1fc0b0055Sopenharmony_ci/* 2fc0b0055Sopenharmony_ci * Copyright (c) 2021-2024 Huawei Device Co., Ltd. 3fc0b0055Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 4fc0b0055Sopenharmony_ci * you may not use this file except in compliance with the License. 5fc0b0055Sopenharmony_ci * You may obtain a copy of the License at 6fc0b0055Sopenharmony_ci * 7fc0b0055Sopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 8fc0b0055Sopenharmony_ci * 9fc0b0055Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software 10fc0b0055Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 11fc0b0055Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12fc0b0055Sopenharmony_ci * See the License for the specific language governing permissions and 13fc0b0055Sopenharmony_ci * limitations under the License. 14fc0b0055Sopenharmony_ci */ 15fc0b0055Sopenharmony_ci 16fc0b0055Sopenharmony_ci#include "accesstoken_kit.h" 17fc0b0055Sopenharmony_ci#include <string> 18fc0b0055Sopenharmony_ci#include <vector> 19fc0b0055Sopenharmony_ci#include "accesstoken_dfx_define.h" 20fc0b0055Sopenharmony_ci#include "accesstoken_log.h" 21fc0b0055Sopenharmony_ci#include "access_token_error.h" 22fc0b0055Sopenharmony_ci#include "accesstoken_manager_client.h" 23fc0b0055Sopenharmony_ci#include "constant_common.h" 24fc0b0055Sopenharmony_ci#include "data_validator.h" 25fc0b0055Sopenharmony_ci#include "hap_token_info.h" 26fc0b0055Sopenharmony_ci#include "permission_def.h" 27fc0b0055Sopenharmony_ci#include "permission_map.h" 28fc0b0055Sopenharmony_ci#include "perm_setproc.h" 29fc0b0055Sopenharmony_ci#include "perm_state_change_callback_customize.h" 30fc0b0055Sopenharmony_ci#include "tokenid_kit.h" 31fc0b0055Sopenharmony_ci#include "token_setproc.h" 32fc0b0055Sopenharmony_ci 33fc0b0055Sopenharmony_cinamespace OHOS { 34fc0b0055Sopenharmony_cinamespace Security { 35fc0b0055Sopenharmony_cinamespace AccessToken { 36fc0b0055Sopenharmony_cinamespace { 37fc0b0055Sopenharmony_cistatic constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenKit"}; 38fc0b0055Sopenharmony_cistatic const uint64_t TOKEN_ID_LOWMASK = 0xffffffff; 39fc0b0055Sopenharmony_cistatic const int INVALID_DLP_TOKEN_FLAG = -1; 40fc0b0055Sopenharmony_cistatic const int FIRSTCALLER_TOKENID_DEFAULT = 0; 41fc0b0055Sopenharmony_ci} // namespace 42fc0b0055Sopenharmony_ci 43fc0b0055Sopenharmony_ciPermUsedTypeEnum AccessTokenKit::GetPermissionUsedType( 44fc0b0055Sopenharmony_ci AccessTokenID tokenID, const std::string& permissionName) 45fc0b0055Sopenharmony_ci{ 46fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d, permissionName=%{public}s.", 47fc0b0055Sopenharmony_ci tokenID, permissionName.c_str()); 48fc0b0055Sopenharmony_ci if ((tokenID == INVALID_TOKENID) || (!DataValidator::IsPermissionNameValid(permissionName))) { 49fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Input param failed."); 50fc0b0055Sopenharmony_ci return PermUsedTypeEnum::INVALID_USED_TYPE; 51fc0b0055Sopenharmony_ci } 52fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetPermissionUsedType(tokenID, permissionName); 53fc0b0055Sopenharmony_ci} 54fc0b0055Sopenharmony_ci 55fc0b0055Sopenharmony_ciint AccessTokenKit::GrantPermissionForSpecifiedTime( 56fc0b0055Sopenharmony_ci AccessTokenID tokenID, const std::string& permissionName, uint32_t onceTime) 57fc0b0055Sopenharmony_ci{ 58fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_INFO(LABEL, "TokenID=%{public}d, permissionName=%{public}s, onceTime=%{public}d.", 59fc0b0055Sopenharmony_ci tokenID, permissionName.c_str(), onceTime); 60fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 61fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Invalid tokenID"); 62fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 63fc0b0055Sopenharmony_ci } 64fc0b0055Sopenharmony_ci if (!DataValidator::IsPermissionNameValid(permissionName)) { 65fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Invalid permissionName"); 66fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 67fc0b0055Sopenharmony_ci } 68fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GrantPermissionForSpecifiedTime(tokenID, permissionName, onceTime); 69fc0b0055Sopenharmony_ci} 70fc0b0055Sopenharmony_ci 71fc0b0055Sopenharmony_ciAccessTokenIDEx AccessTokenKit::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy) 72fc0b0055Sopenharmony_ci{ 73fc0b0055Sopenharmony_ci AccessTokenIDEx res = {0}; 74fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_INFO(LABEL, "UserID: %{public}d, bundleName :%{public}s, \ 75fc0b0055Sopenharmony_cipermList: %{public}zu, stateList: %{public}zu", 76fc0b0055Sopenharmony_ci info.userID, info.bundleName.c_str(), policy.permList.size(), policy.permStateList.size()); 77fc0b0055Sopenharmony_ci if ((!DataValidator::IsUserIdValid(info.userID)) || !DataValidator::IsAppIDDescValid(info.appIDDesc) || 78fc0b0055Sopenharmony_ci !DataValidator::IsBundleNameValid(info.bundleName) || !DataValidator::IsAplNumValid(policy.apl) || 79fc0b0055Sopenharmony_ci !DataValidator::IsDomainValid(policy.domain) || !DataValidator::IsDlpTypeValid(info.dlpType)) { 80fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Input param failed"); 81fc0b0055Sopenharmony_ci return res; 82fc0b0055Sopenharmony_ci } 83fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().AllocHapToken(info, policy); 84fc0b0055Sopenharmony_ci} 85fc0b0055Sopenharmony_ci 86fc0b0055Sopenharmony_ciint32_t AccessTokenKit::InitHapToken(const HapInfoParams& info, HapPolicyParams& policy, 87fc0b0055Sopenharmony_ci AccessTokenIDEx& fullTokenId) 88fc0b0055Sopenharmony_ci{ 89fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_INFO(LABEL, "UserID: %{public}d, bundleName :%{public}s, \ 90fc0b0055Sopenharmony_cipermList: %{public}zu, stateList: %{public}zu", 91fc0b0055Sopenharmony_ci info.userID, info.bundleName.c_str(), policy.permList.size(), policy.permStateList.size()); 92fc0b0055Sopenharmony_ci if ((!DataValidator::IsUserIdValid(info.userID)) || !DataValidator::IsAppIDDescValid(info.appIDDesc) || 93fc0b0055Sopenharmony_ci !DataValidator::IsBundleNameValid(info.bundleName) || !DataValidator::IsAplNumValid(policy.apl) || 94fc0b0055Sopenharmony_ci !DataValidator::IsDomainValid(policy.domain) || !DataValidator::IsDlpTypeValid(info.dlpType)) { 95fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Input param failed"); 96fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 97fc0b0055Sopenharmony_ci } 98fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().InitHapToken(info, policy, fullTokenId); 99fc0b0055Sopenharmony_ci} 100fc0b0055Sopenharmony_ci 101fc0b0055Sopenharmony_ciAccessTokenID AccessTokenKit::AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) 102fc0b0055Sopenharmony_ci{ 103fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_INFO(LABEL, "DeviceID=%{public}s, tokenID=%{public}d", 104fc0b0055Sopenharmony_ci ConstantCommon::EncryptDevId(remoteDeviceID).c_str(), remoteTokenID); 105fc0b0055Sopenharmony_ci#ifdef DEBUG_API_PERFORMANCE 106fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "Api_performance:start call"); 107fc0b0055Sopenharmony_ci AccessTokenID resID = AccessTokenManagerClient::GetInstance().AllocLocalTokenID(remoteDeviceID, remoteTokenID); 108fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "Api_performance:end call"); 109fc0b0055Sopenharmony_ci return resID; 110fc0b0055Sopenharmony_ci#else 111fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().AllocLocalTokenID(remoteDeviceID, remoteTokenID); 112fc0b0055Sopenharmony_ci#endif 113fc0b0055Sopenharmony_ci} 114fc0b0055Sopenharmony_ci 115fc0b0055Sopenharmony_ciint32_t AccessTokenKit::UpdateHapToken( 116fc0b0055Sopenharmony_ci AccessTokenIDEx& tokenIdEx, const UpdateHapInfoParams& info, const HapPolicyParams& policy) 117fc0b0055Sopenharmony_ci{ 118fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_INFO(LABEL, "TokenID: %{public}d, isSystemApp: %{public}d, \ 119fc0b0055Sopenharmony_cipermList: %{public}zu, stateList: %{public}zu", 120fc0b0055Sopenharmony_ci tokenIdEx.tokenIdExStruct.tokenID, info.isSystemApp, policy.permList.size(), policy.permStateList.size()); 121fc0b0055Sopenharmony_ci if ((tokenIdEx.tokenIdExStruct.tokenID == INVALID_TOKENID) || (!DataValidator::IsAppIDDescValid(info.appIDDesc)) || 122fc0b0055Sopenharmony_ci (!DataValidator::IsAplNumValid(policy.apl))) { 123fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Input param failed"); 124fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 125fc0b0055Sopenharmony_ci } 126fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().UpdateHapToken(tokenIdEx, info, policy); 127fc0b0055Sopenharmony_ci} 128fc0b0055Sopenharmony_ci 129fc0b0055Sopenharmony_ciint AccessTokenKit::DeleteToken(AccessTokenID tokenID) 130fc0b0055Sopenharmony_ci{ 131fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_INFO(LABEL, "TokenID=%{public}d.", tokenID); 132fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 133fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 134fc0b0055Sopenharmony_ci } 135fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().DeleteToken(tokenID); 136fc0b0055Sopenharmony_ci} 137fc0b0055Sopenharmony_ci 138fc0b0055Sopenharmony_ciATokenTypeEnum AccessTokenKit::GetTokenType(AccessTokenID tokenID) __attribute__((no_sanitize("cfi"))) 139fc0b0055Sopenharmony_ci{ 140fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d.", tokenID); 141fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 142fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid."); 143fc0b0055Sopenharmony_ci return TOKEN_INVALID; 144fc0b0055Sopenharmony_ci } 145fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetTokenType(tokenID); 146fc0b0055Sopenharmony_ci} 147fc0b0055Sopenharmony_ci 148fc0b0055Sopenharmony_ciATokenTypeEnum AccessTokenKit::GetTokenTypeFlag(AccessTokenID tokenID) 149fc0b0055Sopenharmony_ci{ 150fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d.", tokenID); 151fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 152fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid"); 153fc0b0055Sopenharmony_ci return TOKEN_INVALID; 154fc0b0055Sopenharmony_ci } 155fc0b0055Sopenharmony_ci AccessTokenIDInner *idInner = reinterpret_cast<AccessTokenIDInner *>(&tokenID); 156fc0b0055Sopenharmony_ci return static_cast<ATokenTypeEnum>(idInner->type); 157fc0b0055Sopenharmony_ci} 158fc0b0055Sopenharmony_ci 159fc0b0055Sopenharmony_ciATokenTypeEnum AccessTokenKit::GetTokenType(FullTokenID tokenID) 160fc0b0055Sopenharmony_ci{ 161fc0b0055Sopenharmony_ci AccessTokenID id = tokenID & TOKEN_ID_LOWMASK; 162fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d.", id); 163fc0b0055Sopenharmony_ci if (id == INVALID_TOKENID) { 164fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid"); 165fc0b0055Sopenharmony_ci return TOKEN_INVALID; 166fc0b0055Sopenharmony_ci } 167fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetTokenType(id); 168fc0b0055Sopenharmony_ci} 169fc0b0055Sopenharmony_ci 170fc0b0055Sopenharmony_ciATokenTypeEnum AccessTokenKit::GetTokenTypeFlag(FullTokenID tokenID) 171fc0b0055Sopenharmony_ci{ 172fc0b0055Sopenharmony_ci AccessTokenID id = tokenID & TOKEN_ID_LOWMASK; 173fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d.", id); 174fc0b0055Sopenharmony_ci if (id == INVALID_TOKENID) { 175fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid"); 176fc0b0055Sopenharmony_ci return TOKEN_INVALID; 177fc0b0055Sopenharmony_ci } 178fc0b0055Sopenharmony_ci AccessTokenIDInner *idInner = reinterpret_cast<AccessTokenIDInner *>(&id); 179fc0b0055Sopenharmony_ci return static_cast<ATokenTypeEnum>(idInner->type); 180fc0b0055Sopenharmony_ci} 181fc0b0055Sopenharmony_ci 182fc0b0055Sopenharmony_ciAccessTokenID AccessTokenKit::GetHapTokenID( 183fc0b0055Sopenharmony_ci int32_t userID, const std::string& bundleName, int32_t instIndex) __attribute__((no_sanitize("cfi"))) 184fc0b0055Sopenharmony_ci{ 185fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "UserID=%{public}d, bundleName=%{public}s, instIndex=%{public}d.", 186fc0b0055Sopenharmony_ci userID, bundleName.c_str(), instIndex); 187fc0b0055Sopenharmony_ci if ((!DataValidator::IsUserIdValid(userID)) || (!DataValidator::IsBundleNameValid(bundleName))) { 188fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Hap token param check failed"); 189fc0b0055Sopenharmony_ci return INVALID_TOKENID; 190fc0b0055Sopenharmony_ci } 191fc0b0055Sopenharmony_ci AccessTokenIDEx tokenIdEx = 192fc0b0055Sopenharmony_ci AccessTokenManagerClient::GetInstance().GetHapTokenID(userID, bundleName, instIndex); 193fc0b0055Sopenharmony_ci return tokenIdEx.tokenIdExStruct.tokenID; 194fc0b0055Sopenharmony_ci} 195fc0b0055Sopenharmony_ci 196fc0b0055Sopenharmony_ciAccessTokenIDEx AccessTokenKit::GetHapTokenIDEx(int32_t userID, const std::string& bundleName, int32_t instIndex) 197fc0b0055Sopenharmony_ci{ 198fc0b0055Sopenharmony_ci AccessTokenIDEx tokenIdEx = {0}; 199fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "UserID=%{public}d, bundleName=%{public}s, instIndex=%{public}d.", 200fc0b0055Sopenharmony_ci userID, bundleName.c_str(), instIndex); 201fc0b0055Sopenharmony_ci if ((!DataValidator::IsUserIdValid(userID)) || (!DataValidator::IsBundleNameValid(bundleName))) { 202fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Hap token param check failed"); 203fc0b0055Sopenharmony_ci return tokenIdEx; 204fc0b0055Sopenharmony_ci } 205fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetHapTokenID(userID, bundleName, instIndex); 206fc0b0055Sopenharmony_ci} 207fc0b0055Sopenharmony_ci 208fc0b0055Sopenharmony_ciint AccessTokenKit::GetHapTokenInfo( 209fc0b0055Sopenharmony_ci AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes) __attribute__((no_sanitize("cfi"))) 210fc0b0055Sopenharmony_ci{ 211fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d.", tokenID); 212fc0b0055Sopenharmony_ci if (GetTokenTypeFlag(tokenID) != TOKEN_HAP) { 213fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID =%{public}d is invalid", tokenID); 214fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 215fc0b0055Sopenharmony_ci } 216fc0b0055Sopenharmony_ci 217fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetHapTokenInfo(tokenID, hapTokenInfoRes); 218fc0b0055Sopenharmony_ci} 219fc0b0055Sopenharmony_ci 220fc0b0055Sopenharmony_ciint AccessTokenKit::GetNativeTokenInfo( 221fc0b0055Sopenharmony_ci AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes) __attribute__((no_sanitize("cfi"))) 222fc0b0055Sopenharmony_ci{ 223fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d.", tokenID); 224fc0b0055Sopenharmony_ci if (GetTokenTypeFlag(tokenID) != TOKEN_NATIVE && GetTokenTypeFlag(tokenID) != TOKEN_SHELL) { 225fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID =%{public}d is invalid", tokenID); 226fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 227fc0b0055Sopenharmony_ci } 228fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetNativeTokenInfo(tokenID, nativeTokenInfoRes); 229fc0b0055Sopenharmony_ci} 230fc0b0055Sopenharmony_ci 231fc0b0055Sopenharmony_ciPermissionOper AccessTokenKit::GetSelfPermissionsState(std::vector<PermissionListState>& permList, 232fc0b0055Sopenharmony_ci PermissionGrantInfo& info) 233fc0b0055Sopenharmony_ci{ 234fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "PermList.size=%{public}zu.", permList.size()); 235fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetSelfPermissionsState(permList, info); 236fc0b0055Sopenharmony_ci} 237fc0b0055Sopenharmony_ci 238fc0b0055Sopenharmony_ciint32_t AccessTokenKit::GetPermissionsStatus(AccessTokenID tokenID, std::vector<PermissionListState>& permList) 239fc0b0055Sopenharmony_ci{ 240fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d, permList.size=%{public}zu.", tokenID, permList.size()); 241fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 242fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid"); 243fc0b0055Sopenharmony_ci return ERR_PARAM_INVALID; 244fc0b0055Sopenharmony_ci } 245fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetPermissionsStatus(tokenID, permList); 246fc0b0055Sopenharmony_ci} 247fc0b0055Sopenharmony_ci 248fc0b0055Sopenharmony_ciint AccessTokenKit::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName, bool crossIpc) 249fc0b0055Sopenharmony_ci{ 250fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d, permissionName=%{public}s, crossIpc=%{public}d.", 251fc0b0055Sopenharmony_ci tokenID, permissionName.c_str(), crossIpc); 252fc0b0055Sopenharmony_ci if (!DataValidator::IsPermissionNameValid(permissionName)) { 253fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "PermissionName is invalid"); 254fc0b0055Sopenharmony_ci return PERMISSION_DENIED; 255fc0b0055Sopenharmony_ci } 256fc0b0055Sopenharmony_ci 257fc0b0055Sopenharmony_ci uint32_t code; 258fc0b0055Sopenharmony_ci if (crossIpc || !TransferPermissionToOpcode(permissionName, code)) { 259fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().VerifyAccessToken(tokenID, permissionName); 260fc0b0055Sopenharmony_ci } 261fc0b0055Sopenharmony_ci bool isGranted = false; 262fc0b0055Sopenharmony_ci int32_t ret = GetPermissionFromKernel(tokenID, code, isGranted); 263fc0b0055Sopenharmony_ci if (ret != 0) { 264fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().VerifyAccessToken(tokenID, permissionName); 265fc0b0055Sopenharmony_ci } 266fc0b0055Sopenharmony_ci return isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED; 267fc0b0055Sopenharmony_ci} 268fc0b0055Sopenharmony_ci 269fc0b0055Sopenharmony_ciint AccessTokenKit::VerifyAccessToken( 270fc0b0055Sopenharmony_ci AccessTokenID callerTokenID, AccessTokenID firstTokenID, const std::string& permissionName, bool crossIpc) 271fc0b0055Sopenharmony_ci{ 272fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "CallerToken=%{public}d, firstToken=%{public}d, permissionName=%{public}s.", 273fc0b0055Sopenharmony_ci callerTokenID, firstTokenID, permissionName.c_str()); 274fc0b0055Sopenharmony_ci int ret = AccessTokenKit::VerifyAccessToken(callerTokenID, permissionName, crossIpc); 275fc0b0055Sopenharmony_ci if (ret != PERMISSION_GRANTED) { 276fc0b0055Sopenharmony_ci return ret; 277fc0b0055Sopenharmony_ci } 278fc0b0055Sopenharmony_ci if (firstTokenID == FIRSTCALLER_TOKENID_DEFAULT) { 279fc0b0055Sopenharmony_ci return ret; 280fc0b0055Sopenharmony_ci } 281fc0b0055Sopenharmony_ci return AccessTokenKit::VerifyAccessToken(firstTokenID, permissionName, crossIpc); 282fc0b0055Sopenharmony_ci} 283fc0b0055Sopenharmony_ci 284fc0b0055Sopenharmony_ciint AccessTokenKit::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) 285fc0b0055Sopenharmony_ci{ 286fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d, permissionName=%{public}s.", 287fc0b0055Sopenharmony_ci tokenID, permissionName.c_str()); 288fc0b0055Sopenharmony_ci uint32_t code; 289fc0b0055Sopenharmony_ci if (!TransferPermissionToOpcode(permissionName, code)) { 290fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().VerifyAccessToken(tokenID, permissionName); 291fc0b0055Sopenharmony_ci } 292fc0b0055Sopenharmony_ci bool isGranted = false; 293fc0b0055Sopenharmony_ci int32_t ret = GetPermissionFromKernel(tokenID, code, isGranted); 294fc0b0055Sopenharmony_ci if (ret != 0) { 295fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().VerifyAccessToken(tokenID, permissionName); 296fc0b0055Sopenharmony_ci } 297fc0b0055Sopenharmony_ci return isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED; 298fc0b0055Sopenharmony_ci} 299fc0b0055Sopenharmony_ci 300fc0b0055Sopenharmony_ciint AccessTokenKit::VerifyAccessToken( 301fc0b0055Sopenharmony_ci AccessTokenID callerTokenID, AccessTokenID firstTokenID, const std::string& permissionName) 302fc0b0055Sopenharmony_ci{ 303fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "CallerToken=%{public}d, firstToken=%{public}d, permissionName=%{public}s.", 304fc0b0055Sopenharmony_ci callerTokenID, firstTokenID, permissionName.c_str()); 305fc0b0055Sopenharmony_ci int ret = AccessTokenKit::VerifyAccessToken(callerTokenID, permissionName); 306fc0b0055Sopenharmony_ci if (ret != PERMISSION_GRANTED) { 307fc0b0055Sopenharmony_ci return ret; 308fc0b0055Sopenharmony_ci } 309fc0b0055Sopenharmony_ci if (firstTokenID == FIRSTCALLER_TOKENID_DEFAULT) { 310fc0b0055Sopenharmony_ci return ret; 311fc0b0055Sopenharmony_ci } 312fc0b0055Sopenharmony_ci return AccessTokenKit::VerifyAccessToken(firstTokenID, permissionName); 313fc0b0055Sopenharmony_ci} 314fc0b0055Sopenharmony_ci 315fc0b0055Sopenharmony_ciint AccessTokenKit::GetDefPermission(const std::string& permissionName, PermissionDef& permissionDefResult) 316fc0b0055Sopenharmony_ci{ 317fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "PermissionName=%{public}s.", permissionName.c_str()); 318fc0b0055Sopenharmony_ci if (!DataValidator::IsPermissionNameValid(permissionName)) { 319fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "PermissionName is invalid"); 320fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 321fc0b0055Sopenharmony_ci } 322fc0b0055Sopenharmony_ci 323fc0b0055Sopenharmony_ci int ret = AccessTokenManagerClient::GetInstance().GetDefPermission(permissionName, permissionDefResult); 324fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "GetDefPermission bundleName = %{public}s", permissionDefResult.bundleName.c_str()); 325fc0b0055Sopenharmony_ci 326fc0b0055Sopenharmony_ci return ret; 327fc0b0055Sopenharmony_ci} 328fc0b0055Sopenharmony_ci 329fc0b0055Sopenharmony_ciint AccessTokenKit::GetDefPermissions( 330fc0b0055Sopenharmony_ci AccessTokenID tokenID, std::vector<PermissionDef>& permDefList) __attribute__((no_sanitize("cfi"))) 331fc0b0055Sopenharmony_ci{ 332fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d.", tokenID); 333fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 334fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid"); 335fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 336fc0b0055Sopenharmony_ci } 337fc0b0055Sopenharmony_ci 338fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetDefPermissions(tokenID, permDefList); 339fc0b0055Sopenharmony_ci} 340fc0b0055Sopenharmony_ci 341fc0b0055Sopenharmony_ciint AccessTokenKit::GetReqPermissions( 342fc0b0055Sopenharmony_ci AccessTokenID tokenID, std::vector<PermissionStateFull>& reqPermList, bool isSystemGrant) 343fc0b0055Sopenharmony_ci{ 344fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d, isSystemGrant=%{public}d.", tokenID, isSystemGrant); 345fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 346fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid"); 347fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 348fc0b0055Sopenharmony_ci } 349fc0b0055Sopenharmony_ci 350fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetReqPermissions(tokenID, reqPermList, isSystemGrant); 351fc0b0055Sopenharmony_ci} 352fc0b0055Sopenharmony_ci 353fc0b0055Sopenharmony_ciint AccessTokenKit::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName, uint32_t& flag) 354fc0b0055Sopenharmony_ci{ 355fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d, permissionName=%{public}s.", 356fc0b0055Sopenharmony_ci tokenID, permissionName.c_str()); 357fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 358fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid"); 359fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 360fc0b0055Sopenharmony_ci } 361fc0b0055Sopenharmony_ci if (!DataValidator::IsPermissionNameValid(permissionName)) { 362fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "PermissionName is invalid"); 363fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 364fc0b0055Sopenharmony_ci } 365fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetPermissionFlag(tokenID, permissionName, flag); 366fc0b0055Sopenharmony_ci} 367fc0b0055Sopenharmony_ci 368fc0b0055Sopenharmony_ciint AccessTokenKit::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) 369fc0b0055Sopenharmony_ci{ 370fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d, permissionName=%{public}s, flag=%{public}d.", 371fc0b0055Sopenharmony_ci tokenID, permissionName.c_str(), flag); 372fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 373fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid"); 374fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 375fc0b0055Sopenharmony_ci } 376fc0b0055Sopenharmony_ci if (!DataValidator::IsPermissionNameValid(permissionName)) { 377fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "PermissionName is invalid"); 378fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 379fc0b0055Sopenharmony_ci } 380fc0b0055Sopenharmony_ci if (!DataValidator::IsPermissionFlagValid(flag)) { 381fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Flag is invalid"); 382fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 383fc0b0055Sopenharmony_ci } 384fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GrantPermission(tokenID, permissionName, flag); 385fc0b0055Sopenharmony_ci} 386fc0b0055Sopenharmony_ci 387fc0b0055Sopenharmony_ciint AccessTokenKit::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, uint32_t flag) 388fc0b0055Sopenharmony_ci{ 389fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d, permissionName=%{public}s, flag=%{public}d.", 390fc0b0055Sopenharmony_ci tokenID, permissionName.c_str(), flag); 391fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 392fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Invalid tokenID"); 393fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 394fc0b0055Sopenharmony_ci } 395fc0b0055Sopenharmony_ci if (!DataValidator::IsPermissionNameValid(permissionName)) { 396fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Invalid permissionName"); 397fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 398fc0b0055Sopenharmony_ci } 399fc0b0055Sopenharmony_ci if (!DataValidator::IsPermissionFlagValid(flag)) { 400fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Invalid flag"); 401fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 402fc0b0055Sopenharmony_ci } 403fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().RevokePermission(tokenID, permissionName, flag); 404fc0b0055Sopenharmony_ci} 405fc0b0055Sopenharmony_ci 406fc0b0055Sopenharmony_ciint AccessTokenKit::ClearUserGrantedPermissionState(AccessTokenID tokenID) 407fc0b0055Sopenharmony_ci{ 408fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d.", tokenID); 409fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 410fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid"); 411fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 412fc0b0055Sopenharmony_ci } 413fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().ClearUserGrantedPermissionState(tokenID); 414fc0b0055Sopenharmony_ci} 415fc0b0055Sopenharmony_ci 416fc0b0055Sopenharmony_ciint32_t AccessTokenKit::SetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t status, 417fc0b0055Sopenharmony_ci int32_t userID = 0) 418fc0b0055Sopenharmony_ci{ 419fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "PermissionName=%{public}s, status=%{public}d, userID=%{public}d.", 420fc0b0055Sopenharmony_ci permissionName.c_str(), status, userID); 421fc0b0055Sopenharmony_ci if (!DataValidator::IsPermissionNameValid(permissionName)) { 422fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "PermissionName is invalid."); 423fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 424fc0b0055Sopenharmony_ci } 425fc0b0055Sopenharmony_ci if (!DataValidator::IsToggleStatusValid(status)) { 426fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "Toggle status is invalid."); 427fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 428fc0b0055Sopenharmony_ci } 429fc0b0055Sopenharmony_ci if (!DataValidator::IsUserIdValid(userID)) { 430fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "UserID is invalid."); 431fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 432fc0b0055Sopenharmony_ci } 433fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().SetPermissionRequestToggleStatus(permissionName, status, userID); 434fc0b0055Sopenharmony_ci} 435fc0b0055Sopenharmony_ci 436fc0b0055Sopenharmony_ciint32_t AccessTokenKit::GetPermissionRequestToggleStatus(const std::string& permissionName, uint32_t& status, 437fc0b0055Sopenharmony_ci int32_t userID = 0) 438fc0b0055Sopenharmony_ci{ 439fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "PermissionName=%{public}s, userID=%{public}d.", 440fc0b0055Sopenharmony_ci permissionName.c_str(), userID); 441fc0b0055Sopenharmony_ci if (!DataValidator::IsPermissionNameValid(permissionName)) { 442fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "PermissionName is invalid."); 443fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 444fc0b0055Sopenharmony_ci } 445fc0b0055Sopenharmony_ci if (!DataValidator::IsUserIdValid(userID)) { 446fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "UserID is invalid."); 447fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 448fc0b0055Sopenharmony_ci } 449fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetPermissionRequestToggleStatus(permissionName, status, userID); 450fc0b0055Sopenharmony_ci} 451fc0b0055Sopenharmony_ci 452fc0b0055Sopenharmony_ciint32_t AccessTokenKit::RegisterPermStateChangeCallback( 453fc0b0055Sopenharmony_ci const std::shared_ptr<PermStateChangeCallbackCustomize>& callback) 454fc0b0055Sopenharmony_ci{ 455fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_INFO(LABEL, "Called"); 456fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().RegisterPermStateChangeCallback(callback); 457fc0b0055Sopenharmony_ci} 458fc0b0055Sopenharmony_ci 459fc0b0055Sopenharmony_ciint32_t AccessTokenKit::UnRegisterPermStateChangeCallback( 460fc0b0055Sopenharmony_ci const std::shared_ptr<PermStateChangeCallbackCustomize>& callback) 461fc0b0055Sopenharmony_ci{ 462fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_INFO(LABEL, "Called"); 463fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().UnRegisterPermStateChangeCallback(callback); 464fc0b0055Sopenharmony_ci} 465fc0b0055Sopenharmony_ci 466fc0b0055Sopenharmony_ciint32_t AccessTokenKit::GetHapDlpFlag(AccessTokenID tokenID) 467fc0b0055Sopenharmony_ci{ 468fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d.", tokenID); 469fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 470fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid"); 471fc0b0055Sopenharmony_ci return INVALID_DLP_TOKEN_FLAG; 472fc0b0055Sopenharmony_ci } 473fc0b0055Sopenharmony_ci AccessTokenIDInner *idInner = reinterpret_cast<AccessTokenIDInner *>(&tokenID); 474fc0b0055Sopenharmony_ci return static_cast<int32_t>(idInner->dlpFlag); 475fc0b0055Sopenharmony_ci} 476fc0b0055Sopenharmony_ci 477fc0b0055Sopenharmony_ciint32_t AccessTokenKit::ReloadNativeTokenInfo() 478fc0b0055Sopenharmony_ci{ 479fc0b0055Sopenharmony_ci#ifndef ATM_BUILD_VARIANT_USER_ENABLE 480fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().ReloadNativeTokenInfo(); 481fc0b0055Sopenharmony_ci#else 482fc0b0055Sopenharmony_ci return 0; 483fc0b0055Sopenharmony_ci#endif 484fc0b0055Sopenharmony_ci} 485fc0b0055Sopenharmony_ci 486fc0b0055Sopenharmony_ciAccessTokenID AccessTokenKit::GetNativeTokenId(const std::string& processName) 487fc0b0055Sopenharmony_ci{ 488fc0b0055Sopenharmony_ci if (!DataValidator::IsProcessNameValid(processName)) { 489fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "ProcessName is invalid, processName=%{public}s", processName.c_str()); 490fc0b0055Sopenharmony_ci return INVALID_TOKENID; 491fc0b0055Sopenharmony_ci } 492fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetNativeTokenId(processName); 493fc0b0055Sopenharmony_ci} 494fc0b0055Sopenharmony_ci 495fc0b0055Sopenharmony_ci#ifdef TOKEN_SYNC_ENABLE 496fc0b0055Sopenharmony_ciint AccessTokenKit::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync) 497fc0b0055Sopenharmony_ci{ 498fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d.", tokenID); 499fc0b0055Sopenharmony_ci if (tokenID == INVALID_TOKENID) { 500fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_ERROR(LABEL, "TokenID is invalid"); 501fc0b0055Sopenharmony_ci return AccessTokenError::ERR_PARAM_INVALID; 502fc0b0055Sopenharmony_ci } 503fc0b0055Sopenharmony_ci 504fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetHapTokenInfoFromRemote(tokenID, hapSync); 505fc0b0055Sopenharmony_ci} 506fc0b0055Sopenharmony_ci 507fc0b0055Sopenharmony_ciint AccessTokenKit::SetRemoteHapTokenInfo(const std::string& deviceID, 508fc0b0055Sopenharmony_ci const HapTokenInfoForSync& hapSync) 509fc0b0055Sopenharmony_ci{ 510fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "DeviceID=%{public}s, tokenID=%{public}d.", 511fc0b0055Sopenharmony_ci ConstantCommon::EncryptDevId(deviceID).c_str(), hapSync.baseInfo.tokenID); 512fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().SetRemoteHapTokenInfo(deviceID, hapSync); 513fc0b0055Sopenharmony_ci} 514fc0b0055Sopenharmony_ci 515fc0b0055Sopenharmony_ciint AccessTokenKit::DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) 516fc0b0055Sopenharmony_ci{ 517fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "DeviceID=%{public}s, tokenID=%{public}d.", 518fc0b0055Sopenharmony_ci ConstantCommon::EncryptDevId(deviceID).c_str(), tokenID); 519fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().DeleteRemoteToken(deviceID, tokenID); 520fc0b0055Sopenharmony_ci} 521fc0b0055Sopenharmony_ci 522fc0b0055Sopenharmony_ciint AccessTokenKit::DeleteRemoteDeviceTokens(const std::string& deviceID) 523fc0b0055Sopenharmony_ci{ 524fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "DeviceID=%{public}s.", ConstantCommon::EncryptDevId(deviceID).c_str()); 525fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().DeleteRemoteDeviceTokens(deviceID); 526fc0b0055Sopenharmony_ci} 527fc0b0055Sopenharmony_ci 528fc0b0055Sopenharmony_ciAccessTokenID AccessTokenKit::GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) 529fc0b0055Sopenharmony_ci{ 530fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "DeviceID=%{public}s., tokenID=%{public}d", 531fc0b0055Sopenharmony_ci ConstantCommon::EncryptDevId(deviceID).c_str(), tokenID); 532fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetRemoteNativeTokenID(deviceID, tokenID); 533fc0b0055Sopenharmony_ci} 534fc0b0055Sopenharmony_ci 535fc0b0055Sopenharmony_ciint32_t AccessTokenKit::RegisterTokenSyncCallback(const std::shared_ptr<TokenSyncKitInterface>& syncCallback) 536fc0b0055Sopenharmony_ci{ 537fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "Call RegisterTokenSyncCallback."); 538fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().RegisterTokenSyncCallback(syncCallback); 539fc0b0055Sopenharmony_ci} 540fc0b0055Sopenharmony_ci 541fc0b0055Sopenharmony_ciint32_t AccessTokenKit::UnRegisterTokenSyncCallback() 542fc0b0055Sopenharmony_ci{ 543fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "Call UnRegisterTokenSyncCallback."); 544fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().UnRegisterTokenSyncCallback(); 545fc0b0055Sopenharmony_ci} 546fc0b0055Sopenharmony_ci#endif 547fc0b0055Sopenharmony_ci 548fc0b0055Sopenharmony_civoid AccessTokenKit::DumpTokenInfo(const AtmToolsParamInfo& info, std::string& dumpInfo) 549fc0b0055Sopenharmony_ci{ 550fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_DEBUG(LABEL, "TokenID=%{public}d, bundleName=%{public}s, processName=%{public}s.", 551fc0b0055Sopenharmony_ci info.tokenId, info.bundleName.c_str(), info.processName.c_str()); 552fc0b0055Sopenharmony_ci AccessTokenManagerClient::GetInstance().DumpTokenInfo(info, dumpInfo); 553fc0b0055Sopenharmony_ci} 554fc0b0055Sopenharmony_ci 555fc0b0055Sopenharmony_ciint32_t AccessTokenKit::GetVersion(uint32_t& version) 556fc0b0055Sopenharmony_ci{ 557fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().GetVersion(version); 558fc0b0055Sopenharmony_ci} 559fc0b0055Sopenharmony_ci 560fc0b0055Sopenharmony_ciint32_t AccessTokenKit::SetPermDialogCap(const HapBaseInfo& hapBaseInfo, bool enable) 561fc0b0055Sopenharmony_ci{ 562fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().SetPermDialogCap(hapBaseInfo, enable); 563fc0b0055Sopenharmony_ci} 564fc0b0055Sopenharmony_ci 565fc0b0055Sopenharmony_civoid AccessTokenKit::GetPermissionManagerInfo(PermissionGrantInfo& info) 566fc0b0055Sopenharmony_ci{ 567fc0b0055Sopenharmony_ci AccessTokenManagerClient::GetInstance().GetPermissionManagerInfo(info); 568fc0b0055Sopenharmony_ci} 569fc0b0055Sopenharmony_ci 570fc0b0055Sopenharmony_ciint32_t AccessTokenKit::InitUserPolicy( 571fc0b0055Sopenharmony_ci const std::vector<UserState>& userList, const std::vector<std::string>& permList) 572fc0b0055Sopenharmony_ci{ 573fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_INFO(LABEL, "Enter."); 574fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().InitUserPolicy(userList, permList); 575fc0b0055Sopenharmony_ci} 576fc0b0055Sopenharmony_ci 577fc0b0055Sopenharmony_ciint32_t AccessTokenKit::UpdateUserPolicy(const std::vector<UserState>& userList) 578fc0b0055Sopenharmony_ci{ 579fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_INFO(LABEL, "Enter."); 580fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().UpdateUserPolicy(userList); 581fc0b0055Sopenharmony_ci} 582fc0b0055Sopenharmony_ci 583fc0b0055Sopenharmony_ciint32_t AccessTokenKit::ClearUserPolicy() 584fc0b0055Sopenharmony_ci{ 585fc0b0055Sopenharmony_ci ACCESSTOKEN_LOG_INFO(LABEL, "Enter."); 586fc0b0055Sopenharmony_ci return AccessTokenManagerClient::GetInstance().ClearUserPolicy(); 587fc0b0055Sopenharmony_ci} 588fc0b0055Sopenharmony_ci} // namespace AccessToken 589fc0b0055Sopenharmony_ci} // namespace Security 590fc0b0055Sopenharmony_ci} // namespace OHOS 591