From 4d6dc391928fcd55a637b71586927acb79f883b0 Mon Sep 17 00:00:00 2001
From: lsq <linshuqing2@huawei.com>
Date: Sat, 23 Jul 2022 20:04:44 +0800
Subject: [PATCH 1/2] =?UTF-8?q?=E6=9D=83=E9=99=90=E5=8F=98=E5=8C=96?=
 =?UTF-8?q?=E5=9B=9E=E8=B0=83?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: lsq <linshuqing2@huawei.com>
Change-Id: I383097fb4204428029f634251cdf29d12d5198be
Signed-off-by: lsq <linshuqing2@huawei.com>
---
 frameworks/accesstoken/BUILD.gn               |   2 +
 .../include/i_accesstoken_manager.h           |   7 +
 .../permission_state_change_info_parcel.h     |  40 ++
 .../permission_state_change_scope_parcel.h    |  40 ++
 .../permission_state_change_info_parcel.cpp   |  44 +++
 .../permission_state_change_scope_parcel.cpp  |  63 ++++
 .../include/bundle_used_record_parcel.h       |   6 +-
 .../include/permission_used_record_parcel.h   |   6 +-
 .../include/permission_used_request_parcel.h  |   6 +-
 .../include/permission_used_result_parcel.h   |   6 +-
 .../include/used_record_detail_parcel.h       |   6 +-
 interfaces/innerkits/accesstoken/BUILD.gn     |   3 +
 .../accesstoken/include/accesstoken_kit.h     |   6 +
 .../include/i_permission_state_callback.h     |  43 +++
 .../include/perm_state_callback_customize.h   |  41 ++
 .../include/permission_state_change_info.h    |  44 +++
 .../accesstoken/src/accesstoken_kit.cpp       |  15 +
 .../src/accesstoken_manager_client.cpp        |  77 ++++
 .../src/accesstoken_manager_client.h          |  11 +
 .../src/accesstoken_manager_proxy.cpp         |  60 +++
 .../src/accesstoken_manager_proxy.h           |   3 +
 .../src/perm_state_callback_customize.cpp     |  37 ++
 .../src/permission_state_change_callback.cpp  |  49 +++
 .../src/permission_state_change_callback.h    |  42 +++
 .../permission_state_change_callback_stub.cpp |  59 +++
 .../permission_state_change_callback_stub.h   |  38 ++
 .../innerkits/accesstoken/test/BUILD.gn       |   1 +
 .../unittest/src/accesstoken_kit_test.cpp     | 354 ++++++++++++++++++
 services/accesstokenmanager/BUILD.gn          |   4 +
 .../cpp/include/callback/callback_manager.h   |  67 ++++
 .../perm_state_callback_death_recipient.h     |  35 ++
 .../permission_state_change_callback_proxy.h  |  41 ++
 .../include/permission/permission_manager.h   |   6 +
 .../permission/permission_policy_set.h        |   2 +-
 .../service/accesstoken_manager_service.h     |   3 +
 .../service/accesstoken_manager_stub.h        |   2 +
 .../cpp/src/callback/callback_manager.cpp     | 166 ++++++++
 .../perm_state_callback_death_recipient.cpp   |  47 +++
 ...permission_state_change_callback_proxy.cpp |  68 ++++
 .../cpp/src/permission/permission_manager.cpp |  25 +-
 .../src/permission/permission_policy_set.cpp  |  17 +-
 .../service/accesstoken_manager_service.cpp   |  13 +
 .../src/service/accesstoken_manager_stub.cpp  |  29 ++
 43 files changed, 1613 insertions(+), 21 deletions(-)
 create mode 100644 frameworks/accesstoken/include/permission_state_change_info_parcel.h
 create mode 100644 frameworks/accesstoken/include/permission_state_change_scope_parcel.h
 create mode 100644 frameworks/accesstoken/src/permission_state_change_info_parcel.cpp
 create mode 100644 frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp
 create mode 100644 interfaces/innerkits/accesstoken/include/i_permission_state_callback.h
 create mode 100644 interfaces/innerkits/accesstoken/include/perm_state_callback_customize.h
 create mode 100644 interfaces/innerkits/accesstoken/include/permission_state_change_info.h
 create mode 100644 interfaces/innerkits/accesstoken/src/perm_state_callback_customize.cpp
 create mode 100644 interfaces/innerkits/accesstoken/src/permission_state_change_callback.cpp
 create mode 100644 interfaces/innerkits/accesstoken/src/permission_state_change_callback.h
 create mode 100644 interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.cpp
 create mode 100644 interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.h
 create mode 100644 services/accesstokenmanager/main/cpp/include/callback/callback_manager.h
 create mode 100644 services/accesstokenmanager/main/cpp/include/callback/perm_state_callback_death_recipient.h
 create mode 100644 services/accesstokenmanager/main/cpp/include/callback/permission_state_change_callback_proxy.h
 create mode 100644 services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
 create mode 100644 services/accesstokenmanager/main/cpp/src/callback/perm_state_callback_death_recipient.cpp
 create mode 100644 services/accesstokenmanager/main/cpp/src/callback/permission_state_change_callback_proxy.cpp

diff --git a/frameworks/accesstoken/BUILD.gn b/frameworks/accesstoken/BUILD.gn
index b05a2c716..57c72eeec 100644
--- a/frameworks/accesstoken/BUILD.gn
+++ b/frameworks/accesstoken/BUILD.gn
@@ -43,6 +43,8 @@ ohos_shared_library("accesstoken_communication_adapter_cxx") {
     "src/native_token_info_parcel.cpp",
     "src/permission_def_parcel.cpp",
     "src/permission_list_state_parcel.cpp",
+    "src/permission_state_change_info_parcel.cpp",
+    "src/permission_state_change_scope_parcel.cpp",
     "src/permission_state_full_parcel.cpp",
   ]
 
diff --git a/frameworks/accesstoken/include/i_accesstoken_manager.h b/frameworks/accesstoken/include/i_accesstoken_manager.h
index 46312f8d1..466cafd37 100644
--- a/frameworks/accesstoken/include/i_accesstoken_manager.h
+++ b/frameworks/accesstoken/include/i_accesstoken_manager.h
@@ -25,11 +25,13 @@
 #include "hap_token_info_for_sync_parcel.h"
 #include "hap_token_info_parcel.h"
 #include "iremote_broker.h"
+#include "i_permission_state_callback.h"
 #include "native_token_info_for_sync_parcel.h"
 #include "native_token_info_parcel.h"
 #include "permission_def_parcel.h"
 #include "permission_list_state_parcel.h"
 #include "permission_state_full_parcel.h"
+#include "permission_state_change_scope_parcel.h"
 
 namespace OHOS {
 namespace Security {
@@ -62,6 +64,9 @@ public:
     virtual int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) = 0;
     virtual int UpdateHapToken(
         AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParcel& policyParcel) = 0;
+    virtual int32_t RegisterPermStateChangeCallback(
+        const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback) = 0;
+    virtual int32_t UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback) = 0;
 
 #ifdef TOKEN_SYNC_ENABLE
     virtual int GetHapTokenInfoFromRemote(AccessTokenID tokenID,
@@ -108,6 +113,8 @@ public:
 
         DUMP_TOKENINFO = 0xff30,
         GET_PERMISSION_OPER_STATE = 0xff31,
+        REGISTER_PERM_STATE_CHANGE_CALLBACK = 0xff32,
+        UNREGISTER_PERM_STATE_CHANGE_CALLBACK = 0xff33,
     };
 };
 } // namespace AccessToken
diff --git a/frameworks/accesstoken/include/permission_state_change_info_parcel.h b/frameworks/accesstoken/include/permission_state_change_info_parcel.h
new file mode 100644
index 000000000..eb95593c3
--- /dev/null
+++ b/frameworks/accesstoken/include/permission_state_change_info_parcel.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PERMISSION_STATE_CHANGE_INFO_PARCEL_H
+#define PERMISSION_STATE_CHANGE_INFO_PARCEL_H
+
+#include "parcel.h"
+#include "permission_state_change_info.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+struct PermissionStateChangeInfoParcel final : public Parcelable {
+    PermissionStateChangeInfoParcel() = default;
+
+    ~PermissionStateChangeInfoParcel() override = default;
+
+    bool Marshalling(Parcel& out) const override;
+
+    static PermissionStateChangeInfoParcel* Unmarshalling(Parcel& in);
+
+    PermStateChangeInfo changeInfo;
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+
+#endif // PERMISSION_STATE_CHANGE_INFO_PARCEL_H
diff --git a/frameworks/accesstoken/include/permission_state_change_scope_parcel.h b/frameworks/accesstoken/include/permission_state_change_scope_parcel.h
new file mode 100644
index 000000000..e1988a8f2
--- /dev/null
+++ b/frameworks/accesstoken/include/permission_state_change_scope_parcel.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PERMISSION_STATE_CHANGE_SCOPE_PARCEL_H
+#define PERMISSION_STATE_CHANGE_SCOPE_PARCEL_H
+
+#include "parcel.h"
+#include "permission_state_change_info.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+struct PermStateChangeScopeParcel final : public Parcelable {
+    PermStateChangeScopeParcel() = default;
+
+    ~PermStateChangeScopeParcel() override = default;
+
+    bool Marshalling(Parcel& out) const override;
+
+    static PermStateChangeScopeParcel* Unmarshalling(Parcel& in);
+
+    PermStateChangeScope scope;
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+
+#endif // PERMISSION_STATE_CHANGE_SCOPE_PARCEL_H
diff --git a/frameworks/accesstoken/src/permission_state_change_info_parcel.cpp b/frameworks/accesstoken/src/permission_state_change_info_parcel.cpp
new file mode 100644
index 000000000..173a2d25b
--- /dev/null
+++ b/frameworks/accesstoken/src/permission_state_change_info_parcel.cpp
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "permission_state_change_info_parcel.h"
+#include "parcel_utils.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+bool PermissionStateChangeInfoParcel::Marshalling(Parcel& out) const
+{
+    RETURN_IF_FALSE(out.WriteInt32(this->changeInfo.PermStateChangeType));
+    RETURN_IF_FALSE(out.WriteUint32(this->changeInfo.tokenID));
+    RETURN_IF_FALSE(out.WriteString(this->changeInfo.permissionName));
+    return true;
+}
+
+PermissionStateChangeInfoParcel* PermissionStateChangeInfoParcel::Unmarshalling(Parcel& in)
+{
+    auto* permissionStateParcel = new (std::nothrow) PermissionStateChangeInfoParcel();
+    if (permissionStateParcel == nullptr) {
+        return nullptr;
+    }
+    RELEASE_IF_FALSE(in.ReadInt32(permissionStateParcel->changeInfo.PermStateChangeType), permissionStateParcel);
+    RELEASE_IF_FALSE(in.ReadUint32(permissionStateParcel->changeInfo.tokenID), permissionStateParcel);
+    RELEASE_IF_FALSE(in.ReadString(permissionStateParcel->changeInfo.permissionName), permissionStateParcel);
+
+    return permissionStateParcel;
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp b/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp
new file mode 100644
index 000000000..a3aa4b4fe
--- /dev/null
+++ b/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "permission_state_change_scope_parcel.h"
+#include "parcel_utils.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+bool PermStateChangeScopeParcel::Marshalling(Parcel& out) const
+{
+    RETURN_IF_FALSE(out.WriteUint32((this->scope.tokenIDs.size())));
+    for (const auto& tokenID : this->scope.tokenIDs) {
+        RETURN_IF_FALSE(out.WriteUint32(tokenID));
+    }
+
+    RETURN_IF_FALSE(out.WriteUint32((this->scope.permList.size())));
+    for (const auto& permissionName : this->scope.permList) {
+        RETURN_IF_FALSE(out.WriteString(permissionName));
+    }
+    return true;
+}
+
+PermStateChangeScopeParcel* PermStateChangeScopeParcel::Unmarshalling(Parcel& in)
+{
+    auto* permStateChangeScopeParcel = new (std::nothrow) PermStateChangeScopeParcel();
+    if (permStateChangeScopeParcel == nullptr) {
+        return nullptr;
+    }
+    uint32_t tokenIdListSize = 0;
+    RELEASE_IF_FALSE(in.ReadUint32(tokenIdListSize), permStateChangeScopeParcel);
+    RELEASE_IF_FALSE(tokenIdListSize <= TOKENID_LIST_SIZE_MAX, permStateChangeScopeParcel);
+    for (uint32_t i = 0; i < tokenIdListSize; i++) {
+        AccessTokenID tokenID;
+        RELEASE_IF_FALSE(in.ReadUint32(tokenID), permStateChangeScopeParcel);
+        permStateChangeScopeParcel->scope.tokenIDs.emplace_back(tokenID);
+    }
+
+    uint32_t permListSize = 0;
+    RELEASE_IF_FALSE(in.ReadUint32(permListSize), permStateChangeScopeParcel);
+    RELEASE_IF_FALSE(permListSize <= PERM_LIST_SIZE_MAX, permStateChangeScopeParcel);
+    for (uint32_t i = 0; i < permListSize; i++) {
+        std::string permName;
+        RELEASE_IF_FALSE(in.ReadString(permName), permStateChangeScopeParcel);
+        permStateChangeScopeParcel->scope.permList.emplace_back(permName);
+    }
+    return permStateChangeScopeParcel;
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/frameworks/privacy/include/bundle_used_record_parcel.h b/frameworks/privacy/include/bundle_used_record_parcel.h
index ce8e57ded..d94e185e8 100644
--- a/frameworks/privacy/include/bundle_used_record_parcel.h
+++ b/frameworks/privacy/include/bundle_used_record_parcel.h
@@ -13,8 +13,8 @@
  * limitations under the License.
  */
 
-#ifndef BUNDLE_USED_RECORD_PRACEL_H
-#define BUNDLE_USED_RECORD_PRACEL_H
+#ifndef BUNDLE_USED_RECORD_PARCEL_H
+#define BUNDLE_USED_RECORD_PARCEL_H
 
 #include "parcel.h"
 #include "permission_used_result.h"
@@ -37,4 +37,4 @@ struct BundleUsedRecordParcel final : public Parcelable {
 } // namespace Security
 } // namespace OHOS
 
-#endif // BUNDLE_USED_RECORD_PRACEL_H
+#endif // BUNDLE_USED_RECORD_PARCEL_H
diff --git a/frameworks/privacy/include/permission_used_record_parcel.h b/frameworks/privacy/include/permission_used_record_parcel.h
index 9282910c8..c2a24dcce 100644
--- a/frameworks/privacy/include/permission_used_record_parcel.h
+++ b/frameworks/privacy/include/permission_used_record_parcel.h
@@ -13,8 +13,8 @@
  * limitations under the License.
  */
 
-#ifndef PERMISSION_USED_RECORD_PRACEL_H
-#define PERMISSION_USED_RECORD_PRACEL_H
+#ifndef PERMISSION_USED_RECORD_PARCEL_H
+#define PERMISSION_USED_RECORD_PARCEL_H
 
 #include "parcel.h"
 #include "permission_used_result.h"
@@ -37,4 +37,4 @@ struct PermissionUsedRecordParcel final : public Parcelable {
 } // namespace Security
 } // namespace OHOS
 
-#endif // PERMISSION_USED_RECORD_PRACEL_H
+#endif // PERMISSION_USED_RECORD_PARCEL_H
diff --git a/frameworks/privacy/include/permission_used_request_parcel.h b/frameworks/privacy/include/permission_used_request_parcel.h
index 1cf489939..e0146d521 100644
--- a/frameworks/privacy/include/permission_used_request_parcel.h
+++ b/frameworks/privacy/include/permission_used_request_parcel.h
@@ -13,8 +13,8 @@
  * limitations under the License.
  */
 
-#ifndef PERMISSION_USED_REQUEST_PRACEL_H
-#define PERMISSION_USED_REQUEST_PRACEL_H
+#ifndef PERMISSION_USED_REQUEST_PARCEL_H
+#define PERMISSION_USED_REQUEST_PARCEL_H
 
 #include "parcel.h"
 #include "permission_used_request.h"
@@ -37,4 +37,4 @@ struct PermissionUsedRequestParcel final : public Parcelable {
 } // namespace Security
 } // namespace OHOS
 
-#endif // PERMISSION_USED_REQUEST_PRACEL_H
+#endif // PERMISSION_USED_REQUEST_PARCEL_H
diff --git a/frameworks/privacy/include/permission_used_result_parcel.h b/frameworks/privacy/include/permission_used_result_parcel.h
index 5a74e91a6..40e3d01fd 100644
--- a/frameworks/privacy/include/permission_used_result_parcel.h
+++ b/frameworks/privacy/include/permission_used_result_parcel.h
@@ -13,8 +13,8 @@
  * limitations under the License.
  */
 
-#ifndef PERMISSION_USED_RESPONSE_PRACEL_H
-#define PERMISSION_USED_RESPONSE_PRACEL_H
+#ifndef PERMISSION_USED_RESPONSE_PARCEL_H
+#define PERMISSION_USED_RESPONSE_PARCEL_H
 
 #include "parcel.h"
 #include "permission_used_result.h"
@@ -37,4 +37,4 @@ struct PermissionUsedResultParcel final : public Parcelable {
 } // namespace Security
 } // namespace OHOS
 
-#endif // PERMISSION_USED_RESPONSE_PRACEL_H
+#endif // PERMISSION_USED_RESPONSE_PARCEL_H
diff --git a/frameworks/privacy/include/used_record_detail_parcel.h b/frameworks/privacy/include/used_record_detail_parcel.h
index 56410d586..8922fc222 100644
--- a/frameworks/privacy/include/used_record_detail_parcel.h
+++ b/frameworks/privacy/include/used_record_detail_parcel.h
@@ -13,8 +13,8 @@
  * limitations under the License.
  */
 
-#ifndef USED_RECORD_DETAIL_PRACEL_H
-#define USED_RECORD_DETAIL_PRACEL_H
+#ifndef USED_RECORD_DETAIL_PARCEL_H
+#define USED_RECORD_DETAIL_PARCEL_H
 
 #include "parcel.h"
 #include "permission_used_result.h"
@@ -37,4 +37,4 @@ struct UsedRecordDetailParcel final : public Parcelable {
 } // namespace Security
 } // namespace OHOS
 
-#endif // USED_RECORD_DETAIL_PRACEL_H
+#endif // USED_RECORD_DETAIL_PARCEL_H
diff --git a/interfaces/innerkits/accesstoken/BUILD.gn b/interfaces/innerkits/accesstoken/BUILD.gn
index 3a2c1fcd2..c4334ddd2 100644
--- a/interfaces/innerkits/accesstoken/BUILD.gn
+++ b/interfaces/innerkits/accesstoken/BUILD.gn
@@ -42,6 +42,9 @@ if (is_standard_system) {
       "src/accesstoken_kit.cpp",
       "src/accesstoken_manager_client.cpp",
       "src/accesstoken_manager_proxy.cpp",
+      "src/perm_state_callback_customize.cpp",
+      "src/permission_state_change_callback.cpp",
+      "src/permission_state_change_callback_stub.cpp",
     ]
 
     deps = [
diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
index 4ee095db0..ee1b8dd56 100644
--- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
+++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
@@ -21,10 +21,13 @@
 
 #include "access_token.h"
 #include "hap_token_info.h"
+#include "i_permission_state_callback.h"
 #include "native_token_info.h"
 #include "permission_def.h"
 #include "permission_list_state.h"
+#include "permission_state_change_info.h"
 #include "permission_state_full.h"
+#include "perm_state_callback_customize.h"
 
 namespace OHOS {
 namespace Security {
@@ -56,6 +59,9 @@ public:
     static int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag);
     static int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag);
     static int ClearUserGrantedPermissionState(AccessTokenID tokenID);
+    static int32_t RegisterPermStateChangeCallback(
+        const std::shared_ptr<PermStateChangeCbCustomize> &callback);
+    static int32_t UnRegisterPermStateChangeCallback(const std::shared_ptr<PermStateChangeCbCustomize> &callback);
 
 #ifdef TOKEN_SYNC_ENABLE
     static int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync);
diff --git a/interfaces/innerkits/accesstoken/include/i_permission_state_callback.h b/interfaces/innerkits/accesstoken/include/i_permission_state_callback.h
new file mode 100644
index 000000000..508f28c1e
--- /dev/null
+++ b/interfaces/innerkits/accesstoken/include/i_permission_state_callback.h
@@ -0,0 +1,43 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef I_PERMISSION_STATE_CALLBACK_H
+#define I_PERMISSION_STATE_CALLBACK_H
+
+#include <string>
+
+#include "access_token.h"
+#include "errors.h"
+#include "iremote_broker.h"
+#include "permission_state_change_info.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+class IPermissionStateCallback : public IRemoteBroker {
+public:
+    DECLARE_INTERFACE_DESCRIPTOR(u"ohos.security.accesstoken.IPermissionStateCallback");
+
+    virtual void PermStateChangeCallback(PermStateChangeInfo& result) = 0;
+
+    enum {
+        PERMISSION_STATE_CHANGE = 0,
+    };
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+
+#endif // I_PERMISSION_STATE_CALLBACK_H
diff --git a/interfaces/innerkits/accesstoken/include/perm_state_callback_customize.h b/interfaces/innerkits/accesstoken/include/perm_state_callback_customize.h
new file mode 100644
index 000000000..bc1596612
--- /dev/null
+++ b/interfaces/innerkits/accesstoken/include/perm_state_callback_customize.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef INTERFACES_INNER_KITS_PERM_STATE_CALLBACK_CUSTOMIZE_H
+#define INTERFACES_INNER_KITS_PERM_STATE_CALLBACK_CUSTOMIZE_H
+
+#include "permission_state_change_info.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+class PermStateChangeCbCustomize {
+public:
+    PermStateChangeCbCustomize();
+    explicit PermStateChangeCbCustomize(const PermStateChangeScope &subscribeInfo);
+    virtual ~PermStateChangeCbCustomize();
+
+    virtual void PermStateChangeCallback(PermStateChangeInfo& result) = 0;
+
+    void GetScope(PermStateChangeScope &scopeInfo) const;
+
+private:
+    PermStateChangeScope scopeInfo_;
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+
+#endif  // INTERFACES_INNER_KITS_PERM_STATE_CALLBACK_CUSTOMIZE_H
\ No newline at end of file
diff --git a/interfaces/innerkits/accesstoken/include/permission_state_change_info.h b/interfaces/innerkits/accesstoken/include/permission_state_change_info.h
new file mode 100644
index 000000000..d89df024b
--- /dev/null
+++ b/interfaces/innerkits/accesstoken/include/permission_state_change_info.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef INTERFACES_INNER_KITS_PERMISSION_STATE_CHANGE_INFO_H
+#define INTERFACES_INNER_KITS_PERMISSION_STATE_CHANGE_INFO_H
+
+#include <string>
+#include <vector>
+
+#include "access_token.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+#define TOKENID_LIST_SIZE_MAX 1024
+#define PERM_LIST_SIZE_MAX 1024
+
+struct PermStateChangeInfo {
+    int32_t PermStateChangeType;
+    AccessTokenID tokenID;
+    std::string permissionName;
+};
+
+struct PermStateChangeScope {
+    std::vector<AccessTokenID> tokenIDs;
+    std::vector<std::string> permList;
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+
+#endif // INTERFACES_INNER_KITS_PERMISSION_STATE_CHANGE_INFO_H
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
index 8168fcb95..f6c7cb133 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
@@ -22,6 +22,7 @@
 #include "data_validator.h"
 #include "hap_token_info.h"
 #include "permission_def.h"
+#include "perm_state_callback_customize.h"
 
 namespace OHOS {
 namespace Security {
@@ -302,6 +303,20 @@ int AccessTokenKit::ClearUserGrantedPermissionState(AccessTokenID tokenID)
     return AccessTokenManagerClient::GetInstance().ClearUserGrantedPermissionState(tokenID);
 }
 
+int32_t AccessTokenKit::RegisterPermStateChangeCallback(
+    const std::shared_ptr<PermStateChangeCbCustomize> &callback)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "called");
+    return AccessTokenManagerClient::GetInstance().RegisterPermStateChangeCallback(callback);
+}
+
+int32_t AccessTokenKit::UnRegisterPermStateChangeCallback(
+    const std::shared_ptr<PermStateChangeCbCustomize> &callback)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "called");
+    return AccessTokenManagerClient::GetInstance().UnRegisterPermStateChangeCallback(callback);
+}
+
 #ifdef TOKEN_SYNC_ENABLE
 int AccessTokenKit::GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync)
 {
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
index 7f8804433..5c9315a48 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
@@ -22,6 +22,7 @@
 #include "iservice_registry.h"
 #include "native_token_info_for_sync_parcel.h"
 #include "native_token_info.h"
+#include "permission_state_change_callback.h"
 
 namespace OHOS {
 namespace Security {
@@ -31,6 +32,7 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
     LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenManagerClient"
 };
 } // namespace
+static const uint32_t MAX_CALLBACK_MAP_SIZE = 200;
 
 AccessTokenManagerClient& AccessTokenManagerClient::GetInstance()
 {
@@ -195,6 +197,81 @@ int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID toke
     return proxy->ClearUserGrantedPermissionState(tokenID);
 }
 
+int32_t AccessTokenManagerClient::CreatePermStateChangeCallback(
+    const std::shared_ptr<PermStateChangeCbCustomize>& customizedCb, sptr<IRemoteObject>& callbackObject)
+{
+    std::lock_guard<std::mutex> lock(callbackMutex_);
+    auto goalCallback = callbackMap_.find(customizedCb);
+    if (goalCallback != callbackMap_.end()) {
+        callbackObject = goalCallback->second->AsObject();
+        ACCESSTOKEN_LOG_ERROR(LABEL, "already has the same callback");
+        return RET_FAILED;
+    } else {
+        if (callbackMap_.size() == MAX_CALLBACK_MAP_SIZE) {
+            ACCESSTOKEN_LOG_ERROR(LABEL, "the maximum number of callback has been reached");
+            return RET_FAILED;
+        }
+        sptr<PermissionStateCallback> callback = new (std::nothrow) PermissionStateCallback(customizedCb);
+        if (!callback) {
+            ACCESSTOKEN_LOG_ERROR(LABEL, "memory allocation for callback failed!");
+            return RET_FAILED;
+        }
+        callbackObject = callback->AsObject();
+        callbackMap_[customizedCb] = callback;
+    }
+    return RET_SUCCESS;
+}
+
+int32_t AccessTokenManagerClient::RegisterPermStateChangeCallback(
+    const std::shared_ptr<PermStateChangeCbCustomize> &customizedCb)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "called!");
+
+    if (customizedCb == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "customizedCb is nullptr");
+        return RET_FAILED;
+    }
+
+    sptr<IRemoteObject> callbackObject = nullptr;
+    int32_t result = CreatePermStateChangeCallback(customizedCb, callbackObject);
+    if (result != RET_SUCCESS) {
+        return result;
+    }
+    auto proxy = GetProxy();
+    if (proxy == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null");
+        return RET_FAILED;
+    }
+
+    PermStateChangeScopeParcel scopeParcel;
+    customizedCb->GetScope(scopeParcel.scope);
+
+    return proxy->RegisterPermStateChangeCallback(scopeParcel, callbackObject);
+}
+
+int32_t AccessTokenManagerClient::UnRegisterPermStateChangeCallback(
+    const std::shared_ptr<PermStateChangeCbCustomize> &customizedCb)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: called!", __func__);
+
+    std::lock_guard<std::mutex> lock(callbackMutex_);
+    auto goalCallback = callbackMap_.find(customizedCb);
+    if (goalCallback == callbackMap_.end()) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "goalCallback already is not exist");
+        return RET_FAILED;
+    }
+
+    auto proxy = GetProxy();
+    if (proxy == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "proxy is null");
+        return RET_FAILED;
+    }
+
+    int32_t result = proxy->UnRegisterPermStateChangeCallback(goalCallback->second->AsObject());
+    callbackMap_.erase(goalCallback);
+    return result;
+}
+
 AccessTokenIDEx AccessTokenManagerClient::AllocHapToken(const HapInfoParams& info, const HapPolicyParams& policy)
 {
     AccessTokenIDEx res = { 0 };
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
index 82e867de4..963f3c9cf 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
@@ -16,6 +16,7 @@
 #ifndef ACCESSTOKEN_MANAGER_CLIENT_H
 #define ACCESSTOKEN_MANAGER_CLIENT_H
 
+#include <map>
 #include <mutex>
 #include <string>
 #include <vector>
@@ -29,7 +30,9 @@
 #include "native_token_info.h"
 #include "nocopyable.h"
 #include "permission_def.h"
+#include "permission_state_change_callback.h"
 #include "permission_state_full.h"
+#include "perm_state_callback_customize.h"
 
 namespace OHOS {
 namespace Security {
@@ -60,6 +63,10 @@ public:
     int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, const HapPolicyParams& policy);
     int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes);
     int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes);
+    int32_t RegisterPermStateChangeCallback(
+        const std::shared_ptr<PermStateChangeCbCustomize> &customizedCallback);
+    int32_t UnRegisterPermStateChangeCallback(
+        const std::shared_ptr<PermStateChangeCbCustomize> &customizedCb);
 
 #ifdef TOKEN_SYNC_ENABLE
     int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync);
@@ -77,6 +84,8 @@ public:
 
 private:
     AccessTokenManagerClient();
+    int32_t CreatePermStateChangeCallback(
+        const std::shared_ptr<PermStateChangeCbCustomize>& customizedCallback, sptr<IRemoteObject>& callback);
 
     DISALLOW_COPY_AND_MOVE(AccessTokenManagerClient);
     std::mutex proxyMutex_;
@@ -84,6 +93,8 @@ private:
     sptr<AccessTokenDeathRecipient> serviceDeathObserver_ = nullptr;
     void InitProxy();
     sptr<IAccessTokenManager> GetProxy();
+    std::mutex callbackMutex_;
+    std::map<std::shared_ptr<PermStateChangeCbCustomize>, sptr<PermissionStateCallback>> callbackMap_;
 };
 } // namespace AccessToken
 } // namespace Security
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp
index d8fd1e7e8..5c6d98133 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp
@@ -400,6 +400,66 @@ int AccessTokenManagerProxy::ClearUserGrantedPermissionState(AccessTokenID token
     return result;
 }
 
+int32_t AccessTokenManagerProxy::RegisterPermStateChangeCallback(
+    const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback)
+{
+    MessageParcel data;
+    data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
+    if (!data.WriteParcelable(&scope)) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write PermStateChangeScopeParcel.");
+        return RET_FAILED;
+    }
+    if (!data.WriteRemoteObject(callback)) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write remote object.");
+        return RET_FAILED;
+    }
+    MessageParcel reply;
+    MessageOption option(MessageOption::TF_SYNC);
+    sptr<IRemoteObject> remote = Remote();
+    if (remote == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
+        return RET_FAILED;
+    }
+    int32_t requestResult = remote->SendRequest(
+        static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::REGISTER_PERM_STATE_CHANGE_CALLBACK),
+        data, reply, option);
+    if (requestResult != NO_ERROR) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d.", requestResult);
+        return RET_FAILED;
+    }
+
+    int32_t result = reply.ReadInt32();
+    return result;
+}
+
+int32_t AccessTokenManagerProxy::UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback)
+{
+    MessageParcel data;
+    data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
+    if (!data.WriteRemoteObject(callback)) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write remote object.");
+        return RET_FAILED;
+    }
+
+    MessageParcel reply;
+    MessageOption option(MessageOption::TF_SYNC);
+    sptr<IRemoteObject> remote = Remote();
+    if (remote == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
+        return RET_FAILED;
+    }
+    int32_t requestResult = remote->SendRequest(
+        static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::UNREGISTER_PERM_STATE_CHANGE_CALLBACK),
+        data, reply, option);
+    if (requestResult != NO_ERROR) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "request fail, result: %{public}d.", requestResult);
+        return RET_FAILED;
+    }
+
+    int32_t result = reply.ReadInt32();
+    return result;
+}
+
 AccessTokenIDEx AccessTokenManagerProxy::AllocHapToken(
     const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel)
 {
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h
index 9bfbf432f..6177b1c6d 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.h
@@ -61,6 +61,9 @@ public:
         const HapPolicyParcel& policyPar) override;
     int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) override;
     int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) override;
+    int32_t RegisterPermStateChangeCallback(
+        const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback) override;
+    int32_t UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback) override;
 
 #ifdef TOKEN_SYNC_ENABLE
     int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override;
diff --git a/interfaces/innerkits/accesstoken/src/perm_state_callback_customize.cpp b/interfaces/innerkits/accesstoken/src/perm_state_callback_customize.cpp
new file mode 100644
index 000000000..a3cd2d658
--- /dev/null
+++ b/interfaces/innerkits/accesstoken/src/perm_state_callback_customize.cpp
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "perm_state_callback_customize.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+PermStateChangeCbCustomize::PermStateChangeCbCustomize()
+{}
+
+PermStateChangeCbCustomize::PermStateChangeCbCustomize(
+    const PermStateChangeScope &scopeInfo) : scopeInfo_(scopeInfo)
+{}
+
+PermStateChangeCbCustomize::~PermStateChangeCbCustomize()
+{}
+
+void PermStateChangeCbCustomize::GetScope(PermStateChangeScope &scopeInfo) const
+{
+    scopeInfo = scopeInfo_;
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/interfaces/innerkits/accesstoken/src/permission_state_change_callback.cpp b/interfaces/innerkits/accesstoken/src/permission_state_change_callback.cpp
new file mode 100644
index 000000000..170e9446c
--- /dev/null
+++ b/interfaces/innerkits/accesstoken/src/permission_state_change_callback.cpp
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "permission_state_change_callback.h"
+
+#include "access_token.h"
+#include "accesstoken_log.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
+    LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PermissionStateChangeCallback"
+};
+PermissionStateCallback::PermissionStateCallback(
+    const std::shared_ptr<PermStateChangeCbCustomize> &customizedCallback)
+    : customizedCallback_(customizedCallback)
+{}
+
+PermissionStateCallback::~PermissionStateCallback()
+{}
+
+void PermissionStateCallback::PermStateChangeCallback(PermStateChangeInfo& result)
+{
+    if (customizedCallback_ == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "customizedCallback_ is nullptr");
+        return;
+    }
+
+    customizedCallback_->PermStateChangeCallback(result);
+}
+
+void PermissionStateCallback::Stop()
+{}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/interfaces/innerkits/accesstoken/src/permission_state_change_callback.h b/interfaces/innerkits/accesstoken/src/permission_state_change_callback.h
new file mode 100644
index 000000000..a7d43c270
--- /dev/null
+++ b/interfaces/innerkits/accesstoken/src/permission_state_change_callback.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PERMISSION_STATE_CHANGE_CALLBACK_H
+#define PERMISSION_STATE_CHANGE_CALLBACK_H
+
+
+#include "permission_state_change_callback_stub.h"
+#include "perm_state_callback_customize.h"
+
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+class PermissionStateCallback : public PermissionStateCallbackStub {
+public:
+    explicit PermissionStateCallback(const std::shared_ptr<PermStateChangeCbCustomize> &subscriber);
+    ~PermissionStateCallback() override;
+
+    void PermStateChangeCallback(PermStateChangeInfo& result) override;
+
+    void Stop();
+
+private:
+    std::shared_ptr<PermStateChangeCbCustomize> customizedCallback_;
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+#endif // PERMISSION_STATE_CHANGE_CALLBACK_H
diff --git a/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.cpp b/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.cpp
new file mode 100644
index 000000000..7e56edb21
--- /dev/null
+++ b/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.cpp
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "permission_state_change_callback_stub.h"
+
+#include "access_token.h"
+#include "accesstoken_log.h"
+#include "permission_state_change_info_parcel.h"
+#include "string_ex.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
+    LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PermissionStateChangeCallbackStub"
+};
+}
+
+int32_t PermissionStateCallbackStub::OnRemoteRequest(
+    uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option)
+{
+    ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, code: 0x%{public}x", code);
+    std::u16string descriptor = data.ReadInterfaceToken();
+    if (descriptor != IPermissionStateCallback::GetDescriptor()) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "get unexpect descriptor: %{public}s", Str16ToStr8(descriptor).c_str());
+        return RET_FAILED;
+    }
+
+    int32_t msgCode =  static_cast<int32_t>(code);
+    if (msgCode == IPermissionStateCallback::PERMISSION_STATE_CHANGE) {
+        PermStateChangeInfo result;
+        sptr<PermissionStateChangeInfoParcel> resultSptr = data.ReadParcelable<PermissionStateChangeInfoParcel>();
+        if (resultSptr == nullptr) {
+            ACCESSTOKEN_LOG_ERROR(LABEL, "ReadParcelable fail");
+            return RET_FAILED;
+        }
+
+        PermStateChangeCallback(resultSptr->changeInfo);
+    } else {
+        return IPCObjectStub::OnRemoteRequest(code, data, reply, option);
+    }
+    return RET_SUCCESS;
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.h b/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.h
new file mode 100644
index 000000000..3be58ca55
--- /dev/null
+++ b/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.h
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PERMISSION_STATE_CHANGE_CALLBACK_STUB_H
+#define PERMISSION_STATE_CHANGE_CALLBACK_STUB_H
+
+
+#include "i_permission_state_callback.h"
+
+#include "iremote_stub.h"
+#include "nocopyable.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+class PermissionStateCallbackStub : public IRemoteStub<IPermissionStateCallback> {
+public:
+    PermissionStateCallbackStub() = default;
+    virtual ~PermissionStateCallbackStub() = default;
+
+    int32_t OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) override;
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+#endif // PERMISSION_STATE_CHANGE_CALLBACK_STUB_H
diff --git a/interfaces/innerkits/accesstoken/test/BUILD.gn b/interfaces/innerkits/accesstoken/test/BUILD.gn
index 8120ebb50..b99e33ac6 100644
--- a/interfaces/innerkits/accesstoken/test/BUILD.gn
+++ b/interfaces/innerkits/accesstoken/test/BUILD.gn
@@ -42,6 +42,7 @@ ohos_unittest("libaccesstoken_sdk_test") {
   external_deps = [
     "dsoftbus:softbus_client",
     "hiviewdfx_hilog_native:libhilog",
+    "ipc:ipc_core",
   ]
   if (token_sync_enable == true) {
     cflags_cc += [ "-DTOKEN_SYNC_ENABLE" ]
diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
index d0373c59c..4a128ab31 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
@@ -2411,6 +2411,360 @@ HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag003, TestSize.Level1)
     ASSERT_EQ(RET_SUCCESS, res);
 }
 
+class CbCustomizeTest : public PermStateChangeCbCustomize {
+public:
+    explicit CbCustomizeTest(const PermStateChangeScope &scopeInfo)
+        : PermStateChangeCbCustomize(scopeInfo)
+    {
+        GTEST_LOG_(INFO) << "CbCustomizeTest create";
+    }
+
+    ~CbCustomizeTest()
+    {}
+
+    virtual void PermStateChangeCallback(PermStateChangeInfo& result)
+    {
+        ready_ = true;
+        GTEST_LOG_(INFO) << "CbCustomizeTest PermStateChangeCallback";
+        GTEST_LOG_(INFO) << "tokenid" << result.tokenID;
+        GTEST_LOG_(INFO) << "permissionName" << result.permissionName;
+    }
+
+    bool ready_;
+};
+
+/**
+ * @tc.name: RegisterPermStateChangeCallback001
+ * @tc.desc: RegisterPermStateChangeCallback permList
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TD
+ */
+HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback001, TestSize.Level1)
+{
+    PermStateChangeScope scopeInfo;
+    scopeInfo.permList = {"ohos.permission.CAMERA"};
+    scopeInfo.tokenIDs = {};
+    auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
+    callbackPtr->ready_ = false;
+
+    int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
+
+    static PermissionStateFull infoManagerTestStateA = {
+        .permissionName = "ohos.permission.CAMERA",
+        .grantFlags = {1},
+        .grantStatus = {PERMISSION_DENIED},
+        .isGeneral = true,
+        .resDeviceID = {"local"}
+    };
+    static HapPolicyParams infoManagerTestPolicyPrams = {
+        .apl = APL_NORMAL,
+        .domain = "test.domain",
+        .permList = {},
+        .permStateList = {infoManagerTestStateA}
+    };
+
+    AccessTokenIDEx tokenIdEx = {0};
+    AccessTokenID tokenID;
+    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
+
+    tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+    ASSERT_NE(0, tokenID);
+
+    ATokenTypeEnum ret = AccessTokenKit::GetTokenTypeFlag(tokenID);
+    ASSERT_EQ(ret, TOKEN_HAP);
+
+    res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
+    ASSERT_EQ(PERMISSION_DENIED, res);
+
+    res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
+    ASSERT_EQ(PERMISSION_GRANTED, res);
+
+    ASSERT_EQ(true, callbackPtr->ready_);
+
+    callbackPtr->ready_ = false;
+
+    res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.CAMERA", 2);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    ASSERT_EQ(true, callbackPtr->ready_);
+
+    res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    callbackPtr->ready_ = false;
+
+    res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    ASSERT_EQ(false, callbackPtr->ready_);
+
+    callbackPtr->ready_ = false;
+
+    res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.CAMERA", 2);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    ASSERT_EQ(false, callbackPtr->ready_);
+
+    res = AccessTokenKit::DeleteToken(tokenID);
+    ASSERT_EQ(RET_SUCCESS, res);
+}
+
+/**
+ * @tc.name: RegisterPermStateChangeCallback002
+ * @tc.desc: RegisterPermStateChangeCallback permList
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TD
+ */
+HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback002, TestSize.Level1)
+{
+    PermStateChangeScope scopeInfo;
+    scopeInfo.permList = {"ohos.permission.GET_BUNDLE_INFO"};
+    scopeInfo.tokenIDs = {};
+    auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
+    callbackPtr->ready_ = false;
+
+    int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
+
+    static PermissionStateFull infoManagerTestStateA = {
+        .permissionName = "ohos.permission.GET_BUNDLE_INFO",
+        .grantFlags = {1},
+        .grantStatus = {PERMISSION_GRANTED},
+        .isGeneral = true,
+        .resDeviceID = {"local"}
+    };
+    static PermissionStateFull infoManagerTestStateB = {
+        .permissionName = "ohos.permission.CAMERA",
+        .grantFlags = {1},
+        .grantStatus = {PERMISSION_GRANTED},
+        .isGeneral = true,
+        .resDeviceID = {"local"}
+    };
+    static HapPolicyParams infoManagerTestPolicyPrams = {
+        .apl = APL_SYSTEM_BASIC,
+        .domain = "test.domain",
+        .permList = {},
+        .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
+    };
+
+    AccessTokenIDEx tokenIdEx = {0};
+    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
+
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+
+    res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
+    ASSERT_EQ(PERMISSION_GRANTED, res);
+
+    res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    ASSERT_EQ(false, callbackPtr->ready_);
+
+    res = AccessTokenKit::DeleteToken(tokenID);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
+    ASSERT_EQ(RET_SUCCESS, res);
+}
+
+/**
+ * @tc.name: RegisterPermStateChangeCallback003
+ * @tc.desc: RegisterPermStateChangeCallback permList
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TD
+ */
+HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback003, TestSize.Level1)
+{
+    PermStateChangeScope scopeInfo;
+    scopeInfo.permList = {};
+    scopeInfo.tokenIDs = {};
+    auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
+    callbackPtr->ready_ = false;
+
+    int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
+
+    static PermissionStateFull infoManagerTestStateA = {
+        .permissionName = "ohos.permission.GET_BUNDLE_INFO",
+        .grantFlags = {1},
+        .grantStatus = {PERMISSION_DENIED},
+        .isGeneral = true,
+        .resDeviceID = {"local"}
+    };
+    static PermissionStateFull infoManagerTestStateB = {
+        .permissionName = "ohos.permission.CAMERA",
+        .grantFlags = {1},
+        .grantStatus = {PERMISSION_DENIED},
+        .isGeneral = true,
+        .resDeviceID = {"local"}
+    };
+    static HapPolicyParams infoManagerTestPolicyPrams = {
+        .apl = APL_SYSTEM_CORE,
+        .domain = "test.domain",
+        .permList = {},
+        .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
+    };
+
+    AccessTokenIDEx tokenIdEx = {0};
+    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
+
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+
+    callbackPtr->ready_ = false;
+    res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
+    ASSERT_EQ(PERMISSION_DENIED, res);
+    res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
+    ASSERT_EQ(RET_SUCCESS, res);
+    res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
+    ASSERT_EQ(PERMISSION_GRANTED, res);
+    ASSERT_EQ(true, callbackPtr->ready_);
+
+    callbackPtr->ready_ = false;
+    res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.GET_BUNDLE_INFO");
+    ASSERT_EQ(PERMISSION_DENIED, res);
+    res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.GET_BUNDLE_INFO", 2);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    ASSERT_EQ(true, callbackPtr->ready_);
+
+    res = AccessTokenKit::DeleteToken(tokenID);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
+    ASSERT_EQ(RET_SUCCESS, res);
+}
+
+/**
+ * @tc.name: RegisterPermStateChangeCallback004
+ * @tc.desc: RegisterPermStateChangeCallback permList
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TD
+ */
+HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback004, TestSize.Level1)
+{
+    PermStateChangeScope scopeInfo;
+    scopeInfo.permList = {"ohos.permission.GET_BUNDLE_INFO", "ohos.permission.CAMERA"};
+    scopeInfo.tokenIDs = {555555}; // 555555为模拟的tokenid
+    auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
+    callbackPtr->ready_ = false;
+
+    int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
+
+    static PermissionStateFull infoManagerTestStateA = {
+        .permissionName = "ohos.permission.GET_BUNDLE_INFO",
+        .grantFlags = {1},
+        .grantStatus = {PERMISSION_GRANTED},
+        .isGeneral = true,
+        .resDeviceID = {"local"}
+    };
+    static PermissionStateFull infoManagerTestStateB = {
+        .permissionName = "ohos.permission.CAMERA",
+        .grantFlags = {1},
+        .grantStatus = {PERMISSION_GRANTED},
+        .isGeneral = true,
+        .resDeviceID = {"local"}
+    };
+    static HapPolicyParams infoManagerTestPolicyPrams = {
+        .apl = APL_NORMAL,
+        .domain = "test.domain",
+        .permList = {},
+        .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
+    };
+
+    AccessTokenIDEx tokenIdEx = {0};
+    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
+
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+
+    callbackPtr->ready_ = false;
+    res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
+    ASSERT_EQ(PERMISSION_GRANTED, res);
+    res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.CAMERA", 2);
+    ASSERT_EQ(RET_SUCCESS, res);
+    res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
+    ASSERT_EQ(PERMISSION_DENIED, res);
+    ASSERT_EQ(false, callbackPtr->ready_);
+
+    callbackPtr->ready_ = false;
+    res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.GET_BUNDLE_INFO");
+    ASSERT_EQ(PERMISSION_GRANTED, res);
+    res = AccessTokenKit::RevokePermission(tokenID, "ohos.permission.GET_BUNDLE_INFO", 2);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    ASSERT_EQ(false, callbackPtr->ready_);
+
+    res = AccessTokenKit::DeleteToken(tokenID);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
+    ASSERT_EQ(RET_SUCCESS, res);
+}
+
+/**
+ * @tc.name: RegisterPermStateChangeCallback005
+ * @tc.desc: RegisterPermStateChangeCallback permList
+ * @tc.type: FUNC
+ * @tc.require:AR000GK6TD
+ */
+HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback005, TestSize.Level1)
+{
+    static PermissionStateFull infoManagerTestStateA = {
+        .permissionName = "ohos.permission.CAMERA",
+        .grantFlags = {1},
+        .grantStatus = {PERMISSION_DENIED},
+        .isGeneral = true,
+        .resDeviceID = {"local"}
+    };
+    static PermissionStateFull infoManagerTestStateB = {
+        .permissionName = "ohos.permission.GET_BUNDLE_INFO",
+        .grantFlags = {1},
+        .grantStatus = {PERMISSION_GRANTED},
+        .isGeneral = true,
+        .resDeviceID = {"local"}
+    };
+    static HapPolicyParams infoManagerTestPolicyPrams = {
+        .apl = APL_NORMAL,
+        .domain = "test.domain",
+        .permList = {},
+        .permStateList = {infoManagerTestStateA, infoManagerTestStateB}
+    };
+
+    AccessTokenIDEx tokenIdEx = {0};
+    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, infoManagerTestPolicyPrams);
+
+    AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID;
+
+    PermStateChangeScope scopeInfo;
+    scopeInfo.permList = {"ohos.permission.GET_BUNDLE_INFO", "ohos.permission.CAMERA"};
+    scopeInfo.tokenIDs = {tokenID, 0};
+    auto callbackPtr = std::make_shared<CbCustomizeTest>(scopeInfo);
+    callbackPtr->ready_ = false;
+
+    int32_t res = AccessTokenKit::RegisterPermStateChangeCallback(callbackPtr);
+
+    callbackPtr->ready_ = false;
+    res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.CAMERA");
+    ASSERT_EQ(PERMISSION_DENIED, res);
+    res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.CAMERA", 2);
+    ASSERT_EQ(RET_SUCCESS, res);
+    ASSERT_EQ(true, callbackPtr->ready_);
+
+    callbackPtr->ready_ = false;
+    res = AccessTokenKit::VerifyAccessToken(tokenID, "ohos.permission.GET_BUNDLE_INFO");
+    ASSERT_EQ(PERMISSION_GRANTED, res);
+    res = AccessTokenKit::GrantPermission(tokenID, "ohos.permission.GET_BUNDLE_INFO", 2);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    ASSERT_EQ(false, callbackPtr->ready_);
+
+    res = AccessTokenKit::DeleteToken(tokenID);
+    ASSERT_EQ(RET_SUCCESS, res);
+
+    res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
+    ASSERT_EQ(RET_SUCCESS, res);
+}
+
 #ifdef TOKEN_SYNC_ENABLE
 /**
  * @tc.name: SetRemoteHapTokenInfo001
diff --git a/services/accesstokenmanager/BUILD.gn b/services/accesstokenmanager/BUILD.gn
index f4bf54b94..6638788b4 100644
--- a/services/accesstokenmanager/BUILD.gn
+++ b/services/accesstokenmanager/BUILD.gn
@@ -27,6 +27,7 @@ if (is_standard_system) {
     part_name = "access_token"
 
     include_dirs = [
+      "main/cpp/include/callback",
       "main/cpp/include/service",
       "main/cpp/include/token",
       "main/cpp/include/permission",
@@ -45,6 +46,9 @@ if (is_standard_system) {
     ]
 
     sources = [
+      "main/cpp/src/callback/callback_manager.cpp",
+      "main/cpp/src/callback/perm_state_callback_death_recipient.cpp",
+      "main/cpp/src/callback/permission_state_change_callback_proxy.cpp",
       "main/cpp/src/database/data_storage.cpp",
       "main/cpp/src/database/data_translator.cpp",
       "main/cpp/src/database/sqlite_storage.cpp",
diff --git a/services/accesstokenmanager/main/cpp/include/callback/callback_manager.h b/services/accesstokenmanager/main/cpp/include/callback/callback_manager.h
new file mode 100644
index 000000000..8ca6b3f5c
--- /dev/null
+++ b/services/accesstokenmanager/main/cpp/include/callback/callback_manager.h
@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ACCESS_TOKEN_PERMISSION_CALLBACK_MANAGER_H
+#define ACCESS_TOKEN_PERMISSION_CALLBACK_MANAGER_H
+
+#include <mutex>
+#include <vector>
+
+#include "access_token.h"
+#include "accesstoken_log.h"
+#include "i_permission_state_callback.h"
+#include "permission_state_change_info.h"
+#include "permission_state_change_callback_proxy.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+enum PermStateChangeType {
+    REVOKED = 0,
+    GRANTED = 1,
+};
+struct CallbackRecord {
+    CallbackRecord() : scopePtr_(nullptr), callbackObject_(nullptr)
+    {}
+    CallbackRecord(std::shared_ptr<PermStateChangeScope> callbackScopePtr, sptr<IRemoteObject> callback)
+        : scopePtr_(callbackScopePtr), callbackObject_(callback)
+    {}
+
+    std::shared_ptr<PermStateChangeScope> scopePtr_;
+    sptr<IRemoteObject> callbackObject_;
+};
+
+class CallbackManager {
+public:
+    virtual ~CallbackManager();
+    CallbackManager();
+    static CallbackManager& GetInstance();
+
+    int32_t AddCallback(
+        const std::shared_ptr<PermStateChangeScope>& callbackScopePtr, const sptr<IRemoteObject>& callback);
+    int32_t RemoveCallback(const sptr<IRemoteObject>& callback);
+    bool CalledAccordingToTokenIdLlist(const std::vector<AccessTokenID>& tokenIDList, AccessTokenID tokenID);
+    bool CalledAccordingToPermLlist(const std::vector<std::string>& permList, const std::string& permName);
+    void ExcuteCallbackAsync(AccessTokenID tokenID, const std::string& permName, int32_t changeType);
+
+private:
+    std::mutex mutex_;
+    std::vector<CallbackRecord> callbackInfoList_;
+    sptr<IRemoteObject::DeathRecipient> callbackDeathRecipient_;
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+#endif // ACCESS_TOKEN_PERMISSION_CALLBACK_MANAGER_H
diff --git a/services/accesstokenmanager/main/cpp/include/callback/perm_state_callback_death_recipient.h b/services/accesstokenmanager/main/cpp/include/callback/perm_state_callback_death_recipient.h
new file mode 100644
index 000000000..09f131f37
--- /dev/null
+++ b/services/accesstokenmanager/main/cpp/include/callback/perm_state_callback_death_recipient.h
@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PERM_STATE_CALLBACK_DEATH_RECIPIENT_H
+#define PERM_STATE_CALLBACK_DEATH_RECIPIENT_H
+
+
+#include "iremote_object.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+class PermStateCallbackDeathRecipient : public IRemoteObject::DeathRecipient {
+public:
+    PermStateCallbackDeathRecipient() = default;
+    virtual ~PermStateCallbackDeathRecipient() = default;
+
+    virtual void OnRemoteDied(const wptr<IRemoteObject> &remote);
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+#endif // PERM_STATE_CALLBACK_DEATH_RECIPIENT_H
diff --git a/services/accesstokenmanager/main/cpp/include/callback/permission_state_change_callback_proxy.h b/services/accesstokenmanager/main/cpp/include/callback/permission_state_change_callback_proxy.h
new file mode 100644
index 000000000..19598c47e
--- /dev/null
+++ b/services/accesstokenmanager/main/cpp/include/callback/permission_state_change_callback_proxy.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PERMISSION_STATE_CHANGE_CALLBACK_PROXY_H
+#define PERMISSION_STATE_CHANGE_CALLBACK_PROXY_H
+
+
+#include "i_permission_state_callback.h"
+
+#include "iremote_proxy.h"
+#include "nocopyable.h"
+#include "permission_state_change_info.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+class PermissionStateCallbackProxy : public IRemoteProxy<IPermissionStateCallback> {
+public:
+    explicit PermissionStateCallbackProxy(const sptr<IRemoteObject>& impl);
+    ~PermissionStateCallbackProxy() override;
+    virtual void PermStateChangeCallback(PermStateChangeInfo& result) override;
+
+private:
+    static inline BrokerDelegator<PermissionStateCallbackProxy> delegator_;
+};
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
+#endif // PERMISSION_STATE_CHANGE_CALLBACK_PROXY_H
diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h
index aa829f333..db527aecb 100644
--- a/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h
+++ b/services/accesstokenmanager/main/cpp/include/permission/permission_manager.h
@@ -21,8 +21,10 @@
 
 #include "access_token.h"
 #include "hap_token_info_inner.h"
+#include "i_permission_state_callback.h"
 #include "permission_def.h"
 #include "permission_list_state.h"
+#include "permission_state_change_info.h"
 #include "permission_state_full.h"
 
 #include "rwlock.h"
@@ -53,6 +55,10 @@ public:
     void ClearUserGrantedPermissionState(AccessTokenID tokenID);
     void GetSelfPermissionState(
         std::vector<PermissionStateFull> permsList, PermissionListState &permState);
+    int32_t AddPermStateChangeCallback(
+        const PermStateChangeScope& scope, const sptr<IRemoteObject>& callback);
+    int32_t RemovePermStateChangeCallback(const sptr<IRemoteObject>& callback);
+
 private:
     PermissionManager();
     void UpdateTokenPermissionState(
diff --git a/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h
index b90de3968..d18e301a1 100644
--- a/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h
+++ b/services/accesstokenmanager/main/cpp/include/permission/permission_policy_set.h
@@ -45,7 +45,7 @@ public:
     void GetDefPermissions(std::vector<PermissionDef>& permList);
     void GetPermissionStateFulls(std::vector<PermissionStateFull>& permList);
     int QueryPermissionFlag(const std::string& permissionName);
-    void UpdatePermissionStatus(const std::string& permissionName, bool isGranted, uint32_t flag);
+    bool UpdatePermissionStatus(const std::string& permissionName, bool isGranted, uint32_t flag);
     void ToString(std::string& info);
     bool IsPermissionReqValid(int32_t tokenApl, const std::string& permissionName,
         const std::vector<std::string>& nativeAcls);
diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h
index a6bb3c284..ebc754ad1 100644
--- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h
+++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_service.h
@@ -62,6 +62,9 @@ public:
     int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& InfoParcel) override;
     int UpdateHapToken(AccessTokenID tokenID,
         const std::string& appIDDesc, const HapPolicyParcel& policyParcel) override;
+    int32_t RegisterPermStateChangeCallback(
+        const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback) override;
+    int32_t UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback) override;
 
 #ifdef TOKEN_SYNC_ENABLE
     int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSyncParcel& hapSyncParcel) override;
diff --git a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h
index 6bd9a3ec2..cbc45c2be 100644
--- a/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h
+++ b/services/accesstokenmanager/main/cpp/include/service/accesstoken_manager_stub.h
@@ -54,6 +54,8 @@ private:
     void GetHapTokenIDInner(MessageParcel& data, MessageParcel& reply);
     void CheckNativeDCapInner(MessageParcel& data, MessageParcel& reply);
     void GetTokenTypeInner(MessageParcel& data, MessageParcel& reply);
+    void RegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply);
+    void UnRegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply);
 
 #ifdef TOKEN_SYNC_ENABLE
     void GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply);
diff --git a/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp b/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
new file mode 100644
index 000000000..8002741ca
--- /dev/null
+++ b/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
@@ -0,0 +1,166 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "callback_manager.h"
+
+#include <future>
+#include <thread>
+#include <datetime_ex.h>
+
+#include "access_token.h"
+#include "perm_state_callback_death_recipient.h"
+
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "CallbackManager"};
+const time_t MAX_TIMEOUT_SEC = 30;
+}
+
+CallbackManager& CallbackManager::GetInstance()
+{
+    static CallbackManager instance;
+    return instance;
+}
+
+CallbackManager::CallbackManager() : callbackDeathRecipient_(sptr<IRemoteObject::DeathRecipient>(
+    new (std::nothrow) PermStateCallbackDeathRecipient()))
+{
+}
+
+CallbackManager::~CallbackManager()
+{
+}
+
+int32_t CallbackManager::AddCallback(
+    const std::shared_ptr<PermStateChangeScope>& callbackScopePtr, const sptr<IRemoteObject>& callback)
+{
+    if ((callbackScopePtr == nullptr) || (callback == nullptr)) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "input is nullptr");
+        return RET_FAILED;
+    }
+
+    callback->AddDeathRecipient(callbackDeathRecipient_);
+
+    CallbackRecord recordInstance;
+    recordInstance.callbackObject_ = callback;
+    recordInstance.scopePtr_ = callbackScopePtr;
+
+    std::lock_guard<std::mutex> lock(mutex_);
+    callbackInfoList_.emplace_back(recordInstance);
+
+    ACCESSTOKEN_LOG_INFO(LABEL, "recordInstance is added");
+    return RET_SUCCESS;
+}
+
+int32_t CallbackManager::RemoveCallback(const sptr<IRemoteObject>& callback)
+{
+    if (callback == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "callback is nullptr");
+        return RET_FAILED;
+    }
+
+    std::lock_guard<std::mutex> lock(mutex_);
+
+    for (auto it = callbackInfoList_.begin(); it != callbackInfoList_.end(); ++it) {
+        if (callback == (*it).callbackObject_) {
+            ACCESSTOKEN_LOG_INFO(LABEL, "find callback");
+            if (callbackDeathRecipient_ != nullptr) {
+                callback->RemoveDeathRecipient(callbackDeathRecipient_);
+            }
+            (*it).callbackObject_ = nullptr;
+            callbackInfoList_.erase(it);
+            break;
+        }
+    }
+    ACCESSTOKEN_LOG_INFO(LABEL, "callbackInfoList_ %{public}u", (uint32_t)callbackInfoList_.size());
+    return RET_SUCCESS;
+}
+
+
+bool CallbackManager::CalledAccordingToTokenIdLlist(
+    const std::vector<AccessTokenID>& tokenIDList, AccessTokenID tokenID)
+{
+    if (tokenIDList.empty()) {
+        return true;
+    }
+    for (const auto& id : tokenIDList) {
+        if (id == tokenID) {
+            return true;
+        }
+    }
+    return false;
+}
+
+bool CallbackManager::CalledAccordingToPermLlist(const std::vector<std::string>& permList, const std::string& permName)
+{
+    if (permList.empty()) {
+        return true;
+    }
+    for (const auto& perm : permList) {
+        if (perm == permName) {
+            return true;
+        }
+    }
+    return false;
+}
+
+void CallbackManager::ExcuteCallbackAsync(AccessTokenID tokenID, const std::string& permName, int32_t changeType)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "entry");
+
+    auto callbackStart = [&]() {
+        ACCESSTOKEN_LOG_INFO(LABEL, "callbackStart");
+        std::lock_guard<std::mutex> lock(mutex_);
+        for (auto it = callbackInfoList_.begin(); it != callbackInfoList_.end(); ++it) {
+            std::shared_ptr<PermStateChangeScope> scopePtr_ = (*it).scopePtr_;
+            if (scopePtr_ == nullptr) {
+                ACCESSTOKEN_LOG_ERROR(LABEL, "scopePtr_ is nullptr");
+                continue;
+            }
+            if (!CalledAccordingToTokenIdLlist(scopePtr_->tokenIDs, tokenID) ||
+                !CalledAccordingToPermLlist(scopePtr_->permList, permName)) {
+                    ACCESSTOKEN_LOG_INFO(LABEL,
+                        "tokenID is %{public}u, permName is  %{public}s", tokenID, permName.c_str());
+                    continue;
+            }
+            auto callback = iface_cast<IPermissionStateCallback>((*it).callbackObject_);
+            if (callback != nullptr) {
+                ACCESSTOKEN_LOG_INFO(LABEL, "callback excute");
+                PermStateChangeInfo resInfo;
+                resInfo.PermStateChangeType = changeType;
+                resInfo.permissionName = permName;
+                resInfo.tokenID = tokenID;
+                callback->PermStateChangeCallback(resInfo);
+            }
+        }
+    };
+
+    std::packaged_task<void()> callbackTask(callbackStart);
+    std::future<void> fut = callbackTask.get_future();
+    std::make_unique<std::thread>(std::move(callbackTask))->detach();
+
+    ACCESSTOKEN_LOG_DEBUG(LABEL, "Waiting for the callback execution complete...");
+    std::future_status status = fut.wait_for(std::chrono::seconds(MAX_TIMEOUT_SEC));
+    if (status == std::future_status::timeout) {
+        ACCESSTOKEN_LOG_WARN(LABEL, "callbackTask callback execution timeout");
+    }
+    ACCESSTOKEN_LOG_DEBUG(LABEL, "The callback execution is complete");
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/services/accesstokenmanager/main/cpp/src/callback/perm_state_callback_death_recipient.cpp b/services/accesstokenmanager/main/cpp/src/callback/perm_state_callback_death_recipient.cpp
new file mode 100644
index 000000000..83c3d5092
--- /dev/null
+++ b/services/accesstokenmanager/main/cpp/src/callback/perm_state_callback_death_recipient.cpp
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "perm_state_callback_death_recipient.h"
+
+#include "access_token.h"
+#include "callback_manager.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
+    LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PermStateCallbackDeathRecipient"
+};
+}
+void PermStateCallbackDeathRecipient::OnRemoteDied(const wptr<IRemoteObject> &remote)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "enter");
+    if (remote == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "remote object is nullptr");
+        return;
+    }
+
+    sptr<IRemoteObject> object = remote.promote();
+    if (object == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "object is nullptr");
+        return;
+    }
+    CallbackManager::GetInstance().RemoveCallback(object);
+    ACCESSTOKEN_LOG_INFO(LABEL, "end");
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/services/accesstokenmanager/main/cpp/src/callback/permission_state_change_callback_proxy.cpp b/services/accesstokenmanager/main/cpp/src/callback/permission_state_change_callback_proxy.cpp
new file mode 100644
index 000000000..6e963d48d
--- /dev/null
+++ b/services/accesstokenmanager/main/cpp/src/callback/permission_state_change_callback_proxy.cpp
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "permission_state_change_callback_proxy.h"
+
+#include "access_token.h"
+#include "accesstoken_log.h"
+#include "permission_state_change_info_parcel.h"
+
+namespace OHOS {
+namespace Security {
+namespace AccessToken {
+namespace {
+static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
+    LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PermissionStateChangeCallbackProxy"
+};
+}
+
+PermissionStateCallbackProxy::PermissionStateCallbackProxy(const sptr<IRemoteObject>& impl)
+    : IRemoteProxy<IPermissionStateCallback>(impl) {
+}
+
+PermissionStateCallbackProxy::~PermissionStateCallbackProxy()
+{}
+
+void PermissionStateCallbackProxy::PermStateChangeCallback(PermStateChangeInfo& info)
+{
+    MessageParcel data;
+    data.WriteInterfaceToken(IPermissionStateCallback::GetDescriptor());
+
+    PermissionStateChangeInfoParcel resultParcel;
+    resultParcel.changeInfo = info;
+    if (!data.WriteParcelable(&resultParcel)) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to WriteParcelable(result)");
+        return;
+    }
+
+    MessageParcel reply;
+    MessageOption option(MessageOption::TF_SYNC);
+    sptr<IRemoteObject> remote = Remote();
+    if (remote == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "remote service null.");
+        return;
+    }
+    int32_t requestResult = remote->SendRequest(
+        static_cast<uint32_t>(IPermissionStateCallback::PERMISSION_STATE_CHANGE), data, reply, option);
+    if (requestResult != NO_ERROR) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "send request fail, result: %{public}d", requestResult);
+        return;
+    }
+
+    ACCESSTOKEN_LOG_DEBUG(LABEL, "SendRequest success");
+}
+} // namespace AccessToken
+} // namespace Security
+} // namespace OHOS
diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
index 595f386a0..5cfb18260 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/permission_manager.cpp
@@ -18,6 +18,7 @@
 #include "accesstoken_id_manager.h"
 #include "accesstoken_info_manager.h"
 #include "accesstoken_log.h"
+#include "callback_manager.h"
 #ifdef SUPPORT_SANDBOX_APP
 #include "dlp_permission_set_manager.h"
 #endif
@@ -333,7 +334,12 @@ void PermissionManager::UpdateTokenPermissionState(
         }
     }
 #endif
-    permPolicySet->UpdatePermissionStatus(permissionName, isGranted, static_cast<uint32_t>(flag));
+    bool isUpdated = permPolicySet->UpdatePermissionStatus(permissionName, isGranted, static_cast<uint32_t>(flag));
+    if (isUpdated) {
+        ACCESSTOKEN_LOG_INFO(LABEL, "isUpdated");
+        int32_t changeType = isGranted ? GRANTED : REVOKED;
+        CallbackManager::GetInstance().ExcuteCallbackAsync(tokenID, permissionName, changeType);
+    }
 
 #ifdef TOKEN_SYNC_ENABLE
     TokenModifyNotifier::GetInstance().NotifyTokenModify(tokenID);
@@ -382,6 +388,23 @@ void PermissionManager::RevokePermission(AccessTokenID tokenID, const std::strin
     UpdateTokenPermissionState(tokenID, permissionName, false, flag);
 }
 
+int32_t PermissionManager::AddPermStateChangeCallback(
+    const PermStateChangeScope& scope, const sptr<IRemoteObject>& callback)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "called");
+    auto callbackScopePtr = std::make_shared<PermStateChangeScope>(scope);
+    if (callbackScopePtr == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "callbackScopePtr is nullptr");
+    }
+
+    return CallbackManager::GetInstance().AddCallback(callbackScopePtr, callback);
+}
+
+int32_t PermissionManager::RemovePermStateChangeCallback(const sptr<IRemoteObject>& callback)
+{
+    return CallbackManager::GetInstance().RemoveCallback(callback);
+}
+
 void PermissionManager::ClearUserGrantedPermissionState(AccessTokenID tokenID)
 {
     ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, tokenID: %{public}u", __func__, tokenID);
diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp
index f2144a11a..3615a7f0a 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp
@@ -180,21 +180,30 @@ int PermissionPolicySet::QueryPermissionFlag(const std::string& permissionName)
     return PERMISSION_DEFAULT_FLAG;
 }
 
-void PermissionPolicySet::UpdatePermissionStatus(const std::string& permissionName, bool isGranted, uint32_t flag)
+bool PermissionPolicySet::UpdatePermissionStatus(const std::string& permissionName, bool isGranted, uint32_t flag)
 {
+    ACCESSTOKEN_LOG_DEBUG(LABEL, "permissionName %{public}s.", permissionName.c_str());
+    int32_t oldStatus = 1;
+    int32_t newStatus = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED;
     Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->permPolicySetLock_);
     for (auto& perm : permStateList_) {
         if (perm.permissionName == permissionName) {
             if (perm.isGeneral) {
-                perm.grantStatus[0] = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED;
+                oldStatus = perm.grantStatus[0];
+                perm.grantStatus[0] = newStatus;
                 uint32_t currFlag = static_cast<uint32_t>(perm.grantFlags[0]);
                 uint32_t newFlag = flag | (currFlag & PERMISSION_GRANTED_BY_POLICY);
                 perm.grantFlags[0] = static_cast<int32_t>(newFlag);
-            } else {
-                return;
             }
+            ACCESSTOKEN_LOG_DEBUG(LABEL, "oldStatus %{public}d newStatus %{public}d.", oldStatus, newStatus);
+            if (oldStatus == newStatus) {
+                return false;
+            }
+            return true;
         }
     }
+
+    return false;
 }
 
 void PermissionPolicySet::ResetUserGrantPermissionStatus(void)
diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
index 9229bd58f..79027dccc 100644
--- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
+++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_service.cpp
@@ -206,6 +206,19 @@ int AccessTokenManagerService::ClearUserGrantedPermissionState(AccessTokenID tok
     return RET_SUCCESS;
 }
 
+int32_t AccessTokenManagerService::RegisterPermStateChangeCallback(
+    const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "Entry");
+    return PermissionManager::GetInstance().AddPermStateChangeCallback(scope.scope, callback);
+}
+
+int32_t AccessTokenManagerService::UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback)
+{
+    ACCESSTOKEN_LOG_INFO(LABEL, "Entry");
+    return PermissionManager::GetInstance().RemovePermStateChangeCallback(callback);
+}
+
 AccessTokenIDEx AccessTokenManagerService::AllocHapToken(const HapInfoParcel& info, const HapPolicyParcel& policy)
 {
     ACCESSTOKEN_LOG_INFO(LABEL, "called!");
diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
index 8d621da61..655e3b04c 100644
--- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
+++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
@@ -320,6 +320,30 @@ void AccessTokenManagerStub::GetNativeTokenInfoInner(MessageParcel& data, Messag
     reply.WriteInt32(result);
 }
 
+void AccessTokenManagerStub::RegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply)
+{
+    sptr<PermStateChangeScopeParcel> scopeParcel = data.ReadParcelable<PermStateChangeScopeParcel>();
+    if (scopeParcel == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "read scopeParcel fail");
+        reply.WriteInt32(RET_FAILED);
+        return;
+    }
+    sptr<IRemoteObject> callback = data.ReadRemoteObject();
+    int32_t result = this->RegisterPermStateChangeCallback(*scopeParcel, callback);
+    reply.WriteInt32(result);
+}
+void AccessTokenManagerStub::UnRegisterPermStateChangeCallbackInner(MessageParcel& data, MessageParcel& reply)
+{
+    sptr<IRemoteObject> callback = data.ReadRemoteObject();
+    if (callback == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "read scopeParcel fail");
+        reply.WriteInt32(RET_FAILED);
+        return;
+    }
+    int32_t result = this->UnRegisterPermStateChangeCallback(callback);
+    reply.WriteInt32(result);
+}
+
 #ifdef TOKEN_SYNC_ENABLE
 void AccessTokenManagerStub::GetHapTokenInfoFromRemoteInner(MessageParcel& data, MessageParcel& reply)
 {
@@ -528,6 +552,11 @@ AccessTokenManagerStub::AccessTokenManagerStub()
         &AccessTokenManagerStub::DumpTokenInfoInner;
     requestFuncMap_[static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::GET_PERMISSION_OPER_STATE)] =
         &AccessTokenManagerStub::GetSelfPermissionsStateInner;
+
+    requestFuncMap_[static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::REGISTER_PERM_STATE_CHANGE_CALLBACK)] =
+        &AccessTokenManagerStub::RegisterPermStateChangeCallbackInner;
+    requestFuncMap_[static_cast<uint32_t>(IAccessTokenManager::InterfaceCode::UNREGISTER_PERM_STATE_CHANGE_CALLBACK)] =
+        &AccessTokenManagerStub::UnRegisterPermStateChangeCallbackInner;
 }
 
 AccessTokenManagerStub::~AccessTokenManagerStub()
-- 
Gitee


From 1502142d41864789db0dfae0e983cb7ea447f2ee Mon Sep 17 00:00:00 2001
From: lsq <linshuqing2@huawei.com>
Date: Tue, 26 Jul 2022 10:31:06 +0800
Subject: [PATCH 2/2] review

Signed-off-by: lsq <linshuqing2@huawei.com>
Change-Id: Ie9da38ba7c08e6d297c6a37aed95dda97a1631e7
---
 .../include/i_permission_state_callback.h     |    0
 .../permission_state_change_scope_parcel.cpp  |    6 +-
 interfaces/innerkits/accesstoken/BUILD.gn     |    2 +-
 .../include/accesstoken_death_recipient.h     |    2 +-
 .../accesstoken/include/accesstoken_kit.h     |    7 +-
 ...=> perm_state_change_callback_customize.h} |    8 +-
 .../include/permission_state_change_info.h    |    4 +-
 .../src/accesstoken_death_recipient.cpp       |    2 +-
 .../accesstoken/src/accesstoken_kit.cpp       |    6 +-
 .../src/accesstoken_manager_client.cpp        |   21 +-
 .../src/accesstoken_manager_client.h          |   10 +-
 .../src/accesstoken_manager_proxy.cpp         |   22 +-
 ... perm_state_change_callback_customize.cpp} |   10 +-
 .../src/permission_state_change_callback.cpp  |   11 +-
 .../src/permission_state_change_callback.h    |   10 +-
 .../permission_state_change_callback_stub.cpp |    2 +-
 .../permission_state_change_callback_stub.h   |    6 +-
 .../unittest/src/accesstoken_kit_test.cpp     | 1041 +----------------
 .../src/token_sync_manager_client.cpp         |    4 +-
 .../tokensync/src/token_sync_manager_client.h |    4 +-
 .../perm_state_callback_death_recipient.h     |    3 +-
 .../permission_state_change_callback_proxy.h  |    9 +-
 .../cpp/src/callback/callback_manager.cpp     |    1 -
 .../perm_state_callback_death_recipient.cpp   |    3 +-
 ...permission_state_change_callback_proxy.cpp |    6 +-
 .../src/permission/permission_policy_set.cpp  |   19 +-
 .../src/service/accesstoken_manager_stub.cpp  |    7 +-
 .../include/remote/remote_command_executor.h  |   12 +-
 .../include/remote/remote_command_manager.h   |    4 +-
 .../service/token_sync_event_handler.h        |    2 +-
 .../src/remote/remote_command_executor.cpp    |    8 +-
 .../src/remote/remote_command_manager.cpp     |    4 +-
 .../src/service/token_sync_event_handler.cpp  |    2 +-
 33 files changed, 120 insertions(+), 1138 deletions(-)
 rename {interfaces/innerkits => frameworks}/accesstoken/include/i_permission_state_callback.h (100%)
 rename interfaces/innerkits/accesstoken/include/{perm_state_callback_customize.h => perm_state_change_callback_customize.h} (84%)
 rename interfaces/innerkits/accesstoken/src/{perm_state_callback_customize.cpp => perm_state_change_callback_customize.cpp} (71%)

diff --git a/interfaces/innerkits/accesstoken/include/i_permission_state_callback.h b/frameworks/accesstoken/include/i_permission_state_callback.h
similarity index 100%
rename from interfaces/innerkits/accesstoken/include/i_permission_state_callback.h
rename to frameworks/accesstoken/include/i_permission_state_callback.h
diff --git a/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp b/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp
index a3aa4b4fe..7305a31a3 100644
--- a/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp
+++ b/frameworks/accesstoken/src/permission_state_change_scope_parcel.cpp
@@ -22,7 +22,7 @@ namespace AccessToken {
 bool PermStateChangeScopeParcel::Marshalling(Parcel& out) const
 {
     RETURN_IF_FALSE(out.WriteUint32((this->scope.tokenIDs.size())));
-    for (const auto& tokenID : this->scope.tokenIDs) {
+    for (auto& tokenID : this->scope.tokenIDs) {
         RETURN_IF_FALSE(out.WriteUint32(tokenID));
     }
 
@@ -41,7 +41,7 @@ PermStateChangeScopeParcel* PermStateChangeScopeParcel::Unmarshalling(Parcel& in
     }
     uint32_t tokenIdListSize = 0;
     RELEASE_IF_FALSE(in.ReadUint32(tokenIdListSize), permStateChangeScopeParcel);
-    RELEASE_IF_FALSE(tokenIdListSize <= TOKENID_LIST_SIZE_MAX, permStateChangeScopeParcel);
+    RELEASE_IF_FALSE(tokenIdListSize <= TOKENIDS_LIST_SIZE_MAX, permStateChangeScopeParcel);
     for (uint32_t i = 0; i < tokenIdListSize; i++) {
         AccessTokenID tokenID;
         RELEASE_IF_FALSE(in.ReadUint32(tokenID), permStateChangeScopeParcel);
@@ -50,7 +50,7 @@ PermStateChangeScopeParcel* PermStateChangeScopeParcel::Unmarshalling(Parcel& in
 
     uint32_t permListSize = 0;
     RELEASE_IF_FALSE(in.ReadUint32(permListSize), permStateChangeScopeParcel);
-    RELEASE_IF_FALSE(permListSize <= PERM_LIST_SIZE_MAX, permStateChangeScopeParcel);
+    RELEASE_IF_FALSE(permListSize <= PERMS_LIST_SIZE_MAX, permStateChangeScopeParcel);
     for (uint32_t i = 0; i < permListSize; i++) {
         std::string permName;
         RELEASE_IF_FALSE(in.ReadString(permName), permStateChangeScopeParcel);
diff --git a/interfaces/innerkits/accesstoken/BUILD.gn b/interfaces/innerkits/accesstoken/BUILD.gn
index c4334ddd2..482985ca3 100644
--- a/interfaces/innerkits/accesstoken/BUILD.gn
+++ b/interfaces/innerkits/accesstoken/BUILD.gn
@@ -42,7 +42,7 @@ if (is_standard_system) {
       "src/accesstoken_kit.cpp",
       "src/accesstoken_manager_client.cpp",
       "src/accesstoken_manager_proxy.cpp",
-      "src/perm_state_callback_customize.cpp",
+      "src/perm_state_change_callback_customize.cpp",
       "src/permission_state_change_callback.cpp",
       "src/permission_state_change_callback_stub.cpp",
     ]
diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_death_recipient.h b/interfaces/innerkits/accesstoken/include/accesstoken_death_recipient.h
index 974bdb50d..6de93b0df 100644
--- a/interfaces/innerkits/accesstoken/include/accesstoken_death_recipient.h
+++ b/interfaces/innerkits/accesstoken/include/accesstoken_death_recipient.h
@@ -26,7 +26,7 @@ class AccessTokenDeathRecipient : public IRemoteObject::DeathRecipient {
 public:
     AccessTokenDeathRecipient() {}
     virtual ~AccessTokenDeathRecipient() = default;
-    void OnRemoteDied(const wptr<IRemoteObject> &object) override;
+    void OnRemoteDied(const wptr<IRemoteObject>& object) override;
 };
 }  // namespace AccessToken
 } // namespace Security
diff --git a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
index ee1b8dd56..28fecfb4f 100644
--- a/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
+++ b/interfaces/innerkits/accesstoken/include/accesstoken_kit.h
@@ -21,13 +21,12 @@
 
 #include "access_token.h"
 #include "hap_token_info.h"
-#include "i_permission_state_callback.h"
 #include "native_token_info.h"
 #include "permission_def.h"
 #include "permission_list_state.h"
 #include "permission_state_change_info.h"
 #include "permission_state_full.h"
-#include "perm_state_callback_customize.h"
+#include "perm_state_change_callback_customize.h"
 
 namespace OHOS {
 namespace Security {
@@ -60,8 +59,8 @@ public:
     static int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag);
     static int ClearUserGrantedPermissionState(AccessTokenID tokenID);
     static int32_t RegisterPermStateChangeCallback(
-        const std::shared_ptr<PermStateChangeCbCustomize> &callback);
-    static int32_t UnRegisterPermStateChangeCallback(const std::shared_ptr<PermStateChangeCbCustomize> &callback);
+        const std::shared_ptr<PermStateChangeCallbackCustomize>& callback);
+    static int32_t UnRegisterPermStateChangeCallback(const std::shared_ptr<PermStateChangeCallbackCustomize>& callback);
 
 #ifdef TOKEN_SYNC_ENABLE
     static int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync);
diff --git a/interfaces/innerkits/accesstoken/include/perm_state_callback_customize.h b/interfaces/innerkits/accesstoken/include/perm_state_change_callback_customize.h
similarity index 84%
rename from interfaces/innerkits/accesstoken/include/perm_state_callback_customize.h
rename to interfaces/innerkits/accesstoken/include/perm_state_change_callback_customize.h
index bc1596612..8ef8962c3 100644
--- a/interfaces/innerkits/accesstoken/include/perm_state_callback_customize.h
+++ b/interfaces/innerkits/accesstoken/include/perm_state_change_callback_customize.h
@@ -21,11 +21,11 @@
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-class PermStateChangeCbCustomize {
+class PermStateChangeCallbackCustomize {
 public:
-    PermStateChangeCbCustomize();
-    explicit PermStateChangeCbCustomize(const PermStateChangeScope &subscribeInfo);
-    virtual ~PermStateChangeCbCustomize();
+    PermStateChangeCallbackCustomize();
+    explicit PermStateChangeCallbackCustomize(const PermStateChangeScope &scopeInfo);
+    virtual ~PermStateChangeCallbackCustomize();
 
     virtual void PermStateChangeCallback(PermStateChangeInfo& result) = 0;
 
diff --git a/interfaces/innerkits/accesstoken/include/permission_state_change_info.h b/interfaces/innerkits/accesstoken/include/permission_state_change_info.h
index d89df024b..8ccf4df5e 100644
--- a/interfaces/innerkits/accesstoken/include/permission_state_change_info.h
+++ b/interfaces/innerkits/accesstoken/include/permission_state_change_info.h
@@ -24,8 +24,8 @@
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-#define TOKENID_LIST_SIZE_MAX 1024
-#define PERM_LIST_SIZE_MAX 1024
+#define TOKENIDS_LIST_SIZE_MAX 1024
+#define PERMS_LIST_SIZE_MAX 1024
 
 struct PermStateChangeInfo {
     int32_t PermStateChangeType;
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_death_recipient.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_death_recipient.cpp
index d0608aacc..095981870 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_death_recipient.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_death_recipient.cpp
@@ -24,7 +24,7 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
     LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "AccessTokenDeathRecipient"};
 } // namespace
 
-void AccessTokenDeathRecipient::OnRemoteDied(const wptr<IRemoteObject> &object)
+void AccessTokenDeathRecipient::OnRemoteDied(const wptr<IRemoteObject>& object)
 {
     ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__);
     AccessTokenManagerClient::GetInstance().OnRemoteDiedHandle();
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
index f6c7cb133..d123d6632 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp
@@ -22,7 +22,7 @@
 #include "data_validator.h"
 #include "hap_token_info.h"
 #include "permission_def.h"
-#include "perm_state_callback_customize.h"
+#include "perm_state_change_callback_customize.h"
 
 namespace OHOS {
 namespace Security {
@@ -304,14 +304,14 @@ int AccessTokenKit::ClearUserGrantedPermissionState(AccessTokenID tokenID)
 }
 
 int32_t AccessTokenKit::RegisterPermStateChangeCallback(
-    const std::shared_ptr<PermStateChangeCbCustomize> &callback)
+    const std::shared_ptr<PermStateChangeCallbackCustomize>& callback)
 {
     ACCESSTOKEN_LOG_INFO(LABEL, "called");
     return AccessTokenManagerClient::GetInstance().RegisterPermStateChangeCallback(callback);
 }
 
 int32_t AccessTokenKit::UnRegisterPermStateChangeCallback(
-    const std::shared_ptr<PermStateChangeCbCustomize> &callback)
+    const std::shared_ptr<PermStateChangeCallbackCustomize>& callback)
 {
     ACCESSTOKEN_LOG_INFO(LABEL, "called");
     return AccessTokenManagerClient::GetInstance().UnRegisterPermStateChangeCallback(callback);
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
index 5c9315a48..7b6c214e1 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.cpp
@@ -198,20 +198,21 @@ int AccessTokenManagerClient::ClearUserGrantedPermissionState(AccessTokenID toke
 }
 
 int32_t AccessTokenManagerClient::CreatePermStateChangeCallback(
-    const std::shared_ptr<PermStateChangeCbCustomize>& customizedCb, sptr<IRemoteObject>& callbackObject)
+    const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb, sptr<IRemoteObject>& callbackObject)
 {
     std::lock_guard<std::mutex> lock(callbackMutex_);
+    if (callbackMap_.size() == MAX_CALLBACK_MAP_SIZE) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "the maximum number of callback has been reached");
+        return RET_FAILED;
+    }
+
     auto goalCallback = callbackMap_.find(customizedCb);
     if (goalCallback != callbackMap_.end()) {
         callbackObject = goalCallback->second->AsObject();
         ACCESSTOKEN_LOG_ERROR(LABEL, "already has the same callback");
         return RET_FAILED;
     } else {
-        if (callbackMap_.size() == MAX_CALLBACK_MAP_SIZE) {
-            ACCESSTOKEN_LOG_ERROR(LABEL, "the maximum number of callback has been reached");
-            return RET_FAILED;
-        }
-        sptr<PermissionStateCallback> callback = new (std::nothrow) PermissionStateCallback(customizedCb);
+        sptr<PermissionStateChangeCallback> callback = new (std::nothrow) PermissionStateChangeCallback(customizedCb);
         if (!callback) {
             ACCESSTOKEN_LOG_ERROR(LABEL, "memory allocation for callback failed!");
             return RET_FAILED;
@@ -223,7 +224,7 @@ int32_t AccessTokenManagerClient::CreatePermStateChangeCallback(
 }
 
 int32_t AccessTokenManagerClient::RegisterPermStateChangeCallback(
-    const std::shared_ptr<PermStateChangeCbCustomize> &customizedCb)
+    const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb)
 {
     ACCESSTOKEN_LOG_INFO(LABEL, "called!");
 
@@ -250,7 +251,7 @@ int32_t AccessTokenManagerClient::RegisterPermStateChangeCallback(
 }
 
 int32_t AccessTokenManagerClient::UnRegisterPermStateChangeCallback(
-    const std::shared_ptr<PermStateChangeCbCustomize> &customizedCb)
+    const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb)
 {
     ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s: called!", __func__);
 
@@ -268,7 +269,9 @@ int32_t AccessTokenManagerClient::UnRegisterPermStateChangeCallback(
     }
 
     int32_t result = proxy->UnRegisterPermStateChangeCallback(goalCallback->second->AsObject());
-    callbackMap_.erase(goalCallback);
+    if (result == RET_SUCCESS) {
+        callbackMap_.erase(goalCallback);
+    }
     return result;
 }
 
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
index 963f3c9cf..f2ef276ae 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_client.h
@@ -32,7 +32,7 @@
 #include "permission_def.h"
 #include "permission_state_change_callback.h"
 #include "permission_state_full.h"
-#include "perm_state_callback_customize.h"
+#include "perm_state_change_callback_customize.h"
 
 namespace OHOS {
 namespace Security {
@@ -64,9 +64,9 @@ public:
     int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfo& hapTokenInfoRes);
     int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo& nativeTokenInfoRes);
     int32_t RegisterPermStateChangeCallback(
-        const std::shared_ptr<PermStateChangeCbCustomize> &customizedCallback);
+        const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCallback);
     int32_t UnRegisterPermStateChangeCallback(
-        const std::shared_ptr<PermStateChangeCbCustomize> &customizedCb);
+        const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCb);
 
 #ifdef TOKEN_SYNC_ENABLE
     int GetHapTokenInfoFromRemote(AccessTokenID tokenID, HapTokenInfoForSync& hapSync);
@@ -85,7 +85,7 @@ public:
 private:
     AccessTokenManagerClient();
     int32_t CreatePermStateChangeCallback(
-        const std::shared_ptr<PermStateChangeCbCustomize>& customizedCallback, sptr<IRemoteObject>& callback);
+        const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCallback, sptr<IRemoteObject>& callback);
 
     DISALLOW_COPY_AND_MOVE(AccessTokenManagerClient);
     std::mutex proxyMutex_;
@@ -94,7 +94,7 @@ private:
     void InitProxy();
     sptr<IAccessTokenManager> GetProxy();
     std::mutex callbackMutex_;
-    std::map<std::shared_ptr<PermStateChangeCbCustomize>, sptr<PermissionStateCallback>> callbackMap_;
+    std::map<std::shared_ptr<PermStateChangeCallbackCustomize>, sptr<PermissionStateChangeCallback>> callbackMap_;
 };
 } // namespace AccessToken
 } // namespace Security
diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp
index 5c6d98133..0b5b01b17 100644
--- a/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp
+++ b/interfaces/innerkits/accesstoken/src/accesstoken_manager_proxy.cpp
@@ -404,7 +404,10 @@ int32_t AccessTokenManagerProxy::RegisterPermStateChangeCallback(
     const PermStateChangeScopeParcel& scope, const sptr<IRemoteObject>& callback)
 {
     MessageParcel data;
-    data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
+    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
+        return RET_FAILED;
+    }
     if (!data.WriteParcelable(&scope)) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write PermStateChangeScopeParcel.");
         return RET_FAILED;
@@ -428,14 +431,21 @@ int32_t AccessTokenManagerProxy::RegisterPermStateChangeCallback(
         return RET_FAILED;
     }
 
-    int32_t result = reply.ReadInt32();
+    int32_t result;
+    if (!reply.ReadInt32(result)) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "ReadInt32 fail");
+        return RET_FAILED;
+    }
     return result;
 }
 
 int32_t AccessTokenManagerProxy::UnRegisterPermStateChangeCallback(const sptr<IRemoteObject>& callback)
 {
     MessageParcel data;
-    data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor());
+    if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write WriteInterfaceToken.");
+        return RET_FAILED;
+    }
     if (!data.WriteRemoteObject(callback)) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "Failed to write remote object.");
         return RET_FAILED;
@@ -456,7 +466,11 @@ int32_t AccessTokenManagerProxy::UnRegisterPermStateChangeCallback(const sptr<IR
         return RET_FAILED;
     }
 
-    int32_t result = reply.ReadInt32();
+    int32_t result;
+    if (!reply.ReadInt32(result)) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "ReadInt32 fail");
+        return RET_FAILED;
+    }
     return result;
 }
 
diff --git a/interfaces/innerkits/accesstoken/src/perm_state_callback_customize.cpp b/interfaces/innerkits/accesstoken/src/perm_state_change_callback_customize.cpp
similarity index 71%
rename from interfaces/innerkits/accesstoken/src/perm_state_callback_customize.cpp
rename to interfaces/innerkits/accesstoken/src/perm_state_change_callback_customize.cpp
index a3cd2d658..b0962ab6e 100644
--- a/interfaces/innerkits/accesstoken/src/perm_state_callback_customize.cpp
+++ b/interfaces/innerkits/accesstoken/src/perm_state_change_callback_customize.cpp
@@ -13,22 +13,22 @@
  * limitations under the License.
  */
 
-#include "perm_state_callback_customize.h"
+#include "perm_state_change_callback_customize.h"
 
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-PermStateChangeCbCustomize::PermStateChangeCbCustomize()
+PermStateChangeCallbackCustomize::PermStateChangeCallbackCustomize()
 {}
 
-PermStateChangeCbCustomize::PermStateChangeCbCustomize(
+PermStateChangeCallbackCustomize::PermStateChangeCallbackCustomize(
     const PermStateChangeScope &scopeInfo) : scopeInfo_(scopeInfo)
 {}
 
-PermStateChangeCbCustomize::~PermStateChangeCbCustomize()
+PermStateChangeCallbackCustomize::~PermStateChangeCallbackCustomize()
 {}
 
-void PermStateChangeCbCustomize::GetScope(PermStateChangeScope &scopeInfo) const
+void PermStateChangeCallbackCustomize::GetScope(PermStateChangeScope &scopeInfo) const
 {
     scopeInfo = scopeInfo_;
 }
diff --git a/interfaces/innerkits/accesstoken/src/permission_state_change_callback.cpp b/interfaces/innerkits/accesstoken/src/permission_state_change_callback.cpp
index 170e9446c..e29a46ebe 100644
--- a/interfaces/innerkits/accesstoken/src/permission_state_change_callback.cpp
+++ b/interfaces/innerkits/accesstoken/src/permission_state_change_callback.cpp
@@ -24,15 +24,16 @@ namespace AccessToken {
 static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
     LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PermissionStateChangeCallback"
 };
-PermissionStateCallback::PermissionStateCallback(
-    const std::shared_ptr<PermStateChangeCbCustomize> &customizedCallback)
+
+PermissionStateChangeCallback::PermissionStateChangeCallback(
+    const std::shared_ptr<PermStateChangeCallbackCustomize>& customizedCallback)
     : customizedCallback_(customizedCallback)
 {}
 
-PermissionStateCallback::~PermissionStateCallback()
+PermissionStateChangeCallback::~PermissionStateChangeCallback()
 {}
 
-void PermissionStateCallback::PermStateChangeCallback(PermStateChangeInfo& result)
+void PermissionStateChangeCallback::PermStateChangeCallback(PermStateChangeInfo& result)
 {
     if (customizedCallback_ == nullptr) {
         ACCESSTOKEN_LOG_ERROR(LABEL, "customizedCallback_ is nullptr");
@@ -42,7 +43,7 @@ void PermissionStateCallback::PermStateChangeCallback(PermStateChangeInfo& resul
     customizedCallback_->PermStateChangeCallback(result);
 }
 
-void PermissionStateCallback::Stop()
+void PermissionStateChangeCallback::Stop()
 {}
 } // namespace AccessToken
 } // namespace Security
diff --git a/interfaces/innerkits/accesstoken/src/permission_state_change_callback.h b/interfaces/innerkits/accesstoken/src/permission_state_change_callback.h
index a7d43c270..8ee416fad 100644
--- a/interfaces/innerkits/accesstoken/src/permission_state_change_callback.h
+++ b/interfaces/innerkits/accesstoken/src/permission_state_change_callback.h
@@ -18,23 +18,23 @@
 
 
 #include "permission_state_change_callback_stub.h"
-#include "perm_state_callback_customize.h"
+#include "perm_state_change_callback_customize.h"
 
 
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-class PermissionStateCallback : public PermissionStateCallbackStub {
+class PermissionStateChangeCallback : public PermissionStateChangeCallbackStub {
 public:
-    explicit PermissionStateCallback(const std::shared_ptr<PermStateChangeCbCustomize> &subscriber);
-    ~PermissionStateCallback() override;
+    explicit PermissionStateChangeCallback(const std::shared_ptr<PermStateChangeCallbackCustomize>& scope);
+    ~PermissionStateChangeCallback() override;
 
     void PermStateChangeCallback(PermStateChangeInfo& result) override;
 
     void Stop();
 
 private:
-    std::shared_ptr<PermStateChangeCbCustomize> customizedCallback_;
+    std::shared_ptr<PermStateChangeCallbackCustomize> customizedCallback_;
 };
 } // namespace AccessToken
 } // namespace Security
diff --git a/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.cpp b/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.cpp
index 7e56edb21..b7e1dfae3 100644
--- a/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.cpp
+++ b/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.cpp
@@ -29,7 +29,7 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
 };
 }
 
-int32_t PermissionStateCallbackStub::OnRemoteRequest(
+int32_t PermissionStateChangeCallbackStub::OnRemoteRequest(
     uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option)
 {
     ACCESSTOKEN_LOG_DEBUG(LABEL, "Entry, code: 0x%{public}x", code);
diff --git a/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.h b/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.h
index 3be58ca55..f29bca911 100644
--- a/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.h
+++ b/interfaces/innerkits/accesstoken/src/permission_state_change_callback_stub.h
@@ -25,10 +25,10 @@
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-class PermissionStateCallbackStub : public IRemoteStub<IPermissionStateCallback> {
+class PermissionStateChangeCallbackStub : public IRemoteStub<IPermissionStateCallback> {
 public:
-    PermissionStateCallbackStub() = default;
-    virtual ~PermissionStateCallbackStub() = default;
+    PermissionStateChangeCallbackStub() = default;
+    virtual ~PermissionStateChangeCallbackStub() = default;
 
     int32_t OnRemoteRequest(uint32_t code, MessageParcel& data, MessageParcel& reply, MessageOption& option) override;
 };
diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
index 4a128ab31..4cbfd6485 100644
--- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
+++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp
@@ -263,16 +263,6 @@ void AccessTokenKitTest::SetUp()
     AccessTokenKit::DeleteToken(tokenID);
     (void)remove("/data/token.json");
 
-    NodeBasicInfo deviceInfo;
-    int32_t res = ::GetLocalNodeDeviceInfo(TEST_PKG_NAME.c_str(), &deviceInfo);
-    ASSERT_EQ(res, RET_SUCCESS);
-    char udid[128] = {0}; // 128 is udid length
-    ::GetNodeKeyInfo(TEST_PKG_NAME.c_str(), deviceInfo.networkId,
-        NodeDeviceInfoKey::NODE_KEY_UDID, (uint8_t *)udid, 128); // 128 is udid length
-
-    udid_.append(udid);
-    networkId_.append(deviceInfo.networkId);
-
     ACCESSTOKEN_LOG_INFO(LABEL, "SetUp ok.");
 }
 
@@ -281,8 +271,6 @@ void AccessTokenKitTest::TearDown()
     AccessTokenID tokenID = GetAccessTokenID(TEST_USER_ID, TEST_BUNDLE_NAME, 0);
     AccessTokenKit::DeleteToken(tokenID);
     SetSelfTokenID(selfTokenId_);
-    udid_.clear();
-    networkId_.clear();
 }
 
 unsigned int AccessTokenKitTest::GetAccessTokenID(int userID, std::string bundleName, int instIndex)
@@ -2411,10 +2399,10 @@ HWTEST_F(AccessTokenKitTest, GetTokenTypeFlag003, TestSize.Level1)
     ASSERT_EQ(RET_SUCCESS, res);
 }
 
-class CbCustomizeTest : public PermStateChangeCbCustomize {
+class CbCustomizeTest : public PermStateChangeCallbackCustomize {
 public:
     explicit CbCustomizeTest(const PermStateChangeScope &scopeInfo)
-        : PermStateChangeCbCustomize(scopeInfo)
+        : PermStateChangeCallbackCustomize(scopeInfo)
     {
         GTEST_LOG_(INFO) << "CbCustomizeTest create";
     }
@@ -2764,1028 +2752,3 @@ HWTEST_F(AccessTokenKitTest, RegisterPermStateChangeCallback005, TestSize.Level1
     res = AccessTokenKit::UnRegisterPermStateChangeCallback(callbackPtr);
     ASSERT_EQ(RET_SUCCESS, res);
 }
-
-#ifdef TOKEN_SYNC_ENABLE
-/**
- * @tc.name: SetRemoteHapTokenInfo001
- * @tc.desc: set remote hap token info success
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5
- */
-HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo001, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo001 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = deviceID,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    // Get local map token ID
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-
-    // check local map token
-    HapTokenInfo resultInfo;
-    ret = AccessTokenKit::GetHapTokenInfo(mapID, resultInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-    ASSERT_EQ(resultInfo.apl, remoteTokenInfo.baseInfo.apl);
-    ASSERT_EQ(resultInfo.ver, remoteTokenInfo.baseInfo.ver);
-    ASSERT_EQ(resultInfo.userID, remoteTokenInfo.baseInfo.userID);
-    ASSERT_EQ(resultInfo.bundleName, remoteTokenInfo.baseInfo.bundleName);
-    ASSERT_EQ(resultInfo.instIndex, remoteTokenInfo.baseInfo.instIndex);
-    ASSERT_EQ(resultInfo.appID, remoteTokenInfo.baseInfo.appID);
-    ASSERT_EQ(resultInfo.deviceID, remoteTokenInfo.baseInfo.deviceID);
-    ASSERT_NE(resultInfo.tokenID, remoteTokenInfo.baseInfo.tokenID); // tokenID already is map tokenID
-    ASSERT_EQ(resultInfo.tokenAttr, remoteTokenInfo.baseInfo.tokenAttr);
-
-    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
-    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
-
-    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    ASSERT_EQ(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: SetRemoteHapTokenInfo002
- * @tc.desc: set remote hap token info, token info is wrong
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5
- */
-HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo002, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo002 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo rightBaseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    HapTokenInfo wrongBaseInfo = rightBaseInfo;
-    wrongBaseInfo.apl = (ATokenAplEnum)11; // wrong apl
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = wrongBaseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_NE(ret, RET_SUCCESS);
-
-    std::string wrongStr(10241, 'x');
-
-    wrongBaseInfo = rightBaseInfo;
-    wrongBaseInfo.appID = wrongStr; // wrong appID
-    remoteTokenInfo.baseInfo = wrongBaseInfo;
-    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_NE(ret, RET_SUCCESS);
-
-    wrongBaseInfo = rightBaseInfo;
-    wrongBaseInfo.bundleName = wrongStr; // wrong bundleName
-    remoteTokenInfo.baseInfo = wrongBaseInfo;
-    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_NE(ret, RET_SUCCESS);
-
-    wrongBaseInfo = rightBaseInfo;
-    wrongBaseInfo.deviceID = wrongStr; // wrong deviceID
-    remoteTokenInfo.baseInfo = wrongBaseInfo;
-    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_NE(ret, RET_SUCCESS);
-
-    wrongBaseInfo = rightBaseInfo;
-    wrongBaseInfo.tokenID = 0; // wrong tokenID
-    remoteTokenInfo.baseInfo = wrongBaseInfo;
-    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_NE(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: SetRemoteHapTokenInfo003
- * @tc.desc: set remote hap token wrong permission grant
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5
- */
-HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo003, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo003 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {11}, // wrong flags
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    // Get local map token ID
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-
-    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
-    ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
-
-    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    ASSERT_EQ(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: SetRemoteHapTokenInfo004
- * @tc.desc: update remote hap token when remote exist
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5
- */
-HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo004, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo004 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
-        .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    // Get local map token ID
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-
-    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
-    ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
-
-    remoteTokenInfo.permStateList[0].grantStatus[0] = PermissionState::PERMISSION_GRANTED; // second granted
-    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
-    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
-
-    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    ASSERT_EQ(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: SetRemoteHapTokenInfo005
- * @tc.desc: add remote hap token, it can not grant by GrantPermission
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5
- */
-HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo005, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo005 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
-        .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    // Get local map token ID
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-
-    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
-    ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
-
-    ret = AccessTokenKit::GrantPermission(mapID, "ohos.permission.test1", PermissionFlag::PERMISSION_SYSTEM_FIXED);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
-    ASSERT_EQ(ret, PermissionState::PERMISSION_DENIED);
-
-    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    ASSERT_EQ(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: SetRemoteHapTokenInfo006
- * @tc.desc: add remote hap token, it can not revoke by RevokePermission
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5
- */
-HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo006, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo006 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED}, // first grant
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    // Get local map token ID
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-
-    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
-    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
-
-    ret = AccessTokenKit::RevokePermission(mapID, "ohos.permission.test1", PermissionFlag::PERMISSION_SYSTEM_FIXED);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
-    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
-
-    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    ASSERT_EQ(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: SetRemoteHapTokenInfo007
- * @tc.desc: add remote hap token, it can not delete by DeleteToken
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5
- */
-HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo007, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo007 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
-        .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    // Get local map token ID
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-
-    ret = AccessTokenKit::DeleteToken(mapID);
-    ASSERT_EQ(ret, RET_FAILED);
-
-    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    ASSERT_EQ(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: SetRemoteHapTokenInfo008
- * @tc.desc: add remote hap token, it can not update by UpdateHapToken
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5
- */
-HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo008, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo008 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_SYSTEM_FIXED},
-        .grantStatus = {PermissionState::PERMISSION_DENIED}, // first denied
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    // Get local map token ID
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-
-    HapPolicyParams policy;
-
-    ret = AccessTokenKit::UpdateHapToken(mapID, "updateFailed", policy);
-    ASSERT_EQ(ret, RET_FAILED);
-
-    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    ASSERT_EQ(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: SetRemoteHapTokenInfo009
- * @tc.desc: add remote hap token, it can not clear by ClearUserGrantedPermissionState
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5
- */
-HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo009, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo009 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    // Get local map token ID
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-
-    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
-    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
-
-    ret = AccessTokenKit::ClearUserGrantedPermissionState(mapID);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    ret = AccessTokenKit::VerifyAccessToken(mapID, "ohos.permission.test1");
-    ASSERT_EQ(ret, PermissionState::PERMISSION_GRANTED);
-
-    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    ASSERT_EQ(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: SetRemoteHapTokenInfo010
- * @tc.desc: tokenID is not hap token
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5
- */
-HWTEST_F(AccessTokenKitTest, SetRemoteHapTokenInfo010, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteHapTokenInfo009 start.");
-    std::string deviceID = udid_;
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x28100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_NE(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: DeleteRemoteDeviceToken001
- * @tc.desc: delete exist device mapping tokenId
- * @tc.type: FUNC
- * @tc.require:AR000GK6TA
- */
-HWTEST_F(AccessTokenKitTest, DeleteRemoteDeviceToken001, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens001 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = deviceID,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-
-    HapTokenInfo info;
-    ret = AccessTokenKit::GetHapTokenInfo(mapID, info);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    ret = AccessTokenKit::GetHapTokenInfo(mapID, info);
-    ASSERT_NE(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: DeleteRemoteDeviceToken002
- * @tc.desc: delete exist device mapping tokenId
- * @tc.type: FUNC
- * @tc.require:AR000GK6TA
- */
-HWTEST_F(AccessTokenKitTest, DeleteRemoteDeviceToken002, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens001 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = deviceID,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-
-    HapTokenInfo info;
-    ret = AccessTokenKit::GetHapTokenInfo(mapID, info);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0);
-    ASSERT_NE(ret, RET_SUCCESS);
-
-    // deviceID is wrong
-    std::string wrongStr(10241, 'x');
-    deviceID = wrongStr;
-    ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    ASSERT_NE(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: DeleteRemoteDeviceToken003
- * @tc.desc: delete exist device mapping tokenId
- * @tc.type: FUNC
- * @tc.require:AR000GK6TA
- */
-HWTEST_F(AccessTokenKitTest, DeleteRemoteDeviceToken003, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceToken003 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-
-    int ret = AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    ASSERT_NE(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: DeleteRemoteDeviceTokens001
- * @tc.desc: delete all mapping tokens of exist device
- * @tc.type: FUNC
- * @tc.require:AR000GK6TA
- */
-HWTEST_F(AccessTokenKitTest, DeleteRemoteDeviceTokens001, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens001 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100001);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    HapTokenInfoForSync remoteTokenInfo1 = remoteTokenInfo;
-    remoteTokenInfo1.baseInfo.tokenID = 0x20100001;
-    remoteTokenInfo1.baseInfo.bundleName = "com.ohos.access_token1";
-    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo1);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-    AccessTokenID mapID1 = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100001);
-    ASSERT_NE(mapID1, 0);
-
-    ret = AccessTokenKit::DeleteRemoteDeviceTokens(deviceID);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    HapTokenInfo info;
-    ret = AccessTokenKit::GetHapTokenInfo(mapID, info);
-    ASSERT_NE(ret, RET_SUCCESS);
-    ret = AccessTokenKit::GetHapTokenInfo(mapID1, info);
-    ASSERT_NE(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: DeleteRemoteDeviceTokens002
- * @tc.desc: delete all mapping tokens of NOT exist device
- * @tc.type: FUNC
- * @tc.require:AR000GK6TA
- */
-HWTEST_F(AccessTokenKitTest, DeleteRemoteDeviceTokens002, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "DeleteRemoteDeviceTokens002 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100001);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    HapTokenInfoForSync remoteTokenInfo1 = remoteTokenInfo;
-    remoteTokenInfo1.baseInfo.tokenID = 0x20100001;
-    remoteTokenInfo1.baseInfo.bundleName = "com.ohos.access_token1";
-    ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo1);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-    AccessTokenID mapID1 = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100001);
-    ASSERT_NE(mapID1, 0);
-
-    ret = AccessTokenKit::DeleteRemoteDeviceTokens("1111111");
-    ASSERT_NE(ret, RET_SUCCESS);
-
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100001);
-}
-
-/**
- * @tc.name: GetHapTokenInfoFromRemote001
- * @tc.desc: get normal local tokenInfo
- * @tc.type: FUNC
- * @tc.require:AR000GK6TA
- */
-HWTEST_F(AccessTokenKitTest, GetHapTokenInfoFromRemote001, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "GetHapTokenInfoFromRemote001 start.");
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams);
-    AccessTokenID localTokenID = tokenIdEx.tokenIdExStruct.tokenID;
-
-    HapTokenInfoForSync infoSync;
-    int ret = AccessTokenKit::GetHapTokenInfoFromRemote(localTokenID, infoSync);
-    ASSERT_EQ(ret, RET_SUCCESS);
-    ASSERT_EQ(infoSync.baseInfo.apl, g_infoManagerTestPolicyPrams.apl);
-    ASSERT_EQ(infoSync.permStateList.size(), 2);
-    ASSERT_EQ(infoSync.permStateList[1].grantFlags.size(), 2);
-
-    ASSERT_EQ(infoSync.permStateList[0].permissionName, g_infoManagerTestPolicyPrams.permStateList[0].permissionName);
-    ASSERT_EQ(infoSync.permStateList[0].grantFlags[0], g_infoManagerTestPolicyPrams.permStateList[0].grantFlags[0]);
-    ASSERT_EQ(infoSync.permStateList[0].grantStatus[0], g_infoManagerTestPolicyPrams.permStateList[0].grantStatus[0]);
-    ASSERT_EQ(infoSync.permStateList[0].resDeviceID[0], g_infoManagerTestPolicyPrams.permStateList[0].resDeviceID[0]);
-    ASSERT_EQ(infoSync.permStateList[0].isGeneral, g_infoManagerTestPolicyPrams.permStateList[0].isGeneral);
-
-    ASSERT_EQ(infoSync.permStateList[1].permissionName, g_infoManagerTestPolicyPrams.permStateList[1].permissionName);
-    ASSERT_EQ(infoSync.permStateList[1].grantFlags[0], g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[0]);
-    ASSERT_EQ(infoSync.permStateList[1].grantStatus[0], g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[0]);
-    ASSERT_EQ(infoSync.permStateList[1].resDeviceID[0], g_infoManagerTestPolicyPrams.permStateList[1].resDeviceID[0]);
-    ASSERT_EQ(infoSync.permStateList[1].isGeneral, g_infoManagerTestPolicyPrams.permStateList[1].isGeneral);
-
-    ASSERT_EQ(infoSync.permStateList[1].grantFlags[1], g_infoManagerTestPolicyPrams.permStateList[1].grantFlags[1]);
-    ASSERT_EQ(infoSync.permStateList[1].grantStatus[1], g_infoManagerTestPolicyPrams.permStateList[1].grantStatus[1]);
-    ASSERT_EQ(infoSync.permStateList[1].resDeviceID[1], g_infoManagerTestPolicyPrams.permStateList[1].resDeviceID[1]);
-
-    ASSERT_EQ(infoSync.baseInfo.bundleName, g_infoManagerTestInfoParms.bundleName);
-    ASSERT_EQ(infoSync.baseInfo.userID, g_infoManagerTestInfoParms.userID);
-    ASSERT_EQ(infoSync.baseInfo.instIndex, g_infoManagerTestInfoParms.instIndex);
-    ASSERT_EQ(infoSync.baseInfo.appID, g_infoManagerTestInfoParms.appIDDesc);
-    ASSERT_EQ(infoSync.baseInfo.ver, 1);
-    ASSERT_EQ(infoSync.baseInfo.tokenID, localTokenID);
-    ASSERT_EQ(infoSync.baseInfo.tokenAttr, 0);
-
-    AccessTokenKit::DeleteToken(localTokenID);
-}
-
-/**
- * @tc.name: GetHapTokenInfoFromRemote002
- * @tc.desc: get remote mapping tokenInfo
- * @tc.type: FUNC
- * @tc.require:AR000GK6TA
- */
-HWTEST_F(AccessTokenKitTest, GetHapTokenInfoFromRemote002, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "GetHapTokenInfoFromRemote002 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-
-    HapTokenInfoForSync infoSync;
-    ret = AccessTokenKit::GetHapTokenInfoFromRemote(mapID, infoSync);
-    ASSERT_NE(ret, RET_SUCCESS);
-
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-}
-
-/**
- * @tc.name: GetHapTokenInfoFromRemote003
- * @tc.desc: get wrong tokenInfo
- * @tc.type: FUNC
- * @tc.require:AR000GK6TA
- */
-HWTEST_F(AccessTokenKitTest, GetHapTokenInfoFromRemote003, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "GetHapTokenInfoFromRemote003 start.");
-    HapTokenInfoForSync infoSync;
-    int ret = AccessTokenKit::GetHapTokenInfoFromRemote(0, infoSync);
-    ASSERT_NE(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: AllocLocalTokenID001
- * @tc.desc: get already mapping tokenInfo, makesure ipc right
- * @tc.type: FUNC
- * @tc.require:AR000GK6T5
- */
-HWTEST_F(AccessTokenKitTest, AllocLocalTokenID001, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "AllocLocalTokenID001 start.");
-    std::string deviceID = udid_;
-    AccessTokenKit::DeleteRemoteToken(deviceID, 0x20100000);
-    HapTokenInfo baseInfo = {
-        .apl = APL_NORMAL,
-        .ver = 1,
-        .userID = 1,
-        .bundleName = "com.ohos.access_token",
-        .instIndex = 1,
-        .appID = "testtesttesttest",
-        .deviceID = udid_,
-        .tokenID = 0x20100000,
-        .tokenAttr = 0
-    };
-
-    PermissionStateFull infoManagerTestState = {
-        .grantFlags = {PermissionFlag::PERMISSION_USER_SET},
-        .grantStatus = {PermissionState::PERMISSION_GRANTED},
-        .isGeneral = true,
-        .permissionName = "ohos.permission.test1",
-        .resDeviceID = {"local"}};
-    std::vector<PermissionStateFull> permStateList;
-    permStateList.emplace_back(infoManagerTestState);
-
-    HapTokenInfoForSync remoteTokenInfo = {
-        .baseInfo = baseInfo,
-        .permStateList = permStateList
-    };
-
-    int ret = AccessTokenKit::SetRemoteHapTokenInfo(deviceID, remoteTokenInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    AccessTokenID mapID = AccessTokenKit::AllocLocalTokenID(networkId_, 0x20100000);
-    ASSERT_NE(mapID, 0);
-}
-
-/**
- * @tc.name: GetAllNativeTokenInfo001
- * @tc.desc: get all native token with dcaps
- * @tc.type: FUNC
- * @tc.require:AR000GK6T6
- */
-HWTEST_F(AccessTokenKitTest, GetAllNativeTokenInfo001, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "GetAllNativeTokenInfo001 start.");
-
-    std::vector<NativeTokenInfoForSync> nativeTokenInfosRes;
-    int ret = AccessTokenKit::GetAllNativeTokenInfo(nativeTokenInfosRes);
-    ASSERT_EQ(ret, RET_SUCCESS);
-}
-
-/**
- * @tc.name: SetRemoteNativeTokenInfo001
- * @tc.desc: set already mapping tokenInfo
- * @tc.type: FUNC
- * @tc.require:AR000GK6T6
- */
-HWTEST_F(AccessTokenKitTest, SetRemoteNativeTokenInfo001, TestSize.Level1)
-{
-    ACCESSTOKEN_LOG_INFO(LABEL, "SetRemoteNativeTokenInfo001 start.");
-    std::string deviceID = udid_;
-
-    NativeTokenInfoForSync native1 = {
-        .baseInfo.apl = APL_NORMAL,
-        .baseInfo.ver = 1,
-        .baseInfo.processName = "native_test1",
-        .baseInfo.dcap = {"SYSDCAP", "DMSDCAP"},
-        .baseInfo.tokenID = 0x28000000,
-        .baseInfo.tokenAttr = 0,
-        .baseInfo.nativeAcls = {"ohos.permission.DISTRIBUTED_DATASYNC"},
-    };
-
-    std::vector<NativeTokenInfoForSync> nativeTokenInfoList;
-    nativeTokenInfoList.emplace_back(native1);
-
-    int ret = AccessTokenKit::SetRemoteNativeTokenInfo(deviceID, nativeTokenInfoList);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    AccessTokenID mapID = AccessTokenKit::GetRemoteNativeTokenID(deviceID, 0x28000000);
-    ASSERT_NE(mapID, 0);
-
-    NativeTokenInfo resultInfo;
-    ret = AccessTokenKit::GetNativeTokenInfo(mapID, resultInfo);
-    ASSERT_EQ(ret, RET_SUCCESS);
-
-    ASSERT_EQ(resultInfo.apl, native1.baseInfo.apl);
-    ASSERT_EQ(resultInfo.ver, native1.baseInfo.ver);
-    ASSERT_EQ(resultInfo.processName, native1.baseInfo.processName);
-    ASSERT_EQ(resultInfo.dcap.size(), 2);
-    ASSERT_EQ(resultInfo.dcap[0], "SYSDCAP");
-    ASSERT_EQ(resultInfo.dcap[1], "DMSDCAP");
-    ASSERT_EQ(resultInfo.nativeAcls.size(), 1);
-    ASSERT_EQ(resultInfo.nativeAcls[0], "ohos.permission.DISTRIBUTED_DATASYNC");
-    ASSERT_EQ(resultInfo.tokenID, mapID);
-    ASSERT_EQ(resultInfo.tokenAttr, native1.baseInfo.tokenAttr);
-}
-#endif
diff --git a/interfaces/innerkits/tokensync/src/token_sync_manager_client.cpp b/interfaces/innerkits/tokensync/src/token_sync_manager_client.cpp
index 9df60ca00..7cbe9665d 100644
--- a/interfaces/innerkits/tokensync/src/token_sync_manager_client.cpp
+++ b/interfaces/innerkits/tokensync/src/token_sync_manager_client.cpp
@@ -126,7 +126,7 @@ void TokenSyncManagerClient::LoadTokenSync()
     GetRemoteObject()->AddDeathRecipient(ptrTokenSyncDeathRecipient);
 }
 
-void TokenSyncManagerClient::FinishStartSASuccess(const sptr<IRemoteObject> &remoteObject)
+void TokenSyncManagerClient::FinishStartSASuccess(const sptr<IRemoteObject>& remoteObject)
 {
     ACCESSTOKEN_LOG_DEBUG(LABEL, "get tokensync sa success.");
 
@@ -156,7 +156,7 @@ void TokenSyncManagerClient::FinishStartSAFailed()
     tokenSyncCon_.notify_one();
 }
 
-void TokenSyncManagerClient::SetRemoteObject(const sptr<IRemoteObject> &remoteObject)
+void TokenSyncManagerClient::SetRemoteObject(const sptr<IRemoteObject>& remoteObject)
 {
     std::unique_lock<std::mutex> lock(remoteMutex_);
     remoteObject_ = remoteObject;
diff --git a/interfaces/innerkits/tokensync/src/token_sync_manager_client.h b/interfaces/innerkits/tokensync/src/token_sync_manager_client.h
index 6736c8bf8..4a58c28f2 100644
--- a/interfaces/innerkits/tokensync/src/token_sync_manager_client.h
+++ b/interfaces/innerkits/tokensync/src/token_sync_manager_client.h
@@ -40,9 +40,9 @@ public:
     int DeleteRemoteHapTokenInfo(AccessTokenID tokenID);
     int UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo);
     void LoadTokenSync();
-    void FinishStartSASuccess(const sptr<IRemoteObject> &remoteObject);
+    void FinishStartSASuccess(const sptr<IRemoteObject>& remoteObject);
     void FinishStartSAFailed();
-    void SetRemoteObject(const sptr<IRemoteObject> &remoteObject);
+    void SetRemoteObject(const sptr<IRemoteObject>& remoteObject);
     sptr<IRemoteObject> GetRemoteObject();
     void OnRemoteDiedHandle();
 
diff --git a/services/accesstokenmanager/main/cpp/include/callback/perm_state_callback_death_recipient.h b/services/accesstokenmanager/main/cpp/include/callback/perm_state_callback_death_recipient.h
index 09f131f37..4a4af90b7 100644
--- a/services/accesstokenmanager/main/cpp/include/callback/perm_state_callback_death_recipient.h
+++ b/services/accesstokenmanager/main/cpp/include/callback/perm_state_callback_death_recipient.h
@@ -16,7 +16,6 @@
 #ifndef PERM_STATE_CALLBACK_DEATH_RECIPIENT_H
 #define PERM_STATE_CALLBACK_DEATH_RECIPIENT_H
 
-
 #include "iremote_object.h"
 
 namespace OHOS {
@@ -27,7 +26,7 @@ public:
     PermStateCallbackDeathRecipient() = default;
     virtual ~PermStateCallbackDeathRecipient() = default;
 
-    virtual void OnRemoteDied(const wptr<IRemoteObject> &remote);
+    virtual void OnRemoteDied(const wptr<IRemoteObject>& remote);
 };
 } // namespace AccessToken
 } // namespace Security
diff --git a/services/accesstokenmanager/main/cpp/include/callback/permission_state_change_callback_proxy.h b/services/accesstokenmanager/main/cpp/include/callback/permission_state_change_callback_proxy.h
index 19598c47e..0625a24fd 100644
--- a/services/accesstokenmanager/main/cpp/include/callback/permission_state_change_callback_proxy.h
+++ b/services/accesstokenmanager/main/cpp/include/callback/permission_state_change_callback_proxy.h
@@ -16,7 +16,6 @@
 #ifndef PERMISSION_STATE_CHANGE_CALLBACK_PROXY_H
 #define PERMISSION_STATE_CHANGE_CALLBACK_PROXY_H
 
-
 #include "i_permission_state_callback.h"
 
 #include "iremote_proxy.h"
@@ -26,14 +25,14 @@
 namespace OHOS {
 namespace Security {
 namespace AccessToken {
-class PermissionStateCallbackProxy : public IRemoteProxy<IPermissionStateCallback> {
+class PermissionStateChangeCallbackProxy : public IRemoteProxy<IPermissionStateCallback> {
 public:
-    explicit PermissionStateCallbackProxy(const sptr<IRemoteObject>& impl);
-    ~PermissionStateCallbackProxy() override;
+    explicit PermissionStateChangeCallbackProxy(const sptr<IRemoteObject>& impl);
+    ~PermissionStateChangeCallbackProxy() override;
     virtual void PermStateChangeCallback(PermStateChangeInfo& result) override;
 
 private:
-    static inline BrokerDelegator<PermissionStateCallbackProxy> delegator_;
+    static inline BrokerDelegator<PermissionStateChangeCallbackProxy> delegator_;
 };
 } // namespace AccessToken
 } // namespace Security
diff --git a/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp b/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
index 8002741ca..1cef4eed5 100644
--- a/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
+++ b/services/accesstokenmanager/main/cpp/src/callback/callback_manager.cpp
@@ -91,7 +91,6 @@ int32_t CallbackManager::RemoveCallback(const sptr<IRemoteObject>& callback)
     return RET_SUCCESS;
 }
 
-
 bool CallbackManager::CalledAccordingToTokenIdLlist(
     const std::vector<AccessTokenID>& tokenIDList, AccessTokenID tokenID)
 {
diff --git a/services/accesstokenmanager/main/cpp/src/callback/perm_state_callback_death_recipient.cpp b/services/accesstokenmanager/main/cpp/src/callback/perm_state_callback_death_recipient.cpp
index 83c3d5092..817ac2ad1 100644
--- a/services/accesstokenmanager/main/cpp/src/callback/perm_state_callback_death_recipient.cpp
+++ b/services/accesstokenmanager/main/cpp/src/callback/perm_state_callback_death_recipient.cpp
@@ -26,7 +26,8 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
     LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "PermStateCallbackDeathRecipient"
 };
 }
-void PermStateCallbackDeathRecipient::OnRemoteDied(const wptr<IRemoteObject> &remote)
+
+void PermStateCallbackDeathRecipient::OnRemoteDied(const wptr<IRemoteObject>& remote)
 {
     ACCESSTOKEN_LOG_INFO(LABEL, "enter");
     if (remote == nullptr) {
diff --git a/services/accesstokenmanager/main/cpp/src/callback/permission_state_change_callback_proxy.cpp b/services/accesstokenmanager/main/cpp/src/callback/permission_state_change_callback_proxy.cpp
index 6e963d48d..6c3ce737e 100644
--- a/services/accesstokenmanager/main/cpp/src/callback/permission_state_change_callback_proxy.cpp
+++ b/services/accesstokenmanager/main/cpp/src/callback/permission_state_change_callback_proxy.cpp
@@ -28,14 +28,14 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
 };
 }
 
-PermissionStateCallbackProxy::PermissionStateCallbackProxy(const sptr<IRemoteObject>& impl)
+PermissionStateChangeCallbackProxy::PermissionStateChangeCallbackProxy(const sptr<IRemoteObject>& impl)
     : IRemoteProxy<IPermissionStateCallback>(impl) {
 }
 
-PermissionStateCallbackProxy::~PermissionStateCallbackProxy()
+PermissionStateChangeCallbackProxy::~PermissionStateChangeCallbackProxy()
 {}
 
-void PermissionStateCallbackProxy::PermStateChangeCallback(PermStateChangeInfo& info)
+void PermissionStateChangeCallbackProxy::PermStateChangeCallback(PermStateChangeInfo& info)
 {
     MessageParcel data;
     data.WriteInterfaceToken(IPermissionStateCallback::GetDescriptor());
diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp
index 3615a7f0a..c0b766dde 100644
--- a/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp
+++ b/services/accesstokenmanager/main/cpp/src/permission/permission_policy_set.cpp
@@ -183,27 +183,26 @@ int PermissionPolicySet::QueryPermissionFlag(const std::string& permissionName)
 bool PermissionPolicySet::UpdatePermissionStatus(const std::string& permissionName, bool isGranted, uint32_t flag)
 {
     ACCESSTOKEN_LOG_DEBUG(LABEL, "permissionName %{public}s.", permissionName.c_str());
-    int32_t oldStatus = 1;
-    int32_t newStatus = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED;
+
+    bool ret = false;
     Utils::UniqueWriteGuard<Utils::RWLock> infoGuard(this->permPolicySetLock_);
     for (auto& perm : permStateList_) {
         if (perm.permissionName == permissionName) {
             if (perm.isGeneral) {
-                oldStatus = perm.grantStatus[0];
-                perm.grantStatus[0] = newStatus;
+                int32_t oldStatus = perm.grantStatus[0];
+                perm.grantStatus[0] = isGranted ? PERMISSION_GRANTED : PERMISSION_DENIED;
                 uint32_t currFlag = static_cast<uint32_t>(perm.grantFlags[0]);
                 uint32_t newFlag = flag | (currFlag & PERMISSION_GRANTED_BY_POLICY);
                 perm.grantFlags[0] = static_cast<int32_t>(newFlag);
+                ret = (oldStatus == perm.grantStatus[0]) ? false : true;
+            } else {
+                ACCESSTOKEN_LOG_WARN(LABEL, "perm isGeneral is false.");
             }
-            ACCESSTOKEN_LOG_DEBUG(LABEL, "oldStatus %{public}d newStatus %{public}d.", oldStatus, newStatus);
-            if (oldStatus == newStatus) {
-                return false;
-            }
-            return true;
+            break;
         }
     }
 
-    return false;
+    return ret;
 }
 
 void PermissionPolicySet::ResetUserGrantPermissionStatus(void)
diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
index 655e3b04c..069b0eebb 100644
--- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
+++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp
@@ -329,6 +329,11 @@ void AccessTokenManagerStub::RegisterPermStateChangeCallbackInner(MessageParcel&
         return;
     }
     sptr<IRemoteObject> callback = data.ReadRemoteObject();
+    if (callback == nullptr) {
+        ACCESSTOKEN_LOG_ERROR(LABEL, "read callback fail");
+        reply.WriteInt32(RET_FAILED);
+        return;
+    }
     int32_t result = this->RegisterPermStateChangeCallback(*scopeParcel, callback);
     reply.WriteInt32(result);
 }
@@ -336,7 +341,7 @@ void AccessTokenManagerStub::UnRegisterPermStateChangeCallbackInner(MessageParce
 {
     sptr<IRemoteObject> callback = data.ReadRemoteObject();
     if (callback == nullptr) {
-        ACCESSTOKEN_LOG_ERROR(LABEL, "read scopeParcel fail");
+        ACCESSTOKEN_LOG_ERROR(LABEL, "read callback fail");
         reply.WriteInt32(RET_FAILED);
         return;
     }
diff --git a/services/tokensyncmanager/include/remote/remote_command_executor.h b/services/tokensyncmanager/include/remote/remote_command_executor.h
index f8982a9b5..f0cf55e9a 100644
--- a/services/tokensyncmanager/include/remote/remote_command_executor.h
+++ b/services/tokensyncmanager/include/remote/remote_command_executor.h
@@ -32,11 +32,11 @@ public:
     RemoteCommandExecutor(const std::string &targetNodeId);
     virtual ~RemoteCommandExecutor();
 
-    const std::shared_ptr<RpcChannel> &GetChannel() const
+    const std::shared_ptr<RpcChannel>& GetChannel() const
     {
         return ptrChannel_;
     }
-    void SetChannel(const std::shared_ptr<RpcChannel> &ptrChannel)
+    void SetChannel(const std::shared_ptr<RpcChannel>& ptrChannel)
     {
         ptrChannel_ = ptrChannel;
     }
@@ -61,7 +61,7 @@ public:
      * @since 1.0
      * @version 1.0
      */
-    int ProcessOneCommand(const std::shared_ptr<BaseRemoteCommand> &ptrCommand);
+    int ProcessOneCommand(const std::shared_ptr<BaseRemoteCommand>& ptrCommand);
 
     /**
      * @brief Add one command into the buffer
@@ -72,7 +72,7 @@ public:
      * @since 1.0
      * @version 1.0
      */
-    int AddCommand(const std::shared_ptr<BaseRemoteCommand> &ptrCommand);
+    int AddCommand(const std::shared_ptr<BaseRemoteCommand>& ptrCommand);
 
     /**
      * @brief Process all the command in the buffer
@@ -111,7 +111,7 @@ private:
      * @since 1.0
      * @version 1.0
      */
-    int ExecuteRemoteCommand(const std::shared_ptr<BaseRemoteCommand> &ptrCommand, bool isRemote);
+    int ExecuteRemoteCommand(const std::shared_ptr<BaseRemoteCommand>& ptrCommand, bool isRemote);
 
     /**
      * @brief create a rpc channel if not exist.
@@ -134,7 +134,7 @@ private:
      * @since 1.0
      * @version 1.0
      */
-    int ClientProcessResult(const std::shared_ptr<BaseRemoteCommand> &ptrCommand);
+    int ClientProcessResult(const std::shared_ptr<BaseRemoteCommand>& ptrCommand);
 
 private:
     // target device node id(udid)
diff --git a/services/tokensyncmanager/include/remote/remote_command_manager.h b/services/tokensyncmanager/include/remote/remote_command_manager.h
index c1249a76c..b94ffb870 100644
--- a/services/tokensyncmanager/include/remote/remote_command_manager.h
+++ b/services/tokensyncmanager/include/remote/remote_command_manager.h
@@ -62,7 +62,7 @@ public:
      * @since 1.0
      * @version 1.0
      */
-    int ExecuteCommand(const std::string &udid, const std::shared_ptr<BaseRemoteCommand> &command);
+    int ExecuteCommand(const std::string &udid, const std::shared_ptr<BaseRemoteCommand>& command);
 
     /**
      * @brief Add a command to buffer.
@@ -74,7 +74,7 @@ public:
      * @since 1.0
      * @version 1.0
      */
-    int AddCommand(const std::string &udid, const std::shared_ptr<BaseRemoteCommand> &command);
+    int AddCommand(const std::string &udid, const std::shared_ptr<BaseRemoteCommand>& command);
 
     /**
      * @brief Execute all buffered commands for given device.
diff --git a/services/tokensyncmanager/include/service/token_sync_event_handler.h b/services/tokensyncmanager/include/service/token_sync_event_handler.h
index a86ca94ea..db9ceaabd 100644
--- a/services/tokensyncmanager/include/service/token_sync_event_handler.h
+++ b/services/tokensyncmanager/include/service/token_sync_event_handler.h
@@ -26,7 +26,7 @@ namespace Security {
 namespace AccessToken {
 class TokenSyncEventHandler : public AppExecFwk::EventHandler {
 public:
-    explicit TokenSyncEventHandler(const std::shared_ptr<AppExecFwk::EventRunner> &runner);
+    explicit TokenSyncEventHandler(const std::shared_ptr<AppExecFwk::EventRunner>& runner);
     virtual ~TokenSyncEventHandler();
 
     bool ProxyPostTask(const Callback &callback, int64_t delayTime);
diff --git a/services/tokensyncmanager/src/remote/remote_command_executor.cpp b/services/tokensyncmanager/src/remote/remote_command_executor.cpp
index 7f453532c..050a35873 100644
--- a/services/tokensyncmanager/src/remote/remote_command_executor.cpp
+++ b/services/tokensyncmanager/src/remote/remote_command_executor.cpp
@@ -56,7 +56,7 @@ const std::shared_ptr<RpcChannel> RemoteCommandExecutor::CreateChannel(const std
 /*
  * called by RemoteCommandExecutor, RemoteCommandManager
  */
-int RemoteCommandExecutor::ProcessOneCommand(const std::shared_ptr<BaseRemoteCommand> &ptrCommand)
+int RemoteCommandExecutor::ProcessOneCommand(const std::shared_ptr<BaseRemoteCommand>& ptrCommand)
 {
     if (ptrCommand == nullptr) {
         ACCESSTOKEN_LOG_WARN(
@@ -103,7 +103,7 @@ int RemoteCommandExecutor::ProcessOneCommand(const std::shared_ptr<BaseRemoteCom
 /*
  * called by RemoteCommandManager
  */
-int RemoteCommandExecutor::AddCommand(const std::shared_ptr<BaseRemoteCommand> &ptrCommand)
+int RemoteCommandExecutor::AddCommand(const std::shared_ptr<BaseRemoteCommand>& ptrCommand)
 {
     if (ptrCommand == nullptr) {
         ACCESSTOKEN_LOG_DEBUG(LABEL, "targetNodeId %{public}s, attempt to add an empty command.",
@@ -231,7 +231,7 @@ void RemoteCommandExecutor::ProcessBufferedCommandsWithThread()
 }
 
 int RemoteCommandExecutor::ExecuteRemoteCommand(
-    const std::shared_ptr<BaseRemoteCommand> &ptrCommand, const bool isRemote)
+    const std::shared_ptr<BaseRemoteCommand>& ptrCommand, const bool isRemote)
 {
     std::string uniqueId = ptrCommand->remoteProtocol_.uniqueId;
     ACCESSTOKEN_LOG_INFO(LABEL,
@@ -297,7 +297,7 @@ void RemoteCommandExecutor::CreateChannelIfNeeded()
     ptrChannel_ = CreateChannel(targetNodeId_);
 }
 
-int RemoteCommandExecutor::ClientProcessResult(const std::shared_ptr<BaseRemoteCommand> &ptrCommand)
+int RemoteCommandExecutor::ClientProcessResult(const std::shared_ptr<BaseRemoteCommand>& ptrCommand)
 {
     std::string uniqueId = ptrCommand->remoteProtocol_.uniqueId;
     if (ptrCommand->remoteProtocol_.statusCode == Constant::STATUS_CODE_BEFORE_RPC) {
diff --git a/services/tokensyncmanager/src/remote/remote_command_manager.cpp b/services/tokensyncmanager/src/remote/remote_command_manager.cpp
index 0c222d348..c9d41f27f 100644
--- a/services/tokensyncmanager/src/remote/remote_command_manager.cpp
+++ b/services/tokensyncmanager/src/remote/remote_command_manager.cpp
@@ -50,7 +50,7 @@ void RemoteCommandManager::Init()
     ACCESSTOKEN_LOG_DEBUG(LABEL, "Init()");
 }
 
-int RemoteCommandManager::AddCommand(const std::string &udid, const std::shared_ptr<BaseRemoteCommand> &command)
+int RemoteCommandManager::AddCommand(const std::string &udid, const std::shared_ptr<BaseRemoteCommand>& command)
 {
     if (udid.empty() || command == nullptr) {
         ACCESSTOKEN_LOG_WARN(LABEL, "invalid udid, or null command");
@@ -76,7 +76,7 @@ void RemoteCommandManager::RemoveCommand(const std::string &udid)
     executors_.erase(udid);
 }
 
-int RemoteCommandManager::ExecuteCommand(const std::string &udid, const std::shared_ptr<BaseRemoteCommand> &command)
+int RemoteCommandManager::ExecuteCommand(const std::string &udid, const std::shared_ptr<BaseRemoteCommand>& command)
 {
     if (udid.empty() || command == nullptr) {
         ACCESSTOKEN_LOG_WARN(LABEL, "invalid udid: %{public}s, or null command",
diff --git a/services/tokensyncmanager/src/service/token_sync_event_handler.cpp b/services/tokensyncmanager/src/service/token_sync_event_handler.cpp
index 5aa524193..e98947ddd 100644
--- a/services/tokensyncmanager/src/service/token_sync_event_handler.cpp
+++ b/services/tokensyncmanager/src/service/token_sync_event_handler.cpp
@@ -25,7 +25,7 @@ static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = {
     LOG_CORE, SECURITY_DOMAIN_ACCESSTOKEN, "TokenSyncEventHandler"};
 }
 TokenSyncEventHandler::TokenSyncEventHandler(
-    const std::shared_ptr<AppExecFwk::EventRunner> &runner)
+    const std::shared_ptr<AppExecFwk::EventRunner>& runner)
     : AppExecFwk::EventHandler(runner)
 {
     ACCESSTOKEN_LOG_INFO(LABEL, "enter");
-- 
Gitee