1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
token.php
См. документацию.
1<?php
2
3namespace Bitrix\Main\Engine\ActionFilter;
4
5use Bitrix\Main\Context;
6use Bitrix\Main\Error;
7use Bitrix\Main\Event;
8use Bitrix\Main\EventResult;
9
10class Token extends Base
11{
12 protected const ERROR_RESTRICTED_BY_SIGN_CHECK = 'restricted_by_sign';
13
16
19
22
23 final public function __construct(\Closure $getEntityClosure)
24 {
25 $this->entityHeaderName = Service\Token::getEntityHeader();
26 $this->tokenHeaderName = Service\Token::getTokenHeader();
27 $this->getEntityClosure = $getEntityClosure;
28
29 parent::__construct();
30 }
31
32 final public function onBeforeAction(Event $event)
33 {
34 $entityValue = (string)Context::getCurrent()->getRequest()->getHeader($this->entityHeaderName);
35 $tokenValue = (string)Context::getCurrent()->getRequest()->getHeader($this->tokenHeaderName);
36
37 if (!$this->check($entityValue, $tokenValue))
38 {
39 Context::getCurrent()->getResponse()->setStatus(403);
40 $this->addError(new Error(
41 'Access restricted by sign check',
42 self::ERROR_RESTRICTED_BY_SIGN_CHECK
43 ));
44
45 return new EventResult(EventResult::ERROR, null, null, $this);
46 }
47
48 return null;
49 }
50
51 protected function check(string $entityValue = '', string $tokenValue = ''): bool
52 {
53 global $USER;
54
55 $result = false;
56 try
57 {
58 $result = ($entityValue === (new Service\Token($USER->getId()))->unsign($tokenValue, ($this->getEntityClosure)()));
59 }
60 catch (\Exception $e)
61 {
62 }
63
64 return $result;
65 }
66}
addError(Error $error)
Определения base.php:80
__construct(\Closure $getEntityClosure)
Определения token.php:23
const ERROR_RESTRICTED_BY_SIGN_CHECK
Определения token.php:12
onBeforeAction(Event $event)
Определения token.php:32
check(string $entityValue='', string $tokenValue='')
Определения token.php:51
Определения error.php:15
Определения event.php:5
$result
Определения get_property_values.php:14
global $USER
Определения csv_new_run.php:40
$event
Определения prolog_after.php:141