#pragma once #include "SpBase.h" #include "SpFSM.h" #include "Blob.h" #include "EventCode.h" #include "AccessAuthConn.h" #include "IHttpFunc.h" #include "json/json.h" #include "CommEntityRestful.hpp" #include #include "publicFunExport.h" #include typedef struct CSessionkeySynReq { std::string terminalNo; int curTime; JSONCONVERT2OBJECT_MEMEBER_REGISTER(terminalNo, curTime) } CSessionkeySynReq; typedef struct CSessionkeySynAns { int timeDiff; int authVersion; std::string sessionKey; std::string reserved; JSONCONVERT2OBJECT_MEMEBER_REGISTER(timeDiff, authVersion, sessionKey, reserved) }CSessionkeySynAns; typedef struct CAccessAuthUpdateWKReq { std::string terminalNo; std::string encRandom; string tpkKeyCheck; //tpk密钥校验值 string edkKeyCheck; //edk密钥校验值 string keyIndex; //密钥序号 JSONCONVERT2OBJECT_MEMEBER_REGISTER(terminalNo, encRandom, tpkKeyCheck, edkKeyCheck, keyIndex) } CAccessAuthUpdateWKReq; typedef struct CAccessAuthUpdateWKAns { string tmk; string tpk; string edk; string tpkKeyCheck; //密钥校验值 string edkKeyCheck; //edk密钥校验值 string keyIndex; //密钥序号 JSONCONVERT2OBJECT_MEMEBER_REGISTER(tmk, tpk, edk, tpkKeyCheck, edkKeyCheck, keyIndex) } CAccessAuthUpdateWKAns; typedef struct CAccessAuthGetTokenReq { string terminalVersion;//终端版本(新加字段) string terminalNo; string sessionTempPubKey; string encTerminalInfo; JSONCONVERT2OBJECT_MEMEBER_REGISTER(terminalVersion, terminalNo, sessionTempPubKey, encTerminalInfo) } CAccessAuthGetTokenReq; struct AccessTokenJson { string enToken; string retHash; JSONCONVERT2OBJECT_MEMEBER_REGISTER(enToken, retHash) }; struct SharedKeyJson { string enToken; string sharedSK; string retHash; JSONCONVERT2OBJECT_MEMEBER_REGISTER(enToken, sharedSK, retHash) }; typedef struct CAccessAuthGetTokenAns { AccessTokenJson accessToken; SharedKeyJson sharedKey; bool flag; string warnMessage; JSONCONVERT2OBJECT_MEMEBER_REGISTER(accessToken, sharedKey, flag, warnMessage) } CAccessAuthGetTokenAns; typedef struct CInitlizerMKReq { string iniTerminalInfo; string terminalVersion; string terminalNo; string publicKey; string user; //操作人 string auth;//预留鉴权 int loginWay;//1表示错误页发起,需要传入登录密码;0表示用户桌面发起,不需要传入登录密码 string encRandom; //tmk pk加密的随机密钥 string curTpkKeyCheck; //密钥校验值 string curEdkKeyCheck; //密钥校验值 string curKeyIndex; //密钥序号 JSONCONVERT2OBJECT_MEMEBER_REGISTER(iniTerminalInfo, terminalVersion, terminalNo, publicKey, user, auth, loginWay, encRandom, curTpkKeyCheck, curEdkKeyCheck, curKeyIndex) } CInitlizerMKReq; typedef struct CInitlizerMKAns { string TMK; string TPK; string EDK; string tpkKeyCheck; string edkKeyCheck; string keyIndex; string reserved; JSONCONVERT2OBJECT_MEMEBER_REGISTER(TMK, TPK, EDK, tpkKeyCheck, edkKeyCheck, keyIndex) JSONCONVERT2OBJECT_MEMEBER_RENAME_REGISTER("tmk", "tpk", "edk", "tpkKeyCheck", "edkKeyCheck", "keyIndex") } CInitlizerMKAns; class MyMutex; class CAccessAuthFSM : public FSMImpl, public IFSMStateHooker { public: CAccessAuthFSM(); virtual ~CAccessAuthFSM(); virtual void OnStateTrans(int iSrcState, int iDstState); virtual ErrorCodeEnum OnInit(); virtual ErrorCodeEnum OnExit(); enum{s1, s2, s3}; enum { Event_StartRegist = EVT_USER+1, Event_ConnectionOK, Event_EndSyncTime, Event_ReqTokenFail, Event_ReqTokenSucc, Event_ReqTokenCancel, Event_AccessAuthSucc }; BEGIN_FSM_STATE(CAccessAuthFSM) FSM_STATE_ENTRY(s1, "Isolate",s1_on_entry,s1_on_exit,s1_on_event) FSM_STATE_ENTRY(s2, "Checking",s2_on_entry,s2_on_exit,s2_on_event) FSM_STATE_ENTRY(s3, "Authorized", s3_on_entry, s3_on_exit, s3_on_event) END_FSM_STATE() BEGIN_FSM_RULE(CAccessAuthFSM,s1) FSM_RULE_ENTRY_ANY(s1, s2, Event_StartRegist) FSM_RULE_ENTRY_ANY(s1, s3, Event_AccessAuthSucc) FSM_RULE_ENTRY_ANY(s2, s1, Event_ReqTokenCancel) FSM_RULE_ENTRY_ANY(s2, s3, Event_AccessAuthSucc) END_FSM_RULE() void s1_on_entry(); void s1_on_exit(); unsigned int s1_on_event(FSMEvent* event); void s2_on_entry(); void s2_on_exit(); unsigned int s2_on_event(FSMEvent* event); void s3_on_entry(); void s3_on_exit() { LOG_FUNCTION(); } unsigned int s3_on_event(FSMEvent* event); public: CSimpleStringA GetmAccessAuthHost() { return m_accessAuthHost; } bool DecryptWithSessionKey(BYTE* encText, int encTextLen, BYTE* decTest, int& decTestLen); //oilyang@20210813 add bNeedEvent. //no need to throw event defaultly except the KEY error to call for Close Page void doWarnMsg(int errReason, std::string errMsg, bool bNeedEvent = false, string varMsg = ""); DWORD HandleTimeSyn(long nTimeDiff, BYTE* nSessionKey); DWORD HandleGetToken(BYTE* token, BYTE* sharedKey, BYTE* token2, BYTE* retHash); DWORD GetEncTerminalInfoWithKey(CBlob& encInfo, BYTE* key); DWORD GetTmk(string& tmk); DWORD GetTokenReq(CAccessAuthGetTokenReq* getTokenReq); void UpdateWK(); DWORD InitDevice(SpReqAnsContext::Pointer &ctx); template void AuthLogWarn(const T& ret, const string& url, const string& method, bool bNeedEvent = true); void GetNetMsg(SpReqAnsContext::Pointer& ctx); CSimpleStringA GetEntryPermitSysVar(); ErrorCodeEnum SetEntryPermitSysVar(const CSimpleStringA& newVal); ErrorCodeEnum LoadCenterConfig(); bool containsChinese(const std::string& str); CSimpleStringA GetOsVersion(); void GetIPandMac(CSimpleStringA& ip, CSimpleStringA& mac); private: void GetDiffSyncTimeFromCenterSettings(); private: int m_nAccessFailedCount; CSimpleStringA m_accessAuthHost; int m_torelateDiffSyncTimeSecs; int m_finishAccess; };