Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php namespace MiniOrange\OAuth\Controller\Actions; use Exception; use Magento\F..
Decoded Output download
<?php
namespace MiniOrange\OAuth\Controller\Actions;
use Exception;
use Magento\Framework\App\Action\Context;
use MiniOrange\OAuth\Helper\OAuthConstants;
use MiniOrange\OAuth\Helper\OAuth\AccessTokenRequest;
use MiniOrange\OAuth\Helper\OAuth\AccessTokenRequestBody;
use MiniOrange\OAuth\Helper\Curl;
use miniorange\OAuth\Controller\Actions\MathBigInteger;
use MiniOrange\OAuth\Helper\OAuthUtility;
use MiniOrange\OAuth\Helper\Crypt_RSA;
class ReadAuthorizationResponse extends BaseAction
{
private $REQUEST;
private $POST;
private $processResponseAction;
public function __construct(Context $KX, OAuthUtility $QY, ProcessResponseAction $FA)
{
$this->processResponseAction = $FA;
parent::__construct($KX, $QY);
}
public function execute()
{
$this->oauthUtility->addLogs("ReadAuthorizationResponse: execute");
$c0 = $this->getRequest()->getParams();
if (isset($c0["code"])) {
goto xC;
}
if (!isset($c0["error"])) {
goto HM;
}
return $this->sendHTTPRedirectRequest("?error=" . urlencode($c0["error"]), $this->oauthUtility->getBaseUrl());
HM:
return $this->sendHTTPRedirectRequest("?error=code+not+received", $this->oauthUtility->getBaseUrl());
xC:
$Kt = $c0["code"];
$ro = $c0["state"];
$oc = $this->oauthUtility->getStoreConfig(OAuthConstants::CLIENT_ID);
$WH = $this->oauthUtility->getStoreConfig(OAuthConstants::CLIENT_SECRET);
$sV = OAuthConstants::GRANT_TYPE;
$Kr = $this->oauthUtility->getStoreConfig(OAuthConstants::ACCESSTOKEN_URL);
$ko = $this->oauthUtility->getCallBackUrl();
$d2 = $this->oauthUtility->getStoreConfig(OAuthConstants::SEND_HEADER);
$o3 = $this->oauthUtility->getStoreConfig(OAuthConstants::SEND_BODY);
if ($d2 == 1 && $o3 == 0) {
goto Qy;
}
$xI = (new AccessTokenRequest($oc, $WH, $sV, $ko, $Kt))->build();
goto cZ;
Qy:
$xI = (new AccessTokenRequestBody($sV, $ko, $Kt))->build();
cZ:
$NH = Curl::mo_send_access_token_request($xI, $Kr, $oc, $WH);
$Rr = json_decode($NH, "true");
if (isset($Rr["access_token"])) {
goto eI;
}
if (isset($Rr["id_token"])) {
goto EK;
}
error_log(print_r($Rr, true));
return $this->getResponse()->setBody("Invalid response. Please try again.|M002");
goto b2;
eI:
$f0 = $Rr["access_token"];
$kq = $this->oauthUtility->getStoreConfig(OAuthConstants::GETUSERINFO_URL);
$d2 = "Bearer " . $f0;
$df = ["Authorization: {$d2}"];
$dg = Curl::mo_send_user_info_request($kq, $df);
$vP = json_decode($dg, "true");
goto b2;
EK:
$wP = $Rr["id_token"];
if (empty($wP)) {
goto Dd;
}
$Cc = $this->oauthUtility->getStoreConfig(OAuthConstants::X509CERT);
$xn = explode(".", (string) $wP);
if (sizeof($xn) > 2) {
goto hq;
}
error_log(print_r($xn, true));
return $this->getResponse()->setBody("Invalid response. Please try again.|M001");
goto Fs;
hq:
$vP = $xn[1];
$vP = json_decode(base64_decode($vP), true);
Fs:
Dd:
b2:
if (!empty($vP)) {
goto nq;
}
return $this->getResponse()->setBody("Invalid response. Please try again.|M003");
nq:
$vP["relayState"] = $ro;
$this->processResponseAction->setUserInfoResponse($vP)->execute();
}
public function setRequestParam($Bx)
{
$this->REQUEST = $Bx;
return $this;
}
public function setPostParam($post)
{
$this->POST = $post;
return $this;
}
public function verifySign($tA, $nO)
{
$uj = new Crypt_RSA();
$uj->loadKey(["n" => new MathBigInteger($this->get_base64_from_url($nO->n), 256), "e" => new MathBigInteger($this->get_base64_from_url($nO->e), 256)]);
$uj->setHash("sha256");
$uj->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
return $uj->verify($tA["data"], $tA["sign"]) ? true : false;
}
public function get_base64_from_url($nh)
{
return base64_decode(str_replace(["-", "_"], ["+", "/"], $nh));
}
public function decodeJWT($vv)
{
$gK = explode(".", (string) $vv);
$d2 = json_decode($this->get_base64_from_url($gK[0]));
$Ac = json_decode($this->get_base64_from_url($gK[1]));
$UO = $this->get_base64_from_url($gK[2]);
return ["header" => $d2, "payload" => $Ac, "sign" => $UO, "data" => $gK[0] . "." . $gK[1]];
}
}
?>Did this file decode correctly?
Original Code
<?php
namespace MiniOrange\OAuth\Controller\Actions;
use Exception;
use Magento\Framework\App\Action\Context;
use MiniOrange\OAuth\Helper\OAuthConstants;
use MiniOrange\OAuth\Helper\OAuth\AccessTokenRequest;
use MiniOrange\OAuth\Helper\OAuth\AccessTokenRequestBody;
use MiniOrange\OAuth\Helper\Curl;
use miniorange\OAuth\Controller\Actions\MathBigInteger;
use MiniOrange\OAuth\Helper\OAuthUtility;
use MiniOrange\OAuth\Helper\Crypt_RSA;
class ReadAuthorizationResponse extends BaseAction
{
private $REQUEST;
private $POST;
private $processResponseAction;
public function __construct(Context $KX, OAuthUtility $QY, ProcessResponseAction $FA)
{
$this->processResponseAction = $FA;
parent::__construct($KX, $QY);
}
public function execute()
{
$this->oauthUtility->addLogs("\x52\x65\x61\x64\101\165\x74\150\x6f\162\x69\172\141\164\x69\x6f\x6e\122\145\163\160\x6f\156\x73\145\72\40\x65\x78\x65\143\x75\x74\145");
$c0 = $this->getRequest()->getParams();
if (isset($c0["\x63\157\x64\145"])) {
goto xC;
}
if (!isset($c0["\x65\x72\162\157\x72"])) {
goto HM;
}
return $this->sendHTTPRedirectRequest("\77\x65\x72\x72\x6f\162\75" . urlencode($c0["\x65\x72\162\157\x72"]), $this->oauthUtility->getBaseUrl());
HM:
return $this->sendHTTPRedirectRequest("\x3f\145\x72\x72\x6f\162\x3d\x63\157\x64\145\x2b\156\x6f\164\53\162\145\143\145\x69\x76\x65\x64", $this->oauthUtility->getBaseUrl());
xC:
$Kt = $c0["\143\157\144\145"];
$ro = $c0["\x73\x74\141\164\145"];
$oc = $this->oauthUtility->getStoreConfig(OAuthConstants::CLIENT_ID);
$WH = $this->oauthUtility->getStoreConfig(OAuthConstants::CLIENT_SECRET);
$sV = OAuthConstants::GRANT_TYPE;
$Kr = $this->oauthUtility->getStoreConfig(OAuthConstants::ACCESSTOKEN_URL);
$ko = $this->oauthUtility->getCallBackUrl();
$d2 = $this->oauthUtility->getStoreConfig(OAuthConstants::SEND_HEADER);
$o3 = $this->oauthUtility->getStoreConfig(OAuthConstants::SEND_BODY);
if ($d2 == 1 && $o3 == 0) {
goto Qy;
}
$xI = (new AccessTokenRequest($oc, $WH, $sV, $ko, $Kt))->build();
goto cZ;
Qy:
$xI = (new AccessTokenRequestBody($sV, $ko, $Kt))->build();
cZ:
$NH = Curl::mo_send_access_token_request($xI, $Kr, $oc, $WH);
$Rr = json_decode($NH, "\164\162\165\x65");
if (isset($Rr["\x61\x63\143\x65\x73\x73\137\x74\x6f\x6b\145\156"])) {
goto eI;
}
if (isset($Rr["\151\x64\137\x74\157\153\145\x6e"])) {
goto EK;
}
error_log(print_r($Rr, true));
return $this->getResponse()->setBody("\x49\156\x76\x61\154\151\144\x20\162\145\163\160\x6f\156\163\x65\56\x20\120\x6c\145\x61\x73\145\x20\164\162\171\40\141\147\141\151\x6e\56\174\x4d\x30\60\x32");
goto b2;
eI:
$f0 = $Rr["\141\143\x63\x65\163\x73\x5f\164\157\x6b\145\x6e"];
$kq = $this->oauthUtility->getStoreConfig(OAuthConstants::GETUSERINFO_URL);
$d2 = "\x42\145\141\x72\x65\x72\40" . $f0;
$df = ["\x41\x75\x74\150\x6f\x72\x69\172\x61\x74\151\x6f\156\x3a\40{$d2}"];
$dg = Curl::mo_send_user_info_request($kq, $df);
$vP = json_decode($dg, "\164\x72\x75\x65");
goto b2;
EK:
$wP = $Rr["\151\x64\x5f\x74\157\153\x65\156"];
if (empty($wP)) {
goto Dd;
}
$Cc = $this->oauthUtility->getStoreConfig(OAuthConstants::X509CERT);
$xn = explode("\56", (string) $wP);
if (sizeof($xn) > 2) {
goto hq;
}
error_log(print_r($xn, true));
return $this->getResponse()->setBody("\x49\156\x76\x61\x6c\x69\144\40\162\x65\163\x70\x6f\156\163\x65\56\x20\x50\154\x65\141\163\145\40\x74\x72\171\40\x61\x67\x61\x69\x6e\x2e\x7c\115\60\x30\61");
goto Fs;
hq:
$vP = $xn[1];
$vP = json_decode(base64_decode($vP), true);
Fs:
Dd:
b2:
if (!empty($vP)) {
goto nq;
}
return $this->getResponse()->setBody("\x49\156\166\x61\154\151\x64\40\162\145\x73\x70\x6f\x6e\163\145\56\x20\120\x6c\145\x61\x73\x65\x20\x74\x72\171\x20\x61\147\141\151\x6e\x2e\x7c\115\60\x30\63");
nq:
$vP["\162\145\154\x61\x79\x53\x74\x61\164\x65"] = $ro;
$this->processResponseAction->setUserInfoResponse($vP)->execute();
}
public function setRequestParam($Bx)
{
$this->REQUEST = $Bx;
return $this;
}
public function setPostParam($post)
{
$this->POST = $post;
return $this;
}
public function verifySign($tA, $nO)
{
$uj = new Crypt_RSA();
$uj->loadKey(["\x6e" => new MathBigInteger($this->get_base64_from_url($nO->n), 256), "\145" => new MathBigInteger($this->get_base64_from_url($nO->e), 256)]);
$uj->setHash("\163\x68\141\x32\x35\66");
$uj->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
return $uj->verify($tA["\x64\x61\164\x61"], $tA["\x73\x69\x67\x6e"]) ? true : false;
}
public function get_base64_from_url($nh)
{
return base64_decode(str_replace(["\x2d", "\137"], ["\53", "\x2f"], $nh));
}
public function decodeJWT($vv)
{
$gK = explode("\56", (string) $vv);
$d2 = json_decode($this->get_base64_from_url($gK[0]));
$Ac = json_decode($this->get_base64_from_url($gK[1]));
$UO = $this->get_base64_from_url($gK[2]);
return ["\150\x65\141\144\x65\162" => $d2, "\160\141\171\154\x6f\x61\144" => $Ac, "\163\x69\147\x6e" => $UO, "\x64\x61\164\141" => $gK[0] . "\56" . $gK[1]];
}
}
Function Calls
| None |
Stats
| MD5 | 705257ac8ad502131de3fd2b9a0f526a |
| Eval Count | 0 |
| Decode Time | 60 ms |