| Server IP : 80.87.202.40 / Your IP : 216.73.216.169 Web Server : Apache System : Linux rospirotorg.ru 5.14.0-539.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Dec 5 22:26:13 UTC 2024 x86_64 User : bitrix ( 600) PHP Version : 8.2.27 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /home/bitrix/ext_www/rospirotorg.ru/bitrix/modules/main/lib/authentication/ |
Upload File : |
<?php
/**
* Bitrix Framework
* @package bitrix
* @subpackage main
* @copyright 2001-2025 Bitrix
*/
namespace Bitrix\Main\Authentication;
use Bitrix\Main;
use Bitrix\Main\ORM;
use Bitrix\Main\ORM\Data;
use Bitrix\Main\ORM\Fields;
/**
* Class ApplicationPasswordTable
*
* DO NOT WRITE ANYTHING BELOW THIS
*
* <<< ORMENTITYANNOTATION
* @method static EO_ApplicationPassword_Query query()
* @method static EO_ApplicationPassword_Result getByPrimary($primary, array $parameters = [])
* @method static EO_ApplicationPassword_Result getById($id)
* @method static EO_ApplicationPassword_Result getList(array $parameters = [])
* @method static EO_ApplicationPassword_Entity getEntity()
* @method static \Bitrix\Main\Authentication\EO_ApplicationPassword createObject($setDefaultValues = true)
* @method static \Bitrix\Main\Authentication\EO_ApplicationPassword_Collection createCollection()
* @method static \Bitrix\Main\Authentication\EO_ApplicationPassword wakeUpObject($row)
* @method static \Bitrix\Main\Authentication\EO_ApplicationPassword_Collection wakeUpCollection($rows)
*/
class ApplicationPasswordTable extends Data\DataManager
{
use Data\Internal\DeleteByFilterTrait;
protected const PASSWORD_ALPHABET = "qwertyuiopasdfghjklzxcvbnm";
protected const PASSWORD_LENGTH = 16;
public static function getTableName()
{
return "b_app_password";
}
public static function getMap()
{
return [
new Fields\IntegerField('ID', [
'primary' => true,
'autocomplete' => true,
]),
new Fields\IntegerField('USER_ID', [
'required' => true,
'validation' => '\Bitrix\Main\Authentication\ApplicationPasswordTable::getUserValidators',
]),
new Fields\StringField('APPLICATION_ID', [
'required' => true,
]),
new Fields\StringField('PASSWORD', [
'required' => true,
]),
new Fields\StringField('DIGEST_PASSWORD'),
new Fields\DatetimeField('DATE_CREATE'),
new Fields\DatetimeField('DATE_LOGIN'),
new Fields\StringField('LAST_IP'),
new Fields\StringField('COMMENT'),
new Fields\StringField('SYSCOMMENT'),
new Fields\StringField('CODE'),
new Fields\Relations\Reference(
'USER',
'Bitrix\Main\User',
['=this.USER_ID' => 'ref.ID'],
['join_type' => 'INNER']
),
];
}
public static function getUserValidators()
{
return [
new Fields\Validators\ForeignValidator(Main\UserTable::getEntity()->getField('ID')),
];
}
public static function onBeforeAdd(ORM\Event $event)
{
$result = new ORM\EventResult;
$data = $event->getParameter("fields");
if (isset($data["USER_ID"]) && isset($data['PASSWORD']))
{
$modified = [
'PASSWORD' => Main\Security\Password::hash($data['PASSWORD']),
];
$user = Main\UserTable::getRowById($data["USER_ID"], ['select' => ['LOGIN']]);
if ($user !== null)
{
$realm = (defined('BX_HTTP_AUTH_REALM') ? BX_HTTP_AUTH_REALM : "Bitrix Site Manager");
$digest = md5($user["LOGIN"] . ':' . $realm . ':' . $data['PASSWORD']);
$modified['DIGEST_PASSWORD'] = $digest;
}
$result->modifyFields($modified);
}
return $result;
}
public static function onDelete(ORM\Event $event)
{
$id = $event->getParameter("id");
$row = static::getRowById($id);
if ($row)
{
Main\UserAuthActionTable::addLogoutAction($row["USER_ID"], $row["APPLICATION_ID"]);
}
}
/**
* Generates a random password.
* @return string
*/
public static function generatePassword()
{
return Main\Security\Random::getStringByCharsets(static::PASSWORD_LENGTH, static::PASSWORD_ALPHABET);
}
/**
* Checks if the string is similar to a password by its structure.
* @param string $password
* @return bool
*/
public static function isPassword($password)
{
if (is_string($password))
{
$password = str_replace(' ', '', $password);
if (strlen($password) === static::PASSWORD_LENGTH)
{
return (!preg_match("/[^" . static::PASSWORD_ALPHABET . "]/", $password));
}
}
return false;
}
/**
* Finds the application by the user's password.
*
* @param int $userId
* @param string $password
* @param bool $passwordOriginal
* @return array|false
*/
public static function findPassword($userId, $password, $passwordOriginal = true)
{
if ($passwordOriginal)
{
$password = str_replace(' ', '', $password);
}
$appPasswords = static::getList([
'select' => [
'ID',
'PASSWORD',
'APPLICATION_ID',
],
'filter' => [
'=USER_ID' => $userId,
],
'order' => [
'ID' => 'desc',
],
]);
while (($appPassword = $appPasswords->fetch()))
{
if (Main\Security\Password::equals($appPassword["PASSWORD"], $password, $passwordOriginal))
{
//bingo, application password
return $appPassword;
}
}
return false;
}
/**
* Finds the application by the user's digest authentication.
*
* @param int $userId
* @param array $digest See CHTTP::ParseDigest() for the array structure.
* @return array|false
*/
public static function findDigestPassword($userId, array $digest)
{
$appPasswords = static::getList([
'select' => ['PASSWORD', 'DIGEST_PASSWORD', 'APPLICATION_ID'],
'filter' => ['=USER_ID' => $userId],
]);
$server = Main\Context::getCurrent()->getServer();
$method = ($server['REDIRECT_REQUEST_METHOD'] !== null ? $server['REDIRECT_REQUEST_METHOD'] : $server['REQUEST_METHOD']);
$HA2 = md5($method . ':' . $digest['uri']);
while (($appPassword = $appPasswords->fetch()))
{
$HA1 = $appPassword["DIGEST_PASSWORD"];
$valid_response = md5($HA1 . ':' . $digest['nonce'] . ':' . $HA2);
if ($digest["response"] === $valid_response)
{
//application password
return $appPassword;
}
}
return false;
}
}