Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php declare(strict_types=1); /** * Passbolt ~ Open source password manager for teams ..

Decoded Output download

<?php
declare(strict_types=1);

/**
 * Passbolt ~ Open source password manager for teams
 * Copyright (c) Passbolt SA (https://www.passbolt.com)
 *
 * Licensed under GNU Affero General Public License version 3 of the or any later version.
 * For full copyright and license information, please see the LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
 * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
 * @link          https://www.passbolt.com Passbolt(tm)
 * @since         2.5.0
 */
namespace Passbolt\MultiFactorAuthentication\Utility;

use App\Utility\UserAccessControl;
use Cake\Datasource\Exception\RecordNotFoundException;
use Cake\Http\Exception\InternalErrorException;
use Cake\Routing\Router;
use Passbolt\MultiFactorAuthentication\Service\ActionLogs\MfaSortWithLastUsedProviderFirstService;

class MfaSettings
{
    public const MFA = 'mfa';
    public const PROVIDERS = 'providers';
    public const PROVIDER_TOTP = 'totp';
    public const PROVIDER_DUO = 'duo';
    public const PROVIDER_YUBIKEY = 'yubikey';

    public const ORG_SETTINGS = 'MfaOrganizationSettings';
    public const ACCOUNT_SETTINGS = 'MfaAccountSettings';

    /**
     * @var \Passbolt\MultiFactorAuthentication\Utility\MfaAccountSettings
     */
    protected $accountSettings;

    /**
     * @var \Passbolt\MultiFactorAuthentication\Utility\MfaOrgSettings
     */
    protected $orgSettings;

    /**
     * @var \App\Utility\UserAccessControl
     */
    protected $uac;

    /**
     * @var \Passbolt\MultiFactorAuthentication\Service\ActionLogs\MfaSortWithLastUsedProviderFirstService
     */
    protected MfaSortWithLastUsedProviderFirstService $sortProvidersService;

    /**
     * @var self|null
     */
    protected static $instance;

    /**
     * MfaSettings constructor.
     *
     * @param \Passbolt\MultiFactorAuthentication\Utility\MfaOrgSettings $orgSettings organization settings
     * @param \Passbolt\MultiFactorAuthentication\Utility\MfaAccountSettings|null $accountSettings account settings
     * @param \App\Utility\UserAccessControl $uac user access control
     * @param \Passbolt\MultiFactorAuthentication\Service\ActionLogs\MfaSortWithLastUsedProviderFirstService $sortProvidersService service sorting the providers with the last used first
     * @return void
     */
    public function __construct(
        MfaOrgSettings $orgSettings,
        ?MfaAccountSettings $accountSettings,
        UserAccessControl $uac,
        MfaSortWithLastUsedProviderFirstService $sortProvidersService
    ) {
        $this->accountSettings = $accountSettings;
        $this->orgSettings = $orgSettings;
        $this->uac = $uac;
        $this->sortProvidersService = $sortProvidersService;
    }

    /**
     * Get MfaSettings singleton
     *
     * @param \App\Utility\UserAccessControl $uac access control
     * @return self
     * @throws \Cake\Http\Exception\InternalErrorException if the UAC changed during the request (improbable)
     */
    public static function get(UserAccessControl $uac): MfaSettings
    {
        if (self::$instance !== null) {
            if (self::$instance->uac->getId() !== $uac->getId()) {
                throw new InternalErrorException('Invalid User Account Control ID.');
            }

            return self::$instance;
        }

        try {
            $orgSettings = MfaOrgSettings::get();
        } catch (InternalErrorException $exception) {
            // invalid configuration => no providers
            $orgSettings = new MfaOrgSettings([MfaSettings::PROVIDERS => []]);
        }
        try {
            $accountSettings = MfaAccountSettings::get($uac);
        } catch (RecordNotFoundException | InternalErrorException $exception) {
            $accountSettings = null;
        }

        self::$instance = new MfaSettings(
            $orgSettings,
            $accountSettings,
            $uac,
            new MfaSortWithLastUsedProviderFirstService()
        );

        return self::$instance;
    }

    /**
     * Clear the instance
     *
     * @return void
     */
    public static function clear(): void
    {
        self::$instance = null;
    }

    /**
     * Get an array of all possible providers
     *
     * @return string[]
     */
    public static function getProviders(): array
    {
        return [
            self::PROVIDER_TOTP,
            self::PROVIDER_DUO,
            self::PROVIDER_YUBIKEY,
        ];
    }

    /**
     * Return both the user and org provider configuration status
     *
     * @return array
     */
    public function getProvidersStatuses(): array
    {
        $result = $default = [];
        $providers = self::getProviders();
        foreach ($providers as $i => $provider) {
            $default[$provider] = false;
        }
        if ($this->orgSettings === null) {
            $result[MfaSettings::ORG_SETTINGS] = $default;
        } else {
            $result[MfaSettings::ORG_SETTINGS] = $this->orgSettings->getProvidersStatus();
        }
        if ($this->accountSettings === null) {
            $result[MfaSettings::ACCOUNT_SETTINGS] = $default;
        } else {
            $result[MfaSettings::ACCOUNT_SETTINGS] = $this->accountSettings->getProvidersStatus();
        }

        return $result;
    }

    /**
     * Get providers enabled both for org and the user
     * example:
     * org = ['totp', 'yubikey']
     * user = ['totp', 'duo']
     * result = ['totp']
     *
     * @return string[] of provider names
     */
    public function getEnabledProviders(): array
    {
        $result = [];
        if ($this->accountSettings === null) {
            return $result;
        }
        try {
            $userProviders = array_flip($this->accountSettings->getEnabledProviders());
            $orgProviders = array_flip($this->orgSettings->getEnabledProviders());
        } catch (RecordNotFoundException $exception) {
            return $result;
        }
        foreach ($orgProviders as $orgProvider => $i) {
            if (isset($userProviders[$orgProvider])) {
                $result[] = $orgProvider;
            }
        }

        return $result;
    }

    /**
     * Get a list of all enabled providers
     *
     * @return array
     */
    public function getEnabledProvidersWithLastUsedFirst(): array
    {
        $providers = $this->getEnabledProviders();

        return $this->sortProvidersService->sortWithLastUsedProviderFirst($this->uac, $providers);
    }

    /**
     * Return true if the provider is enabled for both the organization and user
     *
     * @param string $provider provider name
     * @return bool
     */
    public function isProviderEnabled(string $provider): bool
    {
        $providers = $this->getEnabledProviders();

        return array_search($provider, $providers) !== false;
    }

    /**
     * Return true if the user has at least one provider enabled, and this provider is enabled for the organization
     *
     * @return bool
     */
    public function hasEnabledProviders(): bool
    {
        return count($this->getEnabledProviders()) > 0;
    }

    /**
     * Get account settings
     *
     * @param bool|null $refresh if a new table find is required
     * @return \Passbolt\MultiFactorAuthentication\Utility\MfaAccountSettings|null
     */
    public function getAccountSettings(?bool $refresh = false): ?MfaAccountSettings
    {
        if ($this->accountSettings === null || $refresh) {
            try {
                $this->accountSettings = MfaAccountSettings::get($this->uac);
            } catch (RecordNotFoundException $exception) {
                return null;
            }
        }

        return $this->accountSettings;
    }

    /**
     * Get organization settings
     *
     * @return \Passbolt\MultiFactorAuthentication\Utility\MfaOrgSettings
     */
    public function getOrganizationSettings(): MfaOrgSettings
    {
        return $this->orgSettings;
    }

    /**
     * Get the list of verification url by enabled providers
     * Example: ['totp' => 'BASE_URL/verify/totp']
     *
     * @param bool|null $json if json extension required
     * @return array
     */
    public function getProvidersVerifyUrls(?bool $json = true): array
    {
        $providers = $this->getEnabledProviders();
        $data = [];
        foreach ($providers as $provider) {
            $data[$provider] = $this->getProviderVerifyUrl($provider, $json);
        }

        return $data;
    }

    /**
     * Get default provider verification url
     *
     * @param bool|null $json if json extension required
     * @return string
     */
    public function getDefaultVerifyUrl(?bool $json = true): string
    {
        $providers = $this->getEnabledProvidersWithLastUsedFirst();

        return $this->getProviderVerifyUrl($providers[0], $json);
    }

    /**
     * Return a given provider verification url
     *
     * @param string $provider provider name
     * @param bool|null $json if json extension required
     * @return string
     */
    public function getProviderVerifyUrl(string $provider, ?bool $json = true): string
    {
        if ($json) {
            $json = '.json';
        } else {
            $json = '';
        }

        return Router::url("/mfa/verify/$provider$json", true);
    }
}
 ?>

Did this file decode correctly?

Original Code

<?php
declare(strict_types=1);

/**
 * Passbolt ~ Open source password manager for teams
 * Copyright (c) Passbolt SA (https://www.passbolt.com)
 *
 * Licensed under GNU Affero General Public License version 3 of the or any later version.
 * For full copyright and license information, please see the LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
 * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
 * @link          https://www.passbolt.com Passbolt(tm)
 * @since         2.5.0
 */
namespace Passbolt\MultiFactorAuthentication\Utility;

use App\Utility\UserAccessControl;
use Cake\Datasource\Exception\RecordNotFoundException;
use Cake\Http\Exception\InternalErrorException;
use Cake\Routing\Router;
use Passbolt\MultiFactorAuthentication\Service\ActionLogs\MfaSortWithLastUsedProviderFirstService;

class MfaSettings
{
    public const MFA = 'mfa';
    public const PROVIDERS = 'providers';
    public const PROVIDER_TOTP = 'totp';
    public const PROVIDER_DUO = 'duo';
    public const PROVIDER_YUBIKEY = 'yubikey';

    public const ORG_SETTINGS = 'MfaOrganizationSettings';
    public const ACCOUNT_SETTINGS = 'MfaAccountSettings';

    /**
     * @var \Passbolt\MultiFactorAuthentication\Utility\MfaAccountSettings
     */
    protected $accountSettings;

    /**
     * @var \Passbolt\MultiFactorAuthentication\Utility\MfaOrgSettings
     */
    protected $orgSettings;

    /**
     * @var \App\Utility\UserAccessControl
     */
    protected $uac;

    /**
     * @var \Passbolt\MultiFactorAuthentication\Service\ActionLogs\MfaSortWithLastUsedProviderFirstService
     */
    protected MfaSortWithLastUsedProviderFirstService $sortProvidersService;

    /**
     * @var self|null
     */
    protected static $instance;

    /**
     * MfaSettings constructor.
     *
     * @param \Passbolt\MultiFactorAuthentication\Utility\MfaOrgSettings $orgSettings organization settings
     * @param \Passbolt\MultiFactorAuthentication\Utility\MfaAccountSettings|null $accountSettings account settings
     * @param \App\Utility\UserAccessControl $uac user access control
     * @param \Passbolt\MultiFactorAuthentication\Service\ActionLogs\MfaSortWithLastUsedProviderFirstService $sortProvidersService service sorting the providers with the last used first
     * @return void
     */
    public function __construct(
        MfaOrgSettings $orgSettings,
        ?MfaAccountSettings $accountSettings,
        UserAccessControl $uac,
        MfaSortWithLastUsedProviderFirstService $sortProvidersService
    ) {
        $this->accountSettings = $accountSettings;
        $this->orgSettings = $orgSettings;
        $this->uac = $uac;
        $this->sortProvidersService = $sortProvidersService;
    }

    /**
     * Get MfaSettings singleton
     *
     * @param \App\Utility\UserAccessControl $uac access control
     * @return self
     * @throws \Cake\Http\Exception\InternalErrorException if the UAC changed during the request (improbable)
     */
    public static function get(UserAccessControl $uac): MfaSettings
    {
        if (self::$instance !== null) {
            if (self::$instance->uac->getId() !== $uac->getId()) {
                throw new InternalErrorException('Invalid User Account Control ID.');
            }

            return self::$instance;
        }

        try {
            $orgSettings = MfaOrgSettings::get();
        } catch (InternalErrorException $exception) {
            // invalid configuration => no providers
            $orgSettings = new MfaOrgSettings([MfaSettings::PROVIDERS => []]);
        }
        try {
            $accountSettings = MfaAccountSettings::get($uac);
        } catch (RecordNotFoundException | InternalErrorException $exception) {
            $accountSettings = null;
        }

        self::$instance = new MfaSettings(
            $orgSettings,
            $accountSettings,
            $uac,
            new MfaSortWithLastUsedProviderFirstService()
        );

        return self::$instance;
    }

    /**
     * Clear the instance
     *
     * @return void
     */
    public static function clear(): void
    {
        self::$instance = null;
    }

    /**
     * Get an array of all possible providers
     *
     * @return string[]
     */
    public static function getProviders(): array
    {
        return [
            self::PROVIDER_TOTP,
            self::PROVIDER_DUO,
            self::PROVIDER_YUBIKEY,
        ];
    }

    /**
     * Return both the user and org provider configuration status
     *
     * @return array
     */
    public function getProvidersStatuses(): array
    {
        $result = $default = [];
        $providers = self::getProviders();
        foreach ($providers as $i => $provider) {
            $default[$provider] = false;
        }
        if ($this->orgSettings === null) {
            $result[MfaSettings::ORG_SETTINGS] = $default;
        } else {
            $result[MfaSettings::ORG_SETTINGS] = $this->orgSettings->getProvidersStatus();
        }
        if ($this->accountSettings === null) {
            $result[MfaSettings::ACCOUNT_SETTINGS] = $default;
        } else {
            $result[MfaSettings::ACCOUNT_SETTINGS] = $this->accountSettings->getProvidersStatus();
        }

        return $result;
    }

    /**
     * Get providers enabled both for org and the user
     * example:
     * org = ['totp', 'yubikey']
     * user = ['totp', 'duo']
     * result = ['totp']
     *
     * @return string[] of provider names
     */
    public function getEnabledProviders(): array
    {
        $result = [];
        if ($this->accountSettings === null) {
            return $result;
        }
        try {
            $userProviders = array_flip($this->accountSettings->getEnabledProviders());
            $orgProviders = array_flip($this->orgSettings->getEnabledProviders());
        } catch (RecordNotFoundException $exception) {
            return $result;
        }
        foreach ($orgProviders as $orgProvider => $i) {
            if (isset($userProviders[$orgProvider])) {
                $result[] = $orgProvider;
            }
        }

        return $result;
    }

    /**
     * Get a list of all enabled providers
     *
     * @return array
     */
    public function getEnabledProvidersWithLastUsedFirst(): array
    {
        $providers = $this->getEnabledProviders();

        return $this->sortProvidersService->sortWithLastUsedProviderFirst($this->uac, $providers);
    }

    /**
     * Return true if the provider is enabled for both the organization and user
     *
     * @param string $provider provider name
     * @return bool
     */
    public function isProviderEnabled(string $provider): bool
    {
        $providers = $this->getEnabledProviders();

        return array_search($provider, $providers) !== false;
    }

    /**
     * Return true if the user has at least one provider enabled, and this provider is enabled for the organization
     *
     * @return bool
     */
    public function hasEnabledProviders(): bool
    {
        return count($this->getEnabledProviders()) > 0;
    }

    /**
     * Get account settings
     *
     * @param bool|null $refresh if a new table find is required
     * @return \Passbolt\MultiFactorAuthentication\Utility\MfaAccountSettings|null
     */
    public function getAccountSettings(?bool $refresh = false): ?MfaAccountSettings
    {
        if ($this->accountSettings === null || $refresh) {
            try {
                $this->accountSettings = MfaAccountSettings::get($this->uac);
            } catch (RecordNotFoundException $exception) {
                return null;
            }
        }

        return $this->accountSettings;
    }

    /**
     * Get organization settings
     *
     * @return \Passbolt\MultiFactorAuthentication\Utility\MfaOrgSettings
     */
    public function getOrganizationSettings(): MfaOrgSettings
    {
        return $this->orgSettings;
    }

    /**
     * Get the list of verification url by enabled providers
     * Example: ['totp' => 'BASE_URL/verify/totp']
     *
     * @param bool|null $json if json extension required
     * @return array
     */
    public function getProvidersVerifyUrls(?bool $json = true): array
    {
        $providers = $this->getEnabledProviders();
        $data = [];
        foreach ($providers as $provider) {
            $data[$provider] = $this->getProviderVerifyUrl($provider, $json);
        }

        return $data;
    }

    /**
     * Get default provider verification url
     *
     * @param bool|null $json if json extension required
     * @return string
     */
    public function getDefaultVerifyUrl(?bool $json = true): string
    {
        $providers = $this->getEnabledProvidersWithLastUsedFirst();

        return $this->getProviderVerifyUrl($providers[0], $json);
    }

    /**
     * Return a given provider verification url
     *
     * @param string $provider provider name
     * @param bool|null $json if json extension required
     * @return string
     */
    public function getProviderVerifyUrl(string $provider, ?bool $json = true): string
    {
        if ($json) {
            $json = '.json';
        } else {
            $json = '';
        }

        return Router::url("/mfa/verify/$provider$json", true);
    }
}

Function Calls

None

Variables

None

Stats

MD5 1d968d095a39e208e6c0fc2dae075eff
Eval Count 0
Decode Time 91 ms