Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php namespace Drupal\miniorange_oauth_client\GrantTypes; use Drupal\miniorange_o..
Decoded Output download
<?php
namespace Drupal\miniorange_oauth_client\GrantTypes;
use Drupal\miniorange_oauth_client\Controller\miniorange_oauth_clientController;
use Drupal\miniorange_oauth_client\GrantTypes\HandleJWT;
use Drupal\miniorange_oauth_client\Utilities;
use Symfony\Component\HttpFoundation\RedirectResponse;
class ImplicitGrant
{
public $appname;
public function __construct($X3)
{
$this->appname = $X3;
}
public function mo_oauth_client_mo_login($YN, $ph, $IV)
{
$MW = isset($IV["state"]) ? $IV["state"] : '';
$Ig = Utilities::decodeState($MW);
$Ej = isset($Ig["testsso"]) ? $Ig["testsso"] === true ? true : false : false;
$DS = $this->getresourceowner($YN, $ph, $Ej);
$nH = \Drupal::config("miniorange_oauth_client.settings")->get("miniorange_oauth_client_group_info_ep_" . $YN->appName);
if (empty($nH)) {
goto MN;
}
$yg = Utilities::getGroupsInfo($nH, $ph, $Ej);
$yg = !empty($yg) ? $yg : [];
$DS = array_merge($DS, $yg);
MN:
$Zi = miniorange_oauth_clientController::flattenArray($DS);
if (!$Ej) {
goto y3;
}
miniorange_oauth_clientController::Test_Configuration($Zi, $YN->appName);
y3:
return miniorange_oauth_clientController::performSSOinDrupal($DS, $Zi, $YN, $IV, $MW);
}
public function mo_oauth_client_initiateLogin($YN, $w6, $Ej = false)
{
\Drupal::service("page_cache_kill_switch")->trigger();
$ji = $YN->getAllConfig();
$ea = $ji["authorizeEndpoint"];
$Kh = Utilities::base64url_encode(random_bytes(12));
$AO = Utilities::getCallbackUrl($ji["appName"]);
$MW = Utilities::generateState($ji["appName"], $w6, $Ej);
$Nz = $YN->get_appType();
$bD = $YN->loginflowtype;
if ($Nz == "Custom_Open_id" || $bD == "OpenID") {
goto pQ;
}
$RH = "token";
goto AL;
pQ:
$RH = "id_token";
AL:
if (strpos($ea, "?") !== false) {
goto R1;
}
$ea = $ea . "?client_id=" . $YN->get_clientId() . "&scope=" . $ji["scope"] . "&redirect_uri=" . $AO . "&response_type=" . $RH . "&state=" . $MW . "&nonce=" . $Kh;
goto RH;
R1:
$ea = $ea . "&client_id=" . $YN->get_clientId() . "&scope=" . $ji["scope"] . "&redirect_uri=" . $AO . "&response_type=" . $RH . "&state=" . $MW . "&nonce=" . $Kh;
RH:
if (!(session_status() == PHP_SESSION_NONE)) {
goto CC;
}
session_start();
CC:
$K7 = \Drupal::service("session");
$K7->set("oauth2state", $MW);
$K7->set("appname", $ji["appName"]);
$K7->set("nonce", $Kh);
$K7->set("request_time", \Drupal::time()->getRequestTime());
$tR = new RedirectResponse($ea);
$tR->send();
exit;
}
public function getresourceowner($YN, $ph, $Ej = false)
{
$Nz = $YN->get_appType();
$bD = $YN->loginflowtype;
$w4 = '';
if ($Nz == "Custom_Open_id" || $bD == "OpenID") {
goto HC;
}
$O5 = $YN->get_userInfoEndpoint();
if (!(substr($O5, -1) == "=")) {
goto z7;
}
$O5 .= $ph;
z7:
$w4 = miniorange_oauth_clientController::getResourceOwner($O5, $ph, $Ej);
goto rq;
HC:
$pc = new HandleJWT($YN, $ph, $Ej);
$w4 = $pc->getUserAttributesFromIDToken();
rq:
return $w4;
}
public static function validate_token_and_state($IV)
{
$ph = isset($IV["access_token"]) && !empty($IV["access_token"]) ? $IV["access_token"] : '';
if (!empty($ph)) {
goto Ru;
}
$ph = isset($IV["id_token"]) && !empty($IV["id_token"]) ? $IV["id_token"] : '';
Ru:
if (!empty($ph)) {
goto kK;
}
$ph = isset($IV["token"]) && !empty($IV["token"]) ? $IV["token"] : '';
kK:
$MW = isset($IV["state"]) ? $IV["state"] : '';
$Ig = Utilities::decodeState($MW);
$Ej = isset($Ig["testsso"]) ? $Ig["testsso"] === true ? true : false : false;
$K7 = \Drupal::service("session");
$mE = $K7->get("oauth2state");
$K7->remove("oauth2state");
setrawcookie("login_query", '', \Drupal::time()->getRequestTime() - 1);
if (!(empty($MW) || empty($mE) || str_replace("=", '', $MW) != str_replace("=", '', $mE))) {
goto vF;
}
\Drupal::logger("miniorange_oauth_client")->error("State stored => <pre><code>" . print_r($mE, true) . "<pre><code>");
\Drupal::logger("miniorange_oauth_client")->error("State parameter recieved => <pre><code>" . print_r($MW, true) . "<pre><code>");
\Drupal::logger("miniorange_oauth_client")->error("Invalid State parameter.<pre><code>" . print_r($IV, true) . "<pre><code>");
if ($Ej) {
goto ti;
}
Utilities::anonymousRedirect();
goto Yn;
ti:
Utilities::show_error_message_testconfig("Invalid State parameter.<pre><code>" . print_r($IV, true) . "<pre><code>");
Yn:
vF:
if (!empty($ph)) {
goto SY;
}
\Drupal::logger("miniorange_oauth_client")->error("Invalid Response <pre><code>" . print_r($IV, true) . "<pre><code>");
if ($Ej) {
goto Ie;
}
Utilities::anonymousRedirect();
goto Nf;
Ie:
Utilities::show_error_message_testconfig("Invalid Response <pre><code>" . print_r($IV, true) . "<pre><code>");
Nf:
SY:
}
}
?>Did this file decode correctly?
Original Code
<?php
namespace Drupal\miniorange_oauth_client\GrantTypes;
use Drupal\miniorange_oauth_client\Controller\miniorange_oauth_clientController;
use Drupal\miniorange_oauth_client\GrantTypes\HandleJWT;
use Drupal\miniorange_oauth_client\Utilities;
use Symfony\Component\HttpFoundation\RedirectResponse;
class ImplicitGrant
{
public $appname;
public function __construct($X3)
{
$this->appname = $X3;
}
public function mo_oauth_client_mo_login($YN, $ph, $IV)
{
$MW = isset($IV["\163\x74\141\x74\x65"]) ? $IV["\x73\164\x61\x74\145"] : '';
$Ig = Utilities::decodeState($MW);
$Ej = isset($Ig["\x74\145\x73\x74\163\163\x6f"]) ? $Ig["\164\x65\x73\164\x73\163\x6f"] === true ? true : false : false;
$DS = $this->getresourceowner($YN, $ph, $Ej);
$nH = \Drupal::config("\155\151\156\151\157\x72\141\156\x67\145\137\157\141\165\164\x68\x5f\x63\x6c\x69\x65\156\164\56\163\145\164\164\x69\156\147\163")->get("\x6d\151\x6e\151\157\x72\141\156\x67\145\x5f\157\141\165\164\x68\137\x63\x6c\151\x65\x6e\164\137\x67\x72\x6f\x75\x70\x5f\x69\x6e\x66\x6f\137\145\x70\x5f" . $YN->appName);
if (empty($nH)) {
goto MN;
}
$yg = Utilities::getGroupsInfo($nH, $ph, $Ej);
$yg = !empty($yg) ? $yg : [];
$DS = array_merge($DS, $yg);
MN:
$Zi = miniorange_oauth_clientController::flattenArray($DS);
if (!$Ej) {
goto y3;
}
miniorange_oauth_clientController::Test_Configuration($Zi, $YN->appName);
y3:
return miniorange_oauth_clientController::performSSOinDrupal($DS, $Zi, $YN, $IV, $MW);
}
public function mo_oauth_client_initiateLogin($YN, $w6, $Ej = false)
{
\Drupal::service("\160\x61\x67\145\137\x63\141\x63\x68\145\x5f\x6b\x69\154\154\x5f\x73\x77\x69\x74\143\x68")->trigger();
$ji = $YN->getAllConfig();
$ea = $ji["\x61\165\x74\150\x6f\162\151\172\x65\105\x6e\144\x70\x6f\x69\156\164"];
$Kh = Utilities::base64url_encode(random_bytes(12));
$AO = Utilities::getCallbackUrl($ji["\141\160\x70\x4e\x61\155\x65"]);
$MW = Utilities::generateState($ji["\x61\x70\160\116\x61\155\145"], $w6, $Ej);
$Nz = $YN->get_appType();
$bD = $YN->loginflowtype;
if ($Nz == "\x43\x75\x73\164\x6f\155\137\x4f\160\x65\x6e\x5f\151\x64" || $bD == "\x4f\x70\145\x6e\x49\104") {
goto pQ;
}
$RH = "\x74\x6f\x6b\145\156";
goto AL;
pQ:
$RH = "\x69\144\137\164\x6f\153\145\156";
AL:
if (strpos($ea, "\x3f") !== false) {
goto R1;
}
$ea = $ea . "\77\x63\x6c\151\x65\x6e\x74\137\x69\x64\x3d" . $YN->get_clientId() . "\46\163\x63\x6f\x70\x65\75" . $ji["\x73\x63\x6f\160\x65"] . "\46\162\x65\144\x69\162\x65\x63\164\137\x75\x72\151\75" . $AO . "\46\162\x65\163\160\x6f\156\163\x65\137\164\171\x70\145\x3d" . $RH . "\x26\x73\x74\141\164\145\75" . $MW . "\x26\x6e\157\x6e\143\x65\x3d" . $Kh;
goto RH;
R1:
$ea = $ea . "\46\143\154\151\145\x6e\164\x5f\x69\x64\75" . $YN->get_clientId() . "\46\x73\143\x6f\160\145\75" . $ji["\x73\143\x6f\160\x65"] . "\46\162\x65\x64\151\x72\145\143\x74\137\x75\162\x69\75" . $AO . "\x26\162\145\x73\160\x6f\156\x73\x65\x5f\164\x79\160\145\x3d" . $RH . "\x26\x73\x74\x61\x74\x65\75" . $MW . "\x26\156\157\156\x63\x65\x3d" . $Kh;
RH:
if (!(session_status() == PHP_SESSION_NONE)) {
goto CC;
}
session_start();
CC:
$K7 = \Drupal::service("\x73\145\163\163\151\x6f\x6e");
$K7->set("\x6f\141\x75\164\x68\62\x73\x74\141\164\145", $MW);
$K7->set("\141\x70\x70\156\x61\155\x65", $ji["\x61\x70\160\x4e\141\155\x65"]);
$K7->set("\x6e\x6f\x6e\143\x65", $Kh);
$K7->set("\x72\145\161\x75\145\163\164\137\x74\151\x6d\x65", \Drupal::time()->getRequestTime());
$tR = new RedirectResponse($ea);
$tR->send();
exit;
}
public function getresourceowner($YN, $ph, $Ej = false)
{
$Nz = $YN->get_appType();
$bD = $YN->loginflowtype;
$w4 = '';
if ($Nz == "\x43\165\x73\x74\157\x6d\x5f\117\160\x65\156\137\x69\x64" || $bD == "\x4f\x70\145\156\111\104") {
goto HC;
}
$O5 = $YN->get_userInfoEndpoint();
if (!(substr($O5, -1) == "\75")) {
goto z7;
}
$O5 .= $ph;
z7:
$w4 = miniorange_oauth_clientController::getResourceOwner($O5, $ph, $Ej);
goto rq;
HC:
$pc = new HandleJWT($YN, $ph, $Ej);
$w4 = $pc->getUserAttributesFromIDToken();
rq:
return $w4;
}
public static function validate_token_and_state($IV)
{
$ph = isset($IV["\x61\x63\x63\145\163\163\x5f\164\157\x6b\x65\x6e"]) && !empty($IV["\141\x63\x63\145\163\x73\x5f\164\157\x6b\145\x6e"]) ? $IV["\141\x63\143\145\163\163\137\x74\x6f\153\x65\156"] : '';
if (!empty($ph)) {
goto Ru;
}
$ph = isset($IV["\151\144\x5f\x74\157\x6b\145\156"]) && !empty($IV["\151\x64\137\164\157\x6b\145\x6e"]) ? $IV["\x69\x64\x5f\164\157\x6b\145\x6e"] : '';
Ru:
if (!empty($ph)) {
goto kK;
}
$ph = isset($IV["\x74\x6f\x6b\145\x6e"]) && !empty($IV["\x74\x6f\x6b\145\x6e"]) ? $IV["\x74\157\153\x65\156"] : '';
kK:
$MW = isset($IV["\x73\164\141\164\x65"]) ? $IV["\x73\164\141\164\145"] : '';
$Ig = Utilities::decodeState($MW);
$Ej = isset($Ig["\164\x65\x73\x74\x73\x73\x6f"]) ? $Ig["\164\145\x73\x74\163\163\x6f"] === true ? true : false : false;
$K7 = \Drupal::service("\x73\145\x73\163\x69\157\x6e");
$mE = $K7->get("\x6f\141\x75\164\x68\62\163\x74\x61\x74\145");
$K7->remove("\157\x61\165\x74\x68\x32\163\x74\141\x74\x65");
setrawcookie("\154\x6f\147\x69\156\x5f\161\165\x65\x72\x79", '', \Drupal::time()->getRequestTime() - 1);
if (!(empty($MW) || empty($mE) || str_replace("\75", '', $MW) != str_replace("\x3d", '', $mE))) {
goto vF;
}
\Drupal::logger("\155\151\x6e\151\157\x72\141\x6e\147\x65\137\157\x61\165\164\x68\137\x63\154\151\145\156\164")->error("\123\x74\x61\164\x65\40\163\164\x6f\162\145\x64\40\75\76\x20\74\x70\x72\145\76\74\143\157\x64\x65\x3e" . print_r($mE, true) . "\74\160\x72\145\76\x3c\x63\x6f\x64\x65\x3e");
\Drupal::logger("\155\x69\156\151\x6f\162\x61\x6e\x67\x65\x5f\x6f\x61\165\164\150\137\143\154\151\145\x6e\x74")->error("\123\x74\x61\164\x65\x20\x70\x61\x72\x61\155\145\x74\145\162\40\162\145\143\x69\145\x76\x65\x64\x20\x3d\76\40\x3c\x70\162\145\76\x3c\143\x6f\x64\x65\76" . print_r($MW, true) . "\74\x70\x72\x65\x3e\x3c\143\x6f\x64\x65\x3e");
\Drupal::logger("\155\151\x6e\151\157\162\x61\x6e\x67\145\x5f\157\x61\x75\164\150\137\x63\x6c\151\x65\x6e\x74")->error("\x49\x6e\166\141\x6c\151\144\40\123\x74\141\x74\x65\40\160\x61\x72\x61\x6d\x65\164\145\162\x2e\x3c\160\x72\145\x3e\74\x63\x6f\144\x65\x3e" . print_r($IV, true) . "\x3c\160\162\145\76\x3c\x63\x6f\144\145\x3e");
if ($Ej) {
goto ti;
}
Utilities::anonymousRedirect();
goto Yn;
ti:
Utilities::show_error_message_testconfig("\111\156\166\141\154\x69\x64\x20\123\x74\141\164\145\x20\160\141\162\x61\155\x65\164\145\162\56\74\x70\162\x65\x3e\74\143\157\x64\x65\x3e" . print_r($IV, true) . "\74\x70\x72\x65\76\74\143\x6f\x64\x65\x3e");
Yn:
vF:
if (!empty($ph)) {
goto SY;
}
\Drupal::logger("\x6d\151\x6e\151\x6f\162\x61\x6e\147\145\x5f\157\x61\x75\164\150\x5f\x63\x6c\151\x65\156\x74")->error("\x49\x6e\x76\141\154\x69\144\x20\x52\x65\163\x70\x6f\x6e\163\145\40\x3c\x70\162\x65\76\x3c\143\157\x64\145\76" . print_r($IV, true) . "\74\160\x72\x65\x3e\x3c\x63\157\x64\145\x3e");
if ($Ej) {
goto Ie;
}
Utilities::anonymousRedirect();
goto Nf;
Ie:
Utilities::show_error_message_testconfig("\111\156\166\x61\154\151\144\40\122\x65\x73\160\x6f\156\163\145\x20\74\x70\162\x65\76\74\143\157\x64\145\x3e" . print_r($IV, true) . "\x3c\160\x72\x65\x3e\x3c\143\x6f\x64\145\76");
Nf:
SY:
}
}
Function Calls
| None |
Stats
| MD5 | 1a35937d163441069e1dd70e508f873f |
| Eval Count | 0 |
| Decode Time | 53 ms |