleNames(
233 const std::string& domain, std::vector<std::string>& bundleNames)
234 {
235 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
236 auto ret = CheckPermission();
237 if (ret != ErrorCode::E_OK) {
238 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "CheckPermission failed:%{public}d", ret);
239 return ret;
240 }
241 return DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->QueryAssociatedBundleNames(domain, bundleNames) ?
242 E_OK :
243 E_INTERNAL_ERR;
244 }
245
QueryAppDetailsWant(const std::string & url,AAFwk::Want & want)246 int AppDomainVerifyMgrService::QueryAppDetailsWant(const std::string& url, AAFwk::Want& want)
247 {
248 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
249 if (!PermissionManager::IsSACall()) {
250 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
251 return AppDetailsCode::QUERY_FAIL;
252 }
253 std::string bundleName;
254 auto ret = appDetailsDataMgr_->QueryAppDetailsWant(url, want, bundleName);
255 if (ret == AppDetailsCode::QUERY_SUCC) {
256 VerifyResultInfo info;
257 if (DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->GetVerifyStatus(bundleName, info)) {
258 return AppDetailsCode::QUERY_FAIL;
259 }
260 return AppDetailsCode::QUERY_SUCC;
261 }
262 return AppDetailsCode::QUERY_FAIL;
263 }
264
IsWantImplicit(const OHOS::AAFwk::Want & want)265 bool AppDomainVerifyMgrService::IsWantImplicit(const OHOS::AAFwk::Want& want)
266 {
267 auto element = want.GetElement();
268 std::string bundleName = element.GetBundleName();
269 std::string abilityName = element.GetAbilityName();
270 // want is explicit query
271 if (!bundleName.empty() && !abilityName.empty()) {
272 return false;
273 }
274 return true;
275 }
276
277 // sa_main进程统一调用
OnStart()278 void AppDomainVerifyMgrService::OnStart()
279 {
280 APP_DOMAIN_VERIFY_HILOGD(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "OnStart");
281 bool res = Publish(this);
282 if (!res) {
283 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "Publish failed");
284 }
285 }
286
OnStop()287 void AppDomainVerifyMgrService::OnStop()
288 {
289 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
290 }
OnDump()291 void AppDomainVerifyMgrService::OnDump()
292 {
293 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "OnDump");
294 }
295
Dump(int fd,const std::vector<std::u16string> & args)296 int AppDomainVerifyMgrService::Dump(int fd, const std::vector<std::u16string>& args)
297 {
298 std::string dumpString{};
299 DumpAllVerifyInfos(dumpString);
300 (void)write(fd, dumpString.c_str(), dumpString.size());
301 return 0;
302 }
DumpAllVerifyInfos(std::string & dumpString)303 void AppDomainVerifyMgrService::DumpAllVerifyInfos(std::string& dumpString)
304 {
305 BundleVerifyStatusInfo allBundleVerifyStatusInfo;
306 if (!QueryAllDomainVerifyStatus(allBundleVerifyStatusInfo)) {
307 APP_DOMAIN_VERIFY_HILOGE(
308 APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "DumpAllVerifyInfos fail to query all domain verify status");
309 return;
310 }
311 for (const auto& bundleVerifyStatusInfo : allBundleVerifyStatusInfo.bundleVerifyStatusInfoMap_) {
312 dumpString.append(bundleVerifyStatusInfo.first + ":\n");
313 auto verifyResultInfo = bundleVerifyStatusInfo.second;
314 dumpString.append(" appIdentifier:" + verifyResultInfo.appIdentifier);
315 dumpString.append("\n");
316 dumpString.append(" domain verify status:\n");
317 for (const auto& hostVerifyStatus : verifyResultInfo.hostVerifyStatusMap) {
318 dumpString.append(
319 " " + hostVerifyStatus.first + ":" + InnerVerifyStatusMap[std::get<0>(hostVerifyStatus.second)]);
320 dumpString.append("\n");
321 }
322 }
323 }
InitConfigMgr()324 bool AppDomainVerifyMgrService::InitConfigMgr()
325 {
326 if (whiteListConfigMgr_ != nullptr) {
327 return true;
328 }
329 std::lock_guard<std::mutex> lock(initConfigMutex_);
330 if (whiteListConfigMgr_ == nullptr) {
331 whiteListConfigMgr_ = std::make_shared<WhiteListConfigMgr>();
332 }
333 if (whiteListConfigMgr_ == nullptr) {
334 return false;
335 }
336 return true;
337 }
CheckPermission()338 int AppDomainVerifyMgrService::CheckPermission()
339 {
340 if (!PermissionManager::CheckPermission(GET_DOMAIN_VERIFY_INFO)) {
341 APP_DOMAIN_VERIFY_HILOGE(
342 APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "CheckPermission failed %{public}s.", GET_DOMAIN_VERIFY_INFO);
343 return ErrorCode::E_PERMISSION_DENIED;
344 }
345
346 if (!PermissionManager::IsSystemAppCall()) {
347 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "IsSystemAppCall failed .");
348 return ErrorCode::E_IS_NOT_SYS_APP;
349 }
350 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "CheckPermission ok .");
351 return ErrorCode::E_OK;
352 }
CollectDomains(const std::vector<SkillUri> & skillUris,VerifyResultInfo & verifyResultInfo)353 void AppDomainVerifyMgrService::CollectDomains(
354 const std::vector<SkillUri>& skillUris, VerifyResultInfo& verifyResultInfo)
355 {
356 for (auto it = skillUris.begin(); it != skillUris.end(); ++it) {
357 if (it->scheme.empty() || it->host.empty() || !UrlUtil::IsValidAppDomainVerifyHost(it->host) ||
358 SCHEME_WHITE_SET.find(it->scheme) == SCHEME_WHITE_SET.end()) {
359 APP_DOMAIN_VERIFY_HILOGW(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "invalid skillUri skip.");
360 continue;
361 }
362
363 std::string host = it->host;
364 if (it->host.substr(0, FUZZY_HOST_START.size()) == FUZZY_HOST_START) {
365 // Hosts with *.
366 host = it->host.substr(FUZZY_HOST_START.size());
367 }
368 // validUris remove duplicates
369 auto uri = it->scheme + "://" + host;
370 verifyResultInfo.hostVerifyStatusMap.insert(
371 make_pair(uri, std::make_tuple(InnerVerifyStatus::UNKNOWN, std::string(), 0)));
372 }
373 }
QueryVerifiedBundleWithDomains(std::string & bundleName,std::vector<std::string> & domains)374 int AppDomainVerifyMgrService::QueryVerifiedBundleWithDomains(
375 std::string& bundleName, std::vector<std::string>& domains)
376 {
377 if (!BundleInfoQuery::GetBundleNameForUid(IPCSkeleton::GetCallingUid(), bundleName)) {
378 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "get caller's bundleName error");
379 return ErrorCode::E_INTERNAL_ERR;
380 }
381 if (bundleName.empty()) {
382 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "can not get caller's bundleName");
383 return ErrorCode::E_PARAM_ERROR;
384 }
385 std::string appIdentifier;
386 std::string fingerPrint;
387 if (!BundleInfoQuery::GetBundleInfo(bundleName, appIdentifier, fingerPrint)) {
388 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "get appIdentifier error");
389 return ErrorCode::E_INTERNAL_ERR;
390 }
391 if (appIdentifier.empty()) {
392 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "can not get caller's appIdentifier");
393 return ErrorCode::E_PARAM_ERROR;
394 }
395 VerifyResultInfo verifyResultInfo;
396 if (!DelayedSingleton<AppDomainVerifyDataMgr>::GetInstance()->GetVerifyStatus(bundleName, verifyResultInfo)) {
397 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "can not get verifyResultInfo");
398 return ErrorCode::E_INTERNAL_ERR;
399 }
400 if (verifyResultInfo.appIdentifier != appIdentifier) {
401 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "bundle's appIdentifier not match");
402 return ErrorCode::E_PARAM_ERROR;
403 }
404 std::for_each(std::begin(verifyResultInfo.hostVerifyStatusMap), std::end(verifyResultInfo.hostVerifyStatusMap),
405 [&domains](const auto& item) {
406 if (std::get<0>(item.second) == InnerVerifyStatus::STATE_SUCCESS) {
407 domains.push_back(item.first);
408 }
409 });
410 return ErrorCode::E_OK;
411 }
412
GetDeferredLink(std::string & link)413 int AppDomainVerifyMgrService::GetDeferredLink(std::string& link)
414 {
415 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
416 std::string bundleName;
417 std::vector<std::string> domains;
418 auto ret = QueryVerifiedBundleWithDomains(bundleName, domains);
419 if (ret != ErrorCode::E_OK) {
420 APP_DOMAIN_VERIFY_HILOGE(
421 APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "QueryVerifiedBundleWithDomains error:%{public}d.", ret);
422 return ret;
423 }
424 if (domains.empty()) {
425 APP_DOMAIN_VERIFY_HILOGD(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "domains empty, will return.");
426 return ErrorCode::E_OK;
427 }
428 link = deferredLinkMgr_->GetDeferredLink(bundleName, domains);
429 APP_DOMAIN_VERIFY_HILOGD(APP_DOMAIN_VERIFY_AGENT_MODULE_SERVICE, "get link, %{private}s.", link.c_str());
430 return ErrorCode::E_OK;
431 }
432
IsUrlInBlackList(const std::string & url)433 bool AppDomainVerifyMgrService::IsUrlInBlackList(const std::string& url)
434 {
435 return IsAtomicServiceUrl(url);
436 }
437
IsShortUrl(const std::string & url)438 bool AppDomainVerify::AppDomainVerifyMgrService::IsShortUrl(const std::string& url)
439 {
440 return IsAtomicServiceUrl(url);
441 }
ConvertFromShortUrl(Want & originWant,sptr<IConvertCallback> & callback)442 void AppDomainVerifyMgrService::ConvertFromShortUrl(Want& originWant, sptr<IConvertCallback>& callback)
443 {
444 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
445 if (!PermissionManager::IsSACall()) {
446 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only sa can call");
447 return;
448 }
449 AppDomainVerifyAgentClient::GetInstance()->ConvertToExplicitWant(originWant, callback);
450 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
451 }
452
QueryAbilityInfos(const std::string & url,bool withDefault,std::vector<AbilityInfo> & abilityInfos,bool & findDefaultApp)453 bool AppDomainVerifyMgrService::QueryAbilityInfos(
454 const std::string& url, bool withDefault, std::vector<AbilityInfo>& abilityInfos, bool& findDefaultApp)
455 {
456 APP_DOMAIN_VERIFY_HILOGI(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "called");
457 if (!PermissionManager::IsAgentCall()) {
458 APP_DOMAIN_VERIFY_HILOGE(APP_DOMAIN_VERIFY_MGR_MODULE_SERVICE, "only agenet can call");
459 return false;
460 }
461 return BundleInfoQuery::QueryAbilityInfos(url, withDefault, abilityInfos, findDefaultApp);
462 }
463 } // namespace AppDomainVerify
464 } // namespace OHOS
465