/** * Need re-run oauth authorization? * @return bool */ public function isRequiredAuthorization() { if (!$this->errorCollection->hasErrors()) { return false; } return (bool) $this->errorCollection->getErrorByCode(self::ERROR_CODE_INSUFFICIENT_SCOPE) || (bool) $this->errorCollection->getErrorByCode(self::ERROR_CODE_INVALID_CREDENTIALS); }
protected function checkAction() { if ($this->errorCollection->hasErrors()) { $this->sendJsonErrorResponse(); } $description = $this->getActionDescription(); //if does not exist check_csrf_token we have to check csrf for only POST method. if ($description['check_csrf_token'] === true || $this->request->isPost() && !isset($description['check_csrf_token'])) { if (!check_bitrix_sessid()) { if ($this->isAjaxRequest()) { $this->sendJsonAccessDeniedResponse('Wrong csrf token'); } else { $this->showAccessDenied(); } } } }
/** * Checks action by settings in description. * This method may terminate controller and application. * @return void */ protected function checkAction() { if ($this->errorCollection->hasErrors()) { $this->sendJsonErrorResponse(); } $description = $this->getActionDescription(); if (!$this->getUser() || !$this->getUser()->getId()) { if ($description['redirect_on_auth']) { LocalRedirect(SITE_DIR . 'auth/?backurl=' . urlencode(Application::getInstance()->getContext()->getRequest()->getRequestUri())); } else { $this->runProcessingIfUserNotAuthorized(); } } //if does not exist check_csrf_token we have to check csrf for only POST method. if ($description['check_csrf_token'] === true || $this->request->isPost() && !isset($description['check_csrf_token'])) { //in BDisk we have token_sid if (!check_bitrix_sessid() && !check_bitrix_sessid('token_sid')) { $this->runProcessingIfInvalidCsrfToken(); } } if (!in_array($this->request->getRequestMethod(), $description['method'])) { $this->sendJsonAccessDeniedResponse('Wrong method for current action'); } }