- Модуль: rest
- Путь к файлу: ~/bitrix/modules/rest/lib/sessionauth/auth.php
- Класс: Bitrix\Rest\SessionAuth\Auth
- Вызов: Auth::onRestCheckAuth
static function onRestCheckAuth(array $query, $scope, &$res)
{
global $USER;
$authKey = null;
foreach(static::$authQueryParams as $key)
{
if(array_key_exists($key, $query))
{
$authKey = $query[$key];
break;
}
}
if($authKey !== null || Context::getCurrent()->getRequest()->getHeader('X-Bitrix-Csrf-Token') !== null)
{
static::checkHttpAuth();
static::checkCookieAuth();
if(!$USER->isAuthorized())
{
$error = true;
$res = array('error' => 'access_denied', 'error_description' => 'User not authorized', 'additional' => array('sessid' => bitrix_sessid(), 'extended_error' => 'user_not_authorized'));
}
else if(check_bitrix_sessid() || $authKey === bitrix_sessid())
{
if (self::isAccessAllowed())
{
$error = false;
$res = array(
'user_id' => $USER->GetID(),
'scope' => implode(',', \CRestUtil::getScopeList()),
'parameters_clear' => static::$authQueryParams,
'auth_type' => static::AUTH_TYPE,
);
self::setLastActivityDate($USER->GetID(), $query);
if ($query['BX_SESSION_LOCK'] ?? null !== 'Y')
{
session_write_close();
}
}
else
{
$error = true;
$res = array('error' => 'access_denied', 'error_description' => 'Access denied for this type of user', 'additional' => array('type' => $USER->GetParam('EXTERNAL_AUTH_ID')));
}
}
else
{
$error = true;
$res = array('error' => 'session_failed', 'error_description' => 'Sessid check failed', 'additional' => array('sessid' => bitrix_sessid()));
}
return !$error;
}
return null;
}