From 19ac27ab67f1ef90ffd2534a2d3359828a75de24 Mon Sep 17 00:00:00 2001
From: chenweijian <chenweijian16@huawei.com>
Date: Fri, 15 Nov 2024 11:26:34 +0800
Subject: [PATCH] any app auth result reuse

Signed-off-by: chenweijian <chenweijian16@huawei.com>
Change-Id: I1b280aa14cb9e5bdcaede594405668c35197a808
---
 frameworks/js/napi/user_auth/src/user_auth_entry.cpp   | 10 ++++++++++
 .../js/napi/user_auth/src/user_auth_napi_helper.cpp    |  4 +++-
 interfaces/inner_api/user_auth_client_defines.h        |  6 ++++++
 services/context/src/auth_widget_helper.cpp            |  4 +++-
 4 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/frameworks/js/napi/user_auth/src/user_auth_entry.cpp b/frameworks/js/napi/user_auth/src/user_auth_entry.cpp
index 1796108b9..8f5d0c963 100644
--- a/frameworks/js/napi/user_auth/src/user_auth_entry.cpp
+++ b/frameworks/js/napi/user_auth/src/user_auth_entry.cpp
@@ -897,11 +897,21 @@ napi_value ReuseModeConstructor(napi_env env)
     napi_value reuseMode = nullptr;
     napi_value auth_type_relevant = nullptr;
     napi_value auth_type_irrelevant = nullptr;
+    napi_value caller_irrelevant_auth_type_relevant = nullptr;
+    napi_value caller_irrelevant_auth_type_irrelevant = nullptr;
     NAPI_CALL(env, napi_create_object(env, &reuseMode));
     NAPI_CALL(env, napi_create_int32(env, ReuseMode::AUTH_TYPE_RELEVANT, &auth_type_relevant));
     NAPI_CALL(env, napi_create_int32(env, ReuseMode::AUTH_TYPE_IRRELEVANT, &auth_type_irrelevant));
+    NAPI_CALL(env, napi_create_int32(
+        env, ReuseMode::CALLER_IRRELEVANT_AUTH_TYPE_RELEVANT, &caller_irrelevant_auth_type_relevant));
+    NAPI_CALL(env, napi_create_int32(
+        env, ReuseMode::CALLER_IRRELEVANT_AUTH_TYPE_IRRELEVANT, &caller_irrelevant_auth_type_irrelevant));
     NAPI_CALL(env, napi_set_named_property(env, reuseMode, "AUTH_TYPE_RELEVANT", auth_type_relevant));
     NAPI_CALL(env, napi_set_named_property(env, reuseMode, "AUTH_TYPE_IRRELEVANT", auth_type_irrelevant));
+    NAPI_CALL(env, napi_set_named_property(
+        env, reuseMode, "CALLER_IRRELEVANT_AUTH_TYPE_RELEVANT", caller_irrelevant_auth_type_relevant));
+    NAPI_CALL(env, napi_set_named_property(
+        env, reuseMode, "CALLER_IRRELEVANT_AUTH_TYPE_IRRELEVANT", caller_irrelevant_auth_type_irrelevant));
     return reuseMode;
 }
 
diff --git a/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp b/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp
index 1fc3d25a7..816ffa0c1 100644
--- a/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp
+++ b/frameworks/js/napi/user_auth/src/user_auth_napi_helper.cpp
@@ -618,7 +618,9 @@ bool UserAuthNapiHelper::CheckAuthTrustLevel(uint32_t authTrustLevel)
 bool UserAuthNapiHelper::CheckReuseUnlockResult(ReuseUnlockResult reuseUnlockResult)
 {
     if (reuseUnlockResult.reuseMode != ReuseMode::AUTH_TYPE_RELEVANT &&
-        reuseUnlockResult.reuseMode != ReuseMode::AUTH_TYPE_IRRELEVANT) {
+        reuseUnlockResult.reuseMode != ReuseMode::AUTH_TYPE_IRRELEVANT &&
+        reuseUnlockResult.reuseMode != ReuseMode::CALLER_IRRELEVANT_AUTH_TYPE_RELEVANT &&
+        reuseUnlockResult.reuseMode != ReuseMode::CALLER_IRRELEVANT_AUTH_TYPE_IRRELEVANT) {
         IAM_LOGE("reuseMode check fail:%{public}u", reuseUnlockResult.reuseMode);
         return false;
     }
diff --git a/interfaces/inner_api/user_auth_client_defines.h b/interfaces/inner_api/user_auth_client_defines.h
index 91023226b..a23ccc521 100644
--- a/interfaces/inner_api/user_auth_client_defines.h
+++ b/interfaces/inner_api/user_auth_client_defines.h
@@ -86,6 +86,12 @@ enum ReuseMode : uint32_t {
     /** Authentication type irrelevant.The unlock authentication result can be reused as long as the result is within
      * valid duration. */
     AUTH_TYPE_IRRELEVANT = 2,
+    /** Caller irrelevant authentication type relevant.The unlock authentication result can be reused only when the
+     * result is within valid duration as well as it comes from one of specified UserAuthTypes of the AuthParam. */
+    CALLER_IRRELEVANT_AUTH_TYPE_RELEVANT = 3,
+    /** Caller irrelevant authentication type irrelevant.The unlock authentication result can be reused as long as the
+     * result is within valid duration. */
+    CALLER_IRRELEVANT_AUTH_TYPE_IRRELEVANT = 4,
 };
 
 /**
diff --git a/services/context/src/auth_widget_helper.cpp b/services/context/src/auth_widget_helper.cpp
index 261dd1407..e11f45320 100644
--- a/services/context/src/auth_widget_helper.cpp
+++ b/services/context/src/auth_widget_helper.cpp
@@ -185,7 +185,9 @@ int32_t AuthWidgetHelper::CheckReuseUnlockResult(const ContextFactory::AuthWidge
     if (!authParam.reuseUnlockResult.isReuse || authParam.reuseUnlockResult.reuseDuration == 0 ||
         authParam.reuseUnlockResult.reuseDuration > MAX_ALLOWABLE_REUSE_DURATION ||
         (authParam.reuseUnlockResult.reuseMode != AUTH_TYPE_RELEVANT &&
-        authParam.reuseUnlockResult.reuseMode != AUTH_TYPE_IRRELEVANT)) {
+        authParam.reuseUnlockResult.reuseMode != AUTH_TYPE_IRRELEVANT &&
+        authParam.reuseUnlockResult.reuseMode != CALLER_IRRELEVANT_AUTH_TYPE_RELEVANT &&
+        authParam.reuseUnlockResult.reuseMode != CALLER_IRRELEVANT_AUTH_TYPE_IRRELEVANT)) {
         IAM_LOGE("CheckReuseUnlockResult invalid param");
         return INVALID_PARAMETERS;
     }
-- 
Gitee