- Модуль: socialservices
- Путь к файлу: ~/bitrix/modules/socialservices/classes/general/bitrix24net.php
- Класс: CSocServBitrix24Net
- Вызов: CSocServBitrix24Net::Authorize
public function Authorize($skipCheck = false)
{
global $APPLICATION;
$APPLICATION->RestartBuffer();
$bProcessState = false;
$authError = SOCSERV_AUTHORISATION_ERROR;
$errorMessage = '';
if(
$skipCheck
|| (
(isset($_REQUEST["code"]) && $_REQUEST["code"] <> '')
&& CSocServAuthManager::CheckUniqueKey()
)
)
{
$redirect_uri = CHTTP::URN2URI('/bitrix/tools/oauth/bitrix24net.php');
$bProcessState = true;
$bAdmin = false;
if(isset($_REQUEST["state"]))
{
parse_str($_REQUEST["state"], $arState);
$bAdmin = isset($arState['admin']);
}
if($bAdmin)
{
$this->checkRestrictions = false;
$this->addScope("admin");
}
if(!$skipCheck)
{
$this->getEntityOAuth()->setCode($_REQUEST["code"]);
}
if (isset($_REQUEST['saml']) && is_string($_REQUEST['saml']))
{
$this->getEntityOAuth()->setSamlEncodedValue($_REQUEST['saml']);
}
if($this->getEntityOAuth()->GetAccessToken($redirect_uri) !== false)
{
$arB24NetUser = $this->getEntityOAuth()->GetCurrentUser();
if($arB24NetUser)
{
$authError = true;
$arFields = array(
'EXTERNAL_AUTH_ID' => self::ID,
'XML_ID' => $arB24NetUser["ID"],
'LOGIN' => isset($arB24NetUser['LOGIN']) ? $arB24NetUser['LOGIN'] : "B24_".$arB24NetUser["ID"],
'NAME' => $arB24NetUser["NAME"],
'LAST_NAME' => $arB24NetUser["LAST_NAME"],
'EMAIL' => $arB24NetUser["EMAIL"],
'PERSONAL_WWW' => $arB24NetUser["PROFILE"],
'OATOKEN' => $this->getEntityOAuth()->getToken(),
'REFRESH_TOKEN' => $this->getEntityOAuth()->getRefreshToken(),
'OATOKEN_EXPIRES' => $this->getEntityOAuth()->getAccessTokenExpires(),
);
foreach(GetModuleEvents("socialservices", "OnBeforeNetworkUserAuthorize", true) as $arEvent)
{
if(ExecuteModuleEventEx($arEvent, array(&$arFields, $arB24NetUser, $this)) === false)
{
$authError = SOCSERV_AUTHORISATION_ERROR;
$errorMessage = $APPLICATION->GetException();
break;
}
}
if($authError === true)
{
if(SITE_ID <> '')
{
$arFields["SITE_ID"] = SITE_ID;
}
$bSaveNetworkAuth = COption::GetOptionString("main", "allow_external_auth_stored_hash", "N") == "Y";
$authError = $this->AuthorizeUser($arFields, $bSaveNetworkAuth);
}
}
if($authError !== true && !IsModuleInstalled('bitrix24'))
{
$this->getEntityOAuth()->RevokeAuth();
}
elseif($bAdmin)
{
global $CACHE_MANAGER, $USER;
$CACHE_MANAGER->Clean("sso_portal_list_".$USER->GetID());
}
}
}
$bSuccess = $authError === true;
if ($bSuccess)
{
CSocServAuthManager::SetAuthorizedServiceId(self::ID);
}
// hack to update option used for visualization in module options
if($bSuccess && !self::GetOption("bitrix24net_domain"))
{
$request = BitrixMainContext::getCurrent()->getRequest();
self::SetOption("bitrix24net_domain", ($request->isHttps() ? "https://" : "http://").$request->getHttpHost());
}
$aRemove = array_merge(array("auth_service_error", "auth_service_id", "code", "error_reason", "error", "error_description", "check_key", "current_fieldset", "checkword"), BitrixMainHttpRequest::getSystemParameters());
$url = ($APPLICATION->GetCurDir() == "/login/") ? "" : $APPLICATION->GetCurDir();
$mode = 'page';
if(!$bProcessState)
{
unset($_REQUEST["state"]);
}
if(isset($_REQUEST["state"]))
{
$arState = array();
parse_str($_REQUEST["state"], $arState);
if(isset($arState['backurl']) || isset($arState['redirect_url']))
{
$parseUrl = parse_url(isset($arState['redirect_url']) ? $arState['redirect_url'] : $arState['backurl']);
$urlPath = $parseUrl["path"];
$arUrlQuery = explode('&', $parseUrl["query"]);
foreach($arUrlQuery as $key => $value)
{
foreach($aRemove as $param)
{
if(mb_strpos($value, $param."=") === 0)
{
unset($arUrlQuery[$key]);
break;
}
}
}
$url = (!empty($arUrlQuery)) ? $urlPath.'?'.implode("&", $arUrlQuery) : $urlPath;
}
if(isset($arState['mode']))
{
$mode = $arState['mode'];
}
}
if($url == '' || preg_match("'^(http://|https://|ftp://|//)'i", $url))
{
$url = CHTTP::URN2URI('/');
}
$url = CUtil::JSEscape($url);
if($bSuccess)
{
unset($_SESSION['B24_NETWORK_REDIRECT_TRY']);
}
else
{
if(IsModuleInstalled('bitrix24'))
{
if(isset($_SESSION['B24_NETWORK_REDIRECT_TRY']))
{
unset($_SESSION['B24_NETWORK_REDIRECT_TRY']);
$url = self::getUrl();
$url .= (mb_strpos($url, '?') >= 0 ? '&' : '?').'skip_redirect=1&error_message='.urlencode($errorMessage);
}else
{
$_SESSION['B24_NETWORK_REDIRECT_TRY'] = true;
$url = '/';
}
}
else
{
if($authError === SOCSERV_REGISTRATION_DENY)
{
$url = (preg_match("/?/", $url)) ? $url.'&' : $url.'?';
$url .= 'auth_service_id='.self::ID.'&auth_service_error='.$authError;
}
elseif($bSuccess !== true)
{
$url = (isset($urlPath)) ? $urlPath.'?auth_service_id='.self::ID.'&auth_service_error='.$authError : $GLOBALS['APPLICATION']->GetCurPageParam(('auth_service_id='.self::ID.'&auth_service_error='.$authError), $aRemove);
}
if($errorMessage <> '')
{
$url .= '&error_message='.urlencode($errorMessage);
}
}
}
if(CModule::IncludeModule("socialnetwork") && mb_strpos($url, "current_fieldset=") === false)
{
$url .= ((mb_strpos($url, "?") === false) ? '?' : '&')."current_fieldset=SOCSERV";
}
if($url === $APPLICATION->GetCurPageParam())
{
$url = "/";
}
$location = ($mode == "popup")
? 'if(window.opener) window.opener.location = ''.$url.''; window.close();'
: 'window.location = ''.$url.'';';
?>