myvtm/Module/mod_accessauth/AccessAuthFSM.h

#pragma once

#include "SpBase.h"
#include "SpFSM.h"
#include "Blob.h"
#include "EventCode.h"
#include "AccessAuthConn.h"
#include "IHttpFunc.h"
#include "json/json.h"
#include "CommEntityRestful.hpp"
#include <mutex>
#include "publicFunExport.h"
#include <winpr/sysinfo.h>

typedef struct CSessionkeySynReq
{
	std::string terminalNo;
	int curTime;
	JSONCONVERT2OBJECT_MEMEBER_REGISTER(terminalNo, curTime)
} CSessionkeySynReq;

typedef struct CSessionkeySynAns
{
	int timeDiff;
	int authVersion;
	std::string sessionKey;
	std::string reserved;
	JSONCONVERT2OBJECT_MEMEBER_REGISTER(timeDiff, authVersion, sessionKey, reserved)
}CSessionkeySynAns;

typedef struct CAccessAuthUpdateWKReq
{
	std::string terminalNo;
	std::string encRandom;
	string tpkKeyCheck; //tpk密钥校验值
	string edkKeyCheck; //edk密钥校验值
	string keyIndex; //密钥序号
	JSONCONVERT2OBJECT_MEMEBER_REGISTER(terminalNo, encRandom, tpkKeyCheck, edkKeyCheck, keyIndex)
} CAccessAuthUpdateWKReq;

typedef struct CAccessAuthUpdateWKAns
{
	string tmk;
	string tpk;
	string edk;
	string tpkKeyCheck; //密钥校验值
	string edkKeyCheck; //edk密钥校验值
	string keyIndex; //密钥序号
	JSONCONVERT2OBJECT_MEMEBER_REGISTER(tmk, tpk, edk, tpkKeyCheck, edkKeyCheck, keyIndex)
} CAccessAuthUpdateWKAns;

typedef struct CAccessAuthGetTokenReq
{
	string terminalVersion;//终端版本（新加字段）
	string terminalNo;
	string sessionTempPubKey;
	string encTerminalInfo;
	JSONCONVERT2OBJECT_MEMEBER_REGISTER(terminalVersion, terminalNo, sessionTempPubKey, encTerminalInfo)
} CAccessAuthGetTokenReq;

struct AccessTokenJson
{
	string enToken;
	string retHash;
	JSONCONVERT2OBJECT_MEMEBER_REGISTER(enToken, retHash)
};
struct SharedKeyJson
{
	string enToken;
	string sharedSK;
	string retHash;
	JSONCONVERT2OBJECT_MEMEBER_REGISTER(enToken, sharedSK, retHash)
};

typedef struct CAccessAuthGetTokenAns
{
	AccessTokenJson accessToken;
	SharedKeyJson sharedKey;
	bool flag;
	string warnMessage;
	JSONCONVERT2OBJECT_MEMEBER_REGISTER(accessToken, sharedKey, flag, warnMessage)
} CAccessAuthGetTokenAns;

typedef struct CInitlizerMKReq
{
	string iniTerminalInfo;
	string terminalVersion;
	string terminalNo;
	string publicKey;
	string user; //操作人
	string auth;//预留鉴权
	int loginWay;//1表示错误页发起，需要传入登录密码；0表示用户桌面发起，不需要传入登录密码
	string encRandom; //tmk pk加密的随机密钥
	string curTpkKeyCheck; //密钥校验值
	string curEdkKeyCheck; //密钥校验值
	string curKeyIndex; //密钥序号

	JSONCONVERT2OBJECT_MEMEBER_REGISTER(iniTerminalInfo, terminalVersion, terminalNo, publicKey, user, auth,
		loginWay, encRandom, curTpkKeyCheck, curEdkKeyCheck, curKeyIndex)

} CInitlizerMKReq;

typedef struct CInitlizerMKAns
{
	string TMK;
	string TPK;
	string EDK;
	string tpkKeyCheck;
	string edkKeyCheck;
	string keyIndex;
	string reserved;
	JSONCONVERT2OBJECT_MEMEBER_REGISTER(TMK, TPK, EDK, tpkKeyCheck, edkKeyCheck, keyIndex)
		JSONCONVERT2OBJECT_MEMEBER_RENAME_REGISTER("tmk", "tpk", "edk", "tpkKeyCheck", "edkKeyCheck", "keyIndex")
} CInitlizerMKAns;

class MyMutex;
class CAccessAuthFSM : public FSMImpl<CAccessAuthFSM>, public IFSMStateHooker
{
public:
	CAccessAuthFSM();
	virtual ~CAccessAuthFSM();

	virtual void OnStateTrans(int iSrcState, int iDstState);
	virtual ErrorCodeEnum OnInit();
	virtual ErrorCodeEnum OnExit();

	enum{s1, s2, s3};

	enum
	{
		Event_StartRegist = EVT_USER+1,
		Event_ConnectionOK,
		Event_EndSyncTime,
		Event_ReqTokenFail,
		Event_ReqTokenSucc,
		Event_ReqTokenCancel,
		Event_AccessAuthSucc
	};

	BEGIN_FSM_STATE(CAccessAuthFSM)
		FSM_STATE_ENTRY(s1, "Isolate",s1_on_entry,s1_on_exit,s1_on_event)
		FSM_STATE_ENTRY(s2, "Checking",s2_on_entry,s2_on_exit,s2_on_event)
		FSM_STATE_ENTRY(s3, "Authorized", s3_on_entry, s3_on_exit, s3_on_event)
	END_FSM_STATE()

	BEGIN_FSM_RULE(CAccessAuthFSM,s1)
		FSM_RULE_ENTRY_ANY(s1, s2, Event_StartRegist)
		FSM_RULE_ENTRY_ANY(s1, s3, Event_AccessAuthSucc)
		FSM_RULE_ENTRY_ANY(s2, s1, Event_ReqTokenCancel)
		FSM_RULE_ENTRY_ANY(s2, s3, Event_AccessAuthSucc)
	END_FSM_RULE()

	void s1_on_entry();
	void s1_on_exit();
	unsigned int s1_on_event(FSMEvent* event);

	void s2_on_entry();
	void s2_on_exit();
	unsigned int s2_on_event(FSMEvent* event);

	void s3_on_entry();

	void s3_on_exit() {
		LOG_FUNCTION();
	}
	unsigned int s3_on_event(FSMEvent* event);

public:
	CSimpleStringA GetmAccessAuthHost() { return m_accessAuthHost; }
	bool DecryptWithSessionKey(BYTE* encText, int encTextLen, BYTE* decTest, int& decTestLen);
	//oilyang@20210813 add bNeedEvent.
	//no need to throw event defaultly except the KEY error to call for Close Page
	void doWarnMsg(int errReason, std::string errMsg, bool bNeedEvent = false, string varMsg = "");
	DWORD HandleTimeSyn(long nTimeDiff, BYTE* nSessionKey);
	DWORD HandleGetToken(BYTE* token, BYTE* sharedKey, BYTE* token2, BYTE* retHash);
	DWORD GetEncTerminalInfoWithKey(CBlob& encInfo, BYTE* key);
	DWORD GetTmk(string& tmk);
	DWORD GetTokenReq(CAccessAuthGetTokenReq* getTokenReq);
	void UpdateWK();
	DWORD InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx);
	
	template<class T>
	void AuthLogWarn(const T& ret, const string& url, const string& method, bool bNeedEvent = true);
	void GetNetMsg(SpReqAnsContext<AccessAuthService_GetNetMsg_Req, AccessAuthService_GetNetMsg_Ans>::Pointer& ctx);
	CSimpleStringA GetEntryPermitSysVar();
	ErrorCodeEnum SetEntryPermitSysVar(const CSimpleStringA& newVal);
	ErrorCodeEnum LoadCenterConfig();

	bool containsChinese(const std::string& str);

	CSimpleStringA GetOsVersion();
	void GetIPandMac(CSimpleStringA& ip, CSimpleStringA& mac);

private:
	void GetDiffSyncTimeFromCenterSettings();
private:
	int m_nAccessFailedCount;
	CSimpleStringA m_accessAuthHost;
	int m_torelateDiffSyncTimeSecs;
	int m_finishAccess;
};