diff --git a/interfaces/innerkits/tokensync/BUILD.gn b/interfaces/innerkits/tokensync/BUILD.gn index 3d425f645b5b031d9b66e989267de1caa5b854fd..24cb4826c7a06c6815044a736db69f369da20754 100644 --- a/interfaces/innerkits/tokensync/BUILD.gn +++ b/interfaces/innerkits/tokensync/BUILD.gn @@ -32,12 +32,16 @@ ohos_shared_library("libtokensync_sdk") { "src", "//base/security/access_token/frameworks/tokensync/include", "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/interfaces/innerkits/tokensync/include", "//base/security/access_token/interfaces/innerkits/accesstoken/include", "//base/security/access_token/frameworks/accesstoken/include", + "//foundation/distributedhardware/devicemanager/interfaces/inner_kits/native_cpp/include", + "//foundation/distributedschedule/samgr/interfaces/innerkits/samgr_proxy/include", ] sources = [ "src/token_sync_kit.cpp", + "src/token_sync_load_callback.cpp", "src/token_sync_manager_client.cpp", "src/token_sync_manager_proxy.cpp", ] diff --git a/interfaces/innerkits/tokensync/src/token_sync_load_callback.cpp b/interfaces/innerkits/tokensync/src/token_sync_load_callback.cpp new file mode 100644 index 0000000000000000000000000000000000000000..2914dcd255d7d08400dfaf8b0c4a8f6528ff9642 --- /dev/null +++ b/interfaces/innerkits/tokensync/src/token_sync_load_callback.cpp @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "token_sync_load_callback.h" + +#include "accesstoken_log.h" +#include "i_token_sync_manager.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncLoadCallBack"}; +} + +TokenSyncLoadCallback::TokenSyncLoadCallback() +{ + ACCESSTOKEN_LOG_INFO(LABEL, "enter"); +} + +void TokenSyncLoadCallback::OnLoadSystemAbilitySuccess(int32_t systemAbilityId, + const sptr& remoteObject) +{ + if (systemAbilityId != ITokenSyncManager::SA_ID_TOKENSYNC_MANAGER_SERVICE) { + ACCESSTOKEN_LOG_ERROR(LABEL, "start aystemabilityId is not TokenSync!"); + return; + } + + if (remoteObject == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "remoteObject is null."); + return; + } + + ACCESSTOKEN_LOG_DEBUG(LABEL, "OnLoadSystemAbilitySuccess start systemAbilityId: %{public}d success!", + systemAbilityId); + + TokenSyncManagerClient::GetInstance().FinishStartSASuccess(remoteObject); +} + +void TokenSyncLoadCallback::OnLoadSystemAbilityFail(int32_t systemAbilityId) +{ + if (systemAbilityId != ITokenSyncManager::SA_ID_TOKENSYNC_MANAGER_SERVICE) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "start aystemabilityId is not TokenSync!"); + return; + } + + ACCESSTOKEN_LOG_DEBUG(LABEL, "OnLoadSystemAbilityFail systemAbilityId: %{public}d failed.", systemAbilityId); + + TokenSyncManagerClient::GetInstance().FinishStartSAFailed(); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/interfaces/innerkits/tokensync/src/token_sync_load_callback.h b/interfaces/innerkits/tokensync/src/token_sync_load_callback.h new file mode 100644 index 0000000000000000000000000000000000000000..ba5c2f95a6442552bd89b70a4647fc98fcff200b --- /dev/null +++ b/interfaces/innerkits/tokensync/src/token_sync_load_callback.h @@ -0,0 +1,37 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TOKEN_SYNC_LOAD_CALLBACK_H +#define TOKEN_SYNC_LOAD_CALLBACK_H + +#include "system_ability_load_callback_stub.h" +#include "i_token_sync_manager.h" +#include "token_sync_manager_client.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +class TokenSyncLoadCallback : public SystemAbilityLoadCallbackStub { +public: + explicit TokenSyncLoadCallback(); + + void OnLoadSystemAbilitySuccess(int32_t systemAbilityId, const sptr& remoteObject); + void OnLoadSystemAbilityFail(int32_t systemAbilityId); +private: +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // TOKEN_SYNC_LOAD_CALLBACK_H diff --git a/interfaces/innerkits/tokensync/src/token_sync_manager_client.cpp b/interfaces/innerkits/tokensync/src/token_sync_manager_client.cpp index f11d38bfa4b0497bdf521479553854ecae0408d8..2295f5620b87a5950f4fe4cd011c05b9b9005c23 100644 --- a/interfaces/innerkits/tokensync/src/token_sync_manager_client.cpp +++ b/interfaces/innerkits/tokensync/src/token_sync_manager_client.cpp @@ -19,6 +19,7 @@ #include "hap_token_info_for_sync_parcel.h" #include "native_token_info_for_sync_parcel.h" #include "iservice_registry.h" +#include "token_sync_load_callback.h" namespace OHOS { namespace Security { @@ -39,9 +40,9 @@ TokenSyncManagerClient::TokenSyncManagerClient() TokenSyncManagerClient::~TokenSyncManagerClient() {} -int TokenSyncManagerClient::GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) const +int TokenSyncManagerClient::GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + ACCESSTOKEN_LOG_DEBUG(LABEL, "called"); auto proxy = GetProxy(); if (proxy == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); @@ -50,9 +51,9 @@ int TokenSyncManagerClient::GetRemoteHapTokenInfo(const std::string& deviceID, A return proxy->GetRemoteHapTokenInfo(deviceID, tokenID); } -int TokenSyncManagerClient::DeleteRemoteHapTokenInfo(AccessTokenID tokenID) const +int TokenSyncManagerClient::DeleteRemoteHapTokenInfo(AccessTokenID tokenID) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + ACCESSTOKEN_LOG_DEBUG(LABEL, "called"); auto proxy = GetProxy(); if (proxy == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); @@ -61,9 +62,9 @@ int TokenSyncManagerClient::DeleteRemoteHapTokenInfo(AccessTokenID tokenID) cons return proxy->DeleteRemoteHapTokenInfo(tokenID); } -int TokenSyncManagerClient::UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) const +int TokenSyncManagerClient::UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "%{public}s: called!", __func__); + ACCESSTOKEN_LOG_DEBUG(LABEL, "called"); auto proxy = GetProxy(); if (proxy == nullptr) { ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null"); @@ -72,23 +73,69 @@ int TokenSyncManagerClient::UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& return proxy->UpdateRemoteHapTokenInfo(tokenInfo); } -sptr TokenSyncManagerClient::GetProxy() const +void TokenSyncManagerClient::LoadTokenSync() { + ACCESSTOKEN_LOG_DEBUG(LABEL, "remoteObject_ is %{public}d", remoteObject_ == nullptr); + auto sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); if (sam == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "GetSystemAbilityManager is null"); - return nullptr; + ACCESSTOKEN_LOG_ERROR(LABEL, "GetSystemAbilityManager return null"); + return; + } + + sptr ptrTokenSyncLoadCallback = new (std::nothrow) TokenSyncLoadCallback(); + if (ptrTokenSyncLoadCallback == nullptr) { + ACCESSTOKEN_LOG_ERROR(LABEL, "new ptrTokenSyncLoadCallback fail."); + return; } - auto tokensyncSa = sam->GetSystemAbility(ITokenSyncManager::SA_ID_TOKENSYNC_MANAGER_SERVICE); - if (tokensyncSa == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "GetSystemAbility %{public}d is null", + + int32_t result = sam->LoadSystemAbility(ITokenSyncManager::SA_ID_TOKENSYNC_MANAGER_SERVICE, + ptrTokenSyncLoadCallback); + if (result != ERR_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "LoadSystemAbility %{public}d failed", ITokenSyncManager::SA_ID_TOKENSYNC_MANAGER_SERVICE); - return nullptr; + return; } - auto proxy = iface_cast(tokensyncSa); + std::unique_lock lock(tokenSyncMutex_); + // wait_for release lock and block until time out(60s) or match the condition with notice + auto waitStatus = tokenSyncCon_.wait_for(lock, std::chrono::milliseconds(TOKEN_SYNC_LOAD_SA_TIMEOUT_MS), + [this]() { return remoteObject_ != nullptr; }); + if (!waitStatus) { + // time out or loadcallback fail + ACCESSTOKEN_LOG_ERROR(LABEL, "tokensync load sa timeout"); + return; + } +} + +void TokenSyncManagerClient::FinishStartSASuccess(const sptr &remoteObject) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "get tokensync sa success."); + + remoteObject_ = remoteObject; + + // get lock which wait_for release and send a notice so that wait_for can out of block + std::unique_lock lock(tokenSyncMutex_); + + tokenSyncCon_.notify_one(); +} + +void TokenSyncManagerClient::FinishStartSAFailed() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "get tokensync sa failed."); + + // get lock which wait_for release and send a notice + std::unique_lock lock(tokenSyncMutex_); + tokenSyncCon_.notify_one(); +} + +sptr TokenSyncManagerClient::GetProxy() +{ + LoadTokenSync(); + + auto proxy = iface_cast(remoteObject_); if (proxy == nullptr) { - ACCESSTOKEN_LOG_DEBUG(LABEL, "iface_cast get null"); + ACCESSTOKEN_LOG_ERROR(LABEL, "iface_cast get null"); return nullptr; } return proxy; diff --git a/interfaces/innerkits/tokensync/src/token_sync_manager_client.h b/interfaces/innerkits/tokensync/src/token_sync_manager_client.h index f416cba312c54cadceed163f8adf490741000aaf..4f615ca016f6b0659b62d082d944992ff27768e2 100644 --- a/interfaces/innerkits/tokensync/src/token_sync_manager_client.h +++ b/interfaces/innerkits/tokensync/src/token_sync_manager_client.h @@ -17,6 +17,8 @@ #define ACCESSTOKEN_MANAGER_CLIENT_H #include +#include +#include #include "access_token.h" #include "hap_token_info.h" @@ -28,20 +30,29 @@ namespace Security { namespace AccessToken { class TokenSyncManagerClient final { public: + static const int TOKEN_SYNC_LOAD_SA_TIMEOUT_MS = 60000; + static TokenSyncManagerClient& GetInstance(); virtual ~TokenSyncManagerClient(); - int GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) const; - int DeleteRemoteHapTokenInfo(AccessTokenID tokenID) const; - int UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) const; + int GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID); + int DeleteRemoteHapTokenInfo(AccessTokenID tokenID); + int UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo); + void LoadTokenSync(); + void FinishStartSASuccess(const sptr &remoteObject); + void FinishStartSAFailed(); private: + std::condition_variable tokenSyncCon_; + std::mutex tokenSyncMutex_; + sptr remoteObject_ = nullptr; + TokenSyncManagerClient(); DISALLOW_COPY_AND_MOVE(TokenSyncManagerClient); - sptr GetProxy() const; + sptr GetProxy(); }; } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn index a9e4ae2dd62af89de8f9aebb0845f6ac02b5fa7f..8589a6b430f82776f55c83f2ac6169a3e3e5c346 100644 --- a/services/accesstokenmanager/BUILD.gn +++ b/services/accesstokenmanager/BUILD.gn @@ -30,10 +30,16 @@ ohos_shared_library("accesstoken_manager_service") { "main/cpp/include/token", "main/cpp/include/permission", "main/cpp/include/database", + "main/cpp/include/device", "//base/security/access_token/frameworks/common/include", "//base/security/access_token/frameworks/accesstoken/include", "//base/security/access_token/frameworks/database/include", + "//base/security/access_token/frameworks/common/include", + "//base/security/access_token/frameworks/tokensync/include", "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/tokensync/src", + "//base/security/access_token/services/tokensyncmanager/include/common", + "//foundation/distributedhardware/devicemanager/interfaces/inner_kits/native_cpp/include", "//third_party/json/include", ] @@ -41,6 +47,7 @@ ohos_shared_library("accesstoken_manager_service") { "main/cpp/src/database/data_storage.cpp", "main/cpp/src/database/data_translator.cpp", "main/cpp/src/database/sqlite_storage.cpp", + "main/cpp/src/device/atm_device_state_callback.cpp", "main/cpp/src/permission/permission_definition_cache.cpp", "main/cpp/src/permission/permission_manager.cpp", "main/cpp/src/permission/permission_policy_set.cpp", @@ -81,6 +88,7 @@ ohos_shared_library("accesstoken_manager_service") { } external_deps = [ + "device_manager_base:devicemanagersdk", "hiviewdfx_hilog_native:libhilog", "ipc:ipc_core", "safwk:system_ability_fwk", diff --git a/services/accesstokenmanager/main/cpp/include/device/atm_device_state_callback.h b/services/accesstokenmanager/main/cpp/include/device/atm_device_state_callback.h new file mode 100644 index 0000000000000000000000000000000000000000..f8efb84890e54b50024f94ae308d9dd873b1a14d --- /dev/null +++ b/services/accesstokenmanager/main/cpp/include/device/atm_device_state_callback.h @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ATM_DEVICE_STATE_CALLBACK_H +#define ATM_DEVICE_STATE_CALLBACK_H + +#include "device_manager_callback.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +using OHOS::DistributedHardware::DeviceStateCallback; +using OHOS::DistributedHardware::DmDeviceInfo; +using OHOS::DistributedHardware::DmInitCallback; + +class AtmDmInitCallback final : public DmInitCallback { + void OnRemoteDied() override + {} +}; + +class AtmDeviceStateCallback final : public DeviceStateCallback { +public: + AtmDeviceStateCallback(); + ~AtmDeviceStateCallback(); + + void OnDeviceOnline(const DmDeviceInfo &deviceInfo) override; + void OnDeviceOffline(const DmDeviceInfo &deviceInfo) override; + void OnDeviceReady(const DmDeviceInfo &deviceInfo) override; + void OnDeviceChanged(const DmDeviceInfo &deviceInfo) override; +}; +} // namespace AccessToken +} // namespace Security +} // namespace OHOS +#endif // ATM_DEVICE_STATE_CALLBACK_H diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h index cdb8501245ab8ee238064e1ab296354b3a060622..b1cc4585755d9d6254253ceb7787a11f0257d3e8 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h @@ -18,6 +18,7 @@ #include #include +#include #include "accesstoken_manager_stub.h" #include "iremote_object.h" @@ -26,6 +27,7 @@ #include "system_ability.h" #include "hap_token_info.h" #include "access_token.h" +#include "atm_device_state_callback.h" namespace OHOS { namespace Security { @@ -76,9 +78,13 @@ public: void DumpTokenInfo(std::string& dumpInfo) override; private: - bool Initialize() const; + bool Initialize(); + void CreateDeviceListenner(); + void DestroyDeviceListenner(); ServiceRunningState state_; + std::mutex mutex_; + bool isListened_ = false; }; } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h index 30cfd3f7d4071b0da39c8ee6335ecd1e1ad8f244..6bd9a3ec2a6e8fbf9aa3026dff4b477cd5eadf33 100644 --- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h +++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h @@ -60,7 +60,7 @@ private: void GetAllNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply); void SetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply); void SetRemoteNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply); - void DeleteRemoteTokenInner(MessageParcel& data, MessageParcel& reply); + void DeleteRemoteTokenInner(MessageParcel& data, MessageParcel& reply); void DeleteRemoteDeviceTokensInner(MessageParcel& data, MessageParcel& reply); void GetRemoteNativeTokenIDInner(MessageParcel& data, MessageParcel& reply); void GetRemoteHapTokenIDInner(MessageParcel& data, MessageParcel& reply); @@ -69,8 +69,10 @@ private: void DumpTokenInfoInner(MessageParcel& data, MessageParcel& reply); bool IsAuthorizedCalling() const; - static const int SYSTEM_UID = 1000; - static const int ROOT_UID = 0; + bool IsAccessTokenCalling() const; + static const int32_t SYSTEM_UID = 1000; + static const int32_t ROOT_UID = 0; + static const int32_t ACCESSTOKEN_UID = 3020; using RequestFuncType = void (AccessTokenManagerStub::*)(MessageParcel &data, MessageParcel &reply); std::map requestFuncMap_; diff --git a/services/accesstokenmanager/main/cpp/src/device/atm_device_state_callback.cpp b/services/accesstokenmanager/main/cpp/src/device/atm_device_state_callback.cpp new file mode 100644 index 0000000000000000000000000000000000000000..33667b60fd80e86bf8c9923d699f3b701e92f5ad --- /dev/null +++ b/services/accesstokenmanager/main/cpp/src/device/atm_device_state_callback.cpp @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "atm_device_state_callback.h" + +#include +#include + +#include "accesstoken_log.h" +#include "constant.h" +#include "device_manager.h" +#include "dm_device_info.h" +#include "token_sync_manager_client.h" +#include "accesstoken_manager_service.h" + +namespace OHOS { +namespace Security { +namespace AccessToken { +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AtmDeviceStateCallback"}; +} + +AtmDeviceStateCallback::AtmDeviceStateCallback() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "AtmDeviceStateCallback()"); +} + +AtmDeviceStateCallback::~AtmDeviceStateCallback() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "~AtmDeviceStateCallback()"); +} + +void AtmDeviceStateCallback::OnDeviceOnline(const DmDeviceInfo &deviceInfo) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "device online"); + + std::function runner = [&]() { + // when remote device online, start a thread to load tokensync + TokenSyncManagerClient::GetInstance().LoadTokenSync(); + + ACCESSTOKEN_LOG_INFO(LABEL, "device state listenner register success."); + + return; + }; + + std::thread initThread(runner); + initThread.detach(); +} + +void AtmDeviceStateCallback::OnDeviceOffline(const DmDeviceInfo &deviceInfo) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "device offline"); +} + +void AtmDeviceStateCallback::OnDeviceReady(const DmDeviceInfo &deviceInfo) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "device ready"); +} + +void AtmDeviceStateCallback::OnDeviceChanged(const DmDeviceInfo &deviceInfo) +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "device changed"); +} +} // namespace AccessToken +} // namespace Security +} // namespace OHOS diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp index b1ebfed38218f5a0cbe82b5629e5f6af9b3d8058..e02ff4abccc1b82969e906dbfe91940eba52bc83 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp @@ -15,10 +15,13 @@ #include "accesstoken_manager_service.h" +#include + #include "access_token.h" #include "accesstoken_id_manager.h" #include "accesstoken_info_manager.h" #include "accesstoken_log.h" +#include "device_manager.h" #include "hap_token_info.h" #include "hap_token_info_inner.h" #include "ipc_skeleton.h" @@ -38,6 +41,8 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { const bool REGISTER_RESULT = SystemAbility::MakeAndRegisterAbility(DelayedSingleton::GetInstance().get()); +const std::string ACCESS_TOKEN_PACKAGE_NAME = "ohos.security.distributed_token_sync"; +const int32_t RETRY_SLEEP_TIME_MS = 1000; AccessTokenManagerService::AccessTokenManagerService() : SystemAbility(SA_ID_ACCESSTOKEN_MANAGER_SERVICE, true), state_(ServiceRunningState::STATE_NOT_START) @@ -74,20 +79,19 @@ void AccessTokenManagerService::OnStop() { ACCESSTOKEN_LOG_INFO(LABEL, "stop service"); state_ = ServiceRunningState::STATE_NOT_START; + DestroyDeviceListenner(); } int AccessTokenManagerService::VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) { - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s", __func__, + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x, permissionName: %{public}s", tokenID, permissionName.c_str()); return PermissionManager::GetInstance().VerifyAccessToken(tokenID, permissionName); } int AccessTokenManagerService::VerifyNativeToken(AccessTokenID tokenID, const std::string& permissionName) { - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s", __func__, + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x, permissionName: %{public}s", tokenID, permissionName.c_str()); return PermissionManager::GetInstance().VerifyNativeToken(tokenID, permissionName); } @@ -95,15 +99,13 @@ int AccessTokenManagerService::VerifyNativeToken(AccessTokenID tokenID, const st int AccessTokenManagerService::GetDefPermission( const std::string& permissionName, PermissionDefParcel& permissionDefResult) { - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, permissionName: %{public}s", __func__, permissionName.c_str()); + ACCESSTOKEN_LOG_INFO(LABEL, "called, permissionName: %{public}s", permissionName.c_str()); return PermissionManager::GetInstance().GetDefPermission(permissionName, permissionDefResult.permissionDef); } int AccessTokenManagerService::GetDefPermissions(AccessTokenID tokenID, std::vector& permList) { - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x", tokenID); std::vector permVec; int ret = PermissionManager::GetInstance().GetDefPermissions(tokenID, permVec); for (auto perm : permVec) { @@ -117,8 +119,7 @@ int AccessTokenManagerService::GetDefPermissions(AccessTokenID tokenID, std::vec int AccessTokenManagerService::GetReqPermissions( AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) { - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, tokenID: 0x%{public}x, isSystemGrant: %{public}d", __func__, tokenID, isSystemGrant); + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x, isSystemGrant: %{public}d", tokenID, isSystemGrant); std::vector permList; int ret = PermissionManager::GetInstance().GetReqPermissions(tokenID, permList, isSystemGrant); @@ -165,16 +166,14 @@ PermissionOper AccessTokenManagerService::GetSelfPermissionsState( int AccessTokenManagerService::GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) { - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s", __func__, + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x, permissionName: %{public}s", tokenID, permissionName.c_str()); return PermissionManager::GetInstance().GetPermissionFlag(tokenID, permissionName); } int AccessTokenManagerService::GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) { - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s, flag: %{public}d", __func__, + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x, permissionName: %{public}s, flag: %{public}d", tokenID, permissionName.c_str(), flag); PermissionManager::GetInstance().GrantPermission(tokenID, permissionName, flag); AccessTokenInfoManager::GetInstance().RefreshTokenInfoIfNeeded(); @@ -183,8 +182,7 @@ int AccessTokenManagerService::GrantPermission(AccessTokenID tokenID, const std: int AccessTokenManagerService::RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) { - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, tokenID: 0x%{public}x, permissionName: %{public}s, flag: %{public}d", __func__, + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x, permissionName: %{public}s, flag: %{public}d", tokenID, permissionName.c_str(), flag); PermissionManager::GetInstance().RevokePermission(tokenID, permissionName, flag); AccessTokenInfoManager::GetInstance().RefreshTokenInfoIfNeeded(); @@ -193,8 +191,7 @@ int AccessTokenManagerService::RevokePermission(AccessTokenID tokenID, const std int AccessTokenManagerService::ClearUserGrantedPermissionState(AccessTokenID tokenID) { - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x", tokenID); PermissionManager::GetInstance().ClearUserGrantedPermissionState(tokenID); AccessTokenInfoManager::GetInstance().RefreshTokenInfoIfNeeded(); return RET_SUCCESS; @@ -202,7 +199,7 @@ int AccessTokenManagerService::ClearUserGrantedPermissionState(AccessTokenID tok AccessTokenIDEx AccessTokenManagerService::AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "called!"); AccessTokenIDEx tokenIdEx; tokenIdEx.tokenIDEx = 0LL; @@ -216,44 +213,43 @@ AccessTokenIDEx AccessTokenManagerService::AllocHapToken(const HapInfoParcel& in int AccessTokenManagerService::DeleteToken(AccessTokenID tokenID) { - ACCESSTOKEN_LOG_INFO(LABEL, - "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x", tokenID); // only support hap token deletion return AccessTokenInfoManager::GetInstance().RemoveHapTokenInfo(tokenID); } int AccessTokenManagerService::GetTokenType(AccessTokenID tokenID) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x", tokenID); return AccessTokenIDManager::GetInstance().GetTokenIdType(tokenID); } int AccessTokenManagerService::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x, dcap: %{public}s", - __func__, tokenID, dcap.c_str()); + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x, dcap: %{public}s", + tokenID, dcap.c_str()); return AccessTokenInfoManager::GetInstance().CheckNativeDCap(tokenID, dcap); } AccessTokenID AccessTokenManagerService::GetHapTokenID(int userID, const std::string& bundleName, int instIndex) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, userID: %{public}d, bundleName: %{public}s, instIndex: %{public}d", - __func__, userID, bundleName.c_str(), instIndex); + ACCESSTOKEN_LOG_INFO(LABEL, "called, userID: %{public}d, bundleName: %{public}s, instIndex: %{public}d", + userID, bundleName.c_str(), instIndex); return AccessTokenInfoManager::GetInstance().GetHapTokenID(userID, bundleName, instIndex); } AccessTokenID AccessTokenManagerService::AllocLocalTokenID( const std::string& remoteDeviceID, AccessTokenID remoteTokenID) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, remoteDeviceID: %{public}s, remoteTokenID: %{public}d", - __func__, remoteDeviceID.c_str(), remoteTokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "called, remoteDeviceID: %{public}s, remoteTokenID: %{public}d", + remoteDeviceID.c_str(), remoteTokenID); return AccessTokenInfoManager::GetInstance().AllocLocalTokenID(remoteDeviceID, remoteTokenID); } int AccessTokenManagerService::UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParcel& policyParcel) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x", tokenID); return AccessTokenInfoManager::GetInstance().UpdateHapToken(tokenID, appIDDesc, policyParcel.hapPolicyParameter); @@ -261,14 +257,14 @@ int AccessTokenManagerService::UpdateHapToken(AccessTokenID tokenID, const std:: int AccessTokenManagerService::GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& InfoParcel) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x", tokenID); return AccessTokenInfoManager::GetInstance().GetHapTokenInfo(tokenID, InfoParcel.hapTokenInfoParams); } int AccessTokenManagerService::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& InfoParcel) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x", tokenID); return AccessTokenInfoManager::GetInstance().GetNativeTokenInfo(tokenID, InfoParcel.nativeTokenInfoParams); } @@ -277,7 +273,7 @@ int AccessTokenManagerService::GetNativeTokenInfo(AccessTokenID tokenID, NativeT int AccessTokenManagerService::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: 0x%{public}x", __func__, tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "called, tokenID: 0x%{public}x", tokenID); return AccessTokenInfoManager::GetInstance().GetHapTokenInfoFromRemote(tokenID, hapSyncParcel.hapTokenInfoForSyncParams); @@ -285,7 +281,7 @@ int AccessTokenManagerService::GetHapTokenInfoFromRemote(AccessTokenID tokenID, int AccessTokenManagerService::GetAllNativeTokenInfo(std::vector& nativeTokenInfosRes) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "called"); std::vector nativeVec; AccessTokenInfoManager::GetInstance().GetAllNativeTokenInfo(nativeVec); @@ -301,7 +297,7 @@ int AccessTokenManagerService::GetAllNativeTokenInfo(std::vector& nativeTokenInfoForSyncParcel) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID: %{public}s", __func__, deviceID.c_str()); + ACCESSTOKEN_LOG_INFO(LABEL, "called, deviceID: %{public}s", deviceID.c_str()); std::vector nativeList; @@ -323,8 +319,8 @@ int AccessTokenManagerService::SetRemoteNativeTokenInfo(const std::string& devic int AccessTokenManagerService::DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID: %{public}s, token id %{public}d", - __func__, deviceID.c_str(), tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "called, deviceID: %{public}s, token id %{public}d", + deviceID.c_str(), tokenID); return AccessTokenInfoManager::GetInstance().DeleteRemoteToken(deviceID, tokenID); } @@ -332,15 +328,15 @@ int AccessTokenManagerService::DeleteRemoteToken(const std::string& deviceID, Ac AccessTokenID AccessTokenManagerService::GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID: %{public}s, token id %{public}d", - __func__, deviceID.c_str(), tokenID); + ACCESSTOKEN_LOG_INFO(LABEL, "called, deviceID: %{public}s, token id %{public}d", + deviceID.c_str(), tokenID); return AccessTokenInfoManager::GetInstance().GetRemoteNativeTokenID(deviceID, tokenID); } int AccessTokenManagerService::DeleteRemoteDeviceTokens(const std::string& deviceID) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, deviceID: %{public}s", __func__, deviceID.c_str()); + ACCESSTOKEN_LOG_INFO(LABEL, "called, deviceID: %{public}s", deviceID.c_str()); return AccessTokenInfoManager::GetInstance().DeleteRemoteDeviceTokens(deviceID); } @@ -348,15 +344,89 @@ int AccessTokenManagerService::DeleteRemoteDeviceTokens(const std::string& devic void AccessTokenManagerService::DumpTokenInfo(std::string& dumpInfo) { - ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + ACCESSTOKEN_LOG_INFO(LABEL, "called"); AccessTokenInfoManager::GetInstance().DumpTokenInfo(dumpInfo); } -bool AccessTokenManagerService::Initialize() const +void AccessTokenManagerService::CreateDeviceListenner() +{ + std::function runner = [&]() { + auto retrySleepTime = std::chrono::milliseconds(RETRY_SLEEP_TIME_MS); + while (1) { + std::unique_lock lock(mutex_); + + std::string packageName = ACCESS_TOKEN_PACKAGE_NAME; + std::shared_ptr ptrDmInitCallback = std::make_shared(); + + int32_t ret = + DistributedHardware::DeviceManager::GetInstance().InitDeviceManager(packageName, ptrDmInitCallback); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: InitDeviceManager error, result: %{public}d", ret); + std::this_thread::sleep_for(retrySleepTime); + continue; + } + + ACCESSTOKEN_LOG_INFO(LABEL, "device manager init success."); + + std::string extra = ""; + std::shared_ptr ptrAtmDeviceStateCallback = + std::make_shared(); + ret = DistributedHardware::DeviceManager::GetInstance().RegisterDevStateCallback(packageName, extra, + ptrAtmDeviceStateCallback); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: RegisterDevStateCallback error, result: %{public}d", ret); + std::this_thread::sleep_for(retrySleepTime); + continue; + } + + isListened_ = true; + + ACCESSTOKEN_LOG_INFO(LABEL, "device state listenner register success."); + + return; + } + }; + + std::thread initThread(runner); + initThread.detach(); + + ACCESSTOKEN_LOG_DEBUG(LABEL, "start a thread to listen device state."); +} + +void AccessTokenManagerService::DestroyDeviceListenner() +{ + ACCESSTOKEN_LOG_DEBUG(LABEL, "destroy, init: %{public}d", isListened_); + + std::unique_lock lock(mutex_); + + if (!isListened_) { + ACCESSTOKEN_LOG_DEBUG(LABEL, "not listened, skip"); + return; + } + + std::string packageName = ACCESS_TOKEN_PACKAGE_NAME; + + int32_t ret = DistributedHardware::DeviceManager::GetInstance().UnRegisterDevStateCallback(packageName); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "UnRegisterDevStateCallback failed, code: %{public}d", ret); + } + + ret = DistributedHardware::DeviceManager::GetInstance().UnInitDeviceManager(packageName); + if (ret != RET_SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "UnInitDeviceManager failed, code: %{public}d", ret); + } + + isListened_ = false; + + ACCESSTOKEN_LOG_INFO(LABEL, "device state listenner unregister success."); +} + +bool AccessTokenManagerService::Initialize() { AccessTokenInfoManager::GetInstance().Init(); NativeTokenReceptor::GetInstance().Init(); + CreateDeviceListenner(); // for start tokensync when remote devivce online return true; } } // namespace AccessToken diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index 7df3d1ba863c9cb160a7e0e8c28232c748d07158..4dc574609de9faa899e64461da85fefa8ebed4b7 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -322,8 +322,7 @@ void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, Messag #ifdef TOKEN_SYNC_ENABLE void AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply) { - AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); - if (this->GetTokenType(tokenCaller) != TOKEN_NATIVE) { + if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; @@ -338,8 +337,7 @@ void AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner(MessageParcel& data, void AccessTokenManagerStub::GetAllNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply) { - AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); - if (this->GetTokenType(tokenCaller) != TOKEN_NATIVE) { + if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; @@ -355,7 +353,7 @@ void AccessTokenManagerStub::GetAllNativeTokenInfoInner(MessageParcel& data, Mes void AccessTokenManagerStub::SetRemoteHapTokenInfoInner(MessageParcel& data, MessageParcel& reply) { - if (!IsAuthorizedCalling()) { + if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; @@ -373,7 +371,7 @@ void AccessTokenManagerStub::SetRemoteHapTokenInfoInner(MessageParcel& data, Mes void AccessTokenManagerStub::SetRemoteNativeTokenInfoInner(MessageParcel& data, MessageParcel& reply) { - if (!IsAuthorizedCalling()) { + if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; @@ -403,7 +401,7 @@ void AccessTokenManagerStub::SetRemoteNativeTokenInfoInner(MessageParcel& data, void AccessTokenManagerStub::DeleteRemoteTokenInner(MessageParcel& data, MessageParcel& reply) { - if (!IsAuthorizedCalling()) { + if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; @@ -417,8 +415,7 @@ void AccessTokenManagerStub::DeleteRemoteTokenInner(MessageParcel& data, Message void AccessTokenManagerStub::GetRemoteNativeTokenIDInner(MessageParcel& data, MessageParcel& reply) { - AccessTokenID tokenCaller = IPCSkeleton::GetCallingTokenID(); - if (this->GetTokenType(tokenCaller) != TOKEN_NATIVE) { + if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; @@ -432,7 +429,7 @@ void AccessTokenManagerStub::GetRemoteNativeTokenIDInner(MessageParcel& data, Me void AccessTokenManagerStub::DeleteRemoteDeviceTokensInner(MessageParcel& data, MessageParcel& reply) { - if (!IsAuthorizedCalling()) { + if (!IsAuthorizedCalling() && !IsAccessTokenCalling()) { ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s called, permission denied", __func__); reply.WriteInt32(RET_FAILED); return; @@ -464,6 +461,12 @@ bool AccessTokenManagerStub::IsAuthorizedCalling() const return callingUid == SYSTEM_UID || callingUid == ROOT_UID; } +bool AccessTokenManagerStub::IsAccessTokenCalling() const +{ + int callingUid = IPCSkeleton::GetCallingUid(); + return callingUid == ACCESSTOKEN_UID; +} + AccessTokenManagerStub::AccessTokenManagerStub() { requestFuncMap_[static_cast(IAccessTokenManager::InterfaceCode::VERIFY_ACCESSTOKEN)] = diff --git a/services/tokensyncmanager/include/remote/soft_bus_device_connection_listener.h b/services/tokensyncmanager/include/remote/soft_bus_device_connection_listener.h index c8722cbe1fa218b84bcb3573354f5971c03a1936..2a207dbafee9e4f9441a2d68ec1e7acb29b8b779 100644 --- a/services/tokensyncmanager/include/remote/soft_bus_device_connection_listener.h +++ b/services/tokensyncmanager/include/remote/soft_bus_device_connection_listener.h @@ -23,7 +23,6 @@ #include "accesstoken_log.h" #include "device_manager_callback.h" #include "dm_device_info.h" -#include "softbus_bus_center.h" namespace OHOS { namespace Security { diff --git a/services/tokensyncmanager/include/remote/soft_bus_manager.h b/services/tokensyncmanager/include/remote/soft_bus_manager.h index 4a4a5bc7736c7224477432b96748185a0de0b8e2..a29b79ca27429e3ba0698d95b962b7bf22a89d00 100644 --- a/services/tokensyncmanager/include/remote/soft_bus_manager.h +++ b/services/tokensyncmanager/include/remote/soft_bus_manager.h @@ -106,6 +106,8 @@ public: private: SoftBusManager(); + int DeviceInit(); + int SessionInit(); /** * @brief Fulfill local device info @@ -115,10 +117,19 @@ private: * @version 1.0 */ int FulfillLocalDeviceInfo(); + + /** + * @brief add all trusted device info. + * + * @since 1.0 + * @version 1.0 + */ + int AddTrustedDeviceInfo(); + std::string GetUuidByNodeId(const std::string &nodeId) const; std::string GetUdidByNodeId(const std::string &nodeId) const; - const static std::string ACCESS_TOKEN_PACKAGE_NAME; + const static std::string TOKEN_SYNC_PACKAGE_NAME; // soft bus session server opened flag bool isSoftBusServiceBindSuccess_; diff --git a/services/tokensyncmanager/sa_profile/3504.xml b/services/tokensyncmanager/sa_profile/3504.xml index 4293f14528a95669adeaa0f2127cf87a50216c9b..b0ef046f153bad9c0e1a6e4137a857d6d0057cd3 100644 --- a/services/tokensyncmanager/sa_profile/3504.xml +++ b/services/tokensyncmanager/sa_profile/3504.xml @@ -17,7 +17,7 @@ 3504 libtoken_sync_manager_service.z.so - true + false true 1 diff --git a/services/tokensyncmanager/src/remote/soft_bus_device_connection_listener.cpp b/services/tokensyncmanager/src/remote/soft_bus_device_connection_listener.cpp index 47143b362d9022cfd23dbbf96b161335699f8dc0..0835b06d62ee3c259a757bc2b0a5979fcfaf4927 100644 --- a/services/tokensyncmanager/src/remote/soft_bus_device_connection_listener.cpp +++ b/services/tokensyncmanager/src/remote/soft_bus_device_connection_listener.cpp @@ -17,6 +17,9 @@ #include "remote_command_manager.h" #include "soft_bus_manager.h" #include "device_info_manager.h" +#include "softbus_bus_center.h" +#include "device_manager.h" +#include "dm_device_info.h" namespace OHOS { namespace Security { @@ -25,6 +28,9 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "SoftBusDeviceConnectionListener"}; } + +const std::string ACCESSTOKEN_PACKAGE_NAME = "ohos.security.distributed_access_token"; + SoftBusDeviceConnectionListener::SoftBusDeviceConnectionListener() { ACCESSTOKEN_LOG_DEBUG(LABEL, "SoftBusDeviceConnectionListener()"); @@ -72,6 +78,23 @@ void SoftBusDeviceConnectionListener::OnDeviceOffline(const DmDeviceInfo &info) RemoteCommandManager::GetInstance().NotifyDeviceOffline(uuid); RemoteCommandManager::GetInstance().NotifyDeviceOffline(udid); DeviceInfoManager::GetInstance().RemoveRemoteDeviceInfo(networkId, DeviceIdType::NETWORK_ID); + + std::string packageName = ACCESSTOKEN_PACKAGE_NAME; + std::string extra = ""; + std::vector deviceList; + + int32_t ret = DistributedHardware::DeviceManager::GetInstance().GetTrustedDeviceList(packageName, + extra, deviceList); + if (ret != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "GetTrustedDeviceList error, result: %{public}d", ret); + return; + } + + if (deviceList.size() == 0) { + ACCESSTOKEN_LOG_INFO(LABEL, "there is no remote decice online, exit tokensync process"); + + exit(0); + } } else { ACCESSTOKEN_LOG_ERROR(LABEL, "uuid or udid is empty, offline failed."); } diff --git a/services/tokensyncmanager/src/remote/soft_bus_manager.cpp b/services/tokensyncmanager/src/remote/soft_bus_manager.cpp index aedf422b8d71b66538c80aa8aecd44e677da7e89..d1a6e4be4a5f320b5a2b29f33c78bb2130f8e7a7 100644 --- a/services/tokensyncmanager/src/remote/soft_bus_manager.cpp +++ b/services/tokensyncmanager/src/remote/soft_bus_manager.cpp @@ -18,6 +18,9 @@ #include "device_info_manager.h" #include "parameter.h" +#include "softbus_bus_center.h" +#include "dm_device_info.h" +#include "remote_command_manager.h" namespace OHOS { namespace Security { @@ -35,7 +38,7 @@ static const int OPENSESSION_RETRY_INTERVAL_MS = 100; static const int UDID_MAX_LENGTH = 128; // udid/uuid max length } // namespace -const std::string SoftBusManager::ACCESS_TOKEN_PACKAGE_NAME = "ohos.security.distributed_access_token"; +const std::string SoftBusManager::TOKEN_SYNC_PACKAGE_NAME = "ohos.security.distributed_access_token"; const std::string SoftBusManager::SESSION_NAME = "ohos.security.atm_channel"; SoftBusManager::SoftBusManager() : isSoftBusServiceBindSuccess_(false), inited_(false), mutex_(), fulfillMutex_() @@ -54,6 +57,86 @@ SoftBusManager &SoftBusManager::GetInstance() return instance; } +int SoftBusManager::AddTrustedDeviceInfo() +{ + std::string packageName = TOKEN_SYNC_PACKAGE_NAME; + std::string extra = ""; + std::vector deviceList; + + int32_t ret = DistributedHardware::DeviceManager::GetInstance().GetTrustedDeviceList(packageName, + extra, deviceList); + if (ret != Constant::SUCCESS) { + ACCESSTOKEN_LOG_ERROR(LABEL, "AddTrustedDeviceInfo: GetTrustedDeviceList error, result: %{public}d", ret); + return Constant::FAILURE; + } + + for (DmDeviceInfo device : deviceList) { + std::string uuid = GetUuidByNodeId(device.networkId); + std::string udid = GetUdidByNodeId(device.networkId); + if (uuid.empty() || udid.empty()) { + ACCESSTOKEN_LOG_ERROR(LABEL, "uuid = %{public}s, udid = %{public}s, uuid or udid is empty, abort.", + uuid.c_str(), udid.c_str()); + continue; + } + + DeviceInfoManager::GetInstance().AddDeviceInfo(device.networkId, uuid, udid, device.deviceName, + std::to_string(device.deviceTypeId)); + RemoteCommandManager::GetInstance().NotifyDeviceOnline(udid); + } + + return Constant::SUCCESS; +} + +int SoftBusManager::DeviceInit() +{ + std::string packageName = TOKEN_SYNC_PACKAGE_NAME; + std::shared_ptr ptrDmInitCallback = std::make_shared(); + + int ret = DistributedHardware::DeviceManager::GetInstance().InitDeviceManager(packageName, ptrDmInitCallback); + if (ret != ERR_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: InitDeviceManager error, result: %{public}d", ret); + return ret; + } + + ret = AddTrustedDeviceInfo(); + if (ret != ERR_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: AddTrustedDeviceInfo error, result: %{public}d", ret); + return ret; + } + + std::string extra = ""; + std::shared_ptr ptrDeviceStateCallback = + std::make_shared(); + ret = DistributedHardware::DeviceManager::GetInstance().RegisterDevStateCallback(packageName, extra, + ptrDeviceStateCallback); + if (ret != ERR_OK) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: RegisterDevStateCallback error, result: %{public}d", ret); + return ret; + } + + return ERR_OK; +} + +int SoftBusManager::SessionInit() +{ + // register session listener + ISessionListener sessionListener; + sessionListener.OnSessionOpened = SoftBusSessionListener::OnSessionOpened; + sessionListener.OnSessionClosed = SoftBusSessionListener::OnSessionClosed; + sessionListener.OnBytesReceived = SoftBusSessionListener::OnBytesReceived; + sessionListener.OnMessageReceived = SoftBusSessionListener::OnMessageReceived; + + int ret = ::CreateSessionServer(TOKEN_SYNC_PACKAGE_NAME.c_str(), SESSION_NAME.c_str(), &sessionListener); + ACCESSTOKEN_LOG_INFO(LABEL, "Initialize: createSessionServer, result: %{public}d", ret); + // REASON_EXIST + if ((ret != Constant::SUCCESS) && (ret != REASON_EXIST)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: CreateSessionServer error, result: %{public}d", ret); + return ret; + } + + return ERR_OK; +} + void SoftBusManager::Initialize() { bool inited = false; @@ -67,39 +150,15 @@ void SoftBusManager::Initialize() auto sleepTime = std::chrono::milliseconds(1000); while (1) { std::unique_lock lock(mutex_); - std::string packageName = ACCESS_TOKEN_PACKAGE_NAME; - std::shared_ptr ptrDmInitCallback = std::make_shared(); - int ret = - DistributedHardware::DeviceManager::GetInstance().InitDeviceManager(packageName, ptrDmInitCallback); + + int ret = DeviceInit(); if (ret != ERR_OK) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: InitDeviceManager error, result: %{public}d", ret); std::this_thread::sleep_for(sleepTime); continue; } - std::string extra = ""; - std::shared_ptr ptrDeviceStateCallback = - std::make_shared(); - ret = DistributedHardware::DeviceManager::GetInstance().RegisterDevStateCallback(packageName, extra, - ptrDeviceStateCallback); + ret = SessionInit(); if (ret != ERR_OK) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: RegisterDevStateCallback error, result: %{public}d", ret); - std::this_thread::sleep_for(sleepTime); - continue; - } - - // register session listener - ISessionListener sessionListener; - sessionListener.OnSessionOpened = SoftBusSessionListener::OnSessionOpened; - sessionListener.OnSessionClosed = SoftBusSessionListener::OnSessionClosed; - sessionListener.OnBytesReceived = SoftBusSessionListener::OnBytesReceived; - sessionListener.OnMessageReceived = SoftBusSessionListener::OnMessageReceived; - - ret = ::CreateSessionServer(ACCESS_TOKEN_PACKAGE_NAME.c_str(), SESSION_NAME.c_str(), &sessionListener); - ACCESSTOKEN_LOG_INFO(LABEL, "Initialize: createSessionServer, result: %{public}d", ret); - // REASON_EXIST - if ((ret != Constant::SUCCESS) && (ret != REASON_EXIST)) { - ACCESSTOKEN_LOG_ERROR(LABEL, "Initialize: CreateSessionServer error, result: %{public}d", ret); std::this_thread::sleep_for(sleepTime); continue; } @@ -132,12 +191,12 @@ void SoftBusManager::Destroy() } if (isSoftBusServiceBindSuccess_) { - int32_t ret = ::RemoveSessionServer(ACCESS_TOKEN_PACKAGE_NAME.c_str(), SESSION_NAME.c_str()); + int32_t ret = ::RemoveSessionServer(TOKEN_SYNC_PACKAGE_NAME.c_str(), SESSION_NAME.c_str()); ACCESSTOKEN_LOG_DEBUG(LABEL, "destroy, RemoveSessionServer: %{public}d", ret); isSoftBusServiceBindSuccess_ = false; } - std::string packageName = ACCESS_TOKEN_PACKAGE_NAME; + std::string packageName = TOKEN_SYNC_PACKAGE_NAME; int ret = DistributedHardware::DeviceManager::GetInstance().UnRegisterDevStateCallback(packageName); if (ret != ERR_OK) { ACCESSTOKEN_LOG_ERROR(LABEL, "UnRegisterDevStateCallback failed, code: %{public}d", ret); @@ -275,7 +334,7 @@ std::string SoftBusManager::GetUuidByNodeId(const std::string &nodeId) const return ""; } (void)memset_s(info, UDID_MAX_LENGTH + 1, 0, UDID_MAX_LENGTH + 1); - int32_t ret = ::GetNodeKeyInfo(ACCESS_TOKEN_PACKAGE_NAME.c_str(), nodeId.c_str(), + int32_t ret = ::GetNodeKeyInfo(TOKEN_SYNC_PACKAGE_NAME.c_str(), nodeId.c_str(), NodeDeviceInfoKey::NODE_KEY_UUID, info, UDID_MAX_LENGTH); if (ret != Constant::SUCCESS) { delete[] info; @@ -297,7 +356,7 @@ std::string SoftBusManager::GetUdidByNodeId(const std::string &nodeId) const return ""; } (void)memset_s(info, UDID_MAX_LENGTH + 1, 0, UDID_MAX_LENGTH + 1); - int32_t ret = ::GetNodeKeyInfo(ACCESS_TOKEN_PACKAGE_NAME.c_str(), nodeId.c_str(), + int32_t ret = ::GetNodeKeyInfo(TOKEN_SYNC_PACKAGE_NAME.c_str(), nodeId.c_str(), NodeDeviceInfoKey::NODE_KEY_UDID, info, UDID_MAX_LENGTH); if (ret != Constant::SUCCESS) { delete[] info; @@ -319,7 +378,7 @@ int SoftBusManager::FulfillLocalDeviceInfo() } NodeBasicInfo info; - int32_t ret = ::GetLocalNodeDeviceInfo(ACCESS_TOKEN_PACKAGE_NAME.c_str(), &info); + int32_t ret = ::GetLocalNodeDeviceInfo(TOKEN_SYNC_PACKAGE_NAME.c_str(), &info); if (ret != Constant::SUCCESS) { ACCESSTOKEN_LOG_ERROR(LABEL, "GetLocalNodeDeviceInfo error"); fulfillMutex_.unlock(); diff --git a/services/tokensyncmanager/src/service/token_sync_manager_service.cpp b/services/tokensyncmanager/src/service/token_sync_manager_service.cpp index adb43917b1679f51fc7a88b0101b72481dae2a1c..748e2248c1be20e629428ed80ab4d4f57300cb94 100644 --- a/services/tokensyncmanager/src/service/token_sync_manager_service.cpp +++ b/services/tokensyncmanager/src/service/token_sync_manager_service.cpp @@ -34,7 +34,7 @@ const bool REGISTER_RESULT = SystemAbility::MakeAndRegisterAbility(DelayedSingleton::GetInstance().get()); TokenSyncManagerService::TokenSyncManagerService() - : SystemAbility(SA_ID_TOKENSYNC_MANAGER_SERVICE, true), state_(ServiceRunningState::STATE_NOT_START) + : SystemAbility(SA_ID_TOKENSYNC_MANAGER_SERVICE, false), state_(ServiceRunningState::STATE_NOT_START) { ACCESSTOKEN_LOG_INFO(LABEL, "TokenSyncManagerService()"); } @@ -68,6 +68,7 @@ void TokenSyncManagerService::OnStop() { ACCESSTOKEN_LOG_INFO(LABEL, "stop service"); state_ = ServiceRunningState::STATE_NOT_START; + SoftBusManager::GetInstance().Destroy(); } std::shared_ptr TokenSyncManagerService::GetSendEventHandler() const @@ -174,7 +175,7 @@ bool TokenSyncManagerService::Initialize() sendHandler_ = std::make_shared(sendRunner_); if (!sendHandler_) { - ACCESSTOKEN_LOG_ERROR(LABEL, "sendHandler_ is nullpter."); + ACCESSTOKEN_LOG_ERROR(LABEL, "sendHandler_ is nullptr."); return false; } @@ -186,7 +187,7 @@ bool TokenSyncManagerService::Initialize() recvHandler_ = std::make_shared(recvRunner_); if (!recvHandler_) { - ACCESSTOKEN_LOG_ERROR(LABEL, "recvHandler_ is nullpter."); + ACCESSTOKEN_LOG_ERROR(LABEL, "recvHandler_ is nullptr."); return false; } diff --git a/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn b/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn index 420f832ecb088324298344a83356418e7c21a8f0..62403189d12405fecb4d9e55c9dee28487cf81cf 100644 --- a/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn +++ b/services/tokensyncmanager/test/unittest/token_sync_service/BUILD.gn @@ -67,7 +67,6 @@ ohos_unittest("libtoken_sync_service_sdk_test") { "//foundation/communication/dsoftbus/interfaces/kits/common", "//foundation/communication/dsoftbus/interfaces/kits/bus_center", "//foundation/distributedhardware/devicemanager/interfaces/inner_kits/native_cpp/include", - "//foundation/distributedhardware/devicemanager/interfaces/inner_kits/native_cpp:devicemanagersdk", ] deps = [ diff --git a/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp b/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp index a5aee02f9beba7898522237f33ddcedf6a99a396..13116f96eabddf80fe75fe7f3ceced8811e2895e 100644 --- a/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp +++ b/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.cpp @@ -72,11 +72,32 @@ void TokenSyncServiceTest::TearDown() threads_.clear(); if (g_ptrDeviceStateCallback != nullptr) { - g_ptrDeviceStateCallback->OnDeviceOffline(g_devInfo); + OnDeviceOffline(g_devInfo); sleep(1); } } +void TokenSyncServiceTest::OnDeviceOffline(const DmDeviceInfo &info) +{ + std::string networkId = info.deviceId; + std::string uuid = DeviceInfoManager::GetInstance().ConvertToUniversallyUniqueIdOrFetch(networkId); + std::string udid = DeviceInfoManager::GetInstance().ConvertToUniqueDeviceIdOrFetch(networkId); + + ACCESSTOKEN_LOG_INFO(LABEL, + "networkId: %{public}s, uuid: %{public}s, udid: %{public}s", + networkId.c_str(), + uuid.c_str(), + udid.c_str()); + + if (uuid != "" && udid != "") { + RemoteCommandManager::GetInstance().NotifyDeviceOffline(uuid); + RemoteCommandManager::GetInstance().NotifyDeviceOffline(udid); + DeviceInfoManager::GetInstance().RemoveRemoteDeviceInfo(networkId, DeviceIdType::NETWORK_ID); + } else { + ACCESSTOKEN_LOG_ERROR(LABEL, "uuid or udid is empty, offline failed."); + } +} + namespace { std::string g_jsonBefore; std::string g_jsonAfter; @@ -835,7 +856,7 @@ HWTEST_F(TokenSyncServiceTest, DeviceOffline001, TestSize.Level1) ret = AccessTokenKit::GetHapTokenInfo(mapID, mapInfo); ASSERT_EQ(ret, RET_SUCCESS); - g_ptrDeviceStateCallback->OnDeviceOffline(g_devInfo); + OnDeviceOffline(g_devInfo); sleep(1); ret = AccessTokenKit::GetHapTokenInfo(mapID, mapInfo); diff --git a/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.h b/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.h index 4fc0ebdbd460dadd38d43f1491e20c0e899293ca..37e27cc3a5778c4b3e22903916a79ec3512f2e1d 100644 --- a/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.h +++ b/services/tokensyncmanager/test/unittest/token_sync_service/token_sync_service_test.h @@ -17,16 +17,25 @@ #define TOKEN_SYNC_SERVICE_TEST_H #include +#include "device_info_manager.h" +#include "device_manager_callback.h" +#include "dm_device_info.h" +#include "remote_command_manager.h" +#include "softbus_bus_center.h" namespace OHOS { namespace Security { namespace AccessToken { +using OHOS::DistributedHardware::DeviceStateCallback; +using OHOS::DistributedHardware::DmDeviceInfo; +using OHOS::DistributedHardware::DmInitCallback; class TokenSyncServiceTest : public testing::Test { public: TokenSyncServiceTest(); ~TokenSyncServiceTest(); static void SetUpTestCase(); static void TearDownTestCase(); + void OnDeviceOffline(const DmDeviceInfo &info); void SetUp(); void TearDown(); }; diff --git a/services/tokensyncmanager/token_sync.cfg b/services/tokensyncmanager/token_sync.cfg index 4407547a10139509e0086002662a3fd84c7b972b..f8803d419e62b249087da0691023b7ec45aa795b 100644 --- a/services/tokensyncmanager/token_sync.cfg +++ b/services/tokensyncmanager/token_sync.cfg @@ -1,18 +1,12 @@ { - "jobs" : [{ - "name" : "late-fs", - "cmds" : [ - "start token_sync_service" - ] - } - ], "services" : [{ "name" : "token_sync_service", "path" : ["/system/bin/sa_main", "/system/profile/token_sync_service.xml"], - "importance" : -20, + "ondemand" : true, + "start-mode" : "condition", "uid" : "access_token", "gid" : ["access_token"], "secon" : "u:r:token_sync_service:s0" } ] -} \ No newline at end of file +}