protected function prepareData()
{
global $USER;
$appManager = ApplicationManager::getInstance();
$applications = $appManager->getApplications();
$passwordsList = ApplicationPasswordTable::getList(array("filter" => array("=USER_ID" => $USER->GetID()), "order" => array("APPLICATION_ID" => "ASC", "DATE_CREATE" => "ASC")));
$rows = array();
while ($password = $passwordsList->fetch()) {
if (!isset($applications[$password["APPLICATION_ID"]])) {
$applications[$password["APPLICATION_ID"]] = array("NAME" => $password["APPLICATION_ID"]);
}
if (!isset($rows[$password["APPLICATION_ID"]])) {
$rows[$password["APPLICATION_ID"]] = array();
}
$rows[$password["APPLICATION_ID"]][] = $password;
}
$this->arResult["ROWS"] = $rows;
$this->arResult["APPLICATIONS"] = $applications;
}
$answer["captchaCode"] = $APPLICATION->CaptchaGetCode();
}
if (CModule::IncludeModule("security") && \Bitrix\Security\Mfa\Otp::isOtpRequired()) {
//user must enter OTP
$answer["needOtp"] = true;
}
CHTTP::SetStatus("401 Unauthorized");
} else {
$answer = array("success" => true, "sessionId" => session_id(), "bitrixSessionId" => bitrix_sessid());
if (($_POST['renew_password'] == 'y' || $_POST['otp'] != '') && $USER->GetParam("APPLICATION_ID") === null) {
$code = '';
if (strlen($_POST['user_os_mark']) > 0) {
$code = md5($_POST['user_os_mark'] . $_POST['user_account']);
}
if ($code != '') {
$orm = ApplicationPasswordTable::getList(array('select' => array('ID'), 'filter' => array('USER_ID' => $USER->GetID(), 'CODE' => $code)));
if ($row = $orm->fetch()) {
ApplicationPasswordTable::delete($row['ID']);
}
}
$password = ApplicationPasswordTable::generatePassword();
$res = ApplicationPasswordTable::add(array('USER_ID' => $USER->GetID(), 'APPLICATION_ID' => 'desktop', 'PASSWORD' => $password, 'DATE_CREATE' => new Main\Type\DateTime(), 'CODE' => $code, 'COMMENT' => GetMessage('DESKTOP_APP_GENERATOR'), 'SYSCOMMENT' => GetMessage('DESKTOP_APP_TITE')));
if ($res->isSuccess()) {
$answer["appPassword"] = $password;
}
}
}
if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'y') {
header('Content-Type: application/json');
echo Main\Web\Json::encode($answer);
} else {
function LoginByDigest($arDigest)
{
//array("username"=>"", "nonce"=>"", "uri"=>"", "response"=>"")
/** @global CMain $APPLICATION */
global $USER, $DB, $APPLICATION;
$APPLICATION->ResetException();
$strSql = "SELECT U.ID, U.PASSWORD, UD.DIGEST_HA1, U.EXTERNAL_AUTH_ID " . "FROM b_user U LEFT JOIN b_user_digest UD ON UD.USER_ID=U.ID " . "WHERE U.LOGIN='******' ";
$res = $DB->Query($strSql);
if ($arUser = $res->Fetch()) {
$method = isset($_SERVER['REDIRECT_REQUEST_METHOD']) ? $_SERVER['REDIRECT_REQUEST_METHOD'] : $_SERVER['REQUEST_METHOD'];
$HA2 = md5($method . ':' . $arDigest['uri']);
if ($arUser["EXTERNAL_AUTH_ID"] == '' && $arUser["DIGEST_HA1"] != '') {
//digest is for internal authentication only
$_SESSION["BX_HTTP_DIGEST_ABSENT"] = false;
$HA1 = $arUser["DIGEST_HA1"];
$valid_response = md5($HA1 . ':' . $arDigest['nonce'] . ':' . $HA2);
if ($arDigest["response"] === $valid_response) {
//regular user password
return $USER->Login($arDigest["username"], $arUser["PASSWORD"], "N", "N");
}
}
//check for an application password, including external users
$appPasswords = \Bitrix\Main\Authentication\ApplicationPasswordTable::getList(array('select' => array('PASSWORD', 'DIGEST_PASSWORD'), 'filter' => array('=USER_ID' => $arUser["ID"])));
while ($appPassword = $appPasswords->fetch()) {
$HA1 = $appPassword["DIGEST_PASSWORD"];
$valid_response = md5($HA1 . ':' . $arDigest['nonce'] . ':' . $HA2);
if ($arDigest["response"] === $valid_response) {
//application password
return $USER->Login($arDigest["username"], $appPassword["PASSWORD"], "N", "N");
}
}
if ($arUser["DIGEST_HA1"] == '') {
//this indicates that we still have no user digest hash
$_SESSION["BX_HTTP_DIGEST_ABSENT"] = true;
}
}
$APPLICATION->ThrowException(GetMessage("USER_AUTH_DIGEST_ERR"));
return array("MESSAGE" => GetMessage("USER_AUTH_DIGEST_ERR") . "<br>", "TYPE" => "ERROR");
}
$rsSites = CSite::GetByID(CExtranet::GetExtranetSiteID());
if (($arExtranetSite = $rsSites->Fetch()) && $arExtranetSite["ACTIVE"] != "N") {
$data["whiteList"] = array($arExtranetSite["DIR"] . "mobile/");
$data["appmap"] = array("main" => array("url" => $arExtranetSite["DIR"] . "mobile/index.php", "bx24ModernStyle" => true), "menu" => array("url" => $arExtranetSite["DIR"] . "mobile/left.php"), "right" => array("url" => $arExtranetSite["DIR"] . "mobile/im/right.php"));
if (\Bitrix\MobileApp\Mobile::getInstance()->getApiVersion() >= 10) {
$data["appmap"]["right"] = array("url" => $arExtranetSite["DIR"] . "mobile/im/right.php");
}
}
}
if (toUpper(SITE_CHARSET) != "UTF-8") {
$data = $APPLICATION->ConvertCharsetArray($data, SITE_CHARSET, "utf-8");
}
}
$needAppPass = \Bitrix\Main\Context::getCurrent()->getServer()->get("HTTP_BX_APP_PASS");
$appUUID = \Bitrix\Main\Context::getCurrent()->getServer()->get("HTTP_BX_APP_UUID");
$deviceName = \Bitrix\Main\Context::getCurrent()->getServer()->get("HTTP_BX_DEVICE_NAME");
if ($needAppPass == 'mobile' && $USER->GetParam("APPLICATION_ID") === null) {
if (strlen($appUUID) > 0) {
$result = ApplicationPasswordTable::getList(array('select' => array('ID'), 'filter' => array('USER_ID' => $USER->GetID(), 'CODE' => $appUUID)));
if ($row = $result->fetch()) {
ApplicationPasswordTable::delete($row['ID']);
}
}
$password = ApplicationPasswordTable::generatePassword();
$res = ApplicationPasswordTable::add(array('USER_ID' => $USER->GetID(), 'APPLICATION_ID' => 'mobile', 'PASSWORD' => $password, 'CODE' => $appUUID, 'DATE_CREATE' => new Main\Type\DateTime(), 'COMMENT' => GetMessage("MD_GENERATE_BY_MOBILE") . (strlen($deviceName) > 0 ? " (" . $deviceName . ")" : ""), 'SYSCOMMENT' => GetMessage("MD_MOBILE_APPLICATION")));
if ($res->isSuccess()) {
$data["appPassword"] = $password;
}
}
}
return $data;
