1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
auth.php
См. документацию.
1<?php
8
9namespace Bitrix\Im\Call;
10
11class Auth
12{
13 const AUTH_TYPE = 'call';
14
15 const AUTH_CODE_GUEST = 'guest';
16 const PASSWORD_CHECK_METHOD = 'im.videoconf.password.check';
17
18 const METHODS_WITHOUT_AUTH = [
19 'im.call.user.register',
20 'im.videoconf.password.check',
21
22 'server.time',
23 'pull.config.get',
24 'pull.watch.extend',
25 ];
26
27 const METHODS_WITH_AUTH = [
28 'mobile.browser.const.get',
29 'im.user.get',
30 'im.dialog.users.list',
31
32 // pull
33 'server.time',
34 'pull.config.get',
35 'pull.watch.extend',
36 // im
37 'im.chat.get',
38 'im.message.add',
39 'im.message.update',
40 'im.message.delete',
41 'im.message.like',
42 'im.dialog.writing',
43 'im.dialog.messages.get',
44 'im.dialog.read',
45 'im.disk.folder.get',
46 'im.disk.file.commit',
47 'im.user.list.get',
48 'im.call.create',
49 'im.call.invite',
50 'im.call.answer',
51 'im.call.ping',
52 'im.call.channel.public.list',
53 'im.call.hangup',
54 'im.call.decline',
55 'im.call.getusers',
56 'im.call.get',
57 'im.call.tryjoincall',
58 'local.call.log',
59 'smile.get',
60 // disk
61 'disk.folder.uploadfile',
62 // user
63 'im.call.user.update',
64 //voximplant
65 'voximplant.authorization.get',
66 'voximplant.authorization.onerror',
67 'voximplant.authorization.signonetimekey',
68 //call
69 'call.call.tryjoincall',
70 'call.call.getcalltoken',
71 ];
72
73 // TODO sync AUTH_ID_PARAM with file /rest/services/rest/index.php
74 const AUTH_ID_PARAM = 'call_auth_id';
75
76 protected static $authQueryParams = [
77 self::AUTH_ID_PARAM,
78 ];
79
80 public static function onRestCheckAuth(array $query, $scope, &$res)
81 {
82 global $USER;
83
84 $authCode = null;
85 foreach(static::$authQueryParams as $key)
86 {
87 if(array_key_exists($key, $query))
88 {
89 $authCode = $query[$key];
90 break;
91 }
92 }
93
94 if ($authCode === null)
95 {
96 return null;
97 }
98
99 $conference = null;
100 $method = \CRestServer::instance()->getMethod();
101 if ($method === self::PASSWORD_CHECK_METHOD)
102 {
103 $conference = Conference::getById((int)$query['videoconf_id']);
104
105 if (!$conference || !$conference->isActive())
106 {
107 $res = [
108 'error' => 'CALL_AUTH_NOT_ACTIVE',
109 'error_description' => 'Call: conference is not active',
110 'additional' => []
111 ];
112
113 return false;
114 }
115 }
116 else
117 {
118 $storage = \Bitrix\Main\Application::getInstance()->getLocalSession('conference_check_' . $query['videoconf_id']);
119 if($storage->get('checked') === true)
120 {
121 //TODO: check conf status by checking start date from cache
122 }
123 else
124 {
125 $conference = Conference::getById((int)$query['videoconf_id']);
126
127 if (!$conference || !$conference->isActive())
128 {
129 $res = [
130 'error' => 'CALL_AUTH_VIDEOCONF_NOT_ACTIVE',
131 'error_description' => 'Call: conference is not active',
132 'additional' => []
133 ];
134
135 return false;
136 }
137
138 if ($conference->isPasswordRequired())
139 {
140 if ($conference->getPassword() === $query['videoconf_password'])
141 {
142 $storage->set('checked', true);
143 }
144 else
145 {
146 $res = [
147 'error' => 'CALL_AUTH_ACCESS_DENIED',
148 'error_description' => 'Call: access to conference is denied',
149 'additional' => []
150 ];
151
152 return false;
153 }
154 }
155 }
156 }
157
158 if ($authCode == self::AUTH_CODE_GUEST)
159 {
160 if (self::checkQueryMethod(self::METHODS_WITHOUT_AUTH))
161 {
162 $res = self::getSuccessfulResult();
163
164 return true;
165 }
166 else
167 {
168 $res = [
169 'error' => 'CALL_AUTH_METHOD_ERROR',
170 'error_description' => 'Call: you don\'t have access to use this method [1]',
171 'additional' => []
172 ];
173
174 return false;
175 }
176 }
177 else if (!preg_match("/^[a-fA-F0-9]{32}$/i", $authCode))
178 {
179 $res = [
180 'error' => 'CALL_AUTH_FAILED',
181 'error_description' => 'Call: user auth failed [code is not correct]',
182 'additional' => []
183 ];
184 }
185
186 if (!self::checkQueryMethod(array_merge(self::METHODS_WITH_AUTH, self::METHODS_WITHOUT_AUTH)))
187 {
188 $res = [
189 'error' => 'CALL_AUTH_METHOD_ERROR',
190 'error_description' => 'Call: you don\'t have access to use this method [2]',
191 'additional' => []
192 ];
193
194 return false;
195 }
196
197 $xmlId = self::AUTH_TYPE."|".$authCode;
198
199 if ($USER->IsAuthorized())
200 {
201 if ($USER->GetParam('EXTERNAL_AUTH_ID') == 'call')
202 {
203 if ($USER->GetParam('XML_ID') == $xmlId)
204 {
205 $res = self::getSuccessfulResult();
206
207 \CUser::SetLastActivityDate($USER->GetID(), true);
208
209 return true;
210 }
211 else
212 {
213 $res = [
214 'error' => 'CALL_AUTH_DIFF_USER',
215 'error_description' => 'Call: you are authorized with a different user [2]',
216 'additional' => ['hash' => mb_substr($USER->GetParam('XML_ID'), mb_strlen(self::AUTH_TYPE) + 1)]
217 ];
218
219 return false;
220 }
221 }
222 else
223 {
224 $res = [
225 'error' => 'CALL_AUTH_PORTAL_USER',
226 'error_description' => 'Call: you are authorized with a portal user [2]',
227 'additional' => []
228 ];
229
230 return false;
231 }
232 }
233
234 $userData = \Bitrix\Main\UserTable::getList(
235 [
236 'select' => ['ID', 'EXTERNAL_AUTH_ID'],
237 'filter' => ['=XML_ID' => $xmlId]
238 ]
239 )->fetch();
240
241 if ($userData && $userData['EXTERNAL_AUTH_ID'] == 'call')
242 {
243 self::authorizeById($userData['ID']);
244
245 $res = self::getSuccessfulResult();
246
247 \CUser::SetLastActivityDate($USER->GetID(), true);
248
249 return true;
250 }
251
252 $res = [
253 'error' => 'CALL_AUTH_FAILED',
254 'error_description' => 'Call: user auth failed [user not found]',
255 'additional' => []
256 ];
257
258 return false;
259 }
260
261 public static function authorizeById($userId, $setCookie = null, $skipAuthorizeCheck = false)
262 {
263 global $USER;
264
265 if (!$skipAuthorizeCheck && $USER->IsAuthorized())
266 {
267 return false;
268 }
269
270 $context = \Bitrix\Main\Context::getCurrent();
271
272 if (is_null($setCookie))
273 {
274 $setCookie = false;
275 if ($context->getRequest()->getCookieRaw('BITRIX_CALL_AUTH'))
276 {
277 $setCookie = true;
278 }
279 }
280
281 if ($USER->GetID() != $userId)
282 {
283 $USER->Authorize($userId, $setCookie, $setCookie, 'public');
284 }
285
286 $cookie = new \Bitrix\Main\Web\Cookie('BITRIX_CALL_AUTH', 'Y', null, false);
287 $cookie->setHttpOnly(false);
288 $context->getResponse()->addCookie($cookie);
289
290 $authCode = str_replace(self::AUTH_TYPE.'|', '', $USER->GetParam('XML_ID'));
291
292 $cookie = new \Bitrix\Main\Web\Cookie('BITRIX_CALL_HASH', $authCode, null, false);
293 $cookie->setHttpOnly(false);
294 $context->getResponse()->addCookie($cookie);
295
296 return true;
297 }
298
299 private static function getSuccessfulResult()
300 {
301 global $USER;
302
303 return [
304 'user_id' => $USER->GetID(),
305 'scope' => implode(',', \CRestUtil::getScopeList()),
306 'parameters_clear' => static::$authQueryParams,
307 'auth_type' => static::AUTH_TYPE,
308 ];
309 }
310
311 private static function checkQueryMethod($whiteListMethods)
312 {
313 if (\CRestServer::instance()->getMethod() == 'batch')
314 {
315 $result = false;
316 foreach (\CRestServer::instance()->getQuery()['cmd'] as $key => $method)
317 {
318 $method = mb_substr($method, 0, mb_strrpos($method, '?'));
319 $result = in_array(mb_strtolower($method), $whiteListMethods);
320 if (!$result)
321 {
322 break;
323 }
324 }
325 }
326 else
327 {
328 $result = in_array(\CRestServer::instance()->getMethod(), $whiteListMethods);
329 }
330
331 return $result;
332 }
333}
$userId
if(!is_object($USER)||! $USER->IsAuthorized()) $userId
Определения check_mail.php:18
Bitrix\Im\Call\Auth
Определения auth.php:12
Bitrix\Im\Call\Auth\PASSWORD_CHECK_METHOD
const PASSWORD_CHECK_METHOD
Определения auth.php:16
Bitrix\Im\Call\Auth\$authQueryParams
static $authQueryParams
Определения auth.php:76
Bitrix\Im\Call\Auth\METHODS_WITHOUT_AUTH
const METHODS_WITHOUT_AUTH
Определения auth.php:18
Bitrix\Im\Call\Auth\METHODS_WITH_AUTH
const METHODS_WITH_AUTH
Определения auth.php:27
Bitrix\Im\Call\Auth\AUTH_TYPE
const AUTH_TYPE
Определения auth.php:13
Bitrix\Im\Call\Auth\AUTH_CODE_GUEST
const AUTH_CODE_GUEST
Определения auth.php:15
Bitrix\Im\Call\Auth\AUTH_ID_PARAM
const AUTH_ID_PARAM
Определения auth.php:74
Bitrix\Im\Call\Auth\authorizeById
static authorizeById($userId, $setCookie=null, $skipAuthorizeCheck=false)
Определения auth.php:261
Bitrix\Im\Call\Auth\onRestCheckAuth
static onRestCheckAuth(array $query, $scope, &$res)
Определения auth.php:80
Bitrix\Im\Call\Conference\getById
static getById(int $id)
Определения conference.php:833
Bitrix\Main\Application\getInstance
static getInstance()
Определения application.php:98
Bitrix\Main\ORM\Data\DataManager\getList
static getList(array $parameters=array())
Определения datamanager.php:431
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$res
$res
Определения filter_act.php:7
$result
$result
Определения get_property_values.php:14
$query
$query
Определения get_search.php:11
$USER
global $USER
Определения csv_new_run.php:40
$context
$context
Определения csv_new_setup.php:223
Bitrix\Im\Call
Определения auth.php:9
$key
if(empty($signedUserToken)) $key
Определения quickway.php:257
$storage
if(empty($decryptedData)) $storage
Определения quickway.php:270
$method
$method
Определения index.php:27