function LoginByDigest($arDigest) { //array("username"=>"", "nonce"=>"", "uri"=>"", "response"=>"") /** @global CMain $APPLICATION */ global $USER, $DB, $APPLICATION; $APPLICATION->ResetException(); $strSql = "SELECT U.ID, U.PASSWORD, UD.DIGEST_HA1, U.EXTERNAL_AUTH_ID " . "FROM b_user U LEFT JOIN b_user_digest UD ON UD.USER_ID=U.ID " . "WHERE U.LOGIN='******' "; $res = $DB->Query($strSql); if ($arUser = $res->Fetch()) { $method = isset($_SERVER['REDIRECT_REQUEST_METHOD']) ? $_SERVER['REDIRECT_REQUEST_METHOD'] : $_SERVER['REQUEST_METHOD']; $HA2 = md5($method . ':' . $arDigest['uri']); if ($arUser["EXTERNAL_AUTH_ID"] == '' && $arUser["DIGEST_HA1"] != '') { //digest is for internal authentication only $_SESSION["BX_HTTP_DIGEST_ABSENT"] = false; $HA1 = $arUser["DIGEST_HA1"]; $valid_response = md5($HA1 . ':' . $arDigest['nonce'] . ':' . $HA2); if ($arDigest["response"] === $valid_response) { //regular user password return $USER->Login($arDigest["username"], $arUser["PASSWORD"], "N", "N"); } } //check for an application password, including external users if (($appPassword = \Bitrix\Main\Authentication\ApplicationPasswordTable::findDigestPassword($arUser["ID"], $arDigest)) !== false) { return $USER->Login($arDigest["username"], $appPassword["PASSWORD"], "N", "N"); } if ($arUser["DIGEST_HA1"] == '') { //this indicates that we still have no user digest hash $_SESSION["BX_HTTP_DIGEST_ABSENT"] = true; } } $APPLICATION->ThrowException(GetMessage("USER_AUTH_DIGEST_ERR")); return array("MESSAGE" => GetMessage("USER_AUTH_DIGEST_ERR") . "<br>", "TYPE" => "ERROR"); }