1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "remote_auth_service.h"
17
18 #include "iam_check.h"
19 #include "iam_defines.h"
20 #include "iam_logger.h"
21 #include "iam_para2str.h"
22 #include "iam_ptr.h"
23
24 #include "context_factory.h"
25 #include "context_helper.h"
26 #include "context_pool.h"
27 #include "device_manager_util.h"
28 #include "hdi_wrapper.h"
29 #include "remote_executor_stub.h"
30 #include "remote_iam_callback.h"
31 #include "remote_msg_util.h"
32
33 #define LOG_TAG "USER_AUTH_SA"
34
35 namespace OHOS {
36 namespace UserIam {
37 namespace UserAuth {
38 class RemoteAuthServiceImpl : public RemoteAuthService {
39 public:
40 static RemoteAuthServiceImpl &GetInstance();
41 RemoteAuthServiceImpl() = default;
42 ~RemoteAuthServiceImpl() override = default;
43
44 bool Start() override;
45 void OnMessage(const std::string &connectionName, const std::string &srcEndPoint,
46 const std::shared_ptr<Attributes> &request, std::shared_ptr<Attributes> &reply) override;
47
48 int32_t ProcStartRemoteAuthRequest(const std::string &connectionName, const std::shared_ptr<Attributes> &request,
49 std::shared_ptr<Attributes> &reply) override;
50 int32_t ProcQueryExecutorInfoRequest(const std::shared_ptr<Attributes> &request,
51 std::shared_ptr<Attributes> &reply) override;
52 int32_t ProcBeginExecuteRequest(const std::shared_ptr<Attributes> &request,
53 std::shared_ptr<Attributes> &reply) override;
54 int32_t ProcEndExecuteRequest(const std::shared_ptr<Attributes> &request,
55 std::shared_ptr<Attributes> &reply) override;
56
57 uint64_t StartRemoteAuthContext(Authentication::AuthenticationPara para,
58 RemoteAuthContextParam remoteAuthContextParam,
59 const std::shared_ptr<ContextCallback> &contextCallback, int &lastError) override;
60
61 private:
62 std::shared_ptr<ContextCallback> GetRemoteAuthContextCallback(std::string connectionName,
63 Authentication::AuthenticationPara para);
64 std::recursive_mutex mutex_;
65 std::map<uint64_t, std::shared_ptr<RemoteExecutorStub>> scheduleId2executorStub_;
66 };
67
68 class RemoteAuthServiceImplConnectionListener : public ConnectionListener {
69 public:
70 RemoteAuthServiceImplConnectionListener() = default;
71 ~RemoteAuthServiceImplConnectionListener() override = default;
72
OnMessage(const std::string & connectionName,const std::string & srcEndPoint,const std::shared_ptr<Attributes> & request,std::shared_ptr<Attributes> & reply)73 void OnMessage(const std::string &connectionName, const std::string &srcEndPoint,
74 const std::shared_ptr<Attributes> &request, std::shared_ptr<Attributes> &reply) override
75 {
76 IF_FALSE_LOGE_AND_RETURN(request != nullptr);
77 IF_FALSE_LOGE_AND_RETURN(reply != nullptr);
78
79 IAM_LOGI("connectionName: %{public}s, srcEndPoint: %{public}s", connectionName.c_str(), srcEndPoint.c_str());
80
81 RemoteAuthServiceImpl::GetInstance().OnMessage(connectionName, srcEndPoint, request, reply);
82 }
83
OnConnectStatus(const std::string & connectionName,ConnectStatus connectStatus)84 void OnConnectStatus(const std::string &connectionName, ConnectStatus connectStatus) override
85 {
86 }
87 };
88
GetInstance()89 RemoteAuthServiceImpl &RemoteAuthServiceImpl::GetInstance()
90 {
91 static RemoteAuthServiceImpl remoteAuthServiceImpl;
92 return remoteAuthServiceImpl;
93 }
94
Start()95 bool RemoteAuthServiceImpl::Start()
96 {
97 std::lock_guard<std::recursive_mutex> lock(mutex_);
98 IAM_LOGI("start");
99
100 static auto callback = Common::MakeShared<RemoteAuthServiceImplConnectionListener>();
101 IF_FALSE_LOGE_AND_RETURN_VAL(callback != nullptr, false);
102 ResultCode registerResult = RemoteConnectionManager::GetInstance().RegisterConnectionListener(
103 REMOTE_SERVICE_ENDPOINT_NAME, callback);
104 IF_FALSE_LOGE_AND_RETURN_VAL(registerResult == SUCCESS, false);
105 IAM_LOGI("success");
106 return true;
107 }
108
OnMessage(const std::string & connectionName,const std::string & srcEndPoint,const std::shared_ptr<Attributes> & request,std::shared_ptr<Attributes> & reply)109 void RemoteAuthServiceImpl::OnMessage(const std::string &connectionName, const std::string &srcEndPoint,
110 const std::shared_ptr<Attributes> &request, std::shared_ptr<Attributes> &reply)
111 {
112 IAM_LOGI("start");
113 std::lock_guard<std::recursive_mutex> lock(mutex_);
114
115 IF_FALSE_LOGE_AND_RETURN(request != nullptr);
116 IF_FALSE_LOGE_AND_RETURN(reply != nullptr);
117
118 int32_t msgType;
119 bool getMsgTypeRet = request->GetInt32Value(Attributes::ATTR_MSG_TYPE, msgType);
120 IF_FALSE_LOGE_AND_RETURN(getMsgTypeRet);
121
122 IAM_LOGI("msgType is %{public}d", msgType);
123 int32_t resultCode = ResultCode::GENERAL_ERROR;
124 switch (msgType) {
125 case START_REMOTE_AUTH:
126 resultCode = ProcStartRemoteAuthRequest(connectionName, request, reply);
127 break;
128 case QUERY_EXECUTOR_INFO:
129 resultCode = ProcQueryExecutorInfoRequest(request, reply);
130 break;
131 case BEGIN_EXECUTE:
132 resultCode = ProcBeginExecuteRequest(request, reply);
133 break;
134 case END_EXECUTE:
135 resultCode = ProcEndExecuteRequest(request, reply);
136 break;
137 case KEEP_ALIVE:
138 resultCode = SUCCESS;
139 break;
140 default:
141 IAM_LOGE("unsupported request type: %{public}d", msgType);
142 break;
143 }
144
145 bool setResultCodeRet = reply->SetInt32Value(Attributes::ATTR_RESULT_CODE, resultCode);
146 IF_FALSE_LOGE_AND_RETURN(setResultCodeRet);
147
148 IAM_LOGI("success, msg result %{public}d", resultCode);
149 }
150
StartRemoteAuthContext(Authentication::AuthenticationPara para,RemoteAuthContextParam remoteAuthContextParam,const std::shared_ptr<ContextCallback> & contextCallback,int & lastError)151 uint64_t RemoteAuthServiceImpl::StartRemoteAuthContext(Authentication::AuthenticationPara para,
152 RemoteAuthContextParam remoteAuthContextParam, const std::shared_ptr<ContextCallback> &contextCallback,
153 int &lastError)
154 {
155 IAM_LOGI("start");
156 IF_FALSE_LOGE_AND_RETURN_VAL(contextCallback != nullptr, BAD_CONTEXT_ID);
157 Attributes extraInfo;
158 std::shared_ptr<Context> context = ContextFactory::CreateRemoteAuthContext(para, remoteAuthContextParam,
159 contextCallback);
160 if (context == nullptr || !ContextPool::Instance().Insert(context)) {
161 IAM_LOGE("failed to insert context");
162 contextCallback->SetTraceAuthFinishReason("RemoteAuthServiceImpl StartRemoteAuthContext insert context fail");
163 contextCallback->OnResult(GENERAL_ERROR, extraInfo);
164 return BAD_CONTEXT_ID;
165 }
166 contextCallback->SetCleaner(ContextHelper::Cleaner(context));
167 contextCallback->SetTraceRequestContextId(context->GetContextId());
168 contextCallback->SetTraceAuthContextId(context->GetContextId());
169
170 if (!context->Start()) {
171 lastError = context->GetLatestError();
172 IAM_LOGE("failed to start auth errorCode:%{public}d", lastError);
173 return BAD_CONTEXT_ID;
174 }
175 lastError = SUCCESS;
176 IAM_LOGI("success");
177 return context->GetContextId();
178 }
179
GetRemoteAuthContextCallback(std::string connectionName,Authentication::AuthenticationPara para)180 std::shared_ptr<ContextCallback> RemoteAuthServiceImpl::GetRemoteAuthContextCallback(std::string connectionName,
181 Authentication::AuthenticationPara para)
182 {
183 sptr<IIamCallback> callback(new RemoteIamCallback(connectionName));
184 IF_FALSE_LOGE_AND_RETURN_VAL(callback != nullptr, nullptr);
185
186 auto contextCallback = ContextCallback::NewInstance(callback, TRACE_AUTH_USER_ALL);
187 IF_FALSE_LOGE_AND_RETURN_VAL(contextCallback != nullptr, nullptr);
188 contextCallback->SetTraceUserId(para.userId);
189 contextCallback->SetTraceAuthWidgetType(para.authType);
190 contextCallback->SetTraceAuthType(para.authType);
191 contextCallback->SetTraceAuthTrustLevel(para.atl);
192 contextCallback->SetTraceSdkVersion(para.sdkVersion);
193 contextCallback->SetTraceCallerName(para.callerName);
194 contextCallback->SetTraceCallerType(para.callerType);
195 return contextCallback;
196 }
197
ProcStartRemoteAuthRequest(const std::string & connectionName,const std::shared_ptr<Attributes> & request,std::shared_ptr<Attributes> & reply)198 int32_t RemoteAuthServiceImpl::ProcStartRemoteAuthRequest(const std::string &connectionName,
199 const std::shared_ptr<Attributes> &request, std::shared_ptr<Attributes> &reply)
200 {
201 std::lock_guard<std::recursive_mutex> lock(mutex_);
202 IAM_LOGI("start");
203 AuthParamInner authParam = {};
204 bool getAuthParamRet = RemoteMsgUtil::DecodeAuthParam(*request, authParam);
205 IF_FALSE_LOGE_AND_RETURN_VAL(getAuthParamRet, GENERAL_ERROR);
206
207 std::string collectorNetworkId;
208 bool getCollectorNetworkIdRet = request->GetStringValue(Attributes::ATTR_COLLECTOR_NETWORK_ID, collectorNetworkId);
209 IF_FALSE_LOGE_AND_RETURN_VAL(getCollectorNetworkIdRet, GENERAL_ERROR);
210
211 uint32_t collectorTokenId;
212 bool getCollectorTokenIdRet = request->GetUint32Value(Attributes::ATTR_COLLECTOR_TOKEN_ID, collectorTokenId);
213 IF_FALSE_LOGE_AND_RETURN_VAL(getCollectorTokenIdRet, GENERAL_ERROR);
214
215 Authentication::AuthenticationPara para = {};
216 para.userId = authParam.userId;
217 para.authType = authParam.authType;
218 para.atl = authParam.authTrustLevel;
219 para.collectorTokenId = collectorTokenId;
220 para.challenge = authParam.challenge;
221 para.sdkVersion = INNER_API_VERSION_10000;
222
223 bool getCallerNameRet = request->GetStringValue(Attributes::ATTR_CALLER_NAME, para.callerName);
224 IF_FALSE_LOGE_AND_RETURN_VAL(getCallerNameRet, GENERAL_ERROR);
225 bool getCallerTypeRet = request->GetInt32Value(Attributes::ATTR_CALLER_TYPE, para.callerType);
226 IF_FALSE_LOGE_AND_RETURN_VAL(getCallerTypeRet, GENERAL_ERROR);
227
228 RemoteAuthContextParam remoteAuthContextParam;
229 remoteAuthContextParam.authType = authParam.authType;
230 remoteAuthContextParam.connectionName = connectionName;
231 remoteAuthContextParam.collectorNetworkId = collectorNetworkId;
232 remoteAuthContextParam.executorInfoMsg = request->Serialize();
233
234 auto contextCallback = GetRemoteAuthContextCallback(connectionName, para);
235 IF_FALSE_LOGE_AND_RETURN_VAL(contextCallback != nullptr, GENERAL_ERROR);
236
237 int32_t lastError;
238 auto contextId = StartRemoteAuthContext(para, remoteAuthContextParam, contextCallback, lastError);
239 IF_FALSE_LOGE_AND_RETURN_VAL(contextId != BAD_CONTEXT_ID, lastError);
240
241 bool setContextIdRet = reply->SetUint64Value(Attributes::ATTR_CONTEXT_ID, contextId);
242 IF_FALSE_LOGE_AND_RETURN_VAL(setContextIdRet, GENERAL_ERROR);
243
244 IAM_LOGI("success");
245 return SUCCESS;
246 }
247
ProcQueryExecutorInfoRequest(const std::shared_ptr<Attributes> & request,std::shared_ptr<Attributes> & reply)248 int32_t RemoteAuthServiceImpl::ProcQueryExecutorInfoRequest(const std::shared_ptr<Attributes> &request,
249 std::shared_ptr<Attributes> &reply)
250 {
251 std::lock_guard<std::recursive_mutex> lock(mutex_);
252 IAM_LOGI("start");
253
254 std::vector<int32_t> authTypes;
255 bool getAuthTypesRet = request->GetInt32ArrayValue(Attributes::ATTR_AUTH_TYPES, authTypes);
256 IF_FALSE_LOGE_AND_RETURN_VAL(getAuthTypesRet, GENERAL_ERROR);
257
258 int32_t executorRole;
259 bool getExecutorRoleRet = request->GetInt32Value(Attributes::ATTR_EXECUTOR_ROLE, executorRole);
260 IF_FALSE_LOGE_AND_RETURN_VAL(getExecutorRoleRet, GENERAL_ERROR);
261
262 std::string srcUdid;
263 bool getSrcUdidRet = request->GetStringValue(Attributes::ATTR_MSG_SRC_UDID, srcUdid);
264 IF_FALSE_LOGE_AND_RETURN_VAL(getSrcUdidRet, GENERAL_ERROR);
265
266 ResultCode getQueryExecutorInfoRet = RemoteMsgUtil::GetQueryExecutorInfoReply(authTypes, executorRole,
267 srcUdid, *reply);
268 IF_FALSE_LOGE_AND_RETURN_VAL(getQueryExecutorInfoRet == SUCCESS, getQueryExecutorInfoRet);
269
270 IAM_LOGI("success");
271 return SUCCESS;
272 }
273
ProcBeginExecuteRequest(const std::shared_ptr<Attributes> & request,std::shared_ptr<Attributes> & reply)274 int32_t RemoteAuthServiceImpl::ProcBeginExecuteRequest(const std::shared_ptr<Attributes> &request,
275 std::shared_ptr<Attributes> &reply)
276 {
277 std::lock_guard<std::recursive_mutex> lock(mutex_);
278 IAM_LOGI("start");
279
280 std::shared_ptr<RemoteExecutorStub> executorStub = Common::MakeShared<RemoteExecutorStub>();
281 IF_FALSE_LOGE_AND_RETURN_VAL(executorStub != nullptr, GENERAL_ERROR);
282
283 RemoteExecuteTrace traceInfo;
284 traceInfo.operationResult = executorStub->ProcBeginExecuteRequest(*request, traceInfo);
285 ReportRemoteExecuteProc(traceInfo);
286 IF_FALSE_LOGE_AND_RETURN_VAL(traceInfo.operationResult == SUCCESS, GENERAL_ERROR);
287
288 scheduleId2executorStub_.emplace(traceInfo.scheduleId, executorStub);
289 IAM_LOGI("scheduleId %{public}s begin execute success", GET_MASKED_STRING(traceInfo.scheduleId).c_str());
290 return SUCCESS;
291 }
292
ProcEndExecuteRequest(const std::shared_ptr<Attributes> & request,std::shared_ptr<Attributes> & reply)293 int32_t RemoteAuthServiceImpl::ProcEndExecuteRequest(const std::shared_ptr<Attributes> &request,
294 std::shared_ptr<Attributes> &reply)
295 {
296 std::lock_guard<std::recursive_mutex> lock(mutex_);
297 IAM_LOGI("start");
298
299 uint64_t scheduleId;
300 bool getScheduleIdRet = request->GetUint64Value(Attributes::ATTR_SCHEDULE_ID, scheduleId);
301 IF_FALSE_LOGE_AND_RETURN_VAL(getScheduleIdRet, GENERAL_ERROR);
302
303 auto it = scheduleId2executorStub_.find(scheduleId);
304 IF_FALSE_LOGE_AND_RETURN_VAL(it != scheduleId2executorStub_.end(), GENERAL_ERROR);
305 scheduleId2executorStub_.erase(it);
306 IAM_LOGI("scheduleId %{public}s end execute success", GET_MASKED_STRING(scheduleId).c_str());
307 return SUCCESS;
308 }
309
GetInstance()310 RemoteAuthService &RemoteAuthService::GetInstance()
311 {
312 RemoteAuthServiceImpl &impl = RemoteAuthServiceImpl::GetInstance();
313 return impl;
314 }
315 } // namespace UserAuth
316 } // namespace UserIam
317 } // namespace OHOS
318