1 /*
2 * Copyright (C) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "strongauthmanager.h"
17 #include "screenlock_common.h"
18 #include "sclock_log.h"
19 #include "screenlock_system_ability.h"
20 #include "user_auth_client_callback.h"
21 #include "user_auth_client_impl.h"
22 #include "os_account_manager.h"
23
24 namespace OHOS {
25 namespace ScreenLock {
26 std::mutex StrongAuthManger::instanceLock_;
27 sptr<StrongAuthManger> StrongAuthManger::instance_;
28 using namespace OHOS::UserIam::UserAuth;
29 using namespace OHOS::AccountSA;
30
31 // 强认证默认时间 3days
32 const std::int64_t DEFAULT_STRONG_AUTH_TIMEOUT_MS = 3 * 24 * 60 * 60 * 1000;
33
StrongAuthManger()34 StrongAuthManger::StrongAuthManger() {}
35
~StrongAuthManger()36 StrongAuthManger::~StrongAuthManger() {}
37
authTimer()38 StrongAuthManger::authTimer::authTimer()
39 {
40 userId_ = 0;
41 }
42
authTimer(bool repeat, uint64_t interval, bool isExact, bool isIdle)43 StrongAuthManger::authTimer::authTimer(bool repeat, uint64_t interval, bool isExact, bool isIdle)
44 {
45 this->repeat = repeat;
46 this->interval = interval;
47 this->type = TIMER_TYPE_WAKEUP;
48 if (isExact) {
49 this->type = TIMER_TYPE_WAKEUP + TIMER_TYPE_REALTIME;
50 }
51 if (isIdle) {
52 this->type = TIMER_TYPE_IDLE;
53 }
54 userId_ = 0;
55 }
56
~authTimer()57 StrongAuthManger::authTimer::~authTimer() {}
58
OnTrigger()59 void StrongAuthManger::authTimer::OnTrigger()
60 {
61 SCLOCK_HILOGI("%{public}d, OnTrigger enter", userId_);
62 if (callBack_) {
63 callBack_(userId_);
64 }
65 }
66
SetType(const int &type)67 void StrongAuthManger::authTimer::SetType(const int &type)
68 {
69 this->type = type;
70 }
71
SetRepeat(bool repeat)72 void StrongAuthManger::authTimer::SetRepeat(bool repeat)
73 {
74 this->repeat = repeat;
75 }
76
SetInterval(const uint64_t &interval)77 void StrongAuthManger::authTimer::SetInterval(const uint64_t &interval)
78 {
79 this->interval = interval;
80 }
81
SetWantAgent(std::shared_ptr<AbilityRuntime::WantAgent::WantAgent> wantAgent)82 void StrongAuthManger::authTimer::SetWantAgent(std::shared_ptr<AbilityRuntime::WantAgent::WantAgent> wantAgent)
83 {
84 this->wantAgent = wantAgent;
85 }
86
SetCallbackInfo(const std::function<void(int32_t)> &callBack)87 void StrongAuthManger::authTimer::SetCallbackInfo(const std::function<void(int32_t)> &callBack)
88 {
89 this->callBack_ = callBack;
90 }
91
GetUserId()92 int32_t StrongAuthManger::authTimer::GetUserId()
93 {
94 return userId_;
95 }
96
SetUserId(int32_t userId)97 void StrongAuthManger::authTimer::SetUserId(int32_t userId)
98 {
99 userId_ = userId;
100 }
101
StrongAuthTimerCallback(int32_t userId)102 static void StrongAuthTimerCallback(int32_t userId)
103 {
104 SCLOCK_HILOGI("%{public}s, enter", __FUNCTION__);
105 uint64_t timerId = StrongAuthManger::GetInstance()->GetTimerId(userId);
106 int32_t reasonFlag = static_cast<int32_t>(StrongAuthReasonFlags::AFTER_TIMEOUT);
107 StrongAuthManger::GetInstance()->ResetStrongAuthTimer(userId);
108 StrongAuthManger::GetInstance()->SetStrongAuthStat(userId, reasonFlag);
109 ScreenLockSystemAbility::GetInstance()->StrongAuthChanged(userId, reasonFlag);
110 return;
111 }
112
IsOsAccountUnlocked(int32_t osAccountId)113 static bool IsOsAccountUnlocked(int32_t osAccountId)
114 {
115 bool isUnlocked = false;
116 OHOS::ErrCode res = OHOS::AccountSA::OsAccountManager::IsOsAccountVerified(osAccountId, isUnlocked);
117 if (res != OHOS::ERR_OK) {
118 SCLOCK_HILOGE(" Check account verify status failed, res: %d, accountId: %d", res, osAccountId);
119 return false;
120 }
121 SCLOCK_HILOGI(" account verified status: %d, accountId: %d", isUnlocked, osAccountId);
122 return isUnlocked;
123 }
124
GetInstance()125 sptr<StrongAuthManger> StrongAuthManger::GetInstance()
126 {
127 if (instance_ == nullptr) {
128 std::lock_guard<std::mutex> autoLock(instanceLock_);
129 if (instance_ == nullptr) {
130 instance_ = new StrongAuthManger;
131 }
132 }
133 return instance_;
134 }
135
136
GetTimerId(int32_t userId)137 uint64_t StrongAuthManger::GetTimerId(int32_t userId)
138 {
139 uint64_t timerId = 0;
140 auto iter = strongAuthTimerInfo.find(userId);
141 if (iter != strongAuthTimerInfo.end()) {
142 timerId = iter->second;
143 }
144 return timerId;
145 }
146
RegistUserAuthSuccessEventListener()147 void StrongAuthManger::RegistUserAuthSuccessEventListener()
148 {
149 SCLOCK_HILOGD("RegistUserAuthSuccessEventListener start");
150 std::vector<UserIam::UserAuth::AuthType> authTypeList;
151 authTypeList.emplace_back(AuthType::PIN);
152 authTypeList.emplace_back(AuthType::FACE);
153 authTypeList.emplace_back(AuthType::FINGERPRINT);
154
155 if (listener_ == nullptr) {
156 sptr<UserIam::UserAuth::AuthEventListenerInterface> wrapper(new (std::nothrow) AuthEventListenerService());
157 if (wrapper == nullptr) {
158 SCLOCK_HILOGE("get listener failed");
159 return;
160 }
161 listener_ = wrapper;
162 int32_t ret = UserIam::UserAuth::UserAuthClientImpl::GetInstance().RegistUserAuthSuccessEventListener(
163 authTypeList, listener_);
164 SCLOCK_HILOGI("RegistUserAuthSuccessEventListener ret: %{public}d", ret);
165 }
166
167 return;
168 }
169
OnNotifyAuthSuccessEvent(int32_t userId, UserIam::UserAuth::AuthType authType, int32_t callerType, std::string &bundleName)170 void StrongAuthManger::AuthEventListenerService::OnNotifyAuthSuccessEvent(int32_t userId,
171 UserIam::UserAuth::AuthType authType, int32_t callerType, std::string &bundleName)
172 {
173 SCLOCK_HILOGI("OnNotifyAuthSuccessEvent: %{public}d, %{public}d, %{public}s, callerType: %{public}d", userId,
174 static_cast<int32_t>(authType), bundleName.c_str(), callerType);
175 if (authType == AuthType::PIN) {
176 StrongAuthManger::GetInstance()->SetStrongAuthStat(userId, static_cast<int32_t>(StrongAuthReasonFlags::NONE));
177 StrongAuthManger::GetInstance()->ResetStrongAuthTimer(userId);
178 }
179 return;
180 }
181
UnRegistUserAuthSuccessEventListener()182 void StrongAuthManger::UnRegistUserAuthSuccessEventListener()
183 {
184 if (listener_ != nullptr) {
185 int32_t ret =
186 UserIam::UserAuth::UserAuthClientImpl::GetInstance().UnRegistUserAuthSuccessEventListener(listener_);
187 SCLOCK_HILOGI("UnRegistUserAuthSuccessEventListener ret: %{public}d", ret);
188 }
189 }
190
StartStrongAuthTimer(int32_t userId)191 void StrongAuthManger::StartStrongAuthTimer(int32_t userId)
192 {
193 std::unique_lock<std::mutex> lock(strongAuthTimerMutex);
194 uint64_t timerId = GetTimerId(userId);
195 if (timerId != 0) {
196 SCLOCK_HILOGI("StrongAuthTimer exist. userId:%{public}d", userId);
197 return;
198 }
199
200 std::shared_ptr<authTimer> timer = std::make_shared<authTimer>(true, DEFAULT_STRONG_AUTH_TIMEOUT_MS, true, false);
201 timer->SetCallbackInfo(StrongAuthTimerCallback);
202 timer->SetUserId(userId);
203 timerId = MiscServices::TimeServiceClient::GetInstance()->CreateTimer(timer);
204 int64_t currentTime = MiscServices::TimeServiceClient::GetInstance()->GetBootTimeMs();
205 MiscServices::TimeServiceClient::GetInstance()->StartTimer(timerId, currentTime + DEFAULT_STRONG_AUTH_TIMEOUT_MS);
206 strongAuthTimerInfo.insert(std::make_pair(userId, timerId));
207 return;
208 }
209
ResetStrongAuthTimer(int32_t userId)210 void StrongAuthManger::ResetStrongAuthTimer(int32_t userId)
211 {
212 uint64_t timerId = GetTimerId(userId);
213 if (timerId == 0) {
214 StartStrongAuthTimer(userId);
215 return;
216 }
217 int64_t currentTime = MiscServices::TimeServiceClient::GetInstance()->GetBootTimeMs();
218 MiscServices::TimeServiceClient::GetInstance()->StopTimer(timerId);
219 MiscServices::TimeServiceClient::GetInstance()->StartTimer(timerId, currentTime + DEFAULT_STRONG_AUTH_TIMEOUT_MS);
220 return;
221 }
222
DestroyAllStrongAuthTimer()223 void StrongAuthManger::DestroyAllStrongAuthTimer()
224 {
225 for (auto iter = strongAuthStateInfo.begin(); iter != strongAuthStateInfo.end(); ++iter) {
226 DestroyStrongAuthTimer(iter->first);
227 }
228 return;
229 }
230
DestroyStrongAuthTimer(int32_t userId)231 void StrongAuthManger::DestroyStrongAuthTimer(int32_t userId)
232 {
233 std::unique_lock<std::mutex> lock(strongAuthTimerMutex);
234 uint64_t timerId = GetTimerId(userId);
235 if (timerId == 0) {
236 return;
237 }
238 MiscServices::TimeServiceClient::GetInstance()->StopTimer(timerId);
239 MiscServices::TimeServiceClient::GetInstance()->DestroyTimer(timerId);
240 strongAuthTimerInfo.erase(userId);
241 return;
242 }
243
SetStrongAuthStat(int32_t userId, int32_t reasonFlag)244 void StrongAuthManger::SetStrongAuthStat(int32_t userId, int32_t reasonFlag)
245 {
246 std::lock_guard<std::mutex> lock(strongAuthTimerMutex);
247 auto iter = strongAuthStateInfo.find(userId);
248 if (iter != strongAuthStateInfo.end()) {
249 iter->second = reasonFlag;
250 SCLOCK_HILOGI("SetStrongAuthStat, reasonFlag:%{public}u", reasonFlag);
251 return;
252 }
253 strongAuthStateInfo.insert(std::make_pair(userId, reasonFlag));
254 return;
255 }
256
GetStrongAuthStat(int32_t userId)257 int32_t StrongAuthManger::GetStrongAuthStat(int32_t userId)
258 {
259 std::lock_guard<std::mutex> lock(strongAuthTimerMutex);
260 int32_t reasonFlag = static_cast<int32_t>(StrongAuthReasonFlags::AFTER_BOOT);
261 auto iter = strongAuthStateInfo.find(userId);
262 if (IsOsAccountUnlocked(userId) && iter != strongAuthStateInfo.end()) {
263 reasonFlag = iter->second;
264 SCLOCK_HILOGI("GetStrongAuthStat, reasonFlag:%{public}u", reasonFlag);
265 }
266 return reasonFlag;
267 }
268 } // namespace ScreenLock
269 } // namespace OHOS