1 /*
2 * Copyright (c) 2021-2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "accesstoken_manager_client.h"
17
18 #include "accesstoken_log.h"
19 #include "access_token_error.h"
20 #include "accesstoken_manager_proxy.h"
21 #include "atm_tools_param_info_parcel.h"
22 #include "hap_token_info.h"
23 #include "hap_token_info_for_sync_parcel.h"
24 #include "iservice_registry.h"
25 #include "native_token_info_for_sync_parcel.h"
26 #include "native_token_info.h"
27 #include "parameter.h"
28 #include "permission_grant_info_parcel.h"
29 #include "accesstoken_callbacks.h"
30
31 namespace OHOS {
32 namespace Security {
33 namespace AccessToken {
34 namespace {
35 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
36 LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenManagerClient"
37 };
38 static constexpr int32_t VALUE_MAX_LEN = 32;
39 static const char* ACCESS_TOKEN_SERVICE_INIT_KEY = "accesstoken.permission.init";
40 std::recursive_mutex g_instanceMutex;
41 } // namespace
42 static const uint32_t MAX_CALLBACK_MAP_SIZE = 200;
43
GetInstance()44 AccessTokenManagerClient& AccessTokenManagerClient::GetInstance()
45 {
46 static AccessTokenManagerClient* instance = nullptr;
47 if (instance == nullptr) {
48 std::lock_guard<std::recursive_mutex> lock(g_instanceMutex);
49 if (instance == nullptr) {
50 AccessTokenManagerClient* tmp = new AccessTokenManagerClient();
51 instance = std::move(tmp);
52 }
53 }
54 return *instance;
55 }
56
AccessTokenManagerClient()57 AccessTokenManagerClient::AccessTokenManagerClient()
58 {}
59
~AccessTokenManagerClient()60 AccessTokenManagerClient::~AccessTokenManagerClient()
61 {
62 ACCESSTOKEN_LOG_ERROR(LABEL, "~AccessTokenManagerClient");
63 std::lock_guard<std::mutex> lock(proxyMutex_);
64 ReleaseProxy();
65 }
66
GetUserGrantedPermissionUsedType(AccessTokenID tokenID,const std::string & permissionName)67 PermUsedTypeEnum AccessTokenManagerClient::GetUserGrantedPermissionUsedType(
68 AccessTokenID tokenID, const std::string &permissionName)
69 {
70 auto proxy = GetProxy();
71 if (proxy == nullptr) {
72 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null.");
73 return PermUsedTypeEnum::INVALID_USED_TYPE;
74 }
75 return proxy->GetUserGrantedPermissionUsedType(tokenID, permissionName);
76 }
77
VerifyAccessToken(AccessTokenID tokenID,const std::string & permissionName)78 int AccessTokenManagerClient::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName)
79 {
80 auto proxy = GetProxy();
81 if (proxy != nullptr) {
82 return proxy->VerifyAccessToken(tokenID, permissionName);
83 }
84 char value[VALUE_MAX_LEN] = {0};
85 int32_t ret = GetParameter(ACCESS_TOKEN_SERVICE_INIT_KEY, "", value, VALUE_MAX_LEN - 1);
86 if ((ret < 0) || (static_cast<uint64_t>(std::atoll(value)) != 0)) {
87 ACCESSTOKEN_LOG_ERROR(LABEL, "At service has been started.");
88 return PERMISSION_DENIED;
89 }
90 AccessTokenIDInner *idInner = reinterpret_cast<AccessTokenIDInner *>(&tokenID);
91 if (static_cast<ATokenTypeEnum>(idInner->type) == TOKEN_NATIVE) {
92 ACCESSTOKEN_LOG_INFO(LABEL, "At service has not been started.");
93 return PERMISSION_GRANTED;
94 }
95 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
96 return PERMISSION_DENIED;
97 }
98
GetDefPermission(const std::string & permissionName,PermissionDef & permissionDefResult)99 int AccessTokenManagerClient::GetDefPermission(
100 const std::string& permissionName, PermissionDef& permissionDefResult)
101 {
102 auto proxy = GetProxy();
103 if (proxy == nullptr) {
104 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
105 return AccessTokenError::ERR_SERVICE_ABNORMAL;
106 }
107 PermissionDefParcel permissionDefParcel;
108 int result = proxy->GetDefPermission(permissionName, permissionDefParcel);
109 permissionDefResult = permissionDefParcel.permissionDef;
110 return result;
111 }
112
GetDefPermissions(AccessTokenID tokenID,std::vector<PermissionDef> & permList)113 int AccessTokenManagerClient::GetDefPermissions(AccessTokenID tokenID, std::vector<PermissionDef>& permList)
114 {
115 auto proxy = GetProxy();
116 if (proxy == nullptr) {
117 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
118 return AccessTokenError::ERR_SERVICE_ABNORMAL;
119 }
120 std::vector<PermissionDefParcel> parcelList;
121 int result = proxy->GetDefPermissions(tokenID, parcelList);
122 for (const auto& permParcel : parcelList) {
123 PermissionDef perm = permParcel.permissionDef;
124 permList.emplace_back(perm);
125 }
126 return result;
127 }
128
GetReqPermissions(AccessTokenID tokenID,std::vector<PermissionStateFull> & reqPermList,bool isSystemGrant)129 int AccessTokenManagerClient::GetReqPermissions(
130 AccessTokenID tokenID, std::vector<PermissionStateFull>& reqPermList, bool isSystemGrant)
131 {
132 auto proxy = GetProxy();
133 if (proxy == nullptr) {
134 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
135 return AccessTokenError::ERR_SERVICE_ABNORMAL;
136 }
137 std::vector<PermissionStateFullParcel> parcelList;
138 int result = proxy->GetReqPermissions(tokenID, parcelList, isSystemGrant);
139 for (const auto& permParcel : parcelList) {
140 PermissionStateFull perm = permParcel.permStatFull;
141 reqPermList.emplace_back(perm);
142 }
143 return result;
144 }
145
GetPermissionFlag(AccessTokenID tokenID,const std::string & permissionName,uint32_t & flag)146 int AccessTokenManagerClient::GetPermissionFlag(
147 AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag)
148 {
149 auto proxy = GetProxy();
150 if (proxy == nullptr) {
151 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
152 return AccessTokenError::ERR_SERVICE_ABNORMAL;
153 }
154 return proxy->GetPermissionFlag(tokenID, permissionName, flag);
155 }
156
GetSelfPermissionsState(std::vector<PermissionListState> & permList,PermissionGrantInfo & info)157 PermissionOper AccessTokenManagerClient::GetSelfPermissionsState(std::vector<PermissionListState>& permList,
158 PermissionGrantInfo& info)
159 {
160 auto proxy = GetProxy();
161 if (proxy == nullptr) {
162 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null.");
163 return INVALID_OPER;
164 }
165
166 size_t len = permList.size();
167 if (len == 0) {
168 ACCESSTOKEN_LOG_DEBUG(LABEL, "Len is zero.");
169 return PASS_OPER;
170 }
171
172 std::vector<PermissionListStateParcel> parcelList;
173
174 for (const auto& perm : permList) {
175 PermissionListStateParcel permParcel;
176 permParcel.permsState = perm;
177 parcelList.emplace_back(permParcel);
178 }
179 PermissionGrantInfoParcel infoParcel;
180 PermissionOper result = proxy->GetSelfPermissionsState(parcelList, infoParcel);
181
182 for (uint32_t i = 0; i < len; i++) {
183 PermissionListState perm = parcelList[i].permsState;
184 permList[i].state = perm.state;
185 }
186
187 info = infoParcel.info;
188 return result;
189 }
190
GetPermissionsStatus(AccessTokenID tokenID,std::vector<PermissionListState> & permList)191 int32_t AccessTokenManagerClient::GetPermissionsStatus(
192 AccessTokenID tokenID, std::vector<PermissionListState>& permList)
193 {
194 auto proxy = GetProxy();
195 if (proxy == nullptr) {
196 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null.");
197 return AccessTokenError::ERR_SERVICE_ABNORMAL;
198 }
199
200 size_t len = permList.size();
201 if (len == 0) {
202 ACCESSTOKEN_LOG_ERROR(LABEL, "Len is zero.");
203 return AccessTokenError::ERR_PARAM_INVALID;
204 }
205
206 std::vector<PermissionListStateParcel> parcelList;
207
208 for (const auto& perm : permList) {
209 PermissionListStateParcel permParcel;
210 permParcel.permsState = perm;
211 parcelList.emplace_back(permParcel);
212 }
213 int32_t result = proxy->GetPermissionsStatus(tokenID, parcelList);
214 if (result != RET_SUCCESS) {
215 return result;
216 }
217 for (uint32_t i = 0; i < len; i++) {
218 PermissionListState perm = parcelList[i].permsState;
219 permList[i].state = perm.state;
220 }
221
222 return result;
223 }
224
GrantPermission(AccessTokenID tokenID,const std::string & permissionName,uint32_t flag)225 int AccessTokenManagerClient::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag)
226 {
227 auto proxy = GetProxy();
228 if (proxy == nullptr) {
229 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
230 return AccessTokenError::ERR_SERVICE_ABNORMAL;
231 }
232 return proxy->GrantPermission(tokenID, permissionName, flag);
233 }
234
RevokePermission(AccessTokenID tokenID,const std::string & permissionName,uint32_t flag)235 int AccessTokenManagerClient::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag)
236 {
237 auto proxy = GetProxy();
238 if (proxy == nullptr) {
239 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
240 return AccessTokenError::ERR_SERVICE_ABNORMAL;
241 }
242 return proxy->RevokePermission(tokenID, permissionName, flag);
243 }
244
GrantPermissionForSpecifiedTime(AccessTokenID tokenID,const std::string & permissionName,uint32_t onceTime)245 int AccessTokenManagerClient::GrantPermissionForSpecifiedTime(
246 AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime)
247 {
248 auto proxy = GetProxy();
249 if (proxy == nullptr) {
250 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
251 return AccessTokenError::ERR_SERVICE_ABNORMAL;
252 }
253 return proxy->GrantPermissionForSpecifiedTime(tokenID, permissionName, onceTime);
254 }
255
ClearUserGrantedPermissionState(AccessTokenID tokenID)256 int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID tokenID)
257 {
258 auto proxy = GetProxy();
259 if (proxy == nullptr) {
260 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
261 return AccessTokenError::ERR_SERVICE_ABNORMAL;
262 }
263 return proxy->ClearUserGrantedPermissionState(tokenID);
264 }
265
SetPermissionRequestToggleStatus(const std::string & permissionName,uint32_t status,int32_t userID=0)266 int32_t AccessTokenManagerClient::SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status,
267 int32_t userID = 0)
268 {
269 auto proxy = GetProxy();
270 if (proxy == nullptr) {
271 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null.");
272 return AccessTokenError::ERR_SERVICE_ABNORMAL;
273 }
274 return proxy->SetPermissionRequestToggleStatus(permissionName, status, userID);
275 }
276
GetPermissionRequestToggleStatus(const std::string & permissionName,uint32_t & status,int32_t userID=0)277 int32_t AccessTokenManagerClient::GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status,
278 int32_t userID = 0)
279 {
280 auto proxy = GetProxy();
281 if (proxy == nullptr) {
282 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null.");
283 return AccessTokenError::ERR_SERVICE_ABNORMAL;
284 }
285 return proxy->GetPermissionRequestToggleStatus(permissionName, status, userID);
286 }
287
CreatePermStateChangeCallback(const std::shared_ptr<PermStateChangeCallbackCustomize> & customizedCb,sptr<PermissionStateChangeCallback> & callback)288 int32_t AccessTokenManagerClient::CreatePermStateChangeCallback(
289 const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb,
290 sptr<PermissionStateChangeCallback>& callback)
291 {
292 std::lock_guard<std::mutex> lock(callbackMutex_);
293 if (callbackMap_.size() == MAX_CALLBACK_MAP_SIZE) {
294 ACCESSTOKEN_LOG_ERROR(LABEL, "The maximum number of callback has been reached");
295 return AccessTokenError::ERR_CALLBACKS_EXCEED_LIMITATION;
296 }
297
298 auto goalCallback = callbackMap_.find(customizedCb);
299 if (goalCallback != callbackMap_.end()) {
300 ACCESSTOKEN_LOG_ERROR(LABEL, "Already has the same callback");
301 return AccessTokenError::ERR_CALLBACK_ALREADY_EXIST;
302 } else {
303 callback = new (std::nothrow) PermissionStateChangeCallback(customizedCb);
304 if (!callback) {
305 ACCESSTOKEN_LOG_ERROR(LABEL, "Memory allocation for callback failed!");
306 return AccessTokenError::ERR_SERVICE_ABNORMAL;
307 }
308 }
309 return RET_SUCCESS;
310 }
311
RegisterPermStateChangeCallback(const std::shared_ptr<PermStateChangeCallbackCustomize> & customizedCb)312 int32_t AccessTokenManagerClient::RegisterPermStateChangeCallback(
313 const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb)
314 {
315 if (customizedCb == nullptr) {
316 ACCESSTOKEN_LOG_ERROR(LABEL, "CustomizedCb is nullptr");
317 return AccessTokenError::ERR_PARAM_INVALID;
318 }
319
320 sptr<PermissionStateChangeCallback> callback = nullptr;
321 int32_t result = CreatePermStateChangeCallback(customizedCb, callback);
322 if (result != RET_SUCCESS) {
323 return result;
324 }
325 auto proxy = GetProxy();
326 if (proxy == nullptr) {
327 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
328 return AccessTokenError::ERR_SERVICE_ABNORMAL;
329 }
330
331 PermStateChangeScopeParcel scopeParcel;
332 customizedCb->GetScope(scopeParcel.scope);
333
334 if (scopeParcel.scope.permList.size() > PERMS_LIST_SIZE_MAX ||
335 scopeParcel.scope.tokenIDs.size() > TOKENIDS_LIST_SIZE_MAX) {
336 ACCESSTOKEN_LOG_ERROR(LABEL, "Scope oversize");
337 return AccessTokenError::ERR_PARAM_INVALID;
338 }
339 result = proxy->RegisterPermStateChangeCallback(scopeParcel, callback->AsObject());
340 if (result == RET_SUCCESS) {
341 std::lock_guard<std::mutex> lock(callbackMutex_);
342 callbackMap_[customizedCb] = callback;
343 }
344 return result;
345 }
346
UnRegisterPermStateChangeCallback(const std::shared_ptr<PermStateChangeCallbackCustomize> & customizedCb)347 int32_t AccessTokenManagerClient::UnRegisterPermStateChangeCallback(
348 const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb)
349 {
350 auto proxy = GetProxy();
351 if (proxy == nullptr) {
352 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
353 return AccessTokenError::ERR_SERVICE_ABNORMAL;
354 }
355
356 std::lock_guard<std::mutex> lock(callbackMutex_);
357 auto goalCallback = callbackMap_.find(customizedCb);
358 if (goalCallback == callbackMap_.end()) {
359 ACCESSTOKEN_LOG_ERROR(LABEL, "GoalCallback already is not exist");
360 return AccessTokenError::ERR_INTERFACE_NOT_USED_TOGETHER;
361 }
362
363 int32_t result = proxy->UnRegisterPermStateChangeCallback(goalCallback->second->AsObject());
364 if (result == RET_SUCCESS) {
365 callbackMap_.erase(goalCallback);
366 }
367 return result;
368 }
369
AllocHapToken(const HapInfoParams & info,const HapPolicyParams & policy)370 AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy)
371 {
372 AccessTokenIDEx tokenIdEx = { 0 };
373 auto proxy = GetProxy();
374 if (proxy == nullptr) {
375 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
376 return tokenIdEx;
377 }
378 HapInfoParcel hapInfoParcel;
379 HapPolicyParcel hapPolicyParcel;
380 hapInfoParcel.hapInfoParameter = info;
381 hapPolicyParcel.hapPolicyParameter = policy;
382
383 return proxy->AllocHapToken(hapInfoParcel, hapPolicyParcel);
384 }
385
InitHapToken(const HapInfoParams & info,HapPolicyParams & policy,AccessTokenIDEx & fullTokenId)386 int32_t AccessTokenManagerClient::InitHapToken(const HapInfoParams& info, HapPolicyParams& policy,
387 AccessTokenIDEx& fullTokenId)
388 {
389 auto proxy = GetProxy();
390 if (proxy == nullptr) {
391 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null.");
392 return AccessTokenError::ERR_SERVICE_ABNORMAL;
393 }
394 HapInfoParcel hapInfoParcel;
395 HapPolicyParcel hapPolicyParcel;
396 hapInfoParcel.hapInfoParameter = info;
397 hapPolicyParcel.hapPolicyParameter = policy;
398
399 return proxy->InitHapToken(hapInfoParcel, hapPolicyParcel, fullTokenId);
400 }
401
DeleteToken(AccessTokenID tokenID)402 int AccessTokenManagerClient::DeleteToken(AccessTokenID tokenID)
403 {
404 auto proxy = GetProxy();
405 if (proxy == nullptr) {
406 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
407 return AccessTokenError::ERR_SERVICE_ABNORMAL;
408 }
409 return proxy->DeleteToken(tokenID);
410 }
411
GetTokenType(AccessTokenID tokenID)412 ATokenTypeEnum AccessTokenManagerClient::GetTokenType(AccessTokenID tokenID)
413 {
414 auto proxy = GetProxy();
415 if (proxy == nullptr) {
416 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
417 return TOKEN_INVALID;
418 }
419 return static_cast<ATokenTypeEnum>(proxy->GetTokenType(tokenID));
420 }
421
CheckNativeDCap(AccessTokenID tokenID,const std::string & dcap)422 int AccessTokenManagerClient::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap)
423 {
424 auto proxy = GetProxy();
425 if (proxy == nullptr) {
426 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
427 return AccessTokenError::ERR_SERVICE_ABNORMAL;
428 }
429 return proxy->CheckNativeDCap(tokenID, dcap);
430 }
431
GetHapTokenID(int32_t userID,const std::string & bundleName,int32_t instIndex)432 AccessTokenIDEx AccessTokenManagerClient::GetHapTokenID(
433 int32_t userID, const std::string& bundleName, int32_t instIndex)
434 {
435 AccessTokenIDEx result = {0};
436 auto proxy = GetProxy();
437 if (proxy == nullptr) {
438 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
439 return result;
440 }
441 return proxy->GetHapTokenID(userID, bundleName, instIndex);
442 }
443
AllocLocalTokenID(const std::string & remoteDeviceID,AccessTokenID remoteTokenID)444 AccessTokenID AccessTokenManagerClient::AllocLocalTokenID(
445 const std::string& remoteDeviceID, AccessTokenID remoteTokenID)
446 {
447 auto proxy = GetProxy();
448 if (proxy == nullptr) {
449 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
450 return INVALID_TOKENID;
451 }
452 return proxy->AllocLocalTokenID(remoteDeviceID, remoteTokenID);
453 }
454
UpdateHapToken(AccessTokenIDEx & tokenIdEx,const UpdateHapInfoParams & info,const HapPolicyParams & policy)455 int32_t AccessTokenManagerClient::UpdateHapToken(
456 AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, const HapPolicyParams& policy)
457 {
458 auto proxy = GetProxy();
459 if (proxy == nullptr) {
460 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
461 return AccessTokenError::ERR_SERVICE_ABNORMAL;
462 }
463 HapPolicyParcel hapPolicyParcel;
464 hapPolicyParcel.hapPolicyParameter = policy;
465 return proxy->UpdateHapToken(tokenIdEx, info, hapPolicyParcel);
466 }
467
GetHapTokenInfo(AccessTokenID tokenID,HapTokenInfo & hapTokenInfoRes)468 int AccessTokenManagerClient::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes)
469 {
470 auto proxy = GetProxy();
471 if (proxy == nullptr) {
472 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
473 return AccessTokenError::ERR_SERVICE_ABNORMAL;
474 }
475 HapTokenInfoParcel hapTokenInfoParcel;
476 int res = proxy->GetHapTokenInfo(tokenID, hapTokenInfoParcel);
477
478 hapTokenInfoRes = hapTokenInfoParcel.hapTokenInfoParams;
479 return res;
480 }
481
GetNativeTokenInfo(AccessTokenID tokenID,NativeTokenInfo & nativeTokenInfoRes)482 int AccessTokenManagerClient::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes)
483 {
484 auto proxy = GetProxy();
485 if (proxy == nullptr) {
486 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
487 return AccessTokenError::ERR_SERVICE_ABNORMAL;
488 }
489 NativeTokenInfoParcel nativeTokenInfoParcel;
490 int res = proxy->GetNativeTokenInfo(tokenID, nativeTokenInfoParcel);
491 nativeTokenInfoRes = nativeTokenInfoParcel.nativeTokenInfoParams;
492 return res;
493 }
494
495 #ifndef ATM_BUILD_VARIANT_USER_ENABLE
ReloadNativeTokenInfo()496 int32_t AccessTokenManagerClient::ReloadNativeTokenInfo()
497 {
498 auto proxy = GetProxy();
499 if (proxy == nullptr) {
500 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
501 return AccessTokenError::ERR_SERVICE_ABNORMAL;
502 }
503 return proxy->ReloadNativeTokenInfo();
504 }
505 #endif
506
GetNativeTokenId(const std::string & processName)507 AccessTokenID AccessTokenManagerClient::GetNativeTokenId(const std::string& processName)
508 {
509 auto proxy = GetProxy();
510 if (proxy == nullptr) {
511 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
512 return INVALID_TOKENID;
513 }
514 return proxy->GetNativeTokenId(processName);
515 }
516
517 #ifdef TOKEN_SYNC_ENABLE
GetHapTokenInfoFromRemote(AccessTokenID tokenID,HapTokenInfoForSync & hapSync)518 int AccessTokenManagerClient::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync)
519 {
520 auto proxy = GetProxy();
521 if (proxy == nullptr) {
522 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
523 return AccessTokenError::ERR_SERVICE_ABNORMAL;
524 }
525
526 HapTokenInfoForSyncParcel hapSyncParcel;
527 int res = proxy->GetHapTokenInfoFromRemote(tokenID, hapSyncParcel);
528 hapSync = hapSyncParcel.hapTokenInfoForSyncParams;
529 return res;
530 }
531
SetRemoteHapTokenInfo(const std::string & deviceID,const HapTokenInfoForSync & hapSync)532 int AccessTokenManagerClient::SetRemoteHapTokenInfo(const std::string& deviceID, const HapTokenInfoForSync& hapSync)
533 {
534 auto proxy = GetProxy();
535 if (proxy == nullptr) {
536 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
537 return AccessTokenError::ERR_SERVICE_ABNORMAL;
538 }
539
540 HapTokenInfoForSyncParcel hapSyncParcel;
541 hapSyncParcel.hapTokenInfoForSyncParams = hapSync;
542
543 int res = proxy->SetRemoteHapTokenInfo(deviceID, hapSyncParcel);
544 return res;
545 }
546
DeleteRemoteToken(const std::string & deviceID,AccessTokenID tokenID)547 int AccessTokenManagerClient::DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID)
548 {
549 auto proxy = GetProxy();
550 if (proxy == nullptr) {
551 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
552 return AccessTokenError::ERR_SERVICE_ABNORMAL;
553 }
554
555 int res = proxy->DeleteRemoteToken(deviceID, tokenID);
556 return res;
557 }
558
GetRemoteNativeTokenID(const std::string & deviceID,AccessTokenID tokenID)559 AccessTokenID AccessTokenManagerClient::GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID)
560 {
561 auto proxy = GetProxy();
562 if (proxy == nullptr) {
563 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
564 return INVALID_TOKENID;
565 }
566
567 AccessTokenID res = proxy->GetRemoteNativeTokenID(deviceID, tokenID);
568 return res;
569 }
570
DeleteRemoteDeviceTokens(const std::string & deviceID)571 int AccessTokenManagerClient::DeleteRemoteDeviceTokens(const std::string& deviceID)
572 {
573 auto proxy = GetProxy();
574 if (proxy == nullptr) {
575 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
576 return AccessTokenError::ERR_SERVICE_ABNORMAL;
577 }
578
579 int res = proxy->DeleteRemoteDeviceTokens(deviceID);
580 return res;
581 }
582
RegisterTokenSyncCallback(const std::shared_ptr<TokenSyncKitInterface> & syncCallback)583 int32_t AccessTokenManagerClient::RegisterTokenSyncCallback(
584 const std::shared_ptr<TokenSyncKitInterface>& syncCallback)
585 {
586 auto proxy = GetProxy();
587 if (proxy == nullptr) {
588 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null.");
589 return AccessTokenError::ERR_SERVICE_ABNORMAL;
590 }
591
592 if (syncCallback == nullptr) {
593 ACCESSTOKEN_LOG_ERROR(LABEL, "Input callback is null.");
594 return AccessTokenError::ERR_PARAM_INVALID;
595 }
596
597 sptr<TokenSyncCallback> callback = sptr<TokenSyncCallback>(new TokenSyncCallback(syncCallback));
598
599 std::lock_guard<std::mutex> lock(tokenSyncCallbackMutex_);
600 int32_t res = proxy->RegisterTokenSyncCallback(callback->AsObject());
601 if (res == RET_SUCCESS) {
602 tokenSyncCallback_ = callback;
603 syncCallbackImpl_ = syncCallback;
604 }
605 return res;
606 }
607
UnRegisterTokenSyncCallback()608 int32_t AccessTokenManagerClient::UnRegisterTokenSyncCallback()
609 {
610 auto proxy = GetProxy();
611 if (proxy == nullptr) {
612 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null.");
613 return AccessTokenError::ERR_SERVICE_ABNORMAL;
614 }
615 std::lock_guard<std::mutex> lock(tokenSyncCallbackMutex_);
616 int32_t res = proxy->UnRegisterTokenSyncCallback();
617 if (res == RET_SUCCESS) {
618 tokenSyncCallback_ = nullptr;
619 syncCallbackImpl_ = nullptr;
620 }
621 return res;
622 }
623 #endif
624
DumpTokenInfo(const AtmToolsParamInfo & info,std::string & dumpInfo)625 void AccessTokenManagerClient::DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo)
626 {
627 auto proxy = GetProxy();
628 if (proxy == nullptr) {
629 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
630 return;
631 }
632
633 AtmToolsParamInfoParcel infoParcel;
634 infoParcel.info = info;
635 proxy->DumpTokenInfo(infoParcel, dumpInfo);
636 }
637
GetVersion(uint32_t & version)638 int32_t AccessTokenManagerClient::GetVersion(uint32_t& version)
639 {
640 auto proxy = GetProxy();
641 if (proxy == nullptr) {
642 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null.");
643 return AccessTokenError::ERR_SERVICE_ABNORMAL;
644 }
645
646 return proxy->GetVersion(version);
647 }
648
InitProxy()649 void AccessTokenManagerClient::InitProxy()
650 {
651 if (proxy_ == nullptr) {
652 auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
653 if (sam == nullptr) {
654 ACCESSTOKEN_LOG_ERROR(LABEL, "GetSystemAbilityManager is null");
655 return;
656 }
657 sptr<IRemoteObject> accesstokenSa =
658 sam->GetSystemAbility(IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE);
659 if (accesstokenSa == nullptr) {
660 ACCESSTOKEN_LOG_ERROR(LABEL, "GetSystemAbility %{public}d is null",
661 IAccessTokenManager::SA_ID_ACCESSTOKEN_MANAGER_SERVICE);
662 return;
663 }
664
665 serviceDeathObserver_ = sptr<AccessTokenDeathRecipient>::MakeSptr();
666 if (serviceDeathObserver_ != nullptr) {
667 accesstokenSa->AddDeathRecipient(serviceDeathObserver_);
668 }
669 proxy_ = new AccessTokenManagerProxy(accesstokenSa);
670 if (proxy_ == nullptr) {
671 ACCESSTOKEN_LOG_ERROR(LABEL, "Iface_cast get null");
672 }
673 }
674 }
675
OnRemoteDiedHandle()676 void AccessTokenManagerClient::OnRemoteDiedHandle()
677 {
678 {
679 std::lock_guard<std::mutex> lock(proxyMutex_);
680 ReleaseProxy();
681 InitProxy();
682 }
683
684 #ifdef TOKEN_SYNC_ENABLE
685 if (syncCallbackImpl_ != nullptr) {
686 RegisterTokenSyncCallback(syncCallbackImpl_); // re-register callback when AT crashes
687 }
688 #endif // TOKEN_SYNC_ENABLE
689 }
690
GetProxy()691 sptr<IAccessTokenManager> AccessTokenManagerClient::GetProxy()
692 {
693 std::lock_guard<std::mutex> lock(proxyMutex_);
694 if (proxy_ == nullptr) {
695 InitProxy();
696 }
697 return proxy_;
698 }
699
SetPermDialogCap(const HapBaseInfo & hapBaseInfo,bool enable)700 int32_t AccessTokenManagerClient::SetPermDialogCap(const HapBaseInfo& hapBaseInfo, bool enable)
701 {
702 auto proxy = GetProxy();
703 if (proxy == nullptr) {
704 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
705 return AccessTokenError::ERR_SERVICE_ABNORMAL;
706 }
707 HapBaseInfoParcel hapBaseInfoParcel;
708 hapBaseInfoParcel.hapBaseInfo = hapBaseInfo;
709 return proxy->SetPermDialogCap(hapBaseInfoParcel, enable);
710 }
711
GetPermissionManagerInfo(PermissionGrantInfo & info)712 void AccessTokenManagerClient::GetPermissionManagerInfo(PermissionGrantInfo& info)
713 {
714 auto proxy = GetProxy();
715 if (proxy == nullptr) {
716 ACCESSTOKEN_LOG_ERROR(LABEL, "Proxy is null");
717 return;
718 }
719 PermissionGrantInfoParcel infoParcel;
720 proxy->GetPermissionManagerInfo(infoParcel);
721 info = infoParcel.info;
722 }
723
ReleaseProxy()724 void AccessTokenManagerClient::ReleaseProxy()
725 {
726 if (proxy_ != nullptr && serviceDeathObserver_ != nullptr) {
727 proxy_->AsObject()->RemoveDeathRecipient(serviceDeathObserver_);
728 }
729 proxy_ = nullptr;
730 serviceDeathObserver_ = nullptr;
731 }
732 } // namespace AccessToken
733 } // namespace Security
734 } // namespace OHOS
735