local/components/conmed/sso.register/class.php

<?php
if(!defined("B_PROLOG_INCLUDED") || B_PROLOG_INCLUDED!==true) die();

use Bitrix\Main\Loader;
use Bitrix\Main\Context;
use Bitrix\Main\Config\Option;
use Bitrix\Main\Type\DateTime;
use Conmed\Authserver\Api;

class ConmedSsoRegister extends CBitrixComponent {
    public function executeComponent() {
        if (!Loader::includeModule("conmed.authserver")) {
            ShowError("Модуль SSO не найден");
            return;
        }

        $request = Context::getCurrent()->getRequest();

        // 1. Обработка AJAX регистрации 
        if ($request->isPost() && $request->get('ajax_reg') == 'y') {
            $this->handleRegister($request);
            return;
        }

        // 2. Подготовка данных для формы через InternalDataTrait 
        $geo = Api::getGeoForComponent();
        $this->arResult['COUNTRIES'] = $geo['countries'];
        $this->arResult['CITIES'] = $geo['cities'];
        $this->arResult['SPECIALTIES'] = Api::getSpecialtiesForComponent();
        // Передаем публичный ID во фронтенд для формирования ссылки редиректа
        $this->arResult['CLIENT_ID'] = Api::getDefaultClientId();

        $this->includeComponentTemplate();
    }

    private function handleRegister($req) {
        $GLOBALS['APPLICATION']->RestartBuffer();
        header('Content-Type: application/json');

        if (!check_bitrix_sessid()) {
            echo json_encode(['status' => 'error', 'message' => 'Сессия истекла']); die();
        }

        $email = trim($req->getPost("email"));
        
        if(!check_email($email)) die(json_encode(['status'=>'error','message'=>'Некорректный Email']));
        
        $by = "ID"; $order = "ASC";
        if(\CUser::GetList($by, $order, ["=EMAIL" => $email])->Fetch()) {
            die(json_encode(['status'=>'error','message'=>'Email уже занят']));
        }
        
        $pass = $req->getPost("password");
        $v = Api::validatePassword($pass); 
        if($v !== true) die(json_encode(['status'=>'error','message'=>$v]));

        $arGroups = [2, 3, 4];
        $specCode = $req->getPost("specialty");
        if (!empty($specCode)) {
            $rsGroup = \Bitrix\Main\GroupTable::getList(['filter' =>['=STRING_ID' => $specCode, '=ACTIVE' => 'Y'], 'select' => ['ID']])->fetch();
            if ($rsGroup) $arGroups[] = $rsGroup['ID'];
        }

        $user = new \CUser;
        $uid = $user->Add([
            "LOGIN"             => $email,
            "EMAIL"             => $email,
            "NAME"              => $req->getPost("name"),
            "LAST_NAME"         => $req->getPost("last_name"),
            "SECOND_NAME"       => $req->getPost("second_name"),
            "PERSONAL_PHONE"    => $req->getPost("phone"),
            "PERSONAL_CITY"     => $req->getPost("city"),
            "PERSONAL_COUNTRY"  => $req->getPost("country"),
            "PASSWORD"          => $pass,
            "CONFIRM_PASSWORD"  => $pass,
            "ACTIVE"            => "Y",
            "GROUP_ID"          => $arGroups
        ]);

        if($uid) {
            $needConfirm = Option::get("main", "new_user_registration_email_confirmation", "N");
            if ($needConfirm !== "Y") {
                global $USER;
                $USER->Authorize($uid);
            }

            $code = bin2hex(random_bytes(16));
            $defaultClientId = Api::getDefaultClientId(); // Получаем безопасно из трейта
            
            $dcCodes = Api::getHlEntity('sso_codes'); 
            $dcCodes::add([
                'UF_CODE'      => $code, 
                'UF_CLIENT_ID' => $defaultClientId, 
                'UF_USER_ID'   => $uid, 
                'UF_EXPIRES'   => DateTime::createFromTimestamp(time() + 60)
            ]);
            
            Api::audit("USER_REGISTERED", $defaultClientId, $uid, "Email: ".$email);
            echo json_encode(['status' => 'success', 'code' => $code]);
        } else {
            echo json_encode(['status' => 'error', 'message' => strip_tags($user->LAST_ERROR)]);
        }
        die();
    }
}
Initial commit: Auth Server Base 2026-03-06 19:26:11 +03:00			`<?php`
			`if(!defined("B_PROLOG_INCLUDED") \|\| B_PROLOG_INCLUDED!==true) die();`

			`use Bitrix\Main\Loader;`
			`use Bitrix\Main\Context;`
			`use Bitrix\Main\Config\Option;`
			`use Bitrix\Main\Type\DateTime;`
			`use Conmed\Authserver\Api;`

			`class ConmedSsoRegister extends CBitrixComponent {`
			`public function executeComponent() {`
			`if (!Loader::includeModule("conmed.authserver")) {`
			`ShowError("Модуль SSO не найден");`
			`return;`
			`}`

			`$request = Context::getCurrent()->getRequest();`

fix(security): removed client_secret from frontend registration 2026-03-06 21:27:18 +03:00			`// 1. Обработка AJAX регистрации`
Initial commit: Auth Server Base 2026-03-06 19:26:11 +03:00			`if ($request->isPost() && $request->get('ajax_reg') == 'y') {`
			`$this->handleRegister($request);`
			`return;`
			`}`

fix(security): removed client_secret from frontend registration 2026-03-06 21:27:18 +03:00			`// 2. Подготовка данных для формы через InternalDataTrait`
Initial commit: Auth Server Base 2026-03-06 19:26:11 +03:00			`$geo = Api::getGeoForComponent();`
			`$this->arResult['COUNTRIES'] = $geo['countries'];`
			`$this->arResult['CITIES'] = $geo['cities'];`
			`$this->arResult['SPECIALTIES'] = Api::getSpecialtiesForComponent();`
			`// Передаем публичный ID во фронтенд для формирования ссылки редиректа`
			`$this->arResult['CLIENT_ID'] = Api::getDefaultClientId();`

			`$this->includeComponentTemplate();`
			`}`

			`private function handleRegister($req) {`
			`$GLOBALS['APPLICATION']->RestartBuffer();`
			`header('Content-Type: application/json');`

			`if (!check_bitrix_sessid()) {`
			`echo json_encode(['status' => 'error', 'message' => 'Сессия истекла']); die();`
			`}`

			`$email = trim($req->getPost("email"));`

			`if(!check_email($email)) die(json_encode(['status'=>'error','message'=>'Некорректный Email']));`

			`$by = "ID"; $order = "ASC";`
			`if(\CUser::GetList($by, $order, ["=EMAIL" => $email])->Fetch()) {`
			`die(json_encode(['status'=>'error','message'=>'Email уже занят']));`
			`}`

			`$pass = $req->getPost("password");`
			`$v = Api::validatePassword($pass);`
			`if($v !== true) die(json_encode(['status'=>'error','message'=>$v]));`

			`$arGroups = [2, 3, 4];`
			`$specCode = $req->getPost("specialty");`
			`if (!empty($specCode)) {`
			`$rsGroup = \Bitrix\Main\GroupTable::getList(['filter' =>['=STRING_ID' => $specCode, '=ACTIVE' => 'Y'], 'select' => ['ID']])->fetch();`
			`if ($rsGroup) $arGroups[] = $rsGroup['ID'];`
			`}`

			`$user = new \CUser;`
			`$uid = $user->Add([`
			`"LOGIN" => $email,`
			`"EMAIL" => $email,`
			`"NAME" => $req->getPost("name"),`
			`"LAST_NAME" => $req->getPost("last_name"),`
			`"SECOND_NAME" => $req->getPost("second_name"),`
			`"PERSONAL_PHONE" => $req->getPost("phone"),`
			`"PERSONAL_CITY" => $req->getPost("city"),`
			`"PERSONAL_COUNTRY" => $req->getPost("country"),`
			`"PASSWORD" => $pass,`
			`"CONFIRM_PASSWORD" => $pass,`
			`"ACTIVE" => "Y",`
			`"GROUP_ID" => $arGroups`
			`]);`

			`if($uid) {`
			`$needConfirm = Option::get("main", "new_user_registration_email_confirmation", "N");`
			`if ($needConfirm !== "Y") {`
			`global $USER;`
			`$USER->Authorize($uid);`
			`}`

			`$code = bin2hex(random_bytes(16));`
			`$defaultClientId = Api::getDefaultClientId(); // Получаем безопасно из трейта`

			`$dcCodes = Api::getHlEntity('sso_codes');`
			`$dcCodes::add([`
			`'UF_CODE' => $code,`
			`'UF_CLIENT_ID' => $defaultClientId,`
			`'UF_USER_ID' => $uid,`
			`'UF_EXPIRES' => DateTime::createFromTimestamp(time() + 60)`
			`]);`

			`Api::audit("USER_REGISTERED", $defaultClientId, $uid, "Email: ".$email);`
			`echo json_encode(['status' => 'success', 'code' => $code]);`
			`} else {`
			`echo json_encode(['status' => 'error', 'message' => strip_tags($user->LAST_ERROR)]);`
			`}`
			`die();`
			`}`
			`}`