|
1 /* |
|
2 * Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * CAuthServer class definition |
|
16 * |
|
17 */ |
|
18 |
|
19 |
|
20 /** |
|
21 @file |
|
22 @released |
|
23 @internalComponent |
|
24 */ |
|
25 #ifndef AUTHSERVER_H |
|
26 #define AUTHSERVER_H |
|
27 |
|
28 #include <e32cmn.h> |
|
29 #include <ct/rcpointerarray.h> |
|
30 #include <e32property.h> |
|
31 #include <f32file.h> |
|
32 #include <scs/scsserver.h> |
|
33 #include "authserveripc.h" |
|
34 #include "authrepository.h" |
|
35 |
|
36 |
|
37 namespace AuthServer |
|
38 { |
|
39 |
|
40 /** |
|
41 *Panic values associated with the AuthServer |
|
42 */ |
|
43 enum TAuthServerPanic |
|
44 { |
|
45 EPanicCorruptDescriptor = 0, |
|
46 /// An invalid service request number has been receieved by the |
|
47 /// server. This should not be received by those using the RAuthClient or |
|
48 /// derived classes. |
|
49 EPanicInvalidFunction = 1, |
|
50 |
|
51 EPanicAlreadyReceiving = 2, |
|
52 /// An internal error indicating the received authentication expression |
|
53 /// is malformed. This should not be received by those using the |
|
54 /// RAuthClient or derived classes. |
|
55 EPanicBadExternalizedAuthExpr = 3, |
|
56 /// A request has been made that refers to a non-existent plugin. |
|
57 EPanicNoSuchAuthPlugin = 4, |
|
58 /// In order to create a first identity, the authserver requires that |
|
59 /// at least one plugin supports default data. |
|
60 EPanicNoFirstStartPlugin = 5, |
|
61 /// A call has been made to the authserver's training manager while one |
|
62 /// is already in progress. |
|
63 EPanicTrainingMgrBusy = 6, |
|
64 /// A plugin has reported that it supports default data but has returned |
|
65 /// an invalid data buffer. |
|
66 EPanicInvalidDefaultData = 7 |
|
67 }; |
|
68 |
|
69 const TInt KPolicyRanges= 12; |
|
70 const TInt KPolicyElements = 7; |
|
71 |
|
72 const TInt KDefaultShutdownDelay = 3 * 1000 * 1000; // 3 seconds |
|
73 |
|
74 class CIdentity; |
|
75 |
|
76 class CPluginMgr; |
|
77 class CPluginObserver; |
|
78 class CTrainingMgr; |
|
79 class CEvaluator; |
|
80 class CAuthExpression; |
|
81 class CAuthTransaction; |
|
82 struct TLastAuth; |
|
83 |
|
84 // The description for the default identity. |
|
85 _LIT(KDefaultUserDescription, "DefaultUser"); |
|
86 |
|
87 /** |
|
88 * Helper class to manage details during identity reset operation |
|
89 **/ |
|
90 class TPluginResetDetails |
|
91 { |
|
92 public: |
|
93 TPluginResetDetails(TPluginId aPluginId, const TDesC& aRegistrationData): |
|
94 iPluginId(aPluginId), |
|
95 iRegistrationData(aRegistrationData) |
|
96 {} |
|
97 |
|
98 public: |
|
99 TPluginId PluginId() const { return iPluginId;}; |
|
100 const TDesC& RegistrationData() const { return iRegistrationData;}; |
|
101 |
|
102 private: |
|
103 TPluginId iPluginId; |
|
104 const TDesC& iRegistrationData; |
|
105 }; |
|
106 |
|
107 |
|
108 /** |
|
109 * Provides authentication and identity management services. |
|
110 * |
|
111 * A CPolicyServer derived class providing management of identity |
|
112 * authentication services. Responsible for managing identities in accordance |
|
113 * with the requests made by clients. |
|
114 * |
|
115 **/ |
|
116 class CAuthServer : public CScsServer, public MEvaluatorPluginInterface, |
|
117 public MEvaluatorClientInterface |
|
118 { |
|
119 public: |
|
120 // implement CScsServer. |
|
121 virtual CScsSession* DoNewSessionL(const RMessage2& aMessage); |
|
122 |
|
123 |
|
124 // implement CScsServer. |
|
125 virtual void DoPreHeapMarkOrCheckL(); |
|
126 |
|
127 // implement CScsServer. |
|
128 virtual void DoPostHeapMarkOrCheckL(); |
|
129 |
|
130 |
|
131 static CAuthServer* NewLC(CActive::TPriority = CActive::EPriorityStandard); |
|
132 |
|
133 void AuthenticateL(const RMessage2& aMessage); |
|
134 |
|
135 void DeauthenticateL(const RMessage2& aMessage); |
|
136 void CancelL(const RMessage2& aMessage); |
|
137 void PluginsL(const RMessage2& aMessage); |
|
138 void ActivePluginsL(const RMessage2& aMessage); |
|
139 void PluginsByTypeL(const RMessage2& aMessage); |
|
140 void PluginsByTrainingL(const RMessage2& aMessage); |
|
141 void IdentitiesL(const RMessage2& aMessage); |
|
142 void SetIdentityStringL(const RMessage2& aMessage); |
|
143 void IdentityStringL(const RMessage2& aMessage); |
|
144 void RegisterIdentityL(const RMessage2& aMessage); |
|
145 void RemoveIdentityL(const RMessage2& aMessage); |
|
146 void TrainPluginL(const RMessage2& aMessage); |
|
147 void ForgetPluginL(const RMessage2& aMessage); |
|
148 void PreferredTypePluginL(const RMessage2& aMessage); |
|
149 void SetPreferredTypePluginL(const RMessage2& aMessage); |
|
150 void IdentitiesWithStringL(const RMessage2& aMessage); |
|
151 void ListAuthAliasesL(const RMessage2& aMessage); |
|
152 void ResolveExpressionL(const RMessage2& aMessage); |
|
153 void ResetIdentityL(TInt aFunction, const RMessage2& aMessage); |
|
154 void ResetIdentityByListL(const RMessage2& aMessage); |
|
155 |
|
156 virtual void Evaluate(TPluginId aPluginId, |
|
157 TIdentityId& aIdentityId, |
|
158 CAuthExpressionImpl::TType aType, |
|
159 TRequestStatus& aStatus); |
|
160 |
|
161 virtual void Evaluate(TAuthPluginType aPluginType, |
|
162 TIdentityId& aIdentityId, |
|
163 CAuthExpressionImpl::TType aType, |
|
164 TRequestStatus& aStatus); |
|
165 |
|
166 virtual void CancelEvaluate(); |
|
167 virtual void EvaluationSucceeded(TIdentityId aIdentityId); |
|
168 virtual void EvaluationFailed(TInt aReason); |
|
169 |
|
170 private: |
|
171 |
|
172 CAuthServer(CActive::TPriority aPriority); |
|
173 |
|
174 /// 2nd phase construction |
|
175 void ConstructL(); |
|
176 |
|
177 ~CAuthServer(); |
|
178 |
|
179 CIdentity* CachedIdentity(const TTimeIntervalSeconds& timeout); |
|
180 |
|
181 TBool FilterActivePlugins(const CAuthPluginInterface& aInterface); |
|
182 |
|
183 void FirstStartL(); |
|
184 void CreatePropertiesL(); |
|
185 void ClearPropertiesL(); |
|
186 |
|
187 TBool ServerBusy(); |
|
188 |
|
189 void EvaluationSucceededL(TIdentityId aIdentityId) ; |
|
190 void CompleteAuthenticationL(const RMessagePtr2& aMessage, CIdentity* aId); |
|
191 |
|
192 typedef TBool (CAuthServer::* TInterfaceFilter)(const CAuthPluginInterface&); |
|
193 |
|
194 void FilterPluginsL( |
|
195 const RMessage2& aMessage, TInterfaceFilter aFilter); |
|
196 |
|
197 void GetDescriptionsFromEComLC( |
|
198 TInterfaceFilter aFilter, RCPointerArray<const CPluginDesc>& aDescs); |
|
199 |
|
200 TBool FilterAllPlugins(const CAuthPluginInterface&); |
|
201 TBool FilterPluginsByType(const CAuthPluginInterface&); |
|
202 TBool FilterPluginsByTraining(const CAuthPluginInterface& aInterface); |
|
203 |
|
204 void UpdateAuthL(TLastAuth& aAuth, TPluginId aPlugin); |
|
205 |
|
206 HBufC* StringOrNullLC(TBool aReturnString, TIdentityId id); |
|
207 |
|
208 void EvaluateL(TPluginId aPluginId, |
|
209 TIdentityId& aIdentityId, |
|
210 CAuthExpressionImpl::TType aType, |
|
211 TRequestStatus& aStatus); |
|
212 |
|
213 void ProcessAliasStringL(RPointerArray<HBufC>& aAuthAliasList, const TDesC& aAliasStringToProcess , RBuf& aResultantAliasString); |
|
214 |
|
215 TBool CheckForAliasInAliasString(RPointerArray<HBufC>& aAuthAliasList, const TDes& aAliasString); |
|
216 CTransientKeyInfo* CreateKeyInfoLC(TPluginId aPluginId, const TDesC8& aPluginData, const CProtectionKey& aProtKey); |
|
217 TCustomResult CustomSecurityCheckL(const RMessage2& aMsg, |
|
218 TInt& aAction, TSecurityInfo& aMissing); |
|
219 void TokenizeStringL( const TDesC& aStringToBeProcessed, RBuf& aResultantString ); |
|
220 void ResolveAliasL( const TDesC& aAliasName, |
|
221 RPointerArray<HBufC>& aAliasList, |
|
222 RBuf& aResultantString); |
|
223 |
|
224 |
|
225 void FreeMemoryBeforeHeapMark(); |
|
226 void SetupVariablesAfterHeapMarkEndL(); |
|
227 |
|
228 private: |
|
229 RFs iFs; |
|
230 /// The persistent authentication database |
|
231 CAuthDb2* iAuthDb2; |
|
232 //plugin manager |
|
233 CPluginMgr* iPluginMgr; |
|
234 // The training manager |
|
235 CTrainingMgr* iTrainingMgr; |
|
236 /// the auth expression evaluator |
|
237 CEvaluator* iEvaluator; |
|
238 /// the last authenticated identity |
|
239 CIdentity* iLastIdentity; |
|
240 /// the last authentication time |
|
241 TTime iLastAuthTime; |
|
242 /// holds the information about the authentication taking place |
|
243 CAuthTransaction* iAuthTransaction; |
|
244 /// used to publish information about the last authentication |
|
245 RProperty iAuthProperty; |
|
246 /// used to notify subscribers of changes to the authenticated identity |
|
247 RProperty iAuthEventProperty; |
|
248 /// The authentication repository |
|
249 CAuthRepository* iAuthRepository; |
|
250 /// The key size to be used for protection keys |
|
251 TInt iKeySize; |
|
252 /// The parameters from the IPC Call |
|
253 CAuthParams* iParams; |
|
254 |
|
255 |
|
256 TAuthTrainingStatus iFilterTraining; |
|
257 TAuthPluginType iFilterType; |
|
258 CPluginObserver* iPluginObserver; |
|
259 |
|
260 // Server Policies |
|
261 static const TUint iRangeCount; |
|
262 static const TInt iRanges[KPolicyRanges]; |
|
263 static const TUint8 iElementsIndex[KPolicyRanges]; |
|
264 static const CPolicyServer::TPolicyElement iPolicyElements[KPolicyElements]; |
|
265 static const CPolicyServer::TPolicy iPolicy; |
|
266 static const TStaticSecurityPolicy iPropertyWritePolicy; |
|
267 static const TStaticSecurityPolicy iPropertyReadPolicy; |
|
268 }; |
|
269 } //namespace |
|
270 |
|
271 #endif // AUTHSERVER_H |