return FIDO_ERROR_PERMISSION_DENIED;
}
+ if (tz_err != FIDO_ERROR_NONE) {
+ _ERR("Error = [%d]", tz_err);
+ return tz_err;
+ }
+
if (discovery_data_json == NULL || discovery_data_json_list_len <= 0) {
_ERR("No Authenticators found");
return FIDO_ERROR_NOT_SUPPORTED;
*
*/
-#ifndef _FIDO_UAF_AUTH_H_
-#define _FIDO_UAF_AUTH_H_
+#ifndef __TIZEN_FIDO_UAF_AUTHENTICATOR_H__
+#define __TIZEN_FIDO_UAF_AUTHENTICATOR_H__
-#include "fido_uaf_types.h"
+#include <fido_uaf_types.h>
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
/**
* @file fido_uaf_authenticator.h
* @brief Called once for each result of calling fido_foreach_authenticator()
* @since_tizen 3.0
*
- * @param[out] auth_info The Authenticator info handle. This param will be freed by framework.
- * @param[out] user_data The user data that was attached during fido_foreach_authenticator() call.
+ * @param[in] auth_info The Authenticator info handle. This param will be freed by framework
+ * @param[in] user_data The user data that was attached during fido_foreach_authenticator() call
* @see fido_foreach_authenticator()
*/
typedef void (*fido_authenticator_cb)(const fido_authenticator_h auth_info, void *user_data);
* @brief Retrieves all the available FIDO authenticators supported by this Device.
* @details fido_authenticator_cb() callback is called synchronously once for each authenticator.
* @since_tizen 3.0
+ * @privlevel public
+ * @privilege %http://tizen.org/privilege/fido.client
*
- *
- * @param[in] cb The iteration callback handle.
- * @param[in] user_data The user data handle.
+ * @param[in] cb The iteration callback handle
+ * @param[in] user_data The user data handle
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_NONE Successful
* @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this API.
+ * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this function.
* @retval #FIDO_ERROR_NOT_SUPPORTED FIDO is not supported on this device.
*/
-EXPORT_API int fido_foreach_authenticator(fido_authenticator_cb cb, void *user_data);
+int fido_foreach_authenticator(fido_authenticator_cb cb, void *user_data);
/**
* @brief Gets the Authenticator title.
* @since_tizen 3.0
*
- * @remarks The application must free title using free().
- * @param[in] auth The Authenticator handle.
- * @param[out] title The title.
+ * @remarks The @a title should be released using free().
+ * @param[in] auth The Authenticator handle
+ * @param[out] title The title
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_title(const fido_authenticator_h auth, char **title);
+int fido_authenticator_get_title(const fido_authenticator_h auth, char **title);
/**
- * @brief Retrieves the Authenticator AAID(Authenticator Attestation ID).
+ * @brief Retrieves the Authenticator AAID (Authenticator Attestation ID).
* @since_tizen 3.0
*
- * @remarks The application must free aaid using free().
- * @param[in] auth The Authenticator handle.
- * @param[out] aaid The AAID.
+ * @remarks The @a aaid should be released using free().
+ * @param[in] auth The Authenticator handle
+ * @param[out] aaid The AAID
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_aaid(const fido_authenticator_h auth, char **aaid);
+int fido_authenticator_get_aaid(const fido_authenticator_h auth, char **aaid);
/**
* @brief Retrieves the Authenticator description
* @since_tizen 3.0
*
- * @remarks The application must free desc using free().
- * @param[in] auth The Authenticator handle.
- * @param[out] desc The description.
+ * @remarks The @a desc should be released using free().
+ * @param[in] auth The Authenticator handle
+ * @param[out] desc The description
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_description(const fido_authenticator_h auth, char **desc);
+int fido_authenticator_get_description(const fido_authenticator_h auth, char **desc);
/**
* @brief Retrieves the Authenticator assertion scheme.
* @since_tizen 3.0
*
- * @remarks The application must free scheme using free().Refer to FIDO UAF Registry document for more details.
- * @param[in] auth The Authenticator handle.
- * @param[out] scheme The assertion scheme. UAFV1TLV is the default assertion scheme.
+ * @remarks The @a scheme should be released using free(). Refer to FIDO UAF Registry document for more details.
+ * @param[in] auth The Authenticator handle
+ * @param[out] scheme The assertion scheme. UAFV1TLV is the default assertion scheme
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_assertion_scheme(const fido_authenticator_h auth, char **scheme);
+int fido_authenticator_get_assertion_scheme(const fido_authenticator_h auth, char **scheme);
/**
- * @brief Retrieves the Authenticator algorithm
+ * @brief Retrieves the Authenticator algorithm.
* @since_tizen 3.0
*
- * @param[in] auth The Authenticator handle.
- * @param[out] algo The authenitcation algorithm.
+ * @param[in] auth The Authenticator handle
+ * @param[out] algo The authentication algorithm
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_NONE Successful
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_algorithm(const fido_authenticator_h auth, fido_auth_algo_e *algo);
+int fido_authenticator_get_algorithm(const fido_authenticator_h auth, fido_auth_algo_e *algo);
/**
- * @brief Called once for each result of calling fido_authenticator_foreach_attestation_type()
+ * @brief Called once for each result of calling fido_authenticator_foreach_attestation_type().
* @since_tizen 3.0
*
- * @param[out] att_type The Authenticator attestation type.
- * @param[out] user_data The user data that was attached during fido_authenticator_foreach_attestation_type() call.
+ * @param[in] att_type The Authenticator attestation type
+ * @param[in] user_data The user data that was attached during fido_authenticator_foreach_attestation_type() call
*/
typedef void (*fido_attestation_type_cb)(fido_auth_attestation_type_e att_type, void *user_data);
* @brief Retrieves all the available attestation types for this Authenticator.
* @since_tizen 3.0
*
- * @param[in] auth The Authenticator handle.
- * @param[in] cb The iteration callback.
- * @param[in] user_data The user data.
+ * @param[in] auth The Authenticator handle
+ * @param[in] cb The iteration callback
+ * @param[in] user_data The user data
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_NONE Successful
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_foreach_attestation_type(const fido_authenticator_h auth,
+int fido_authenticator_foreach_attestation_type(const fido_authenticator_h auth,
fido_attestation_type_cb cb, void *user_data);
/**
* @brief Retrieves the user verification method of this Authenticator.
* @since_tizen 3.0
*
- * @param[in] auth The Authenticator handle.
- * @param[out] user_verification The user verification method.
+ * @param[in] auth The Authenticator handle
+ * @param[out] user_verification The user verification method
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_NONE Successful
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_verification_method(const fido_authenticator_h auth,
+int fido_authenticator_get_verification_method(const fido_authenticator_h auth,
fido_auth_user_verify_type_e *user_verification);
/**
* @brief Retrieves the key protection method of this Authenticator.
* @since_tizen 3.0
*
- * @param[in] auth The Authenticator handle.
- * @param[out] key_protection The key protection method.
+ * @param[in] auth The Authenticator handle
+ * @param[out] key_protection The key protection method
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_NONE Successful
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_key_protection_method(const fido_authenticator_h auth,
+int fido_authenticator_get_key_protection_method(const fido_authenticator_h auth,
fido_auth_key_protection_type_e *key_protection);
/**
* @brief Retrieves the matcher protection method of this Authenticator.
* @since_tizen 3.0
*
- * @param[in] auth The Authenticator handle.
- * @param[out] matcher_protection The matcher protection method.
+ * @param[in] auth The Authenticator handle
+ * @param[out] matcher_protection The matcher protection method
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_NONE Successful
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_matcher_protection_method(const fido_authenticator_h auth,
+int fido_authenticator_get_matcher_protection_method(const fido_authenticator_h auth,
fido_auth_matcher_protection_type_e *matcher_protection);
/**
* @brief Retrieves the attachment hint of this Authenticator.
* @since_tizen 3.0
*
- * @param[in] auth The Authenticator handle.
- * @param[out] attachment_hint The matcher protection method.
+ * @param[in] auth The Authenticator handle
+ * @param[out] attachment_hint The matcher protection method
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_NONE Successful
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_attachment_hint(const fido_authenticator_h auth,
+int fido_authenticator_get_attachment_hint(const fido_authenticator_h auth,
fido_auth_attachment_hint_e *attachment_hint);
/**
* @brief Checks if the Authenticator is Second factor only which is supported by U2F standards.
* @since_tizen 3.0
*
- * @param[in] auth The Authenticator handle.
+ * @param[in] auth The Authenticator handle
*
* @return @c true if its only second factor,
* otherwise false.
*/
-EXPORT_API bool fido_authenticator_get_is_second_factor_only(const fido_authenticator_h auth);
+bool fido_authenticator_get_is_second_factor_only(const fido_authenticator_h auth);
/**
* @brief Retrieves the Transaction Confirmation display type of this Authenticator.
* @since_tizen 3.0
*
- * @param[in] auth The Authenticator handle.
- * @param[out] tc_display The TC display type.
+ * @param[in] auth The Authenticator handle
+ * @param[out] tc_display The TC display type
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_NONE Successful
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_tc_discplay(const fido_authenticator_h auth,
+int fido_authenticator_get_tc_discplay(const fido_authenticator_h auth,
fido_auth_tc_display_type_e *tc_display);
/**
* @brief Retrieves the Transaction Confirmation display content type of this Authenticator.
* @since_tizen 3.0
*
- * @remarks The application must free tc_display_content_type using free().
- * @param[in] auth The Authenticator handle.
- * @param[out] tc_display_content_type The TC display content type which is supported MIME type [RFC2049] such as text/plain or image/png.
+ * @remarks The @a tc_display_content_type should be released using free().
+ * @param[in] auth The Authenticator handle
+ * @param[out] tc_display_content_type The TC display content type which is supported MIME type [RFC2049] such as text/plain or image/png
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_tc_display_type(const fido_authenticator_h auth, char **tc_display_content_type);
+int fido_authenticator_get_tc_display_type(const fido_authenticator_h auth, char **tc_display_content_type);
/**
* @brief Retrieves the icon of this Authenticator.
* @since_tizen 3.0
*
- * @remarks The application must free icon using free().
- * @param[in] auth The Authenticator handle.
- * @param[out] icon The icon. Portable Network Graphic (PNG) format image file representing the icon encoded as a data: url[RFC2397].
+ * @remarks The @a icon should be released using free().
+ * @param[in] auth The Authenticator handle
+ * @param[out] icon The icon. Portable Network Graphic (PNG) format image file representing the icon encoded as a data: url[RFC2397]
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_authenticator_get_icon(const fido_authenticator_h auth, char **icon);
+int fido_authenticator_get_icon(const fido_authenticator_h auth, char **icon);
/**
* @}
*/
+#ifdef __cplusplus
+}
+#endif
+
#endif
*
*/
-#ifndef FIDO_UAF_CLIENT_H_
-#define FIDO_UAF_CLIENT_H_
+#ifndef __TIZEN_FIDO_UAF_CLIENT_H__
+#define __TIZEN_FIDO_UAF_CLIENT_H__
#include <fido_uaf_types.h>
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
/**
* @file fido_uaf_client.h
* @brief The FIDO UAF Client APIs.
* @brief Gets the FIDO client vendor name.
* @since_tizen 3.0
*
- * @remarks The application must free vendor_name using free().
- * @param[out] vendor_name The vendor name.
+ * @remarks The @a vendor_name should be released using free().
+ * @param[out] vendor_name The vendor name
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_get_client_vendor(char **vendor_name);
+int fido_get_client_vendor(char **vendor_name);
/**
* @brief Gets the FIDO client vendor version information.
* @since_tizen 3.0
*
- * @param[out] client_major_version The FIDO client major version.
- * @param[out] client_minor_version The FIDO client minor version.
+ * @param[out] client_major_version The FIDO client major version
+ * @param[out] client_minor_version The FIDO client minor version
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
*/
-EXPORT_API int fido_get_client_version(int *client_major_version, int *client_minor_version);
+int fido_get_client_version(int *client_major_version, int *client_minor_version);
/**
* @}
/**
* @brief Checks whether the FIDO message can be processed.
* @since_tizen 3.0
+ * @privlevel public
+ * @privilege %http://tizen.org/privilege/fido.client
*
- * @param[in] uaf_message_json The FIDO message in json format which is recieved from the relying party server.
- * @param[out] is_supported True if the message can be handled by the device, else false.
+ * @param[in] uaf_message_json The FIDO message in JSON format which is received from the relying party server
+ * @param[out] is_supported True if the message can be handled by the device, else false
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_NONE Successful
* @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
- * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
* @retval #FIDO_ERROR_NOT_SUPPORTED FIDO is not supported
- * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this API.
- * @retval #FIDO_ERROR_UNSUPPORTED_VERSION The UAFMessage does not specify a protocol version supported by this FIDO UAF Client.
+ * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this function.
+ * @retval #FIDO_ERROR_UNSUPPORTED_VERSION The UAF Message does not specify a protocol version supported by this FIDO UAF Client.
* @retval #FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR No suitable authenticators found.
* @retval #FIDO_ERROR_PROTOCOL_ERROR The interaction may have timed out, or the UAF message is malformed.
* @retval #FIDO_ERROR_UNTRUSTED_FACET_ID The caller's id is not allowed to use this operation.
*
*/
-EXPORT_API int fido_uaf_is_supported(const char *uaf_message_json, bool *is_supported);
+int fido_uaf_is_supported(const char *uaf_message_json, bool *is_supported);
/**
* @brief Called when fido_uaf_get_response_message() response comes.
+ * @details The following error codes can be delivered:
+ * <pre>
+ * #FIDO_ERROR_NONE Successful
+ * #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
+ * #FIDO_ERROR_USER_ACTION_IN_PROGRESS User action is in progress.
+ * #FIDO_ERROR_USER_CANCELLED User has cancelled the operation.
+ * #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this
+ * function.
+ * #FIDO_ERROR_UNSUPPORTED_VERSION The UAF Message does not specify a protocol version
+ * supported by this FIDO UAF Client.
+ * #FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR No suitable authenticators found.
+ * #FIDO_ERROR_PROTOCOL_ERROR The interaction may have timed out, or the UAF message
+ * is malformed.
+ * #FIDO_ERROR_UNTRUSTED_FACET_ID The caller's id is not allowed to use this operation.
+ * </pre>
* @since_tizen 3.0
*
- * @param[in] tizen_error_code Tizen platform error code.
- * @param[in] uaf_response_json FIDO resonse message in json format.
- * @param[in] user_data The user data passed from the callback function.
+ * @param[in] tizen_error_code Tizen platform error code
+ * @param[in] uaf_response_json FIDO response message in JSON format
+ * @param[in] user_data The user data passed from the callback function
*
* @pre fido_uaf_get_response_message() must be called to get this callback invoked.
* @see fido_uaf_get_response_message()
/**
* @brief Processes the given FIDO UAF message.
- * @details The response is delivered via fido_uaf_response_message_cb(). Depending on the FIDO message type, this may involve user interactions.
+ * @details This function is asynchronous. The response is delivered via fido_uaf_response_message_cb().
+ * Depending on the FIDO message type, this may involve user interactions.
*
* @since_tizen 3.0
+ * @privlevel public
+ * @privilege %http://tizen.org/privilege/fido.client
*
- * @param[in] uaf_request_json The FIDO UAF message in json format which is recieved from the relying party server.
- * @param[in] channel_binding The channel binding data in json format which is recieved from the relying party server.
- * @param[in] callback The callback to receive response.
- * @param[in] user_data The user data to be passed to the callback function.
+ * @param[in] uaf_request_json The FIDO UAF message in JSON format which is received from the relying party server
+ * @param[in] channel_binding The channel binding data in JSON format which is received from the relying party server
+ * @param[in] callback The callback to receive response
+ * @param[in] user_data The user data to be passed to the callback function
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_NONE Successful
- * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
* @retval #FIDO_ERROR_NOT_SUPPORTED FIDO is not supported
- * @retval #FIDO_ERROR_USER_ACTION_IN_PROGRESS User action is in progress.
- * @retval #FIDO_ERROR_USER_CANCELLED User has canceled the operation.
- * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this API.
- * @retval #FIDO_ERROR_UNSUPPORTED_VERSION The UAFMessage does not specify a protocol version supported by this FIDO UAF Client.
- * @retval #FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR No suitable authenticators found.
- * @retval #FIDO_ERROR_PROTOCOL_ERROR The interaction may have timed out, or the UAF message is malformed.
- * @retval #FIDO_ERROR_UNTRUSTED_FACET_ID The caller's id is not allowed to use this operation.
*
* @see fido_uaf_response_message_cb()
*/
-EXPORT_API int fido_uaf_get_response_message(const char *uaf_request_json, const char *channel_binding,
+int fido_uaf_get_response_message(const char *uaf_request_json, const char *channel_binding,
fido_uaf_response_message_cb callback, void *user_data);
/**
- * @brief Notifies the server result to the FIDO client. FIDO Server sends the result of processing a UAF message to FIDO client.
- * @remarks This is especially important as a new registration may be considered by the client to be in a pending state
+ * @brief Notifies the FIDO client about the server result. FIDO Server sends the result of processing a UAF message to FIDO client.
+ * @remarks This is especially important for cases when a new registration may be considered by the client to be in a pending state
* until it is communicated that the server accepted it.
*
* @since_tizen 3.0
+ * @privlevel public
+ * @privilege %http://tizen.org/privilege/fido.client
*
- * @param[in] response_code The status code received from Server, FIDO_SERVER_STATUS_CODE_OK implies success.
- * @param[in] uaf_response_json The FIDO response message sent to server in json format.
+ * @param[in] response_code The status code received from Server, #FIDO_SERVER_STATUS_CODE_OK implies success
+ * @param[in] uaf_response_json The FIDO response message sent to server in JSON format
*
* @return @c 0 on success,
* otherwise a negative error value
* @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory
* @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter
* @retval #FIDO_ERROR_NOT_SUPPORTED FIDO is not supported
- * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this API.
- * @retval #FIDO_ERROR_UNSUPPORTED_VERSION The UAFMessage does not specify a protocol version supported by this FIDO UAF Client.
+ * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this function.
+ * @retval #FIDO_ERROR_UNSUPPORTED_VERSION The UAF Message does not specify a protocol version supported by this FIDO UAF Client.
* @retval #FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR No suitable authenticators found.
* @retval #FIDO_ERROR_PROTOCOL_ERROR The interaction may have timed out, or the UAF message is malformed.
* @retval #FIDO_ERROR_UNTRUSTED_FACET_ID The caller's id is not allowed to use this operation.
*
* @see fido_uaf_response_message_cb()
*/
-EXPORT_API int fido_uaf_set_server_result(int response_code, const char *uaf_response_json);
+int fido_uaf_set_server_result(int response_code, const char *uaf_response_json);
/**
* @}
*/
+#ifdef __cplusplus
+}
+#endif
+
#endif /* FIDO_UAF_CLIENT_H_ */
%if "%{?tizen_version}" == "3.0"
BuildRequires: pkgconfig(libtzplatform-config)
+BuildRequires: pkgconfig(cynara-client)
+BuildRequires: pkgconfig(cynara-session)
+BuildRequires: pkgconfig(cynara-creds-gdbus)
%endif
BuildRequires: pkgconfig(pkgmgr-info)
pkgmgr-info
openssl
bundle
+ cynara-client
+ cynara-session
+ cynara-creds-gdbus
libtzplatform-config
)
else()
#include "fido_privilege_checker.h"
#include "fido_logs.h"
+#ifdef WITH_JSON_BUILDER
+
+#include <cynara-client.h>
+#include <cynara-session.h>
+#include <cynara-creds-gdbus.h>
+static cynara *__cynara = NULL;
+
+#endif
+
+/*#define _DISABLE_PRIV_CHECK*/
+
+#ifdef WITH_JSON_BUILDER
+
+static guint
+_get_client_pid(GDBusMethodInvocation* invoc)
+{
+ const char *name = NULL;
+ name = g_dbus_method_invocation_get_sender(invoc);
+ if (name == NULL) {
+ _ERR("g_dbus_method_invocation_get_sender failed");
+ return -1;
+ }
+ _INFO("sender=[%s]", name);
+
+
+ guint pid = -1;
+ GError *error = NULL;
+ GVariant *_ret;
+
+ _INFO("calling GetConnectionUnixProcessID");
+
+ GDBusConnection* conn = g_dbus_method_invocation_get_connection(invoc);
+ _ret = g_dbus_connection_call_sync(conn,
+ "org.freedesktop.DBus",
+ "/org/freedesktop/DBus",
+ "org.freedesktop.DBus",
+ "GetConnectionUnixProcessID",
+ g_variant_new("(s)", name),
+ NULL,
+ G_DBUS_CALL_FLAGS_NONE,
+ -1,
+ NULL,
+ &error);
+
+ if (_ret != NULL) {
+ g_variant_get(_ret, "(u)", &pid);
+ g_variant_unref(_ret);
+ }
+
+ _INFO("process Id = [%u]", pid);
+ return pid;
+}
+
+static int
+__check_privilege_by_cynara(const char *client, const char *session, const char *user, const char *privilege)
+{
+#ifdef WITH_JSON_BUILDER
+ int ret;
+ char err_buf[128] = {0,};
+
+ ret = cynara_check(__cynara, client, session, user, privilege);
+ switch (ret) {
+ case CYNARA_API_ACCESS_ALLOWED:
+ _DBG("cynara_check success");
+ return FIDO_ERROR_NONE;
+
+ case CYNARA_API_ACCESS_DENIED:
+ _ERR("cynara_check permission deined, privilege=%s, error = CYNARA_API_ACCESS_DENIED", privilege);
+ return FIDO_ERROR_PERMISSION_DENIED;
+
+ default:
+ cynara_strerror(ret, err_buf, sizeof(err_buf));
+ _ERR("cynara_check error : %s, privilege=%s, ret = %d", err_buf, privilege, ret);
+ return FIDO_ERROR_PERMISSION_DENIED;
+ }
+
+ return FIDO_ERROR_NONE;
+#endif
+
+ return FIDO_ERROR_NONE;
+}
+
+static int
+__get_information_for_cynara_check(GDBusMethodInvocation *invocation, char **client, char **user, char **session)
+{
+#ifdef WITH_JSON_BUILDER
+ GDBusConnection *gdbus_conn = NULL;
+ char* sender = NULL;
+ int ret = -1;
+
+ gdbus_conn = g_dbus_method_invocation_get_connection(invocation);
+ if (gdbus_conn == NULL) {
+ _ERR("g_dbus_method_invocation_get_connection failed");
+ return -1;
+ }
+
+ sender = (char*) g_dbus_method_invocation_get_sender(invocation);
+ if (sender == NULL) {
+ _ERR("g_dbus_method_invocation_get_sender failed");
+ return -1;
+ }
+
+ ret = cynara_creds_gdbus_get_user(gdbus_conn, sender, USER_METHOD_DEFAULT, user);
+ if (ret != CYNARA_API_SUCCESS) {
+ _ERR("cynara_creds_gdbus_get_user failed, ret = %d", ret);
+ return -1;
+ }
+
+ ret = cynara_creds_gdbus_get_client(gdbus_conn, sender, CLIENT_METHOD_DEFAULT, client);
+ if (ret != CYNARA_API_SUCCESS) {
+ _ERR("cynara_creds_gdbus_get_client failed, ret = %d", ret);
+ return -1;
+ }
+
+ guint pid = _get_client_pid(invocation);
+ _INFO("client Id = [%u]", pid);
+
+ *session = cynara_session_from_pid(pid);
+ if (*session == NULL) {
+ _ERR("cynara_session_from_pid failed");
+ return -1;
+ }
+ return FIDO_ERROR_NONE;
+ #endif
+
+ return FIDO_ERROR_NONE;
+}
+#endif
+
bool
is_allowed_to_call(GDBusMethodInvocation *invocation, const char* privilege)
{
+#ifdef WITH_JSON_BUILDER
+
+ int ret = -1;
+
+ if (__cynara == NULL) {
+ ret = cynara_initialize(&__cynara, NULL);
+ if (ret != CYNARA_API_SUCCESS) {
+ _ERR("CYNARA Initialization fail");
+ return false;
+ }
+ }
+
+ char *client = NULL;
+ char *session = NULL;
+ char *user = NULL;
+
+ ret = __get_information_for_cynara_check(invocation, &client, &user, &session);
+ if (ret != FIDO_ERROR_NONE) {
+ _ERR("__get_information_for_cynara_check failed");
+ g_free(client);
+ g_free(user);
+ SAFE_DELETE(session);
+
+ return false;
+ }
+
+ ret = __check_privilege_by_cynara(client, session, user, privilege);
+
+ /*TODO enable after smack is defined*/
+#ifndef _DISABLE_PRIV_CHECK
+ if (ret != FIDO_ERROR_NONE) {
+ _ERR("__check_privilege_by_cynara failed, ret = %d", ret);
+ g_free(client);
+ g_free(user);
+ SAFE_DELETE(session);
+
+ return false;
+ }
+#endif
+ g_free(client);
+ g_free(user);
+ SAFE_DELETE(session);
+
+ return true;
+ #endif
+
return true;
}
#include <tizen.h>
#include "fido_internal_types.h"
-#define _FIDO_CLIENT_PRIVILEGE "http://tizen.org/privilege/fido"
+#define _FIDO_CLIENT_PRIVILEGE "http://tizen.org/privilege/fido.client"
bool is_allowed_to_call(GDBusMethodInvocation *invocation, const char* privilege);
<manifest xmlns="http://tizen.org/ns/packages" api-version="3.0" package="org.example.fidosample" version="1.0.0">
<profile name="mobile"/>
<ui-application appid="org.example.fidosample" exec="fidosample" launch_mode="single" multiple="false" nodisplay="false" taskmanage="true" type="capp">
- <label>fidosample</label>
- <icon>fidosample.png</icon>
+ <label>fidosample</label>
+ <icon>fidosample.png</icon>
</ui-application>
<privileges>
- <privilege>http://tizen.org/privilege/account.read</privilege>
- <privilege>http://tizen.org/privilege/account.write</privilege>
+ <privilege>http://tizen.org/privilege/account.read</privilege>
+ <privilege>http://tizen.org/privilege/account.write</privilege>
+ <privilege>http://tizen.org/privilege/fido.client</privilege>
</privileges>
</manifest>
projects / platform / core / account / fido-client.git / commitdiff