function LoginByDigest($arDigest)
{
//array("username"=>"", "nonce"=>"", "uri"=>"", "response"=>"")
/** @global CMain $APPLICATION */
global $USER, $DB, $APPLICATION;
$APPLICATION->ResetException();
$strSql = "SELECT U.ID, U.PASSWORD, UD.DIGEST_HA1, U.EXTERNAL_AUTH_ID " . "FROM b_user U LEFT JOIN b_user_digest UD ON UD.USER_ID=U.ID " . "WHERE U.LOGIN='******' ";
$res = $DB->Query($strSql);
if ($arUser = $res->Fetch()) {
$method = isset($_SERVER['REDIRECT_REQUEST_METHOD']) ? $_SERVER['REDIRECT_REQUEST_METHOD'] : $_SERVER['REQUEST_METHOD'];
$HA2 = md5($method . ':' . $arDigest['uri']);
if ($arUser["EXTERNAL_AUTH_ID"] == '' && $arUser["DIGEST_HA1"] != '') {
//digest is for internal authentication only
$_SESSION["BX_HTTP_DIGEST_ABSENT"] = false;
$HA1 = $arUser["DIGEST_HA1"];
$valid_response = md5($HA1 . ':' . $arDigest['nonce'] . ':' . $HA2);
if ($arDigest["response"] === $valid_response) {
//regular user password
return $USER->Login($arDigest["username"], $arUser["PASSWORD"], "N", "N");
}
}
//check for an application password, including external users
if (($appPassword = \Bitrix\Main\Authentication\ApplicationPasswordTable::findDigestPassword($arUser["ID"], $arDigest)) !== false) {
return $USER->Login($arDigest["username"], $appPassword["PASSWORD"], "N", "N");
}
if ($arUser["DIGEST_HA1"] == '') {
//this indicates that we still have no user digest hash
$_SESSION["BX_HTTP_DIGEST_ABSENT"] = true;
}
}
$APPLICATION->ThrowException(GetMessage("USER_AUTH_DIGEST_ERR"));
return array("MESSAGE" => GetMessage("USER_AUTH_DIGEST_ERR") . "<br>", "TYPE" => "ERROR");
}
