Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php final class ConduitGetCertificateConduitAPIMethod extends ConduitAPIMethod { pub..

Decoded Output download

<?php

final class ConduitGetCertificateConduitAPIMethod extends ConduitAPIMethod {

  public function getAPIMethodName() {
    return 'conduit.getcertificate';
  }

  public function shouldRequireAuthentication() {
    return false;
  }

  public function shouldAllowUnguardedWrites() {
    // This method performs logging and is on the authentication pathway.
    return true;
  }

  public function getMethodDescription() {
    return pht('Retrieve certificate information for a user.');
  }

  protected function defineParamTypes() {
    return array(
      'token' => 'required string',
      'host'  => 'required string',
    );
  }

  protected function defineReturnType() {
    return 'dict<string, any>';
  }

  protected function defineErrorTypes() {
    return array(
      'ERR-BAD-TOKEN' => pht('Token does not exist or has expired.'),
      'ERR-RATE-LIMIT' => pht(
        'You have made too many invalid token requests recently. Wait before '.
        'making more.'),
    );
  }

  protected function execute(ConduitAPIRequest $request) {
    $failed_attempts = PhabricatorUserLog::loadRecentEventsFromThisIP(
      PhabricatorConduitCertificateFailureUserLogType::LOGTYPE,
      60 * 5);

    if (count($failed_attempts) > 5) {
      $this->logFailure($request);
      throw new ConduitException('ERR-RATE-LIMIT');
    }

    $token = $request->getValue('token');
    $info = id(new PhabricatorConduitCertificateToken())->loadOneWhere(
      'token = %s',
      trim($token));

    if (!$info || $info->getDateCreated() < time() - (60 * 15)) {
      $this->logFailure($request, $info);
      throw new ConduitException('ERR-BAD-TOKEN');
    } else {
      $log = PhabricatorUserLog::initializeNewLog(
          $request->getUser(),
          $info->getUserPHID(),
          PhabricatorConduitCertificateUserLogType::LOGTYPE)
        ->save();
    }

    $user = id(new PhabricatorUser())->loadOneWhere(
      'phid = %s',
      $info->getUserPHID());
    if (!$user) {
      throw new Exception(pht('Certificate token points to an invalid user!'));
    }

    return array(
      'username'    => $user->getUserName(),
      'certificate' => $user->getConduitCertificate(),
    );
  }

  private function logFailure(
    ConduitAPIRequest $request,
    PhabricatorConduitCertificateToken $info = null) {

    $log = PhabricatorUserLog::initializeNewLog(
        $request->getUser(),
        $info ? $info->getUserPHID() : '-',
        PhabricatorConduitCertificateFailureUserLogType::LOGTYPE)
      ->save();
  }

}
 ?>

Did this file decode correctly?

Original Code

<?php

final class ConduitGetCertificateConduitAPIMethod extends ConduitAPIMethod {

  public function getAPIMethodName() {
    return 'conduit.getcertificate';
  }

  public function shouldRequireAuthentication() {
    return false;
  }

  public function shouldAllowUnguardedWrites() {
    // This method performs logging and is on the authentication pathway.
    return true;
  }

  public function getMethodDescription() {
    return pht('Retrieve certificate information for a user.');
  }

  protected function defineParamTypes() {
    return array(
      'token' => 'required string',
      'host'  => 'required string',
    );
  }

  protected function defineReturnType() {
    return 'dict<string, any>';
  }

  protected function defineErrorTypes() {
    return array(
      'ERR-BAD-TOKEN' => pht('Token does not exist or has expired.'),
      'ERR-RATE-LIMIT' => pht(
        'You have made too many invalid token requests recently. Wait before '.
        'making more.'),
    );
  }

  protected function execute(ConduitAPIRequest $request) {
    $failed_attempts = PhabricatorUserLog::loadRecentEventsFromThisIP(
      PhabricatorConduitCertificateFailureUserLogType::LOGTYPE,
      60 * 5);

    if (count($failed_attempts) > 5) {
      $this->logFailure($request);
      throw new ConduitException('ERR-RATE-LIMIT');
    }

    $token = $request->getValue('token');
    $info = id(new PhabricatorConduitCertificateToken())->loadOneWhere(
      'token = %s',
      trim($token));

    if (!$info || $info->getDateCreated() < time() - (60 * 15)) {
      $this->logFailure($request, $info);
      throw new ConduitException('ERR-BAD-TOKEN');
    } else {
      $log = PhabricatorUserLog::initializeNewLog(
          $request->getUser(),
          $info->getUserPHID(),
          PhabricatorConduitCertificateUserLogType::LOGTYPE)
        ->save();
    }

    $user = id(new PhabricatorUser())->loadOneWhere(
      'phid = %s',
      $info->getUserPHID());
    if (!$user) {
      throw new Exception(pht('Certificate token points to an invalid user!'));
    }

    return array(
      'username'    => $user->getUserName(),
      'certificate' => $user->getConduitCertificate(),
    );
  }

  private function logFailure(
    ConduitAPIRequest $request,
    PhabricatorConduitCertificateToken $info = null) {

    $log = PhabricatorUserLog::initializeNewLog(
        $request->getUser(),
        $info ? $info->getUserPHID() : '-',
        PhabricatorConduitCertificateFailureUserLogType::LOGTYPE)
      ->save();
  }

}

Function Calls

None

Variables

None

Stats

MD5 55456570683a12368ba9d6de9f36e41b
Eval Count 0
Decode Time 122 ms