Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexey Nikolaev2016-11-18 09:37:35
1C-Bitrix
Alexey Nikolaev, 2016-11-18 09:37:35

How to bypass the OAuth restriction in Bitrix24, or how to log in automatically?

Good morning.
There is an external application that has access to the REST API, respectively, passes authorization through OAuth. But there is a problem: access_token lives only one hour, and refresh_token - one month (or until the first use). I need to make it so that the application, using the user’s login and password on Bitrix24, itself, using the cron, logs in there, receives tokens when it expires, and if both tokens are no longer relevant, it logs in again and receives them again. In fact, you need to make the authorization fully automatic.
To gain access to OAuth, you must first log in to the service using your username and password. How to do this remotely, the documentation does not say (or I did not find it, because 1c traditionally breaks its leg).
Any ideas how to implement the above? Periodically check if the authorization has fallen off and poke the button, as it is now - a bad option. It is possible to force cron to use refresh_token at least once every couple of weeks so that it does not burn out, but this is not the most reliable method - what if, for some reason (for example, the server goes down), it will not be updated? You will have to manually log in again.
Thanks in advance.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
D
Dmitry Entelis, 2016-11-18
@DmitriyEntelis

I'm far from Bitrix - what's the problem with re-authorization every time?
If you know the username and password of the user, you can always reproduce the same sequence of requests in your script that you do to get this token.

Report
X
xldib, 2020-12-11
@xldib

$post = http_build_query([
'AUTH_FORM' => 'Y',
'TYPE' => 'AUTH',
'backurl' =>'/auth/',
'USER_LOGIN' => $login,
'USER_PASSWORD' => $pass ,
'USER_REMEMBER' => 'Y'
]);
if(strtolower((substr($url,0,5))=='https')) { // if connecting to https
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
}
curl_setopt($ch, CURLOPT_URL, ' https://'.SITE_PORTAL.'/auth/?login=yes ');
// cURL will print verbose messages about all the actions
it takes curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$post);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (Windows; U; Windows NT 5.0; En; rv:1.8.0.2) Gecko/20070306 Firefox/1.0.0.4");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//save received COOKIEs to a file
curl_setopt($ch, CURLOPT_COOKIEJAR, $_SERVER['DOCUMENT_ROOT'].'/restapi/cookie.txt');
$result=curl_exec($ch);

Similar questions
I
IgorRastarov2018-03-04 21:32:29
How to display only filled properties? 1Reply
I
I'm Yoda2018-03-07 11:00:17
How to divide goods into groups? 1Reply
L
Leonid2020-05-03 19:31:50
How to fill in the weight and dimensions of goods in Bitrix? 2Reply
A
Alexander2021-07-05 17:57:03
How to add fields to the unloading of goods in SberMegaMarket? 0Reply
F
fanov2020-05-04 14:00:57
Why is 1s-Bitrix not updating? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question