add auth scenario support

[triptisbinnovations]

Hello

Hope you are well!

Can you please explain what should I pass in below mentioned code:

$obB24App->setDomain($arParams['DOMAIN']);
$obB24App->setMemberId($arParams['MEMBER_ID']);
$obB24App->setAccessToken($arParams['AUTH_ID']);
$obB24App->setRefreshToken($arParams['REFRESH_ID']);

I have checked my Bitrix account too but I did not find the sufficient information.

Regards,
Tripti

[sstepanovvl]

@mesilov any suggestions?

[TheDigitalOrchard]

Having the same issue. No response from @mesilov?

I've been through the docs again and again, and I think the answer involves using an endpoint to retrieve the AUTH_ID and REFRESH_ID, but it's not clear how that works. I think the documentation assumes we understand how OAuth 2.0 works, but I honestly find it beyond confusing.

Can someone explain it in clear wording for us?

[TheDigitalOrchard]

I ended up blending the 3-legged User authentication with an automatic 1-hour refresh cycle to keep the access token alive. This seems to be working very well so far.

So first step was to authenticate as a human user, but then have a cronjob refresh the token once an hour.

Workaround until I get a solid answer to server-to-server authentication. I tried one of the Partners, but they wanted to charge 3 hours for consultation, and I see this as a 10-minute question/answer.

[nh314]

When you add new Application, fill in "Install URL" field, Bitrix will send a POST request to this URL.

Everything you need in $_POST['auth']

[Resident234]

It`s work for me:

full syntax:
$obB24App = new \Bitrix24\Bitrix24();

        $obB24App->setApplicationScope($application_scope);
        $obB24App->setApplicationId($application_id);
        $obB24App->setApplicationSecret($application_secret);
       
        $obB24App->setUserAccount($user_login, $user_password);
        
        global $APPLICATION;
        $CURRENT_PAGE = (\CMain::IsHTTPS()) ? "https://" : "http://";
        $CURRENT_PAGE .= $_SERVER["HTTP_HOST"];
        $CURRENT_PAGE .= $APPLICATION->GetCurPage();
        $obB24App->setRedirectUri($CURRENT_PAGE);

        $obB24App->setDomain($domain);
        $obB24App->getFirstAuthCode();
        $arRequestResult = $obB24App->getFirstAccessToken($obB24App->getCode());

        $obB24App->setMemberId($arRequestResult["member_id"]);
        $obB24App->setAccessToken($arRequestResult["access_token"]);
        $obB24App->setRefreshToken($arRequestResult["refresh_token"]);

application_scope - example ["pull", "pull_channel", "messageservice", "log", "user", "im"] http://prntscr.com/jmboxq
application_id - code of created local application in bitrix24 (****.bitrix24.ru/marketplace/local/list/), example: http://prntscr.com/jmbosv
application_secret - http://prntscr.com/jmbp4f

domain - your b24 domain, example: b24-aqm4rt.bitrix24.ru

member_id, access_token, refresh_token we can get in method getFirstAccessToken.
getFirstAccessToken take in code, which returned by method getFirstAuthCode.

I add this methods in Bitrix24 class (file /src/bitrix24.php) :

protected $code;

    /**
     * account of user, on behalf of which messages will be sent
     */
    protected $userLogin;
    protected $userPassword;

  public function getCode()
    {
        return $this->code;
    }

    public function setCode($code)
    {
        $this->code = $code;
        return true;
    }

    /**
     * @return mixed
     */
    public function getUserLogin()
    {
        return $this->userLogin;
    }

    /**
     * @return mixed
     */
    public function getUserPassword()
    {
        return $this->userPassword;
    }

    /**
     * @param $user_login
     * @param $user_password
     * @return bool
     */
    public function setUserAccount($user_login, $user_password)
    {
        $this->userLogin = $user_login;
        $this->userPassword = $user_password;
        return true;
    }

//TODO: переписать
    public function getFirstAuthCode()
    {
        $_url = 'https://' . $this->getDomain();
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $_url);
        curl_setopt($ch, CURLOPT_HEADER, true);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        $res = curl_exec($ch);
        $l = '';
        if (preg_match('#Location: (.*)#', $res, $r)) {
            $l = trim($r[1]);
        }
//echo $l.PHP_EOL;
        curl_setopt($ch, CURLOPT_URL, $l);
        $res = curl_exec($ch);
        preg_match('#name="backurl" value="(.*)"#', $res, $math);
        $post = http_build_query([
            'AUTH_FORM' => 'Y',
            'TYPE' => 'AUTH',
            'backurl' => $math[1],
            'USER_LOGIN' => $this->getUserLogin(),
            'USER_PASSWORD' => $this->getUserPassword(),
            'USER_REMEMBER' => 'Y'
        ]);
        curl_setopt($ch, CURLOPT_URL, 'https://www.bitrix24.net/auth/');
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
        $res = curl_exec($ch);
        $l = '';
        if (preg_match('#Location: (.*)#', $res, $r)) {
            $l = trim($r[1]);
        }
//echo $l.PHP_EOL;
        curl_setopt($ch, CURLOPT_URL, $l);
        $res = curl_exec($ch);
        $l = '';
        if (preg_match('#Location: (.*)#', $res, $r)) {
            $l = trim($r[1]);
        }
//echo $l.PHP_EOL;
        curl_setopt($ch, CURLOPT_URL, $l);
        $res = curl_exec($ch);
//end autorize
        curl_setopt($ch, CURLOPT_URL,
            'https://' . $this->getDomain() . '/oauth/authorize/?response_type=code&client_id=' . $this->getApplicationId());
        $res = curl_exec($ch);
        $l = '';
        if (preg_match('#Location: (.*)#', $res, $r)) {
            $l = trim($r[1]);
        }
        preg_match('/code=(.*)&do/', $l, $code);
        $code = explode("&", $code[1])[0];
        $this->setCode($code);

    }

[hivokas]

Here is the refactored version of the getFirstAuthCode() method:

protected function getFirstAuthCode(): string
{
    $curl = curl_init();

    curl_setopt($curl, CURLOPT_HEADER, true);
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

    curl_setopt($curl, CURLOPT_URL, 'https://www.bitrix24.net/auth/');
    curl_setopt($curl, CURLOPT_POST, true);
    curl_setopt($curl, CURLOPT_POSTFIELDS, [
        'AUTH_FORM' => 'Y',
        'TYPE' => 'AUTH',
        'USER_LOGIN' => $this->getUserLogin(),
        'USER_PASSWORD' => $this->getUserPassword(),
        'USER_REMEMBER' => 'Y'
    ]);

    curl_setopt($curl, CURLOPT_URL, 'https://' . $this->getDomain() . '/oauth/authorize/?response_type=code&client_id=' . $this->getApplicationId());

    $result = curl_exec($curl);

    $matches = [];

    preg_match_all(
        '#Location: .*code=(.*)&state=.*#',
        $result,
        $matches
    );

    return $matches[1][0];
}

[jcbolor]

Found this package. Hope this helps:
https://packagist.org/packages/ujy/bitrix24_api_authorization