PermissionToken::isValid

public function isValid(string $accessTypeCode, string $token, array $data): bool
{
	if ($token === '')
	{
		return false;
	}

	$signer = new \Bitrix\Main\Security\Sign\Signer;
	try
	{
		$payload = (array)Json::decode(
			base64_decode(
				$signer->unsign($token, $this->getSalt($accessTypeCode))
			)
		);
		$ownerEntityTypeId = $payload['ownerEntityTypeId'] ?? null;
		$ownerEntityId = $payload['ownerEntityId'] ?? null;

		if (!\CCrmOwnerType::IsDefined($ownerEntityTypeId))
		{
			return false;
		}

		$userPermissions = Container::getInstance()->getUserPermissions();

		$isCompany = isset($data['entityTypeId'])
			&& isset($data['entityId'])
			&& (int)$data['entityTypeId'] === \CCrmOwnerType::Company
		;

		$isNewCompany = $isCompany && (int)$data['entityId'] === 0;
		$isMyCompanyEntity = $isCompany && !$isNewCompany && \CCrmCompany::isMyCompany((int)$data['entityId']);

		switch ($accessTypeCode)
		{
			case self::ACCESS_TYPE_EDIT_MY_COMPANY_REQUISITE:
				return
					($isNewCompany || $isMyCompanyEntity) // suppose any new company can be my company
					&& $userPermissions->checkUpdatePermissions($ownerEntityTypeId, $ownerEntityId)
				;
		}

		return false;
	}
	catch (\Bitrix\Main\Security\Sign\BadSignatureException $e)
	{
		return false;
	}
}