Bitrix-D7 23.9
 
Загрузка...
Поиск...
Не найдено
guestauth.php
1<?php
2
3namespace Bitrix\Pull\Rest;
4
5class GuestAuth
6{
7 const AUTH_TYPE = 'pull_guest';
8
9 const METHODS_WITHOUT_AUTH = [
10 'server.time',
11 'pull.config.get',
12
13 ];
14
15 const PULL_UID_PARAM = 'pull_guest_id';
16
17 protected static $authQueryParams = array(
18 'pull_guest_id',
19 );
20
21 public static function onRestCheckAuth(array $query, $scope, &$res)
22 {
23 global $USER;
24 if($USER->IsAuthorized() || !defined("PULL_USER_ID"))
25 {
26 return null;
27 }
28
29 $authCode = null;
30 foreach(static::$authQueryParams as $key)
31 {
32 if(array_key_exists($key, $query))
33 {
34 $authCode = $query[$key];
35 break;
36 }
37 }
38
39 if($authCode === null)
40 {
41 return null;
42 }
43
44 if(static::checkQueryMethod(static::METHODS_WITHOUT_AUTH))
45 {
46 if((int)$authCode === (int)PULL_USER_ID)
47 {
48 $res = self::getSuccessfulResult();
49 return true;
50 }
51 }
52
53 return null;
54 }
55
56 protected static function checkQueryMethod($whiteListMethods)
57 {
58 if (\CRestServer::instance()->getMethod() == 'batch')
59 {
60 $result = false;
61 foreach (\CRestServer::instance()->getQuery()['cmd'] as $key => $method)
62 {
63 $method = mb_substr($method, 0, mb_strrpos($method, '?'));
64 $result = in_array(mb_strtolower($method), $whiteListMethods);
65 if (!$result)
66 {
67 break;
68 }
69 }
70 }
71 else
72 {
73 $result = in_array(\CRestServer::instance()->getMethod(), $whiteListMethods);
74 }
75
76 return $result;
77 }
78
79 protected static function getSuccessfulResult()
80 {
81 return [
82 'user_id' => defined("PULL_USER_ID") ? PULL_USER_ID : 0,
83 'scope' => implode(',', \CRestUtil::getScopeList()),
84 'parameters_clear' => static::$authQueryParams,
85 'auth_type' => static::AUTH_TYPE,
86 ];
87 }
88}
Bitrix\Pull\Rest\GuestAuth\checkQueryMethod
static checkQueryMethod($whiteListMethods)
Definition guestauth.php:56
Bitrix\Pull\Rest\GuestAuth\onRestCheckAuth
static onRestCheckAuth(array $query, $scope, &$res)
Definition guestauth.php:21