Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php namespace Drupal\rest_api_authentication\Authentication\Provider; use Drupal..
Decoded Output download
<?php
namespace Drupal\rest_api_authentication\Authentication\Provider;
use Drupal\rest_api_authentication\API_Authentication_Basic_Auth;
use Drupal\rest_api_authentication\API_Authentication_API_Token;
use Drupal\rest_api_authentication\API_Authentication_OAuth;
use Drupal\rest_api_authentication\API_Authentication_JWT;
use Drupal\rest_api_authentication\API_Authentication_Ext_OAuth;
use Symfony\Component\Routing;
use Drupal\Component\Utility;
use Drupal\Core\Authentication\AuthenticationProviderInterface;
use Drupal\Core\Config\ConfigFactoryInterface;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Drupal\user\Entity\User;
use Drupal\rest_api_authentication\Utilities;
use Drupal\Core\Flood\FloodInterface;
use Drupal\user\UserAuthInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Event\ExceptionEvent;
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
class restAPI implements AuthenticationProviderInterface
{
protected $config;
protected $entityTypeManager;
public function __construct(ConfigFactoryInterface $G1, EntityTypeManagerInterface $oJ)
{
$this->config = $G1->get("rest_api_authentication.settings");
$this->entityTypeManager = $oJ;
}
public function applies(Request $dx)
{
$O9 = \Drupal::config("rest_api_authentication.settings")->get("enable_authentication");
if (!($O9 == 1)) {
goto v4;
}
$Mx = trim(\Drupal::config("rest_api_authentication.settings")->get("list_of_apis") ?? '');
if (!(!empty($Mx) || $Mx != null)) {
goto oF;
}
$Mx = explode(";", $Mx);
foreach ($Mx as $PW) {
if (strpos($dx->getRequestUri(), $PW) !== false && trim($PW) != '') {
goto nq;
}
if (strpos($PW, "{}")) {
goto kh;
}
goto zn;
nq:
return true;
goto zn;
kh:
$CZ = explode("/", $PW);
$mS = explode("/", $dx->getRequestUri());
if (!(count($CZ) == count($mS))) {
goto sS;
}
$ge = array();
$De = 0;
Rs:
if (!($De < count($CZ))) {
goto dd;
}
if ($CZ[$De] == "{}") {
goto kE;
}
$ge[$De] = 0;
goto Z6;
kE:
$ge[$De] = 1;
Z6:
nd:
$De++;
goto Rs;
dd:
$De = 0;
r2:
if (!($De < count($CZ))) {
goto qz;
}
if (!($CZ[$De] != $mS[$De])) {
goto uX;
}
if ($ge[$De] == 1) {
goto BC;
}
$ge[$De] = 2;
goto oH;
BC:
$ge[$De] = 0;
oH:
uX:
mC:
$De++;
goto r2;
qz:
if (!(array_sum($ge) == 0)) {
goto og;
}
return true;
og:
sS:
zn:
yw:
}
m3:
oF:
$rg = \Drupal::config("rest_api_authentication.settings")->get("whitelist_get_apis");
if (!($rg == 1)) {
goto OL;
}
if (!($dx->getMethod() == "GET")) {
goto ew;
}
return false;
ew:
OL:
if (!(strpos($dx->getRequestUri(), "/admin/config/services/jsonapi/") !== false)) {
goto sN;
}
return false;
sN:
if (!(strpos($dx->getRequestUri(), "/jsonapi/") !== false)) {
goto lu;
}
return true;
lu:
if (!(strpos($dx->getRequestUri(), "?_format=") !== false)) {
goto x2;
}
return true;
x2:
return false;
v4:
}
public function authenticate(Request $dx)
{
$GU = Utilities::video_guide_links();
if (!($GU == "false")) {
goto hC;
}
$y8 = array("status" => "error", "error_description" => "Your trial module has expired");
echo json_encode($y8);
exit;
hC:
$Uj = trim(\Drupal::config("rest_api_authentication.settings")->get("list_of_ips") ?? '');
if (!(!empty($Uj) || $Uj != null)) {
goto Jg;
}
$nv = \Drupal::config("rest_api_authentication.settings")->get("ip_access_type");
$Uj = explode(";", $Uj);
if ($nv) {
goto tf;
}
if (!(array_search($dx->getClientIp(), $Uj) === FALSE)) {
goto jF;
}
$y8 = array("status" => "error", "code" => "403", "error_description" => "The request can not be completed as your IP address is not whitelisted. Please contact your site adminstrator");
echo json_encode($y8);
jF:
goto EP;
tf:
if (!(array_search($dx->getClientIp(), $Uj) !== FALSE)) {
goto N2;
}
$y8 = array("status" => "error", "code" => "403", "error_description" => "This IP address is not allowed to make this request. Please contact your site adminstrator");
echo json_encode($y8);
exit;
N2:
EP:
Jg:
$Mf = array();
$Ia = \Drupal::config("rest_api_authentication.settings")->get("authentication_method");
switch ($Ia) {
case 0:
$Mf = API_Authentication_Basic_Auth::validate_api_request($dx);
goto HJ;
case 1:
$Mf = API_Authentication_API_Token::validate_api_request($dx);
goto HJ;
case 2:
$Mf = API_Authentication_OAuth::validate_api_request($dx);
goto HJ;
case 3:
$Mf = API_Authentication_JWT::validate_api_request($dx);
goto HJ;
case 4:
$Mf = API_Authentication_Ext_OAuth::validate_api_request($dx);
goto HJ;
default:
return null;
}
R6:
HJ:
if (!(isset($Mf["status"]) && $Mf["status"] == "error")) {
goto ni;
}
if (isset($Mf["message"]) && trim($Mf["message"]) != '' || isset($Mf["error_description"]) && trim($Mf["error_description"]) != '') {
goto DT;
}
throw new AccessDeniedHttpException();
return null;
goto ul;
DT:
print_r(json_encode($Mf, JSON_PRETTY_PRINT));
exit;
ul:
ni:
$ZT = $Mf["user"];
$UD = $ZT->id();
$py = '';
$py = trim(\Drupal::config("rest_api_authentication.settings")->get("list_of_role_restrictions") ?? '');
if (!(!empty($py) || $py != null)) {
goto yo;
}
$ye = explode(";", $py);
foreach ($ye as $HM) {
$MO = explode(":", $HM);
$PW = $MO[0];
$GC = $MO[1];
if (!(strpos($dx->getRequestUri(), $PW) !== false)) {
goto NH;
}
$ig = explode(",", $GC);
$Mr = array_intersect($ig, $ZT->getRoles());
if (count($Mr) > 0) {
goto xd;
}
$y8 = array("status" => "error", "code" => "401", "error_description" => "User does not have the required permissions.");
echo json_encode($y8, JSON_PRETTY_PRINT);
exit;
goto FR;
xd:
goto lp;
FR:
NH:
sH:
}
lp:
yo:
$lQ = $this->entityTypeManager->getStorage("user");
if (!(strpos($dx->getRequestUri(), "/user/login?_format=") !== false)) {
goto bN;
}
return null;
bN:
return $this->entityTypeManager->getStorage("user")->load($UD);
}
public function handleException(ExceptionEvent $hX)
{
$VG = $hX->getThrowable();
if (!$VG instanceof AccessDeniedHttpException) {
goto R3;
}
$hX->setThrowable(new UnauthorizedHttpException("Invalid consumer origin.", $VG));
return TRUE;
R3:
return FALSE;
}
}
?>Did this file decode correctly?
Original Code
<?php
namespace Drupal\rest_api_authentication\Authentication\Provider;
use Drupal\rest_api_authentication\API_Authentication_Basic_Auth;
use Drupal\rest_api_authentication\API_Authentication_API_Token;
use Drupal\rest_api_authentication\API_Authentication_OAuth;
use Drupal\rest_api_authentication\API_Authentication_JWT;
use Drupal\rest_api_authentication\API_Authentication_Ext_OAuth;
use Symfony\Component\Routing;
use Drupal\Component\Utility;
use Drupal\Core\Authentication\AuthenticationProviderInterface;
use Drupal\Core\Config\ConfigFactoryInterface;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Drupal\user\Entity\User;
use Drupal\rest_api_authentication\Utilities;
use Drupal\Core\Flood\FloodInterface;
use Drupal\user\UserAuthInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Event\ExceptionEvent;
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
class restAPI implements AuthenticationProviderInterface
{
protected $config;
protected $entityTypeManager;
public function __construct(ConfigFactoryInterface $G1, EntityTypeManagerInterface $oJ)
{
$this->config = $G1->get("\162\145\163\164\137\141\160\151\x5f\x61\x75\x74\150\145\x6e\164\x69\x63\141\164\151\157\156\x2e\x73\145\x74\164\151\156\147\x73");
$this->entityTypeManager = $oJ;
}
public function applies(Request $dx)
{
$O9 = \Drupal::config("\x72\x65\163\164\x5f\x61\x70\x69\x5f\x61\x75\164\150\145\x6e\164\151\x63\x61\x74\x69\x6f\x6e\x2e\163\145\164\x74\151\156\147\x73")->get("\x65\x6e\141\142\154\x65\x5f\x61\x75\x74\x68\x65\x6e\164\151\143\x61\x74\x69\x6f\156");
if (!($O9 == 1)) {
goto v4;
}
$Mx = trim(\Drupal::config("\162\x65\x73\164\137\141\x70\151\137\x61\x75\x74\x68\x65\x6e\x74\151\x63\141\x74\151\157\x6e\x2e\163\x65\164\164\x69\x6e\147\x73")->get("\154\x69\x73\164\137\157\146\137\141\160\x69\163") ?? '');
if (!(!empty($Mx) || $Mx != null)) {
goto oF;
}
$Mx = explode("\x3b", $Mx);
foreach ($Mx as $PW) {
if (strpos($dx->getRequestUri(), $PW) !== false && trim($PW) != '') {
goto nq;
}
if (strpos($PW, "\x7b\175")) {
goto kh;
}
goto zn;
nq:
return true;
goto zn;
kh:
$CZ = explode("\x2f", $PW);
$mS = explode("\x2f", $dx->getRequestUri());
if (!(count($CZ) == count($mS))) {
goto sS;
}
$ge = array();
$De = 0;
Rs:
if (!($De < count($CZ))) {
goto dd;
}
if ($CZ[$De] == "\x7b\x7d") {
goto kE;
}
$ge[$De] = 0;
goto Z6;
kE:
$ge[$De] = 1;
Z6:
nd:
$De++;
goto Rs;
dd:
$De = 0;
r2:
if (!($De < count($CZ))) {
goto qz;
}
if (!($CZ[$De] != $mS[$De])) {
goto uX;
}
if ($ge[$De] == 1) {
goto BC;
}
$ge[$De] = 2;
goto oH;
BC:
$ge[$De] = 0;
oH:
uX:
mC:
$De++;
goto r2;
qz:
if (!(array_sum($ge) == 0)) {
goto og;
}
return true;
og:
sS:
zn:
yw:
}
m3:
oF:
$rg = \Drupal::config("\162\x65\163\x74\x5f\x61\160\151\137\x61\165\x74\150\145\156\x74\x69\143\141\164\151\x6f\156\x2e\x73\x65\164\164\x69\x6e\x67\163")->get("\167\150\151\164\145\154\151\x73\164\137\x67\145\164\137\141\160\x69\163");
if (!($rg == 1)) {
goto OL;
}
if (!($dx->getMethod() == "\107\x45\x54")) {
goto ew;
}
return false;
ew:
OL:
if (!(strpos($dx->getRequestUri(), "\57\141\x64\x6d\151\x6e\57\x63\x6f\156\x66\x69\147\57\163\145\x72\166\x69\143\145\x73\57\x6a\x73\157\x6e\141\160\151\57") !== false)) {
goto sN;
}
return false;
sN:
if (!(strpos($dx->getRequestUri(), "\57\x6a\163\x6f\156\141\x70\x69\57") !== false)) {
goto lu;
}
return true;
lu:
if (!(strpos($dx->getRequestUri(), "\x3f\x5f\146\157\x72\x6d\x61\164\75") !== false)) {
goto x2;
}
return true;
x2:
return false;
v4:
}
public function authenticate(Request $dx)
{
$GU = Utilities::video_guide_links();
if (!($GU == "\x66\141\x6c\163\x65")) {
goto hC;
}
$y8 = array("\163\164\141\x74\x75\x73" => "\145\162\162\x6f\162", "\x65\162\162\x6f\162\x5f\x64\x65\x73\143\x72\x69\160\x74\x69\157\x6e" => "\x59\x6f\165\162\40\x74\x72\x69\141\x6c\x20\x6d\x6f\144\x75\x6c\145\x20\x68\141\163\x20\145\170\160\151\162\145\x64");
echo json_encode($y8);
exit;
hC:
$Uj = trim(\Drupal::config("\x72\145\163\164\x5f\x61\160\x69\x5f\x61\x75\x74\150\145\x6e\x74\x69\143\x61\x74\x69\157\x6e\56\x73\145\164\x74\151\156\147\x73")->get("\154\151\x73\164\137\157\x66\x5f\x69\160\163") ?? '');
if (!(!empty($Uj) || $Uj != null)) {
goto Jg;
}
$nv = \Drupal::config("\x72\145\163\x74\x5f\141\160\x69\137\141\165\164\x68\x65\x6e\x74\x69\x63\x61\164\151\157\156\56\x73\x65\x74\164\151\x6e\x67\x73")->get("\151\160\137\141\143\143\145\163\x73\x5f\x74\x79\160\x65");
$Uj = explode("\73", $Uj);
if ($nv) {
goto tf;
}
if (!(array_search($dx->getClientIp(), $Uj) === FALSE)) {
goto jF;
}
$y8 = array("\x73\x74\x61\x74\x75\x73" => "\x65\x72\162\157\x72", "\x63\157\x64\145" => "\64\x30\63", "\145\162\162\x6f\162\x5f\144\x65\x73\143\x72\151\x70\164\151\x6f\156" => "\x54\x68\x65\40\x72\x65\161\x75\x65\x73\x74\x20\143\141\x6e\x20\156\157\x74\40\x62\145\40\x63\x6f\x6d\160\154\145\164\x65\x64\40\141\163\40\x79\x6f\165\162\x20\x49\x50\40\x61\x64\144\x72\145\x73\x73\40\151\163\40\156\x6f\164\40\x77\x68\x69\164\145\x6c\x69\163\164\x65\x64\56\40\120\x6c\x65\x61\x73\145\x20\143\157\x6e\x74\141\143\164\40\171\x6f\x75\x72\40\x73\x69\x74\x65\40\x61\144\155\151\156\x73\164\x72\141\164\157\162");
echo json_encode($y8);
jF:
goto EP;
tf:
if (!(array_search($dx->getClientIp(), $Uj) !== FALSE)) {
goto N2;
}
$y8 = array("\x73\164\141\164\165\x73" => "\145\x72\x72\157\x72", "\x63\157\x64\145" => "\x34\x30\63", "\145\x72\162\x6f\162\137\144\145\163\143\162\x69\160\x74\x69\x6f\156" => "\124\150\x69\163\x20\x49\120\40\141\x64\x64\x72\145\x73\163\40\x69\163\x20\156\157\x74\x20\x61\x6c\x6c\157\x77\x65\144\x20\x74\157\x20\155\x61\153\145\x20\x74\150\151\163\x20\162\x65\161\165\x65\x73\164\x2e\x20\120\154\145\141\x73\145\40\143\x6f\156\x74\141\x63\164\40\x79\x6f\165\162\x20\x73\151\164\x65\x20\141\144\155\151\156\x73\x74\162\x61\x74\x6f\x72");
echo json_encode($y8);
exit;
N2:
EP:
Jg:
$Mf = array();
$Ia = \Drupal::config("\x72\145\163\164\137\x61\160\x69\137\x61\165\x74\x68\145\x6e\x74\151\143\141\164\151\x6f\x6e\x2e\x73\x65\x74\164\151\156\147\x73")->get("\141\x75\x74\150\x65\156\x74\x69\x63\x61\x74\151\157\156\137\x6d\x65\164\150\x6f\144");
switch ($Ia) {
case 0:
$Mf = API_Authentication_Basic_Auth::validate_api_request($dx);
goto HJ;
case 1:
$Mf = API_Authentication_API_Token::validate_api_request($dx);
goto HJ;
case 2:
$Mf = API_Authentication_OAuth::validate_api_request($dx);
goto HJ;
case 3:
$Mf = API_Authentication_JWT::validate_api_request($dx);
goto HJ;
case 4:
$Mf = API_Authentication_Ext_OAuth::validate_api_request($dx);
goto HJ;
default:
return null;
}
R6:
HJ:
if (!(isset($Mf["\163\x74\141\x74\165\163"]) && $Mf["\163\164\x61\x74\x75\x73"] == "\x65\x72\x72\157\x72")) {
goto ni;
}
if (isset($Mf["\x6d\145\163\163\141\x67\145"]) && trim($Mf["\155\x65\163\x73\x61\147\x65"]) != '' || isset($Mf["\x65\x72\162\x6f\162\137\x64\x65\163\143\162\151\x70\164\151\x6f\x6e"]) && trim($Mf["\x65\x72\x72\157\x72\x5f\x64\145\163\x63\162\x69\160\164\x69\157\156"]) != '') {
goto DT;
}
throw new AccessDeniedHttpException();
return null;
goto ul;
DT:
print_r(json_encode($Mf, JSON_PRETTY_PRINT));
exit;
ul:
ni:
$ZT = $Mf["\x75\163\x65\x72"];
$UD = $ZT->id();
$py = '';
$py = trim(\Drupal::config("\162\145\x73\164\137\x61\x70\151\x5f\141\x75\164\150\x65\156\164\x69\143\x61\164\x69\x6f\x6e\x2e\x73\145\164\x74\x69\x6e\x67\163")->get("\x6c\x69\163\x74\x5f\157\146\x5f\x72\157\154\145\x5f\x72\x65\163\x74\162\x69\x63\164\151\157\x6e\163") ?? '');
if (!(!empty($py) || $py != null)) {
goto yo;
}
$ye = explode("\73", $py);
foreach ($ye as $HM) {
$MO = explode("\x3a", $HM);
$PW = $MO[0];
$GC = $MO[1];
if (!(strpos($dx->getRequestUri(), $PW) !== false)) {
goto NH;
}
$ig = explode("\x2c", $GC);
$Mr = array_intersect($ig, $ZT->getRoles());
if (count($Mr) > 0) {
goto xd;
}
$y8 = array("\163\x74\141\x74\x75\163" => "\145\x72\x72\157\x72", "\x63\x6f\144\x65" => "\x34\x30\x31", "\145\x72\x72\x6f\162\137\144\145\x73\x63\x72\151\x70\x74\151\157\x6e" => "\x55\163\x65\162\x20\144\x6f\x65\163\x20\x6e\157\x74\x20\150\x61\x76\145\40\164\150\x65\40\162\145\161\x75\151\x72\x65\144\x20\x70\145\x72\x6d\x69\x73\163\x69\x6f\x6e\x73\56");
echo json_encode($y8, JSON_PRETTY_PRINT);
exit;
goto FR;
xd:
goto lp;
FR:
NH:
sH:
}
lp:
yo:
$lQ = $this->entityTypeManager->getStorage("\x75\163\x65\x72");
if (!(strpos($dx->getRequestUri(), "\x2f\x75\x73\x65\x72\57\x6c\x6f\147\151\156\77\137\x66\x6f\x72\x6d\x61\164\x3d") !== false)) {
goto bN;
}
return null;
bN:
return $this->entityTypeManager->getStorage("\165\x73\145\162")->load($UD);
}
public function handleException(ExceptionEvent $hX)
{
$VG = $hX->getThrowable();
if (!$VG instanceof AccessDeniedHttpException) {
goto R3;
}
$hX->setThrowable(new UnauthorizedHttpException("\x49\x6e\166\x61\154\x69\x64\40\143\157\156\x73\165\x6d\145\x72\40\157\x72\x69\147\x69\x6e\56", $VG));
return TRUE;
R3:
return FALSE;
}
}
Function Calls
| None |
Stats
| MD5 | 70010249c8c8fb4037a015ab5ce9869e |
| Eval Count | 0 |
| Decode Time | 43 ms |