bitrix24-php-sdk
bitrix24-php-sdk copied to clipboard
mesilov
add auth scenario support
Hello
Hope you are well!
Can you please explain what should I pass in below mentioned code:
$obB24App->setDomain($arParams['DOMAIN']); $obB24App->setMemberId($arParams['MEMBER_ID']); $obB24App->setAccessToken($arParams['AUTH_ID']); $obB24App->setRefreshToken($arParams['REFRESH_ID']);
I have checked my Bitrix account too but I did not find the sufficient information.
Regards, Tripti
Having the same issue. No response from @mesilov?
I've been through the docs again and again, and I think the answer involves using an endpoint to retrieve the AUTH_ID and REFRESH_ID, but it's not clear how that works. I think the documentation assumes we understand how OAuth 2.0 works, but I honestly find it beyond confusing.
Can someone explain it in clear wording for us?
I ended up blending the 3-legged User authentication with an automatic 1-hour refresh cycle to keep the access token alive. This seems to be working very well so far.
So first step was to authenticate as a human user, but then have a cronjob refresh the token once an hour.
Workaround until I get a solid answer to server-to-server authentication. I tried one of the Partners, but they wanted to charge 3 hours for consultation, and I see this as a 10-minute question/answer.
When you add new Application, fill in "Install URL" field, Bitrix will send a POST request to this URL.
Everything you need in $_POST['auth']
It`s work for me:
full syntax:
$obB24App = new \Bitrix24\Bitrix24();
$obB24App->setApplicationScope($application_scope);
$obB24App->setApplicationId($application_id);
$obB24App->setApplicationSecret($application_secret);
$obB24App->setUserAccount($user_login, $user_password);
global $APPLICATION;
$CURRENT_PAGE = (\CMain::IsHTTPS()) ? "https://" : "http://";
$CURRENT_PAGE .= $_SERVER["HTTP_HOST"];
$CURRENT_PAGE .= $APPLICATION->GetCurPage();
$obB24App->setRedirectUri($CURRENT_PAGE);
$obB24App->setDomain($domain);
$obB24App->getFirstAuthCode();
$arRequestResult = $obB24App->getFirstAccessToken($obB24App->getCode());
$obB24App->setMemberId($arRequestResult["member_id"]);
$obB24App->setAccessToken($arRequestResult["access_token"]);
$obB24App->setRefreshToken($arRequestResult["refresh_token"]);
application_scope - example ["pull", "pull_channel", "messageservice", "log", "user", "im"] http://prntscr.com/jmboxq application_id - code of created local application in bitrix24 (****.bitrix24.ru/marketplace/local/list/), example: http://prntscr.com/jmbosv application_secret - http://prntscr.com/jmbp4f
domain - your b24 domain, example: b24-aqm4rt.bitrix24.ru
member_id, access_token, refresh_token we can get in method getFirstAccessToken. getFirstAccessToken take in code, which returned by method getFirstAuthCode.
I add this methods in Bitrix24 class (file /src/bitrix24.php) :
protected $code;
/**
* account of user, on behalf of which messages will be sent
*/
protected $userLogin;
protected $userPassword;
public function getCode()
{
return $this->code;
}
public function setCode($code)
{
$this->code = $code;
return true;
}
/**
* @return mixed
*/
public function getUserLogin()
{
return $this->userLogin;
}
/**
* @return mixed
*/
public function getUserPassword()
{
return $this->userPassword;
}
/**
* @param $user_login
* @param $user_password
* @return bool
*/
public function setUserAccount($user_login, $user_password)
{
$this->userLogin = $user_login;
$this->userPassword = $user_password;
return true;
}
//TODO: переписать
public function getFirstAuthCode()
{
$_url = 'https://' . $this->getDomain();
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $_url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$res = curl_exec($ch);
$l = '';
if (preg_match('#Location: (.*)#', $res, $r)) {
$l = trim($r[1]);
}
//echo $l.PHP_EOL;
curl_setopt($ch, CURLOPT_URL, $l);
$res = curl_exec($ch);
preg_match('#name="backurl" value="(.*)"#', $res, $math);
$post = http_build_query([
'AUTH_FORM' => 'Y',
'TYPE' => 'AUTH',
'backurl' => $math[1],
'USER_LOGIN' => $this->getUserLogin(),
'USER_PASSWORD' => $this->getUserPassword(),
'USER_REMEMBER' => 'Y'
]);
curl_setopt($ch, CURLOPT_URL, 'https://www.bitrix24.net/auth/');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
$res = curl_exec($ch);
$l = '';
if (preg_match('#Location: (.*)#', $res, $r)) {
$l = trim($r[1]);
}
//echo $l.PHP_EOL;
curl_setopt($ch, CURLOPT_URL, $l);
$res = curl_exec($ch);
$l = '';
if (preg_match('#Location: (.*)#', $res, $r)) {
$l = trim($r[1]);
}
//echo $l.PHP_EOL;
curl_setopt($ch, CURLOPT_URL, $l);
$res = curl_exec($ch);
//end autorize
curl_setopt($ch, CURLOPT_URL,
'https://' . $this->getDomain() . '/oauth/authorize/?response_type=code&client_id=' . $this->getApplicationId());
$res = curl_exec($ch);
$l = '';
if (preg_match('#Location: (.*)#', $res, $r)) {
$l = trim($r[1]);
}
preg_match('/code=(.*)&do/', $l, $code);
$code = explode("&", $code[1])[0];
$this->setCode($code);
}
Here is the refactored version of the getFirstAuthCode() method:
protected function getFirstAuthCode(): string
{
$curl = curl_init();
curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, 'https://www.bitrix24.net/auth/');
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, [
'AUTH_FORM' => 'Y',
'TYPE' => 'AUTH',
'USER_LOGIN' => $this->getUserLogin(),
'USER_PASSWORD' => $this->getUserPassword(),
'USER_REMEMBER' => 'Y'
]);
curl_setopt($curl, CURLOPT_URL, 'https://' . $this->getDomain() . '/oauth/authorize/?response_type=code&client_id=' . $this->getApplicationId());
$result = curl_exec($curl);
$matches = [];
preg_match_all(
'#Location: .*code=(.*)&state=.*#',
$result,
$matches
);
return $matches[1][0];
}
Found this package. Hope this helps: https://packagist.org/packages/ujy/bitrix24_api_authorization
