Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php include_once dirname(__FILE__) . '/Utilities.php'; include_once dirname(__FILE..
Decoded Output download
<?php
include_once dirname(__FILE__) . '/Utilities.php';
include_once dirname(__FILE__) . '/Response.php';
include_once dirname(__FILE__) . '/LogoutRequest.php';
include_once 'xmlseclibs.php';
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
if (class_exists("AESEncryption")) {
goto uT;
}
require_once dirname(__FILE__) . '/includes/lib/encryption.php';
uT:
class mo_login_wid extends WP_Widget
{
public function __construct()
{
$Pv = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Identity_name);
parent::__construct("Saml_Login_Widget", "Login with " . $Pv, array("description" => __("This is a miniOrange SAML login widget.", "mosaml")));
}
public function widget($gB, $oy)
{
extract($gB);
$mj = '';
if (empty($oy["wid_title"])) {
goto uy;
}
$mj = apply_filters("widget_title", $oy["wid_title"]);
uy:
echo $gB["before_widget"];
if (empty($mj)) {
goto ab;
}
echo $gB["before_title"] . $mj . $gB["after_title"];
ab:
$this->loginForm();
echo $gB["after_widget"];
}
public function update($zo, $aC)
{
$oy = array();
$oy["wid_title"] = strip_tags($zo["wid_title"]);
return $oy;
}
public function form($oy)
{
$mj = '';
if (empty($oy["wid_title"])) {
goto fG;
}
$mj = $oy["wid_title"];
fG:
echo "
<p><label for="" . $this->get_field_id("wid_title") . " ">" . _e("Title:") . " </label>
\x9\x9<input class="widefat" id="" . $this->get_field_id("wid_title") . "" name="" . $this->get_field_name("wid_title") . "" type="text" value="" . $mj . "" />\xa </p>";
}
public function loginForm()
{
global $post;
$bY = SAMLSPUtilities::mo_saml_is_user_logged_in();
if (!$bY) {
goto uJ;
}
$current_user = wp_get_current_user();
$Xx = "Hello,";
if (!get_option("mo_saml_custom_greeting_text")) {
goto X7;
}
$Xx = get_option("mo_saml_custom_greeting_text");
X7:
$f6 = '';
if (!get_option("mo_saml_greeting_name")) {
goto EE;
}
switch (get_option("mo_saml_greeting_name")) {
case "USERNAME":
$f6 = $current_user->user_login;
goto Dd;
case "EMAIL":
$f6 = $current_user->user_email;
goto Dd;
case "FNAME":
$f6 = $current_user->user_firstname;
goto Dd;
case "LNAME":
$f6 = $current_user->user_lastname;
goto Dd;
case "FNAME_LNAME":
$f6 = $current_user->user_firstname . " " . $current_user->user_lastname;
goto Dd;
case "LNAME_FNAME":
$f6 = $current_user->user_lastname . " " . $current_user->user_firstname;
goto Dd;
default:
$f6 = $current_user->user_login;
}
E5:
Dd:
EE:
$f6 = trim($f6);
if (!empty($f6)) {
goto gl;
}
$f6 = $current_user->user_login;
gl:
$wk = $Xx . " " . $f6;
$iV = "Logout";
if (!get_option("mo_saml_custom_logout_text")) {
goto Wg;
}
$iV = get_option("mo_saml_custom_logout_text");
Wg:
echo $wk . " | <a href="" . wp_logout_url(home_url()) . "" title="logout" >" . $iV . "</a></li>";
goto NV;
uJ:
$yg = saml_get_current_page_url();
echo "
\x9 <script>
function submitSamlForm(){ document.getElementById("miniorange-saml-sp-sso-login-form").submit(); }
\x9</script>\xa <form name="miniorange-saml-sp-sso-login-form" id="miniorange-saml-sp-sso-login-form" method="post" action="">
<input type="hidden" name="option" value="saml_user_login" />\xa <input type="hidden" name="redirect_to" value="" . $yg . "" />
\x9<font size="+1" style="vertical-align:top;"> </font>";
$Zs = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Identity_name);
if (!empty($Zs)) {
goto SK;
}
echo "Please configure the miniOrange SAML Plugin first.";
goto qj;
SK:
$yA = "Login with ##IDP##";
if (!get_option("mo_saml_custom_login_text")) {
goto pb;
}
$yA = get_option("mo_saml_custom_login_text");
pb:
$yA = str_replace("##IDP##", $Zs, $yA);
$c7 = false;
if (!get_option("mo_saml_use_button_as_widget")) {
goto o7;
}
if (!(get_option("mo_saml_use_button_as_widget") == "true")) {
goto p_;
}
$c7 = true;
p_:
o7:
if (!$c7) {
goto Ci;
}
$Ma = get_option("mo_saml_button_width") ? get_option("mo_saml_button_width") : "100";
$AR = get_option("mo_saml_button_height") ? get_option("mo_saml_button_height") : "50";
$HX = get_option("mo_saml_button_size") ? get_option("mo_saml_button_size") : "50";
$Fe = get_option("mo_saml_button_curve") ? get_option("mo_saml_button_curve") : "5";
$s8 = get_option("mo_saml_button_color") ? get_option("mo_saml_button_color") : "0085ba";
$AJ = get_option("mo_saml_button_theme") ? get_option("mo_saml_button_theme") : "longbutton";
$dp = !empty($_SESSION["mo_guest_login"]["logged_in_idp_name"]) ? $_SESSION["mo_guest_login"]["logged_in_idp_name"] : LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Identity_name);
$SP = get_option("mo_saml_button_text") ? get_option("mo_saml_button_text") : ($dp ? $dp : "Login");
$cN = get_option("mo_saml_font_color") ? get_option("mo_saml_font_color") : "ffffff";
$WE = get_option("mo_saml_font_size") ? get_option("mo_saml_font_size") : "20";
$yA = "<input type="button" name="mo_saml_wp_sso_button" value="" . $SP . "" style="";
$dC = '';
if ($AJ == "longbutton") {
goto mC;
}
if ($AJ == "circle") {
goto ki;
}
if ($AJ == "oval") {
goto g2;
}
if ($AJ == "square") {
goto yL;
}
goto pg;
ki:
$dC = $dC . "width:" . $HX . "px;";
$dC = $dC . "height:" . $HX . "px;";
$dC = $dC . "border-radius:999px;";
goto pg;
g2:
$dC = $dC . "width:" . $HX . "px;";
$dC = $dC . "height:" . $HX . "px;";
$dC = $dC . "border-radius:5px;";
goto pg;
yL:
$dC = $dC . "width:" . $HX . "px;";
$dC = $dC . "height:" . $HX . "px;";
$dC = $dC . "border-radius:0px;";
pg:
goto gW;
mC:
$dC = $dC . "width:" . $Ma . "px;";
$dC = $dC . "height:" . $AR . "px;";
$dC = $dC . "border-radius:" . $Fe . "px;";
gW:
$dC = $dC . "background-color:#" . $s8 . ";";
$dC = $dC . "border-color:transparent;";
$dC = $dC . "color:#" . $cN . ";";
$dC = $dC . "font-size:" . $WE . "px;";
$dC = $dC . "padding:0px;";
$yA = $yA . $dC . ""/>";
Ci:
echo " <a href="#" onClick="submitSamlForm()">";
echo $yA;
echo "</a></form> ";
qj:
echo " </ul>\xa </form>";
NV:
}
public function mo_saml_widget_init()
{
if (!(defined("WP_CLI") && WP_CLI)) {
goto VU;
}
require_once dirname(__FILE__) . "/mo-saml-wp-cli-commands.php";
VU:
if (!(isset($_REQUEST["option"]) and $_REQUEST["option"] == "saml_user_logout")) {
goto sG;
}
$user = is_user_logged_in() ? wp_get_current_user() : null;
if (empty($user)) {
goto YX;
}
wp_logout();
YX:
sG:
}
function mo_saml_logout($kP)
{
$user = get_user_by("id", $kP);
$jJ = htmlspecialchars_decode(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Logout_URL));
$Dg = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Logout_binding_type);
$Ff = wp_get_referer();
$tB = get_option("mo_saml_sp_base_url");
$Jg = false;
if (empty($_COOKIE["logged_in_with_idp"])) {
goto xP;
}
$Jg = true;
xP:
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto po;
}
session_start();
po:
if (!empty($Ff)) {
goto F4;
}
$Ff = !empty($tB) ? $tB : home_url();
F4:
if (empty($jJ)) {
goto zm;
}
if (!empty($_SESSION["mo_saml_logout_request"])) {
goto Er;
}
if (!empty($_SESSION["mo_saml"]["logged_in_with_idp"]) || $Jg) {
goto jH;
}
goto Xr;
Er:
self::createLogoutResponseAndRedirect($jJ, $Dg);
exit;
goto Xr;
jH:
$current_user = $user;
if (!empty($_SESSION["mo_guest_login"]["nameID"])) {
goto u7;
}
if (!empty($_COOKIE["nameID"])) {
goto Xf;
}
$aL = get_user_meta($current_user->ID, "mo_saml_name_id");
goto DA;
Xf:
$aL = $_COOKIE["nameID"];
DA:
goto gc;
u7:
$aL = $_SESSION["mo_guest_login"]["nameID"];
gc:
if (!empty($_SESSION["mo_guest_login"]["sessionIndex"])) {
goto HE;
}
if (!empty($_COOKIE["sessionIndex"])) {
goto U6;
}
$RR = get_user_meta($current_user->ID, "mo_saml_session_index");
goto f1;
U6:
$RR = $_COOKIE["sessionIndex"];
f1:
goto BN;
HE:
$RR = $_SESSION["mo_guest_login"]["sessionIndex"];
BN:
if (empty($aL)) {
goto C1;
}
unset($_SESSION["mo_saml"]);
unset($_SESSION["mo_guest_login"]);
unset($_COOKIE["logged_in_with_idp"]);
setcookie("logged_in_with_idp", '', time() - 3600, "/");
setcookie("nameID", '', time() - 3600, "/");
setcookie("sessionIndex", '', time() - 3600, "/");
mo_saml_create_logout_request($aL, $RR, $jJ, $Dg, $Ff);
C1:
Xr:
zm:
if (!isset($_SESSION["mo_guest_login"]["nameID"])) {
goto OP;
}
unset($_SESSION["mo_guest_login"]);
setcookie("nameID", '', time() - 3600, "/");
setcookie("sessionIndex", '', time() - 3600, "/");
OP:
$g3 = get_option("mo_saml_logout_relay_state");
if (empty($g3)) {
goto PK;
}
wp_redirect($g3);
exit;
PK:
wp_redirect($Ff);
exit;
}
function createLogoutResponseAndRedirect($jJ, $Dg)
{
$tB = get_option("mo_saml_sp_base_url");
if (!empty($tB)) {
goto m6;
}
$tB = home_url();
m6:
$Pb = $_SESSION["mo_saml_logout_request"];
$HI = $_SESSION["mo_saml_logout_relay_state"];
unset($_SESSION["mo_saml_logout_request"]);
unset($_SESSION["mo_saml_logout_relay_state"]);
$lu = new DOMDocument();
$lu->loadXML($Pb);
$Pb = $lu->firstChild;
if (!($Pb->localName == "LogoutRequest")) {
goto jA;
}
$OG = new SAML2SPLogoutRequest($Pb);
$jH = get_option("mo_saml_sp_entity_id");
if (!empty($jH)) {
goto tT;
}
$jH = $tB . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
tT:
$kQ = $jJ;
$WJ = SAMLSPUtilities::createLogoutResponse($OG->getId(), $jH, $kQ, $Dg);
if (empty($Dg) || $Dg == "HttpRedirect") {
goto US;
}
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "checked")) {
goto o4;
}
$VZ = base64_encode($WJ);
SAMLSPUtilities::postSAMLResponse($jJ, $VZ, $HI);
exit;
o4:
$Kx = '';
$UN = '';
$VZ = SAMLSPUtilities::signXML($WJ, "Status");
SAMLSPUtilities::postSAMLResponse($jJ, $VZ, $HI);
goto vz;
US:
$N5 = $jJ;
if (strpos($jJ, "?") !== false) {
goto Kc;
}
$N5 .= "?";
goto tQ;
Kc:
$N5 .= "&";
tQ:
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "checked")) {
goto eb;
}
$N5 .= "SAMLResponse=" . $WJ . "&RelayState=" . urlencode($HI);
header("Location: " . $N5);
exit;
eb:
$H9 = "SAMLResponse=" . $WJ . "&RelayState=" . urlencode($HI) . "&SigAlg=" . urlencode(XMLSecurityKey::RSA_SHA256);
$MO = array("type" => "private");
$W4 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $MO);
$FV = get_option("mo_saml_current_cert_private_key");
$W4->loadKey($FV, FALSE);
$wm = new XMLSecurityDSig();
$N4 = $W4->signData($H9);
$N4 = base64_encode($N4);
$N5 .= $H9 . "&Signature=" . urlencode($N4);
header("Location: " . $N5);
exit;
vz:
jA:
}
}
function mo_saml_create_logout_request($aL, $RR, $jJ, $Dg, $Ff)
{
$tB = get_option("mo_saml_sp_base_url");
if (!empty($tB)) {
goto Gg;
}
$tB = home_url();
Gg:
$jH = get_option("mo_saml_sp_entity_id");
if (!empty($jH)) {
goto h5;
}
$jH = $tB . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
h5:
$kQ = $jJ;
$Ox = $Ff;
$Ox = mo_saml_get_relay_state($Ox);
$H9 = SAMLSPUtilities::createLogoutRequest($aL, $jH, $kQ, $RR, $Dg);
if (empty($Dg) || $Dg == "HttpRedirect") {
goto iK;
}
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "checked")) {
goto kW;
}
$VZ = base64_encode($H9);
SAMLSPUtilities::postSAMLRequest($jJ, $VZ, $Ox);
exit;
kW:
$Kx = '';
$UN = '';
$VZ = SAMLSPUtilities::signXML($H9, "NameID");
SAMLSPUtilities::postSAMLRequest($jJ, $VZ, $Ox);
goto yM;
iK:
$N5 = $jJ;
if (strpos($jJ, "?") !== false) {
goto Lx;
}
$N5 .= "?";
goto aT;
Lx:
$N5 .= "&";
aT:
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "checked")) {
goto rf;
}
$N5 .= "SAMLRequest=" . $H9 . "&RelayState=" . urlencode($Ox);
header("Location: " . $N5);
exit;
rf:
$H9 = "SAMLRequest=" . $H9 . "&RelayState=" . urlencode($Ox) . "&SigAlg=" . urlencode(XMLSecurityKey::RSA_SHA256);
$MO = array("type" => "private");
$W4 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $MO);
$FV = get_option("mo_saml_current_cert_private_key");
$W4->loadKey($FV, FALSE);
$wm = new XMLSecurityDSig();
$N4 = $W4->signData($H9);
$N4 = base64_encode($N4);
$N5 .= $H9 . "&Signature=" . urlencode($N4);
header("Location: " . $N5);
exit;
yM:
}
function mo_login_validate()
{
if (Mo_Saml_License_Utility::is_customer_license_valid(false, false)) {
goto iz;
}
return;
iz:
if (!(isset($_REQUEST["option"]) && $_REQUEST["option"] == "mosaml_metadata" && Mo_Saml_License_Utility::is_customer_license_valid())) {
goto cv;
}
miniorange_generate_metadata();
cv:
if (!(isset($_REQUEST["option"]) && $_REQUEST["option"] == "export_configuration")) {
goto s3;
}
if (!(current_user_can("manage_options") && Mo_Saml_License_Utility::is_customer_license_valid())) {
goto Eq;
}
miniorange_import_export(true);
Eq:
exit;
s3:
if (!(isset($_REQUEST["option"]) && $_REQUEST["option"] == "saml_user_login" || isset($_REQUEST["option"]) && $_REQUEST["option"] == "testidpconfig" || isset($_REQUEST["option"]) && $_REQUEST["option"] == "getsamlrequest" || isset($_REQUEST["option"]) && $_REQUEST["option"] == "getsamlresponse")) {
goto Wn;
}
if (!mo_saml_is_sp_configured()) {
goto VD;
}
if (!(is_user_logged_in() && $_REQUEST["option"] == "saml_user_login")) {
goto al;
}
if (empty($_REQUEST["redirect_to"])) {
goto DB;
}
$N7 = htmlspecialchars($_REQUEST["redirect_to"]);
wp_safe_redirect($N7);
exit;
DB:
return;
al:
$tB = get_option("mo_saml_sp_base_url");
if (!empty($tB)) {
goto iL;
}
$tB = home_url();
iL:
if (isset($_REQUEST["idp"]) and !empty($_REQUEST["idp"])) {
goto dB;
}
$mQ = '';
goto uo;
dB:
$mQ = htmlspecialchars($_REQUEST["idp"]);
uo:
if ($_REQUEST["option"] == "testidpconfig" and isset($_REQUEST["newcert"])) {
goto u9;
}
if ($_REQUEST["option"] == "testidpconfig") {
goto Ju;
}
if ($_REQUEST["option"] == "getsamlrequest") {
goto sb;
}
if ($_REQUEST["option"] == "getsamlresponse") {
goto Mw;
}
if (get_option("mo_saml_relay_state") && get_option("mo_saml_relay_state") != '') {
goto Op;
}
if (!empty($_REQUEST["redirect_to"])) {
goto M0;
}
$Ox = wp_get_referer();
goto lI;
M0:
$Ox = htmlspecialchars($_REQUEST["redirect_to"]);
lI:
goto yv;
Op:
$Ox = get_option("mo_saml_relay_state");
yv:
goto Id;
Mw:
$Ox = "displaySAMLResponse";
Id:
goto Mf;
sb:
$Ox = "displaySAMLRequest";
Mf:
goto Jm;
Ju:
$Ox = "testValidate";
Jm:
goto kg;
u9:
$Ox = "testNewCertificate";
kg:
if (!empty($Ox)) {
goto M8;
}
$Ox = $tB;
M8:
$RB = htmlspecialchars_decode(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Login_URL));
$VL = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Login_binding_type);
$q5 = get_option("mo_saml_force_authentication");
$re = $tB . "/";
$jH = get_option("mo_saml_sp_entity_id");
$D1 = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::NameID_Format);
if (!empty($D1)) {
goto cP;
}
$D1 = "1.1:nameid-format:unspecified";
cP:
if (!empty($jH)) {
goto OA;
}
$jH = $tB . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
OA:
$H9 = SAMLSPUtilities::createAuthnRequest($re, $jH, $RB, $q5, $VL, $D1);
if (!($Ox == "displaySAMLRequest")) {
goto GV;
}
mo_saml_show_SAML_log(SAMLSPUtilities::createAuthnRequest($re, $jH, $RB, $q5, "HTTPPost", $D1), $Ox);
GV:
$N5 = $RB;
if (strpos($RB, "?") !== false) {
goto fv;
}
$N5 .= "?";
goto O9;
fv:
$N5 .= "&";
O9:
cldjkasjdksalc();
$Ox = mo_saml_get_relay_state($Ox);
$Ox = empty($Ox) ? "/" : $Ox;
if (empty($VL) || $VL == "HttpRedirect") {
goto Xa;
}
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "checked")) {
goto vD;
}
$VZ = base64_encode($H9);
SAMLSPUtilities::postSAMLRequest($RB, $VZ, $Ox);
exit;
vD:
$Kx = '';
$UN = '';
if ($_REQUEST["option"] == "testidpconfig" && isset($_REQUEST["newcert"])) {
goto ce;
}
$VZ = SAMLSPUtilities::signXML($H9, "NameIDPolicy");
goto cj;
ce:
$VZ = SAMLSPUtilities::signXML($H9, "NameIDPolicy", true);
cj:
SAMLSPUtilities::postSAMLRequest($RB, $VZ, $Ox, $mQ);
update_option("mo_saml_new_cert_test", true);
goto fJ;
Xa:
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "checked")) {
goto CR;
}
$N5 .= "SAMLRequest=" . $H9 . "&RelayState=" . urlencode($Ox);
if (empty($mQ)) {
goto rh;
}
$N5 .= "&userName=" . $mQ;
rh:
header("cache-control: max-age=0, private, no-store, no-cache, must-revalidate");
header("Location: " . $N5);
exit;
CR:
$H9 = "SAMLRequest=" . $H9 . "&RelayState=" . urlencode($Ox) . "&SigAlg=" . urlencode(XMLSecurityKey::RSA_SHA256);
$MO = array("type" => "private");
$W4 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $MO);
if ($_REQUEST["option"] == "testidpconfig" && isset($_REQUEST["newcert"])) {
goto B3;
}
$FV = get_option("mo_saml_current_cert_private_key");
goto rX;
B3:
$FV = file_get_contents(plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . "miniorange-sp-certificate-priv.key");
rX:
$W4->loadKey($FV, FALSE);
$wm = new XMLSecurityDSig();
$N4 = $W4->signData($H9);
$N4 = base64_encode($N4);
$N5 .= $H9 . "&Signature=" . urlencode($N4);
if (empty($mQ)) {
goto yU;
}
$N5 .= "&userName=" . $mQ;
yU:
header("cache-control: max-age=0, private, no-store, no-cache, must-revalidate");
header("Location: " . $N5);
exit;
fJ:
VD:
Wn:
if (empty($_REQUEST["SAMLResponse"])) {
goto OW;
}
if (!empty($_POST["RelayState"]) && $_POST["RelayState"] != "/") {
goto SH;
}
$j2 = '';
goto k3;
SH:
$j2 = $_POST["RelayState"];
k3:
$tB = get_option("mo_saml_sp_base_url");
if (!empty($tB)) {
goto lD;
}
$tB = home_url();
lD:
$hB = htmlspecialchars($_REQUEST["SAMLResponse"]);
$hB = base64_decode($hB);
if (!($j2 == "displaySAMLResponse")) {
goto QF;
}
mo_saml_show_SAML_log($hB, $j2);
QF:
if (empty($_GET["SAMLResponse"])) {
goto Yw;
}
$hB = gzinflate($hB);
Yw:
$lu = new DOMDocument();
$lu->loadXML($hB);
$w_ = $lu->firstChild;
$hU = $lu->documentElement;
$J9 = new DOMXpath($lu);
$J9->registerNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");
$J9->registerNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
if ($w_->localName == "LogoutResponse") {
goto Ob;
}
$G2 = $J9->query("/samlp:Response/samlp:Status/samlp:StatusCode", $hU);
$VD = $G2->item(0)->getAttribute("Value");
$Vy = $J9->query("/samlp:Response/samlp:Status/samlp:StatusMessage", $hU)->item(0);
if (empty($Vy)) {
goto Jl;
}
$Vy = $Vy->nodeValue;
Jl:
$hv = explode(":", $VD);
$G2 = $hv[7];
if (!empty($_POST["RelayState"]) && $_POST["RelayState"] != "/") {
goto FD;
}
$j2 = '';
goto qc;
FD:
$j2 = $_POST["RelayState"];
qc:
if (!($j2 == "testValidate" && !Mo_Saml_License_Utility::is_customer_license_valid())) {
goto hh;
}
wp_die("<b>[WPSAMLERR000]</b> We could not sign you in. Please contact your administrator with the mentioned error code.", "[WPSAMLERR000] Invalid License");
hh:
if (!($G2 != "Success")) {
goto VW;
}
show_status_error($G2, $j2, $Vy);
VW:
$Tn = maybe_unserialize(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::X509_certificate));
$re = $tB . "/";
update_option("mo_saml_response", base64_encode($hB));
if ($j2 == "testNewCertificate") {
goto E9;
}
$hB = new SAML2SPResponse($w_, get_option("mo_saml_current_cert_private_key"));
goto ZU;
E9:
$QU = file_get_contents(plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . "miniorange-sp-certificate-priv.key");
$hB = new SAML2SPResponse($w_, $QU);
ZU:
$xh = $hB->getSignatureData();
$LB = current($hB->getAssertions())->getSignatureData();
if (!(empty($LB) && empty($xh))) {
goto kE;
}
if ($j2 == "testValidate" or $j2 == "testNewCertificate") {
goto S2;
}
wp_die("We could not sign you in. Please contact administrator", "Error: Invalid SAML Response");
goto mn;
S2:
$ne = mo_options_error_constants::Error_no_certificate;
$bd = mo_options_error_constants::Cause_no_certificate;
echo "<div style="font-family:Calibri;padding:0 3%;">
\x9 \x9<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
\x9 \x9<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error :" . esc_html($ne) . " </strong></p>
\x9\x9
\x9 <p><strong>Possible Cause: " . esc_html($bd) . "</strong></p>\xa \x9 \x9
\x9 </div></div>";
mo_saml_download_logs($ne, $bd);
exit;
mn:
kE:
$vB = '';
if (is_array($Tn)) {
goto Oe;
}
$C1 = XMLSecurityKey::getRawThumbprint($Tn);
$C1 = mo_saml_convert_to_windows_iconv($C1);
$C1 = preg_replace("/\s+/", '', $C1);
if (empty($xh)) {
goto w1;
}
$vB = SAMLSPUtilities::processResponse($re, $C1, $xh, $hB, 0, $j2);
w1:
if (empty($LB)) {
goto e1;
}
$vB = SAMLSPUtilities::processResponse($re, $C1, $LB, $hB, 0, $j2);
e1:
goto iw;
Oe:
foreach ($Tn as $W4 => $tp) {
$C1 = XMLSecurityKey::getRawThumbprint($tp);
$C1 = mo_saml_convert_to_windows_iconv($C1);
$C1 = preg_replace("/\s+/", '', $C1);
if (empty($xh)) {
goto Ff;
}
$vB = SAMLSPUtilities::processResponse($re, $C1, $xh, $hB, $W4, $j2);
Ff:
if (empty($LB)) {
goto xO;
}
$vB = SAMLSPUtilities::processResponse($re, $C1, $LB, $hB, $W4, $j2);
xO:
if (!$vB) {
goto lK;
}
goto HC;
lK:
ib:
}
HC:
iw:
if ($xh) {
goto bp;
}
if ($LB) {
goto AT;
}
goto z1;
bp:
$eH = $xh["Certificates"][0];
goto z1;
AT:
$eH = $LB["Certificates"][0];
z1:
if ($vB) {
goto te;
}
if ($j2 == "testValidate" or $j2 == "testNewCertificate") {
goto kk;
}
wp_die("We could not sign you in. Please contact your administrator", "Error: Invalid SAML Response");
goto Ql;
kk:
$ne = mo_options_error_constants::Error_wrong_certificate;
$bd = mo_options_error_constants::Cause_wrong_certificate;
$ti = "-----BEGIN CERTIFICATE-----<br>" . chunk_split($eH, 64) . "<br>-----END CERTIFICATE-----";
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
\x9\x9<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong>Unable to find a certificate matching the configured fingerprint.</p>
\x9 <p>Please contact your administrator and report the following error:</p>\xa\x9 <p><strong>Possible Cause: </strong>'X.509 Certificate' field in plugin does not match the certificate found in SAML Response.</p>\xa\x9\x9 <p><strong>Certificate found in SAML Response: </strong><font face="Courier New";font-size:10pt><br><br>" . $ti . "</p></font>\xa\x9\x9 <p><strong>Solution: </strong></p>\xa <ol>
<li>Copy paste the certificate provided above in X509 Certificate under Service Provider Setup tab.</li>
<li>If issue persists disable <b>Character encoding</b> under Service Provder Setup tab.</li>\xa </ol>\x9
\x9\x9</div>\xa\x9\x9\x9\x9 <div style="margin:3%;display:block;text-align:center;">\xa \x9<div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
mo_saml_download_logs($ne, $bd);
exit;
Ql:
te:
$VS = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Issuer);
$jH = get_option("mo_saml_sp_entity_id");
if (!empty($jH)) {
goto y_;
}
$jH = $tB . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
y_:
SAMLSPUtilities::validateIssuerAndAudience($hB, $jH, $VS, $j2);
$BH = current(current($hB->getAssertions())->getNameId());
$lP = current($hB->getAssertions())->getAttributes();
$lP["NameID"] = array("0" => $BH);
$RR = current($hB->getAssertions())->getSessionIndex();
mo_saml_checkMapping($lP, $j2, $RR);
goto Cg;
Ob:
if (!isset($_REQUEST["RelayState"])) {
goto su;
}
$HI = $_REQUEST["RelayState"];
su:
$g3 = get_option("mo_saml_logout_relay_state");
if (empty($g3)) {
goto EK;
}
$HI = $g3;
EK:
if (!is_user_logged_in()) {
goto DR;
}
wp_destroy_current_session();
wp_clear_auth_cookie();
wp_set_current_user(0);
DR:
if (!empty($HI)) {
goto Yz;
}
$HI = home_url();
Yz:
header("Location: " . $HI);
exit;
Cg:
OW:
if (empty($_REQUEST["SAMLRequest"])) {
goto i2;
}
$H9 = htmlspecialchars($_REQUEST["SAMLRequest"]);
$j2 = "/";
if (empty($_REQUEST["RelayState"])) {
goto Qh;
}
$j2 = $_REQUEST["RelayState"];
Qh:
$H9 = base64_decode($H9);
if (empty($_GET["SAMLRequest"])) {
goto A5;
}
$H9 = gzinflate($H9);
A5:
$lu = new DOMDocument();
$lu->loadXML($H9);
$Je = $lu->firstChild;
if (!($Je->localName == "LogoutRequest")) {
goto pN;
}
$OG = new SAML2SPLogoutRequest($Je);
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto Wm;
}
session_start();
Wm:
$_SESSION["mo_saml_logout_request"] = $H9;
$_SESSION["mo_saml_logout_relay_state"] = $j2;
wp_redirect(htmlspecialchars_decode(wp_logout_url()));
exit;
pN:
i2:
}
function cldjkasjdksalc()
{
$NQ = plugin_dir_path(__FILE__);
$Sz = wp_upload_dir();
$se = home_url();
$se = trim($se, "/");
if (preg_match("#^http(s)?://#", $se)) {
goto zY;
}
$se = "http://" . $se;
zY:
$v2 = parse_url($se);
$if = preg_replace("/^www\./", '', $v2["host"]);
$hr = $if . "-" . $Sz["basedir"];
$XL = hash_hmac("sha256", $hr, "4DHfjgfjasndfsajfHGJ");
if (is_writable($NQ . "license")) {
goto TX;
}
$t7 = base64_decode("bGNkamthc2pka3NhY2w=");
$Mu = get_option($t7);
if (empty($Mu)) {
goto Hm;
}
$cT = str_rot13($Mu);
Hm:
goto VL;
TX:
$Mu = file_get_contents($NQ . "license");
if (!$Mu) {
goto Hh;
}
$cT = base64_encode($Mu);
Hh:
VL:
if (!empty($Mu)) {
goto Pu;
}
$Fm = base64_decode("TGljZW5zZSBGaWxlIG1pc3NpbmcgZnJvbSB0aGUgcGx1Z2luLg==");
wp_die($Fm);
Pu:
if (strpos($cT, $XL) !== false) {
goto qNX;
}
$or = new Customersaml();
$W4 = get_option("mo_saml_customer_token");
$NX = AESEncryption::decrypt_data(get_option("sml_lk"), $W4);
$iZ = $or->mo_saml_vl($NX, false);
if ($iZ) {
goto xx;
}
return;
xx:
$iZ = json_decode($iZ, true);
if (!empty($iZ["isTrial"])) {
goto NP;
}
update_option("mo_saml_tla", false);
goto C9O;
NP:
update_option("mo_saml_tla", $iZ["isTrial"]);
update_option("mo_saml_led", $iZ["licenseExpiryDate"]);
C9O:
if (!empty($iZ["status"]) and strcasecmp($iZ["status"], "SUCCESS") == 0) {
goto RgD;
}
$Ki = base64_decode("SW52YWxpZCBMaWNlbnNlIEZvdW5kLiBQbGVhc2UgY29udGFjdCB5b3VyIGFkbWluaXN0cmF0b3IgdG8gdXNlIHRoZSBjb3JyZWN0IGxpY2Vuc2UuIEZvciBtb3JlIGRldGFpbHMsIHByb3ZpZGUgdGhlIFJlZmVyZW5jZSBJRDogTU8yNDI4MTAyMTcwNSB0byB5b3VyIGFkbWluaXN0cmF0b3IgdG8gY2hlY2sgaXQgdW5kZXIgSGVscCAmIEZBUSB0YWIgaW4gdGhlIHBsdWdpbi4=");
$Ki = str_replace("Help & FAQ tab in", "FAQs section of", $Ki);
$NO = base64_decode("RXJyb3I6IEludmFsaWQgTGljZW5zZQ==");
wp_die($Ki, $NO);
goto CuX;
RgD:
$NQ = plugin_dir_path(__FILE__);
$se = home_url();
$se = trim($se, "/");
if (preg_match("#^http(s)?://#", $se)) {
goto ICW;
}
$se = "http://" . $se;
ICW:
$v2 = parse_url($se);
$if = preg_replace("/^www\./", '', $v2["host"]);
$Sz = wp_upload_dir();
$hr = $if . "-" . $Sz["basedir"];
$XL = hash_hmac("sha256", $hr, "4DHfjgfjasndfsajfHGJ");
$Id = djkasjdksa();
$oi = round(strlen($Id) / rand(2, 20));
$Id = substr_replace($Id, $XL, $oi, 0);
$Lp = base64_decode($Id);
if (is_writable($NQ . "license")) {
goto iXi;
}
$Id = str_rot13($Id);
$t7 = base64_decode("bGNkamthc2pka3NhY2w=");
update_option($t7, $Id);
goto LBV;
iXi:
file_put_contents($NQ . "license", $Lp);
LBV:
return true;
CuX:
goto Z7M;
qNX:
return true;
Z7M:
}
function djkasjdksa()
{
$AB = "!~@#$%^&*()_+|{}<>?0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
$OP = strlen($AB);
$u3 = '';
$mJ = 0;
h8M:
if (!($mJ < 10000)) {
goto zfD;
}
$u3 .= $AB[rand(0, $OP - 1)];
j0R:
$mJ++;
goto h8M;
zfD:
return $u3;
}
function mo_saml_show_SAML_log($Je, $f0)
{
header("Content-Type: text/html");
$hU = new DOMDocument();
$hU->preserveWhiteSpace = false;
$hU->formatOutput = true;
$hU->loadXML($Je);
if ($f0 == "displaySAMLRequest") {
goto blh;
}
$Fq = "SAML Response";
goto iQb;
blh:
$Fq = "SAML Request";
iQb:
$Ju = $hU->saveXML();
$Od = htmlentities($Ju);
$Od = rtrim($Od);
$Wp = simplexml_load_string($Ju);
$HQ = json_encode($Wp);
$bO = json_decode($HQ);
$hc = plugins_url("includes/css/style_settings.css?ver=4.8.40", __FILE__);
echo "<link rel='stylesheet' id='mo_saml_admin_settings_style-css' href='" . $hc . "' type='text/css' media='all' />\xa
\x9 \x9<div class="mo-display-logs" ><p type="text" id="SAML_type">" . $Fq . "</p></div>
\x9 \x9\xa\x9\x9\x9<div type="text" id="SAML_display" class="mo-display-block"><pre class='brush: xml;'>" . $Od . "</pre></div>
\x9\x9\x9<br>
<div style="margin:3%;display:block;text-align:center;">
\xa\x9 <div style="margin:3%;display:block;text-align:center;" >
\xa </div>
<button id="copy" onclick="copyDivToClipboard()" style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;" >Copy</button>\xa\x9 \x9 \xa <input id="dwn-btn" style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Download"
">
\x9\x9\x9</div>\xa </div>
\x9 \x9
\x9 \xa \x9";
ob_end_flush();
echo "
\x9<script>\xa\xa function copyDivToClipboard() {
var aux = document.createElement("input");
aux.setAttribute("value", document.getElementById("SAML_display").textContent);
document.body.appendChild(aux);\xa aux.select();\xa document.execCommand("copy");
document.body.removeChild(aux);\xa document.getElementById('copy').textContent = "Copied";\xa document.getElementById('copy').style.background = "grey";
window.getSelection().selectAllChildren( document.getElementById( "SAML_display" ) );\xa
}\xa\xa function download(filename, text) {
var element = document.createElement('a');
element.setAttribute('href', 'data:Application/octet-stream;charset=utf-8,' + encodeURIComponent(text));
element.setAttribute('download', filename);
\xa element.style.display = 'none';
document.body.appendChild(element);\xa\xa element.click();\xa\xa document.body.removeChild(element);\xa }\xa
document.getElementById("dwn-btn").addEventListener("click", function () {
\xa var filename = document.getElementById("SAML_type").textContent+".xml";\xa var node = document.getElementById("SAML_display");
htmlContent = node.innerHTML;
text = node.textContent;
console.log(text);
download(filename, text);
}, false);
\xa\xa\xa
</script>\xa";
exit;
}
function mo_saml_checkMapping($lP, $j2, $RR)
{
try {
$YV = get_option("saml_am_email");
$Go = get_option("saml_am_username");
$qn = get_option("saml_am_first_name");
$mp = get_option("saml_am_last_name");
$sD = get_option("saml_am_group_name");
$Sb = get_option("saml_am_default_user_role");
$Oa = get_option("saml_am_dont_allow_unlisted_user_role");
$m5 = get_option("saml_am_account_matcher");
$MA = '';
$cc = '';
if (empty($lP)) {
goto Mra;
}
if (!empty($lP[$qn])) {
goto Z4Z;
}
$qn = '';
goto WeH;
Z4Z:
$qn = $lP[$qn][0];
WeH:
if (!empty($lP[$mp])) {
goto l2R;
}
$mp = '';
goto yDK;
l2R:
$mp = $lP[$mp][0];
yDK:
if (!empty($lP[$Go])) {
goto Lfo;
}
$cc = $lP["NameID"][0];
goto Q7U;
Lfo:
$cc = $lP[$Go][0];
Q7U:
if (!empty($lP[$YV])) {
goto C2N;
}
$MA = $lP["NameID"][0];
goto qqM;
C2N:
$MA = $lP[$YV][0];
qqM:
if (!empty($lP[$sD])) {
goto Rpk;
}
$sD = array();
goto gVd;
Rpk:
$sD = $lP[$sD];
gVd:
if (!empty($m5)) {
goto nDM;
}
$m5 = "email";
nDM:
Mra:
if ($j2 == "testValidate") {
goto Mzl;
}
if ($j2 == "testNewCertificate") {
goto l6N;
}
mo_saml_login_user($MA, $qn, $mp, $cc, $sD, $Oa, $Sb, $j2, $m5, $RR, $lP["NameID"][0], $lP);
goto FpT;
Mzl:
update_option("mo_saml_test", "Test successful");
mo_saml_show_test_result($qn, $mp, $MA, $sD, $lP, $j2);
goto FpT;
l6N:
update_option("mo_saml_test_new_cert", "Test successful");
mo_saml_show_test_result($qn, $mp, $MA, $sD, $lP, $j2);
FpT:
} catch (Exception $u6) {
echo sprintf("An error occurred while processing the SAML Response.");
exit;
}
}
function mo_saml_show_test_result($qn, $mp, $MA, $sD, $lP, $j2)
{
echo "<div style="font-family:Calibri;padding:0 3%;">";
if (!empty($MA)) {
goto VJJ;
}
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;">TEST FAILED</div>
\x9 \x9 <div style="color: #a94442;font-size:14pt; margin-bottom:20px;">WARNING: Some Attributes Did Not Match.</div>
\x9 \x9\x9<div style="display:block;text-align:center;margin-bottom:4%;"><img style="width:15%;"src="" . plugin_dir_url(__FILE__) . "images/wrong.png"></div>";
goto L__;
VJJ:
update_option("mo_saml_test_config_attrs", $lP);
echo "<div style="color: #3c763d;\xa background-color: #dff0d8; padding:2%;margin-bottom:20px;text-align:center; border:1px solid #AEDB9A; font-size:18pt;">TEST SUCCESSFUL</div>\xa \x9 <div style="display:block;text-align:center;margin-bottom:4%;"><img style="width:15%;"src="" . plugin_dir_url(__FILE__) . "images/green_check.png"></div>";
L__:
$yn = get_option("mo_saml_enable_domain_restriction_login");
$N2 = $j2 == "testNewCertificate" ? "display:none" : '';
if (!$yn) {
goto QR_;
}
$Ii = get_option("mo_saml_allow_deny_user_with_domain");
if (!empty($Ii) && $Ii == "deny") {
goto W7X;
}
$rQ = get_option("saml_am_email_domains");
$rk = explode(";", $rQ);
$QQ = explode("@", $MA);
$TH = !empty($QQ[1]) ? $QQ[1] : '';
if (in_array($TH, $rk)) {
goto RpO;
}
echo "<p style="color:red;">This user will not be allowed to login as the domain of the email is not included in the allowed list of Domain Restriction.</p>";
RpO:
goto v5_;
W7X:
$rQ = get_option("saml_am_email_domains");
$rk = explode(";", $rQ);
$QQ = explode("@", $MA);
$TH = !empty($QQ[1]) ? $QQ[1] : '';
if (!in_array($TH, $rk)) {
goto nMH;
}
echo "<p style="color:red;">This user will not be allowed to login as the domain of the email is included in the denied list of Domain Restriction.</p>";
nMH:
v5_:
QR_:
$Y9 = get_option("saml_am_username");
if (empty($lP[$Y9])) {
goto EQK;
}
$zq = $lP[$Y9][0];
if (!(strlen($zq) > 60)) {
goto j4A;
}
echo "<p style="color:red;">NOTE : This user will not be able to login as the username value is more than 60 characters long.<br/>
\x9 Please try changing the mapping of Username field in <a href="#" onClick="close_and_redirect();">Attribute/Role Mapping</a> tab.</p>";
j4A:
EQK:
echo "<span style="font-size:14pt;"><b>Hello</b>, " . $MA . "</span><br/><p style="font-weight:bold;font-size:14pt;margin-left:1%;">ATTRIBUTES RECEIVED:</p>
\x9\x9 <table style="border-collapse:collapse;border-spacing:0; display:table;width:100%; font-size:14pt;background-color:#EDEDED;">\xa\x9 <tr style="text-align:center;"><td style="font-weight:bold;border:2px solid #949090;padding:2%;">ATTRIBUTE NAME</td><td style="font-weight:bold;padding:2%;border:2px solid #949090; word-wrap:break-word;">ATTRIBUTE VALUE</td></tr>";
if (!empty($lP)) {
goto N_C;
}
echo "No Attributes Received.";
goto anW;
N_C:
foreach ($lP as $W4 => $tp) {
echo "<tr><td style='font-weight:bold;border:2px solid #949090;padding:2%;'>" . $W4 . "</td><td style='padding:2%;border:2px solid #949090; word-wrap:break-word;'>" . implode("<hr/>", $tp) . "</td></tr>";
qyd:
}
h_q:
anW:
echo "</table></div>";
echo "<div style="margin:3%;display:block;text-align:center;">
<input style="padding:1%;width:250px;background: #0091CD none repeat scroll 0% 0%;\xa\x9\x9cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space:
\x9\x9 nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;" . $N2 . ""\xa type="button" value="Configure Attribute/Role Mapping" onClick="close_and_redirect();">
\xa \x9<input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>
\x9\x9
\x9<script>\xa function close_and_redirect(){\xa window.opener.redirect_to_attribute_mapping();
self.close();
} \xa\xa\x9\x9</script>";
exit;
}
function mo_saml_convert_to_windows_iconv($C1)
{
$xC = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Is_encoding_enabled);
if (!($xC === "checked")) {
goto YTw;
}
return iconv("UTF-8", "CP1252//IGNORE", $C1);
YTw:
return $C1;
}
function mo_saml_login_user($MA, $qn, $mp, $cc, $sD, $Oa, $Sb, $j2, $m5, $RR = '', $aL = '', $lP = null)
{
do_action("mo_abr_filter_login", $lP, $aL, $RR);
check_if_user_allowed_to_login_due_to_role_restriction($sD);
$tB = get_option("mo_saml_sp_base_url");
if (!empty($tB)) {
goto PML;
}
$tB = home_url();
PML:
mo_saml_restrict_users_based_on_domain($MA);
$cc = mo_saml_sanitize_username($cc);
if (!(strlen($cc) > 60)) {
goto kp6;
}
wp_die("We could not sign you in. Please contact your administrator.", "Error : Username length limit reached");
exit;
kp6:
$Zs = array("idp_name" => get_option("saml_identity_name"));
$G8 = get_option("mo_allow_existing_user_login");
if (username_exists($cc) || email_exists($MA)) {
goto fuX;
}
if (Mo_Saml_License_Utility::is_customer_license_valid()) {
goto UMp;
}
wp_die("<b>[WPSAMLERR000]</b> We could not sign you in. Please contact your administrator with the mentioned error code.", "Error : [WPSAMLERR000] Invalid License");
UMp:
do_action("mo_guest_login", $aL, $RR, $Zs);
$n4 = get_option("saml_am_role_mapping");
$n4 = maybe_unserialize($n4);
$oG = true;
$Aa = get_option("mo_saml_dont_create_user_if_role_not_mapped");
if (!(!empty($Aa) && strcmp($Aa, "checked") == 0)) {
goto itm;
}
$Is = is_role_mapping_configured_for_user($n4, $sD);
$oG = $Is;
itm:
if ($oG === true) {
goto pRr;
}
$gp = get_option("mo_saml_account_creation_disabled_msg");
if (!empty($gp)) {
goto o5S;
}
$gp = "We could not sign you in. Please contact your Administrator.";
o5S:
wp_die($gp, "Error: Not a WordPress Member");
exit;
goto d6a;
pRr:
$P9 = wp_generate_password(10, false);
if (!empty($cc)) {
goto LEc;
}
$kP = wp_create_user($MA, $P9, $MA);
goto rdU;
LEc:
$kP = wp_create_user($cc, $P9, $MA);
rdU:
if (!is_wp_error($kP)) {
goto s2_;
}
wp_die($kP->get_error_message() . "<br>Please contact your Administrator.<br><b>Username</b>: " . $MA, "Error: Couldn't create user");
s2_:
$user = get_user_by("id", $kP);
$of = assign_roles_to_user($user, $n4, $sD);
if ($of !== true && !empty($Oa) && $Oa == "checked") {
goto gyh;
}
if ($of !== true && !empty($Sb)) {
goto VLq;
}
if ($of !== true) {
goto wO5;
}
goto kmZ;
gyh:
$JG = wp_update_user(array("ID" => $kP, "role" => false));
goto kmZ;
VLq:
$JG = wp_update_user(array("ID" => $kP, "role" => $Sb));
goto kmZ;
wO5:
$Sb = get_option("default_role");
$JG = wp_update_user(array("ID" => $kP, "role" => $Sb));
kmZ:
mo_saml_map_attributes($user, $qn, $mp, $lP);
mo_saml_set_auth_cookie($user, $RR, $aL, true);
do_action("mo_saml_attributes", $cc, $MA, $qn, $mp, $sD);
d6a:
goto FBF;
fuX:
if (!($G8 != "true")) {
goto zh4;
}
do_action("mo_guest_login", $aL, $RR, $Zs);
zh4:
if (username_exists($cc)) {
goto e_1;
}
if (!email_exists($MA)) {
goto pN6;
}
$user = get_user_by("email", $MA);
$kP = $user->ID;
pN6:
goto J7i;
e_1:
$user = get_user_by("login", $cc);
$kP = $user->ID;
if (!(!empty($MA) && is_email($MA))) {
goto FKG;
}
$JG = wp_update_user(array("ID" => $kP, "user_email" => $MA));
FKG:
J7i:
if (!(!Mo_Saml_License_Utility::is_customer_license_valid() && !is_administrator_user($user))) {
goto f0t;
}
wp_die("<b>[WPSAMLERR000]</b> We could not sign you in. Please contact your administrator with the mentioned error code.", "Error : [WPSAMLERR000] Invalid License");
f0t:
mo_saml_map_attributes($user, $qn, $mp, $lP);
$n4 = maybe_unserialize(get_option("saml_am_role_mapping"));
$UW = get_option("saml_am_dont_update_existing_user_role");
if (!(empty($UW) || $UW != "checked")) {
goto T24;
}
$of = assign_roles_to_user($user, $n4, $sD);
$k_ = get_option("saml_am_update_admin_users_role");
if ($of !== true && !is_administrator_user($user) && !empty($Oa) && $Oa == "checked") {
goto XZ5;
}
if ($of !== true && !is_administrator_user($user) && !empty($Sb)) {
goto L5a;
}
if ($of !== true && is_administrator_user($user) && !empty($k_) && $k_ == "checked" && !empty($Oa) && $Oa == "checked") {
goto Pzq;
}
if ($of !== true && is_administrator_user($user) && !empty($k_) && $k_ == "checked" && !empty($Sb)) {
goto eQS;
}
goto jp6;
XZ5:
$JG = wp_update_user(array("ID" => $kP, "role" => false));
goto jp6;
L5a:
$JG = wp_update_user(array("ID" => $kP, "role" => $Sb));
goto jp6;
Pzq:
$JG = wp_update_user(array("ID" => $kP, "role" => false));
goto jp6;
eQS:
$JG = wp_update_user(array("ID" => $kP, "role" => $Sb));
jp6:
T24:
mo_saml_set_auth_cookie($user, $RR, $aL);
do_action("mo_saml_attributes", $cc, $MA, $qn, $mp, $sD);
FBF:
mo_saml_post_login_redirection($j2, $tB);
}
function mo_saml_sanitize_username($cc)
{
$Aq = sanitize_user($cc, true);
$PA = apply_filters("pre_user_login", $Aq);
$cc = trim($PA);
return $cc;
}
function mo_saml_restrict_users_based_on_domain($MA)
{
$yn = get_option("mo_saml_enable_domain_restriction_login");
if (!$yn) {
goto IV7;
}
$rQ = get_option("saml_am_email_domains");
$rk = explode(";", $rQ);
$QQ = explode("@", $MA);
$TH = !empty($QQ[1]) ? $QQ[1] : '';
$Ii = get_option("mo_saml_allow_deny_user_with_domain");
$gp = get_option("mo_saml_restricted_domain_error_msg");
if (!empty($gp)) {
goto US6;
}
$gp = "You are not allowed to login. Please contact your Administrator.";
US6:
if (!empty($Ii) && $Ii == "deny") {
goto hJy;
}
if (in_array($TH, $rk)) {
goto FJ_;
}
wp_die($gp, "Permission Denied : Not a Whitelisted user.");
FJ_:
goto WzC;
hJy:
if (!in_array($TH, $rk)) {
goto uwS;
}
wp_die($gp, "Permission Denied : Blacklisted user.");
uwS:
WzC:
IV7:
}
function mo_saml_map_attributes($user, $qn, $mp, $lP)
{
mo_saml_map_basic_attributes($user, $qn, $mp, $lP);
mo_saml_map_custom_attributes($user, $lP);
}
function mo_saml_map_basic_attributes($user, $qn, $mp, $lP)
{
$kP = $user->ID;
if (empty($qn)) {
goto aGT;
}
$JG = wp_update_user(array("ID" => $kP, "first_name" => $qn));
aGT:
if (empty($mp)) {
goto SHq;
}
$JG = wp_update_user(array("ID" => $kP, "last_name" => $mp));
SHq:
if (is_null($lP)) {
goto tfT;
}
update_user_meta($kP, "mo_saml_user_attributes", $lP);
$Zm = get_option("saml_am_display_name");
if (empty($Zm)) {
goto SSP;
}
if (strcmp($Zm, "USERNAME") == 0) {
goto itO;
}
if (strcmp($Zm, "FNAME") == 0 && !empty($qn)) {
goto pdU;
}
if (strcmp($Zm, "LNAME") == 0 && !empty($mp)) {
goto TzV;
}
if (strcmp($Zm, "FNAME_LNAME") == 0 && !empty($mp) && !empty($qn)) {
goto rcT;
}
if (!(strcmp($Zm, "LNAME_FNAME") == 0 && !empty($mp) && !empty($qn))) {
goto tFG;
}
$JG = wp_update_user(array("ID" => $kP, "display_name" => $mp . " " . $qn));
tFG:
goto TWX;
rcT:
$JG = wp_update_user(array("ID" => $kP, "display_name" => $qn . " " . $mp));
TWX:
goto YSO;
TzV:
$JG = wp_update_user(array("ID" => $kP, "display_name" => $mp));
YSO:
goto W1O;
pdU:
$JG = wp_update_user(array("ID" => $kP, "display_name" => $qn));
W1O:
goto cYT;
itO:
$JG = wp_update_user(array("ID" => $kP, "display_name" => $user->user_login));
cYT:
SSP:
tfT:
}
function mo_saml_map_custom_attributes($user, $lP)
{
$kP = $user->ID;
if (!get_option("mo_saml_custom_attrs_mapping")) {
goto b1i;
}
$z7 = maybe_unserialize(get_option("mo_saml_custom_attrs_mapping"));
foreach ($z7 as $W4 => $tp) {
if (empty($lP[$tp])) {
goto G48;
}
$oR = false;
if (!(count($lP[$tp]) == 1)) {
goto CTh;
}
$oR = true;
CTh:
if (!$oR) {
goto RmX;
}
update_user_meta($kP, $W4, $lP[$tp][0]);
goto r4N;
RmX:
$LY = array();
foreach ($lP[$tp] as $P3) {
array_push($LY, $P3);
JhN:
}
c6j:
update_user_meta($kP, $W4, $LY);
r4N:
G48:
rLi:
}
CCz:
b1i:
}
function mo_saml_set_auth_cookie($user, $RR, $aL, $gQ = false)
{
$kP = $user->ID;
wp_set_current_user($kP);
$RO = false;
$RO = apply_filters("mo_remember_me", $RO);
wp_set_auth_cookie($kP, $RO);
if (empty($RR)) {
goto jqQ;
}
update_user_meta($kP, "mo_saml_session_index", $RR);
jqQ:
if (empty($aL)) {
goto EKP;
}
update_user_meta($kP, "mo_saml_name_id", $aL);
EKP:
setcookie("logged_in_with_idp", base64_encode($RR . true));
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto ecJ;
}
session_start();
ecJ:
$_SESSION["mo_saml"]["logged_in_with_idp"] = TRUE;
if (!$gQ) {
goto fY8;
}
do_action("user_register", $kP);
fY8:
do_action("wp_login", $user->user_login, $user);
}
function mo_saml_post_login_redirection($j2, $tB)
{
$j2 = htmlspecialchars_decode($j2);
$Ch = get_option("mo_saml_relay_state");
if (!empty($Ch)) {
goto LMB;
}
if (empty($j2)) {
goto pgy;
}
$EX = '';
if (!get_option("mo_saml_send_absolute_relay_state")) {
goto WpJ;
}
$PR = get_option("mo_saml_customer_token");
$EX = AESEncryption::decrypt_data($j2, $PR);
WpJ:
if (!empty($EX)) {
goto Uju;
}
if (filter_var($j2, FILTER_VALIDATE_URL) === FALSE) {
goto Lu4;
}
if (strpos($j2, home_url()) !== false) {
goto rGL;
}
$Cr = htmlspecialchars_decode($tB);
goto B8O;
rGL:
$Cr = htmlspecialchars_decode($j2);
B8O:
goto jTS;
Uju:
$Cr = htmlspecialchars_decode($EX);
goto jTS;
Lu4:
$Cr = htmlspecialchars_decode($j2);
jTS:
pgy:
goto rlC;
LMB:
$Cr = htmlspecialchars_decode($Ch);
rlC:
if (!empty($Cr)) {
goto Gmz;
}
$Cr = htmlspecialchars_decode($tB);
Gmz:
wp_redirect($Cr);
exit;
}
function check_if_user_allowed_to_login_due_to_role_restriction($sD)
{
$an = get_option("saml_am_dont_allow_user_tologin_create_with_given_groups");
if (!($an == "checked")) {
goto noB;
}
if (empty($sD)) {
goto Pzi;
}
$j0 = get_option("mo_saml_restrict_users_with_groups");
$PW = explode(";", $j0);
foreach ($PW as $zf) {
foreach ($sD as $CL) {
$CL = trim($CL);
if (!(!empty($CL) && $CL == $zf)) {
goto oes;
}
wp_die("You are not authorized to login. Please contact your administrator.", "Error");
oes:
EdH:
}
Zys:
LrC:
}
Boo:
Pzi:
noB:
}
function assign_roles_to_user($user, $n4, $sD)
{
$of = false;
if (!(!empty($sD) && !empty($n4) && !is_administrator_user($user))) {
goto qBo;
}
$user->set_role(false);
$B6 = '';
$h4 = false;
foreach ($n4 as $vF => $bI) {
$PW = explode(";", $bI);
foreach ($PW as $zf) {
foreach ($sD as $CL) {
$CL = trim($CL);
if (!(!empty($CL) && $CL == $zf)) {
goto bpL;
}
$of = true;
$user->add_role($vF);
bpL:
WfZ:
}
KyB:
NZ2:
}
zZR:
yec:
}
lSj:
qBo:
return $of;
}
function is_role_mapping_configured_for_user($n4, $sD)
{
if (!(!empty($sD) && !empty($n4))) {
goto iTZ;
}
foreach ($n4 as $vF => $bI) {
$PW = explode(";", $bI);
foreach ($PW as $zf) {
foreach ($sD as $CL) {
$CL = trim($CL);
if (!(!empty($CL) && $CL == $zf)) {
goto u9W;
}
return true;
u9W:
zjH:
}
VzU:
qxe:
}
Dne:
xwc:
}
KVE:
iTZ:
return false;
}
function is_administrator_user($user)
{
$x5 = $user->roles;
if (!is_null($x5) && in_array("administrator", $x5, TRUE)) {
goto ffV;
}
return false;
goto cIZ;
ffV:
return true;
cIZ:
}
function mo_saml_is_customer_registered()
{
$Uw = get_option("mo_saml_admin_email");
$MH = get_option("mo_saml_admin_customer_key");
if (!$Uw || !$MH || !is_numeric(trim($MH))) {
goto Kzy;
}
return 1;
goto sT8;
Kzy:
return 0;
sT8:
}
function saml_get_current_page_url()
{
$Py = $_SERVER["HTTP_HOST"];
if (!(substr($Py, -1) == "/")) {
goto Y0L;
}
$Py = substr($Py, 0, -1);
Y0L:
$hT = $_SERVER["REQUEST_URI"];
if (!(substr($hT, 0, 1) == "/")) {
goto w5E;
}
$hT = substr($hT, 1);
w5E:
$cF = !empty($_SERVER["HTTPS"]) && strcasecmp($_SERVER["HTTPS"], "on") == 0;
$HI = "http" . ($cF ? "s" : '') . "://" . $Py . "/" . $hT;
return $HI;
}
function show_status_error($Qz, $j2, $SN)
{
$Qz = strip_tags($Qz);
$SN = strip_tags($SN);
if ($j2 == "testValidate" or $j2 == "testNewCertificate") {
goto o1t;
}
wp_die("We could not sign you in. Please contact your Administrator.", "Error: Invalid SAML Response Status");
goto ayC;
o1t:
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong> Invalid SAML Response Status.</p>
<p><strong>Causes</strong>: Identity Provider has sent '" . esc_html($Qz) . "' status code in SAML Response. </p>
\x9\x9\x9\x9<p><strong>Reason</strong>: " . get_status_message(esc_html($Qz)) . "</p> ";
if (empty($SN)) {
goto ATy;
}
echo "<p><strong>Status Message in the SAML Response:</strong> <br/>" . esc_html($SN) . "</p>";
ATy:
echo "<br>\xa </div>
\xa <div style="margin:3%;display:block;text-align:center;">\xa <div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
exit;
ayC:
}
function addLink($Fl, $nC)
{
$eT = "<a href="" . $nC . "">" . $Fl . "</a>";
return $eT;
}
function get_status_message($Qz)
{
switch ($Qz) {
case "Requester":
return "The request could not be performed due to an error on the part of the requester.";
goto h3H;
case "Responder":
return "The request could not be performed due to an error on the part of the SAML responder or SAML authority.";
goto h3H;
case "VersionMismatch":
return "The SAML responder could not process the request because the version of the request message was incorrect.";
goto h3H;
default:
return "Unknown";
}
vLH:
h3H:
}
function mo_saml_register_widget()
{
register_widget("mo_login_wid");
}
function mo_saml_get_relay_state($HI)
{
if (!($HI == "testValidate" || $HI == "testNewCertificate")) {
goto VKL;
}
return $HI;
VKL:
if (get_option("mo_saml_send_absolute_relay_state")) {
goto ufj;
}
$QA = parse_url($HI, PHP_URL_PATH);
if (!parse_url($HI, PHP_URL_QUERY)) {
goto cJy;
}
$Ew = parse_url($HI, PHP_URL_QUERY);
$QA = $QA . "?" . $Ew;
cJy:
if (!parse_url($HI, PHP_URL_FRAGMENT)) {
goto AhF;
}
$Eq = parse_url($HI, PHP_URL_FRAGMENT);
$QA = $QA . "#" . $Eq;
AhF:
goto ehl;
ufj:
$PR = get_option("mo_saml_customer_token");
$QA = AESEncryption::encrypt_data($HI, $PR);
ehl:
return $QA;
}
add_action("widgets_init", "mo_saml_register_widget");
add_action("init", "mo_login_validate");
?>Did this file decode correctly?
Original Code
<?php
include_once dirname(__FILE__) . '/Utilities.php';
include_once dirname(__FILE__) . '/Response.php';
include_once dirname(__FILE__) . '/LogoutRequest.php';
include_once 'xmlseclibs.php';
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
if (class_exists("\x41\x45\123\x45\x6e\x63\x72\x79\x70\164\x69\157\x6e")) {
goto uT;
}
require_once dirname(__FILE__) . '/includes/lib/encryption.php';
uT:
class mo_login_wid extends WP_Widget
{
public function __construct()
{
$Pv = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Identity_name);
parent::__construct("\x53\x61\x6d\x6c\137\114\157\x67\x69\x6e\137\127\x69\144\147\x65\164", "\x4c\x6f\147\x69\x6e\x20\x77\x69\164\150\x20" . $Pv, array("\144\x65\163\143\x72\x69\160\x74\151\x6f\156" => __("\x54\x68\x69\163\x20\151\163\40\x61\40\155\151\156\x69\x4f\162\141\156\147\145\40\123\x41\x4d\114\x20\154\x6f\147\x69\156\x20\167\x69\144\x67\145\x74\x2e", "\x6d\157\163\141\155\x6c")));
}
public function widget($gB, $oy)
{
extract($gB);
$mj = '';
if (empty($oy["\x77\151\x64\137\164\x69\164\154\x65"])) {
goto uy;
}
$mj = apply_filters("\167\151\x64\147\x65\x74\137\164\x69\x74\x6c\x65", $oy["\x77\x69\x64\137\164\x69\x74\154\145"]);
uy:
echo $gB["\142\x65\x66\x6f\162\145\137\x77\x69\x64\x67\145\164"];
if (empty($mj)) {
goto ab;
}
echo $gB["\142\x65\x66\157\x72\145\x5f\164\x69\164\x6c\145"] . $mj . $gB["\141\146\x74\x65\x72\x5f\164\x69\164\154\x65"];
ab:
$this->loginForm();
echo $gB["\x61\x66\164\x65\x72\x5f\x77\151\144\x67\145\164"];
}
public function update($zo, $aC)
{
$oy = array();
$oy["\x77\x69\144\137\x74\151\x74\x6c\x65"] = strip_tags($zo["\x77\151\x64\137\164\x69\x74\x6c\145"]);
return $oy;
}
public function form($oy)
{
$mj = '';
if (empty($oy["\x77\151\144\137\x74\151\164\154\145"])) {
goto fG;
}
$mj = $oy["\x77\151\x64\137\164\151\x74\x6c\145"];
fG:
echo "\12\11\11\74\160\76\x3c\154\141\142\x65\x6c\x20\x66\157\x72\x3d\x22" . $this->get_field_id("\x77\x69\x64\137\x74\151\164\154\x65") . "\40\42\76" . _e("\x54\151\164\154\x65\x3a") . "\40\x3c\57\154\x61\142\x65\154\76\12\x9\x9\74\x69\156\160\x75\x74\40\143\154\141\163\163\75\42\x77\x69\x64\x65\x66\141\x74\x22\x20\151\x64\75\42" . $this->get_field_id("\x77\151\x64\137\164\x69\x74\x6c\145") . "\x22\40\x6e\141\155\145\x3d\x22" . $this->get_field_name("\167\x69\x64\x5f\x74\x69\164\154\x65") . "\x22\x20\164\171\x70\x65\x3d\42\164\x65\x78\x74\x22\40\x76\x61\x6c\165\145\x3d\42" . $mj . "\42\x20\x2f\76\xa\11\11\x3c\57\160\76";
}
public function loginForm()
{
global $post;
$bY = SAMLSPUtilities::mo_saml_is_user_logged_in();
if (!$bY) {
goto uJ;
}
$current_user = wp_get_current_user();
$Xx = "\x48\145\154\x6c\x6f\54";
if (!get_option("\155\157\x5f\163\x61\155\154\x5f\143\165\163\164\x6f\155\x5f\147\x72\x65\x65\x74\151\156\x67\x5f\x74\x65\170\x74")) {
goto X7;
}
$Xx = get_option("\x6d\157\x5f\x73\141\x6d\154\137\143\165\x73\x74\157\155\137\x67\162\x65\x65\164\151\x6e\x67\137\164\x65\170\x74");
X7:
$f6 = '';
if (!get_option("\155\x6f\x5f\x73\x61\155\154\137\147\162\145\145\164\x69\x6e\x67\137\156\x61\x6d\x65")) {
goto EE;
}
switch (get_option("\x6d\157\137\x73\x61\x6d\154\137\147\x72\x65\145\164\x69\156\x67\137\x6e\141\x6d\145")) {
case "\x55\123\x45\x52\116\x41\115\x45":
$f6 = $current_user->user_login;
goto Dd;
case "\x45\115\101\x49\x4c":
$f6 = $current_user->user_email;
goto Dd;
case "\x46\x4e\x41\x4d\x45":
$f6 = $current_user->user_firstname;
goto Dd;
case "\114\x4e\101\x4d\105":
$f6 = $current_user->user_lastname;
goto Dd;
case "\106\x4e\101\115\x45\137\x4c\x4e\101\115\105":
$f6 = $current_user->user_firstname . "\x20" . $current_user->user_lastname;
goto Dd;
case "\114\x4e\x41\x4d\x45\x5f\106\x4e\101\115\105":
$f6 = $current_user->user_lastname . "\x20" . $current_user->user_firstname;
goto Dd;
default:
$f6 = $current_user->user_login;
}
E5:
Dd:
EE:
$f6 = trim($f6);
if (!empty($f6)) {
goto gl;
}
$f6 = $current_user->user_login;
gl:
$wk = $Xx . "\40" . $f6;
$iV = "\x4c\x6f\x67\x6f\165\164";
if (!get_option("\155\x6f\137\163\141\x6d\x6c\x5f\x63\x75\163\x74\x6f\x6d\137\154\157\x67\x6f\x75\x74\x5f\x74\x65\170\x74")) {
goto Wg;
}
$iV = get_option("\155\157\x5f\x73\x61\155\154\137\x63\x75\x73\x74\157\x6d\137\154\x6f\x67\x6f\x75\x74\x5f\x74\145\170\164");
Wg:
echo $wk . "\40\174\40\x3c\141\40\x68\162\145\x66\75\x22" . wp_logout_url(home_url()) . "\x22\40\x74\151\164\x6c\145\75\42\154\157\147\157\165\x74\x22\40\76" . $iV . "\x3c\x2f\x61\76\x3c\x2f\x6c\151\76";
goto NV;
uJ:
$yg = saml_get_current_page_url();
echo "\12\x9\11\x3c\x73\x63\162\x69\160\x74\76\12\11\11\x66\x75\x6e\143\164\x69\157\x6e\x20\163\x75\x62\155\x69\x74\123\141\x6d\x6c\x46\x6f\x72\155\50\51\x7b\x20\144\157\143\x75\x6d\145\x6e\164\x2e\147\145\164\x45\x6c\x65\155\x65\x6e\x74\102\x79\x49\x64\50\42\155\151\156\151\x6f\162\141\156\147\x65\55\163\141\155\154\x2d\163\x70\x2d\x73\x73\157\x2d\x6c\157\x67\x69\156\55\146\x6f\162\155\42\51\x2e\x73\x75\142\x6d\x69\164\x28\x29\73\x20\175\12\11\x9\x3c\57\x73\x63\x72\151\x70\x74\x3e\xa\11\11\74\x66\x6f\162\x6d\x20\156\x61\155\145\x3d\42\x6d\151\156\x69\157\162\x61\156\147\x65\x2d\163\x61\155\154\55\x73\160\55\x73\x73\x6f\x2d\154\x6f\x67\151\156\55\146\157\162\155\42\40\x69\x64\x3d\42\x6d\151\156\151\x6f\162\x61\x6e\x67\145\55\163\x61\155\154\x2d\163\x70\x2d\163\163\157\x2d\154\x6f\147\x69\x6e\x2d\146\157\x72\x6d\x22\40\x6d\x65\164\150\157\144\x3d\42\x70\157\163\164\x22\40\x61\x63\x74\151\x6f\156\x3d\42\42\76\12\11\11\x3c\x69\156\x70\165\164\x20\x74\171\160\x65\x3d\42\150\151\144\144\x65\156\x22\40\156\141\x6d\145\x3d\x22\x6f\160\164\151\157\x6e\x22\x20\166\141\154\x75\x65\x3d\x22\x73\141\x6d\x6c\137\165\163\x65\162\x5f\154\157\147\x69\x6e\x22\40\57\76\xa\11\11\x3c\151\x6e\x70\165\164\40\164\171\160\x65\75\x22\x68\151\x64\x64\x65\156\x22\x20\156\x61\x6d\x65\x3d\42\x72\145\144\151\x72\145\x63\164\137\x74\157\x22\40\166\141\154\x75\x65\x3d\x22" . $yg . "\42\40\57\x3e\12\12\11\x9\x3c\146\157\x6e\x74\x20\x73\151\172\145\75\42\x2b\61\x22\x20\x73\164\171\x6c\145\75\x22\166\145\162\164\151\143\x61\154\55\141\154\x69\x67\156\72\164\x6f\160\73\42\76\40\74\57\x66\x6f\x6e\164\76";
$Zs = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Identity_name);
if (!empty($Zs)) {
goto SK;
}
echo "\x50\154\x65\141\163\x65\x20\x63\x6f\156\x66\151\x67\x75\x72\145\40\x74\x68\145\x20\x6d\x69\x6e\x69\117\162\x61\x6e\x67\x65\40\123\101\115\114\40\x50\x6c\165\147\151\156\x20\146\151\x72\163\164\56";
goto qj;
SK:
$yA = "\114\157\147\x69\156\x20\167\151\x74\150\x20\x23\x23\x49\x44\120\x23\43";
if (!get_option("\155\157\137\x73\141\155\x6c\x5f\x63\x75\x73\164\157\155\137\154\157\x67\151\156\x5f\164\x65\170\x74")) {
goto pb;
}
$yA = get_option("\155\x6f\x5f\163\141\x6d\154\137\x63\x75\x73\x74\x6f\x6d\137\x6c\157\147\x69\156\x5f\x74\x65\170\x74");
pb:
$yA = str_replace("\x23\x23\111\104\120\x23\x23", $Zs, $yA);
$c7 = false;
if (!get_option("\x6d\x6f\x5f\163\x61\x6d\x6c\137\165\163\145\137\x62\x75\164\x74\x6f\156\x5f\x61\x73\x5f\x77\x69\x64\x67\x65\164")) {
goto o7;
}
if (!(get_option("\x6d\x6f\137\163\x61\x6d\x6c\x5f\165\x73\145\137\142\x75\x74\164\x6f\156\137\x61\x73\137\x77\x69\144\x67\x65\x74") == "\164\162\x75\145")) {
goto p_;
}
$c7 = true;
p_:
o7:
if (!$c7) {
goto Ci;
}
$Ma = get_option("\x6d\x6f\137\x73\x61\x6d\x6c\x5f\142\x75\164\164\x6f\x6e\x5f\x77\151\x64\164\150") ? get_option("\155\157\137\163\141\x6d\154\x5f\142\165\x74\x74\157\156\x5f\x77\151\x64\x74\150") : "\61\60\60";
$AR = get_option("\x6d\x6f\137\x73\x61\x6d\154\137\x62\x75\164\x74\157\156\x5f\x68\145\151\x67\x68\164") ? get_option("\x6d\157\x5f\x73\141\155\154\x5f\x62\x75\x74\164\157\x6e\137\x68\x65\151\x67\150\164") : "\x35\x30";
$HX = get_option("\155\x6f\x5f\x73\x61\x6d\x6c\137\x62\x75\164\x74\x6f\156\x5f\x73\151\172\145") ? get_option("\x6d\x6f\x5f\163\141\x6d\x6c\137\x62\x75\164\164\x6f\x6e\x5f\163\x69\x7a\x65") : "\65\60";
$Fe = get_option("\155\x6f\137\163\x61\x6d\154\x5f\142\165\164\x74\x6f\x6e\137\x63\165\x72\166\145") ? get_option("\x6d\x6f\x5f\x73\x61\155\154\x5f\x62\x75\x74\164\x6f\156\x5f\143\x75\x72\x76\x65") : "\65";
$s8 = get_option("\155\x6f\x5f\x73\141\x6d\154\137\142\x75\164\164\x6f\x6e\137\143\x6f\154\x6f\x72") ? get_option("\x6d\x6f\137\163\x61\155\x6c\x5f\142\x75\164\164\157\x6e\x5f\x63\157\154\157\162") : "\x30\x30\x38\65\142\141";
$AJ = get_option("\x6d\x6f\x5f\163\x61\x6d\154\x5f\x62\x75\164\x74\157\156\137\164\x68\x65\155\x65") ? get_option("\155\157\x5f\x73\141\155\x6c\x5f\x62\165\164\164\157\156\x5f\164\x68\x65\155\145") : "\154\x6f\156\x67\x62\x75\x74\x74\x6f\156";
$dp = !empty($_SESSION["\155\157\x5f\147\165\x65\163\164\x5f\x6c\157\x67\x69\x6e"]["\154\x6f\x67\x67\x65\x64\x5f\151\156\x5f\x69\x64\x70\137\x6e\x61\155\145"]) ? $_SESSION["\155\157\x5f\147\165\x65\163\164\x5f\154\x6f\147\x69\x6e"]["\x6c\157\147\x67\145\144\137\151\156\137\151\x64\160\137\156\141\x6d\145"] : LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Identity_name);
$SP = get_option("\x6d\157\x5f\163\141\155\154\137\142\165\164\164\x6f\x6e\x5f\x74\145\170\x74") ? get_option("\x6d\157\137\x73\x61\x6d\154\137\142\x75\x74\164\x6f\156\137\164\145\170\x74") : ($dp ? $dp : "\x4c\x6f\147\x69\156");
$cN = get_option("\x6d\157\x5f\163\x61\155\154\x5f\x66\x6f\156\164\x5f\143\x6f\x6c\157\x72") ? get_option("\155\157\x5f\163\x61\x6d\154\x5f\146\x6f\156\x74\x5f\143\x6f\154\x6f\162") : "\x66\x66\146\146\x66\x66";
$WE = get_option("\x6d\157\137\163\x61\155\x6c\x5f\x66\157\156\164\x5f\x73\x69\x7a\145") ? get_option("\155\157\137\163\141\155\154\x5f\x66\x6f\156\164\137\163\151\172\145") : "\x32\60";
$yA = "\x3c\x69\156\160\x75\x74\x20\164\171\x70\145\75\42\142\x75\164\x74\x6f\156\x22\x20\156\141\x6d\145\x3d\x22\155\157\x5f\x73\x61\155\154\x5f\167\160\x5f\x73\x73\x6f\x5f\x62\165\164\164\x6f\156\x22\40\166\x61\x6c\x75\x65\75\42" . $SP . "\x22\x20\x73\x74\x79\154\145\x3d\x22";
$dC = '';
if ($AJ == "\x6c\157\x6e\x67\x62\x75\x74\x74\x6f\x6e") {
goto mC;
}
if ($AJ == "\143\151\162\x63\x6c\145") {
goto ki;
}
if ($AJ == "\x6f\x76\x61\x6c") {
goto g2;
}
if ($AJ == "\x73\161\x75\x61\162\x65") {
goto yL;
}
goto pg;
ki:
$dC = $dC . "\x77\x69\144\164\150\72" . $HX . "\x70\170\x3b";
$dC = $dC . "\x68\145\151\x67\x68\x74\x3a" . $HX . "\160\x78\x3b";
$dC = $dC . "\x62\x6f\162\144\145\162\55\162\x61\x64\151\x75\163\72\x39\x39\71\x70\170\73";
goto pg;
g2:
$dC = $dC . "\x77\151\x64\164\150\x3a" . $HX . "\x70\170\73";
$dC = $dC . "\150\x65\151\x67\x68\164\72" . $HX . "\x70\x78\73";
$dC = $dC . "\x62\157\162\x64\x65\162\55\162\x61\144\151\x75\163\72\65\160\x78\73";
goto pg;
yL:
$dC = $dC . "\167\x69\144\164\x68\x3a" . $HX . "\x70\x78\73";
$dC = $dC . "\150\x65\151\x67\150\x74\72" . $HX . "\160\170\x3b";
$dC = $dC . "\142\x6f\162\x64\x65\162\55\162\141\144\x69\x75\x73\72\60\160\170\73";
pg:
goto gW;
mC:
$dC = $dC . "\167\151\x64\x74\x68\72" . $Ma . "\x70\x78\x3b";
$dC = $dC . "\150\145\x69\147\x68\164\72" . $AR . "\x70\x78\73";
$dC = $dC . "\x62\x6f\x72\x64\x65\x72\x2d\162\x61\144\x69\165\163\72" . $Fe . "\x70\x78\73";
gW:
$dC = $dC . "\142\141\143\x6b\147\162\x6f\x75\156\x64\55\x63\157\154\x6f\162\x3a\x23" . $s8 . "\73";
$dC = $dC . "\142\x6f\x72\x64\x65\162\x2d\x63\x6f\154\x6f\162\72\164\162\141\156\x73\x70\141\162\145\156\164\73";
$dC = $dC . "\x63\157\x6c\x6f\162\x3a\43" . $cN . "\73";
$dC = $dC . "\146\x6f\x6e\x74\x2d\163\x69\172\x65\72" . $WE . "\x70\x78\x3b";
$dC = $dC . "\160\x61\x64\x64\151\156\x67\72\x30\x70\x78\x3b";
$yA = $yA . $dC . "\42\57\x3e";
Ci:
echo "\x20\74\141\40\x68\162\x65\146\x3d\x22\43\42\x20\x6f\x6e\103\x6c\x69\143\x6b\75\42\163\x75\x62\155\151\164\123\141\155\154\x46\x6f\162\x6d\50\51\42\x3e";
echo $yA;
echo "\x3c\57\141\x3e\74\x2f\146\157\x72\x6d\76\40";
qj:
echo "\11\74\57\x75\154\x3e\xa\11\11\74\x2f\x66\157\162\x6d\76";
NV:
}
public function mo_saml_widget_init()
{
if (!(defined("\127\x50\137\x43\x4c\111") && WP_CLI)) {
goto VU;
}
require_once dirname(__FILE__) . "/mo-saml-wp-cli-commands.php";
VU:
if (!(isset($_REQUEST["\x6f\160\164\151\157\x6e"]) and $_REQUEST["\x6f\x70\x74\x69\x6f\x6e"] == "\163\x61\x6d\154\137\165\x73\x65\x72\x5f\154\157\147\157\x75\x74")) {
goto sG;
}
$user = is_user_logged_in() ? wp_get_current_user() : null;
if (empty($user)) {
goto YX;
}
wp_logout();
YX:
sG:
}
function mo_saml_logout($kP)
{
$user = get_user_by("\x69\x64", $kP);
$jJ = htmlspecialchars_decode(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Logout_URL));
$Dg = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Logout_binding_type);
$Ff = wp_get_referer();
$tB = get_option("\155\x6f\x5f\x73\x61\x6d\x6c\x5f\163\x70\137\142\x61\163\x65\x5f\x75\x72\154");
$Jg = false;
if (empty($_COOKIE["\154\x6f\147\x67\145\x64\x5f\x69\156\x5f\167\151\164\x68\x5f\x69\x64\160"])) {
goto xP;
}
$Jg = true;
xP:
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto po;
}
session_start();
po:
if (!empty($Ff)) {
goto F4;
}
$Ff = !empty($tB) ? $tB : home_url();
F4:
if (empty($jJ)) {
goto zm;
}
if (!empty($_SESSION["\x6d\x6f\x5f\x73\x61\155\x6c\x5f\154\157\x67\x6f\x75\x74\137\162\x65\161\x75\145\x73\164"])) {
goto Er;
}
if (!empty($_SESSION["\x6d\157\x5f\x73\x61\155\x6c"]["\x6c\157\x67\x67\x65\144\137\x69\x6e\x5f\x77\x69\164\x68\x5f\x69\x64\160"]) || $Jg) {
goto jH;
}
goto Xr;
Er:
self::createLogoutResponseAndRedirect($jJ, $Dg);
exit;
goto Xr;
jH:
$current_user = $user;
if (!empty($_SESSION["\155\x6f\137\x67\165\145\163\x74\137\x6c\x6f\147\151\156"]["\x6e\141\x6d\145\x49\x44"])) {
goto u7;
}
if (!empty($_COOKIE["\x6e\x61\155\x65\x49\104"])) {
goto Xf;
}
$aL = get_user_meta($current_user->ID, "\155\x6f\137\x73\141\155\x6c\137\156\141\x6d\145\137\x69\144");
goto DA;
Xf:
$aL = $_COOKIE["\x6e\141\155\145\x49\104"];
DA:
goto gc;
u7:
$aL = $_SESSION["\155\157\137\x67\165\x65\163\x74\137\154\157\147\x69\x6e"]["\x6e\x61\155\x65\111\104"];
gc:
if (!empty($_SESSION["\155\157\x5f\x67\x75\x65\163\x74\137\x6c\157\x67\x69\156"]["\x73\145\163\163\x69\157\156\111\156\x64\x65\x78"])) {
goto HE;
}
if (!empty($_COOKIE["\163\145\x73\x73\x69\x6f\156\x49\x6e\x64\x65\x78"])) {
goto U6;
}
$RR = get_user_meta($current_user->ID, "\x6d\157\x5f\x73\141\x6d\x6c\137\163\x65\x73\163\x69\157\156\137\x69\x6e\x64\145\x78");
goto f1;
U6:
$RR = $_COOKIE["\x73\x65\163\163\151\x6f\156\111\x6e\144\x65\x78"];
f1:
goto BN;
HE:
$RR = $_SESSION["\155\157\137\147\165\x65\163\164\x5f\154\157\x67\151\x6e"]["\x73\145\163\163\x69\157\156\111\156\x64\145\170"];
BN:
if (empty($aL)) {
goto C1;
}
unset($_SESSION["\x6d\x6f\x5f\163\141\x6d\x6c"]);
unset($_SESSION["\x6d\157\x5f\147\x75\x65\x73\x74\137\154\157\147\151\x6e"]);
unset($_COOKIE["\x6c\x6f\147\x67\x65\x64\137\151\x6e\137\167\x69\x74\150\x5f\x69\144\x70"]);
setcookie("\x6c\157\147\147\145\144\137\151\156\x5f\167\x69\164\150\137\151\144\160", '', time() - 3600, "\x2f");
setcookie("\x6e\141\155\x65\x49\104", '', time() - 3600, "\57");
setcookie("\163\x65\x73\163\x69\x6f\x6e\111\x6e\144\x65\x78", '', time() - 3600, "\57");
mo_saml_create_logout_request($aL, $RR, $jJ, $Dg, $Ff);
C1:
Xr:
zm:
if (!isset($_SESSION["\155\x6f\x5f\x67\165\x65\x73\x74\x5f\154\157\147\x69\156"]["\156\141\155\x65\111\104"])) {
goto OP;
}
unset($_SESSION["\x6d\x6f\x5f\147\x75\x65\163\x74\137\154\x6f\147\x69\156"]);
setcookie("\x6e\141\x6d\145\111\x44", '', time() - 3600, "\57");
setcookie("\163\145\163\163\151\x6f\x6e\x49\x6e\144\145\x78", '', time() - 3600, "\57");
OP:
$g3 = get_option("\155\x6f\x5f\x73\x61\x6d\x6c\137\x6c\x6f\x67\x6f\x75\164\x5f\162\x65\x6c\141\x79\x5f\163\x74\141\164\145");
if (empty($g3)) {
goto PK;
}
wp_redirect($g3);
exit;
PK:
wp_redirect($Ff);
exit;
}
function createLogoutResponseAndRedirect($jJ, $Dg)
{
$tB = get_option("\155\157\137\x73\x61\155\154\137\x73\160\x5f\142\141\163\145\x5f\x75\162\154");
if (!empty($tB)) {
goto m6;
}
$tB = home_url();
m6:
$Pb = $_SESSION["\x6d\x6f\x5f\163\141\155\x6c\137\154\157\147\157\x75\x74\137\162\145\161\x75\145\163\164"];
$HI = $_SESSION["\x6d\x6f\x5f\x73\x61\x6d\154\x5f\x6c\x6f\147\x6f\165\x74\x5f\162\145\x6c\x61\171\137\163\x74\x61\164\x65"];
unset($_SESSION["\155\x6f\x5f\163\141\155\x6c\137\154\157\147\157\x75\164\x5f\162\145\x71\165\145\x73\164"]);
unset($_SESSION["\155\157\x5f\x73\141\x6d\154\137\x6c\157\147\157\165\164\x5f\162\145\x6c\141\171\x5f\x73\164\x61\164\x65"]);
$lu = new DOMDocument();
$lu->loadXML($Pb);
$Pb = $lu->firstChild;
if (!($Pb->localName == "\x4c\157\x67\157\165\x74\x52\145\161\x75\x65\163\x74")) {
goto jA;
}
$OG = new SAML2SPLogoutRequest($Pb);
$jH = get_option("\155\157\x5f\163\141\x6d\154\137\163\160\x5f\x65\156\164\x69\164\x79\x5f\x69\x64");
if (!empty($jH)) {
goto tT;
}
$jH = $tB . "\57\167\160\55\x63\x6f\x6e\x74\145\x6e\x74\57\x70\x6c\x75\147\151\156\163\57\155\151\156\x69\x6f\x72\141\156\147\x65\55\x73\x61\155\154\x2d\x32\60\x2d\163\x69\156\x67\x6c\145\55\163\x69\x67\x6e\55\x6f\156\57";
tT:
$kQ = $jJ;
$WJ = SAMLSPUtilities::createLogoutResponse($OG->getId(), $jH, $kQ, $Dg);
if (empty($Dg) || $Dg == "\x48\164\x74\x70\x52\145\x64\x69\162\x65\143\x74") {
goto US;
}
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "\x63\150\x65\143\x6b\x65\x64")) {
goto o4;
}
$VZ = base64_encode($WJ);
SAMLSPUtilities::postSAMLResponse($jJ, $VZ, $HI);
exit;
o4:
$Kx = '';
$UN = '';
$VZ = SAMLSPUtilities::signXML($WJ, "\123\x74\141\164\x75\x73");
SAMLSPUtilities::postSAMLResponse($jJ, $VZ, $HI);
goto vz;
US:
$N5 = $jJ;
if (strpos($jJ, "\77") !== false) {
goto Kc;
}
$N5 .= "\77";
goto tQ;
Kc:
$N5 .= "\46";
tQ:
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "\143\x68\145\x63\x6b\x65\x64")) {
goto eb;
}
$N5 .= "\x53\101\x4d\x4c\122\x65\x73\x70\x6f\156\163\x65\x3d" . $WJ . "\46\122\145\154\x61\x79\123\164\141\164\145\75" . urlencode($HI);
header("\114\x6f\x63\141\164\x69\157\x6e\x3a\x20" . $N5);
exit;
eb:
$H9 = "\123\101\x4d\x4c\x52\145\x73\160\x6f\x6e\x73\x65\x3d" . $WJ . "\46\122\145\x6c\141\x79\123\164\x61\164\x65\75" . urlencode($HI) . "\x26\123\x69\x67\x41\x6c\x67\75" . urlencode(XMLSecurityKey::RSA_SHA256);
$MO = array("\164\171\x70\x65" => "\x70\162\x69\x76\141\164\x65");
$W4 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $MO);
$FV = get_option("\x6d\157\x5f\163\x61\x6d\x6c\x5f\143\x75\x72\x72\x65\x6e\x74\137\143\145\162\164\137\x70\x72\151\x76\141\164\145\137\153\x65\171");
$W4->loadKey($FV, FALSE);
$wm = new XMLSecurityDSig();
$N4 = $W4->signData($H9);
$N4 = base64_encode($N4);
$N5 .= $H9 . "\x26\x53\x69\x67\x6e\x61\x74\165\x72\x65\x3d" . urlencode($N4);
header("\x4c\x6f\143\141\x74\151\x6f\x6e\x3a\x20" . $N5);
exit;
vz:
jA:
}
}
function mo_saml_create_logout_request($aL, $RR, $jJ, $Dg, $Ff)
{
$tB = get_option("\x6d\157\137\x73\141\x6d\154\x5f\x73\x70\137\x62\141\x73\x65\x5f\x75\x72\154");
if (!empty($tB)) {
goto Gg;
}
$tB = home_url();
Gg:
$jH = get_option("\155\157\x5f\x73\141\x6d\x6c\137\163\x70\137\x65\156\164\151\164\x79\x5f\151\x64");
if (!empty($jH)) {
goto h5;
}
$jH = $tB . "\x2f\x77\160\55\143\x6f\156\164\x65\156\164\x2f\x70\154\165\x67\151\x6e\x73\57\x6d\151\156\151\x6f\162\x61\x6e\147\x65\x2d\x73\141\155\154\55\62\x30\55\x73\x69\156\x67\154\145\x2d\x73\x69\147\x6e\x2d\x6f\x6e\x2f";
h5:
$kQ = $jJ;
$Ox = $Ff;
$Ox = mo_saml_get_relay_state($Ox);
$H9 = SAMLSPUtilities::createLogoutRequest($aL, $jH, $kQ, $RR, $Dg);
if (empty($Dg) || $Dg == "\x48\164\164\x70\122\145\144\x69\162\x65\x63\164") {
goto iK;
}
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "\143\150\145\x63\x6b\x65\x64")) {
goto kW;
}
$VZ = base64_encode($H9);
SAMLSPUtilities::postSAMLRequest($jJ, $VZ, $Ox);
exit;
kW:
$Kx = '';
$UN = '';
$VZ = SAMLSPUtilities::signXML($H9, "\x4e\x61\155\x65\x49\104");
SAMLSPUtilities::postSAMLRequest($jJ, $VZ, $Ox);
goto yM;
iK:
$N5 = $jJ;
if (strpos($jJ, "\x3f") !== false) {
goto Lx;
}
$N5 .= "\77";
goto aT;
Lx:
$N5 .= "\x26";
aT:
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "\143\x68\x65\143\x6b\145\144")) {
goto rf;
}
$N5 .= "\x53\x41\x4d\x4c\122\145\161\x75\x65\x73\164\x3d" . $H9 . "\x26\122\x65\154\x61\171\123\x74\x61\164\x65\x3d" . urlencode($Ox);
header("\114\x6f\x63\141\164\x69\157\156\x3a\40" . $N5);
exit;
rf:
$H9 = "\123\101\x4d\114\122\145\161\x75\145\163\x74\x3d" . $H9 . "\x26\x52\145\x6c\x61\x79\x53\x74\x61\x74\x65\75" . urlencode($Ox) . "\46\x53\x69\147\x41\x6c\147\75" . urlencode(XMLSecurityKey::RSA_SHA256);
$MO = array("\164\x79\160\145" => "\160\162\151\166\141\164\x65");
$W4 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $MO);
$FV = get_option("\155\157\x5f\163\141\155\154\137\x63\x75\162\162\x65\x6e\164\137\x63\x65\x72\x74\x5f\160\x72\151\x76\141\164\145\x5f\x6b\x65\171");
$W4->loadKey($FV, FALSE);
$wm = new XMLSecurityDSig();
$N4 = $W4->signData($H9);
$N4 = base64_encode($N4);
$N5 .= $H9 . "\x26\x53\x69\147\x6e\141\164\x75\162\145\x3d" . urlencode($N4);
header("\114\x6f\143\141\x74\151\x6f\156\72\x20" . $N5);
exit;
yM:
}
function mo_login_validate()
{
if (Mo_Saml_License_Utility::is_customer_license_valid(false, false)) {
goto iz;
}
return;
iz:
if (!(isset($_REQUEST["\157\160\x74\x69\x6f\156"]) && $_REQUEST["\x6f\x70\164\x69\157\x6e"] == "\x6d\x6f\163\x61\x6d\x6c\137\155\x65\x74\141\144\x61\x74\141" && Mo_Saml_License_Utility::is_customer_license_valid())) {
goto cv;
}
miniorange_generate_metadata();
cv:
if (!(isset($_REQUEST["\157\160\164\151\157\x6e"]) && $_REQUEST["\157\x70\164\151\x6f\156"] == "\145\170\160\x6f\x72\x74\x5f\143\157\156\x66\151\147\165\x72\141\x74\x69\x6f\156")) {
goto s3;
}
if (!(current_user_can("\155\141\156\141\147\x65\x5f\x6f\160\164\x69\157\156\x73") && Mo_Saml_License_Utility::is_customer_license_valid())) {
goto Eq;
}
miniorange_import_export(true);
Eq:
exit;
s3:
if (!(isset($_REQUEST["\x6f\x70\164\151\157\x6e"]) && $_REQUEST["\157\160\164\151\157\x6e"] == "\163\141\155\154\x5f\165\x73\145\x72\137\x6c\157\147\151\x6e" || isset($_REQUEST["\x6f\160\164\x69\157\x6e"]) && $_REQUEST["\157\160\164\151\x6f\x6e"] == "\x74\x65\163\x74\151\144\160\x63\x6f\x6e\x66\151\147" || isset($_REQUEST["\x6f\160\x74\x69\157\156"]) && $_REQUEST["\x6f\160\164\151\x6f\x6e"] == "\147\145\164\x73\x61\x6d\x6c\x72\145\161\165\145\163\164" || isset($_REQUEST["\x6f\160\164\x69\157\x6e"]) && $_REQUEST["\x6f\x70\164\x69\157\x6e"] == "\x67\x65\x74\163\x61\x6d\x6c\x72\145\163\x70\x6f\x6e\163\x65")) {
goto Wn;
}
if (!mo_saml_is_sp_configured()) {
goto VD;
}
if (!(is_user_logged_in() && $_REQUEST["\x6f\160\x74\x69\x6f\x6e"] == "\x73\141\155\154\137\165\163\145\162\137\154\157\x67\151\156")) {
goto al;
}
if (empty($_REQUEST["\x72\x65\x64\x69\x72\x65\x63\164\x5f\164\x6f"])) {
goto DB;
}
$N7 = htmlspecialchars($_REQUEST["\x72\x65\x64\x69\x72\x65\x63\164\x5f\x74\x6f"]);
wp_safe_redirect($N7);
exit;
DB:
return;
al:
$tB = get_option("\x6d\157\137\163\141\155\154\137\163\160\x5f\142\x61\x73\x65\x5f\165\162\x6c");
if (!empty($tB)) {
goto iL;
}
$tB = home_url();
iL:
if (isset($_REQUEST["\x69\144\x70"]) and !empty($_REQUEST["\151\144\160"])) {
goto dB;
}
$mQ = '';
goto uo;
dB:
$mQ = htmlspecialchars($_REQUEST["\151\144\x70"]);
uo:
if ($_REQUEST["\x6f\x70\164\151\x6f\x6e"] == "\x74\x65\163\x74\x69\x64\160\x63\157\156\146\x69\x67" and isset($_REQUEST["\156\145\167\x63\x65\x72\x74"])) {
goto u9;
}
if ($_REQUEST["\157\x70\164\x69\x6f\x6e"] == "\164\145\163\164\151\144\160\x63\x6f\x6e\x66\151\x67") {
goto Ju;
}
if ($_REQUEST["\x6f\x70\164\x69\157\x6e"] == "\147\145\x74\163\x61\x6d\154\162\145\161\x75\x65\163\x74") {
goto sb;
}
if ($_REQUEST["\157\x70\164\151\157\156"] == "\147\145\x74\x73\141\155\x6c\162\x65\163\x70\x6f\x6e\163\145") {
goto Mw;
}
if (get_option("\155\x6f\x5f\x73\141\155\x6c\x5f\x72\x65\154\x61\171\137\x73\164\x61\164\x65") && get_option("\x6d\157\x5f\163\x61\155\x6c\x5f\x72\x65\x6c\x61\171\x5f\163\x74\x61\x74\145") != '') {
goto Op;
}
if (!empty($_REQUEST["\x72\x65\144\151\162\145\x63\x74\x5f\164\157"])) {
goto M0;
}
$Ox = wp_get_referer();
goto lI;
M0:
$Ox = htmlspecialchars($_REQUEST["\x72\x65\x64\x69\x72\x65\x63\164\x5f\x74\157"]);
lI:
goto yv;
Op:
$Ox = get_option("\155\x6f\137\163\141\155\x6c\137\x72\145\x6c\x61\171\137\163\x74\x61\164\x65");
yv:
goto Id;
Mw:
$Ox = "\144\151\x73\160\x6c\141\x79\123\x41\115\114\122\145\x73\x70\x6f\156\163\145";
Id:
goto Mf;
sb:
$Ox = "\144\x69\163\160\154\141\x79\123\x41\115\x4c\x52\145\x71\165\145\x73\x74";
Mf:
goto Jm;
Ju:
$Ox = "\x74\x65\x73\x74\x56\x61\154\x69\144\x61\164\145";
Jm:
goto kg;
u9:
$Ox = "\x74\x65\x73\164\116\145\167\103\145\x72\164\x69\x66\151\143\141\x74\x65";
kg:
if (!empty($Ox)) {
goto M8;
}
$Ox = $tB;
M8:
$RB = htmlspecialchars_decode(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Login_URL));
$VL = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Login_binding_type);
$q5 = get_option("\155\x6f\137\163\141\155\154\137\x66\x6f\162\143\145\137\x61\165\x74\x68\x65\156\x74\151\x63\x61\x74\151\x6f\x6e");
$re = $tB . "\57";
$jH = get_option("\155\x6f\x5f\163\141\x6d\x6c\x5f\x73\160\137\x65\x6e\x74\151\164\x79\137\151\144");
$D1 = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::NameID_Format);
if (!empty($D1)) {
goto cP;
}
$D1 = "\x31\56\x31\72\x6e\141\x6d\x65\x69\x64\55\146\157\162\155\141\164\x3a\x75\x6e\163\x70\145\143\x69\146\x69\145\x64";
cP:
if (!empty($jH)) {
goto OA;
}
$jH = $tB . "\x2f\167\x70\x2d\x63\x6f\x6e\164\x65\x6e\x74\57\x70\154\x75\x67\x69\156\x73\57\x6d\151\156\151\157\162\141\x6e\147\145\55\x73\x61\x6d\x6c\x2d\x32\x30\55\x73\x69\x6e\147\154\145\55\x73\x69\147\156\55\x6f\x6e\57";
OA:
$H9 = SAMLSPUtilities::createAuthnRequest($re, $jH, $RB, $q5, $VL, $D1);
if (!($Ox == "\x64\x69\x73\160\x6c\141\x79\123\101\x4d\114\x52\145\x71\x75\145\163\164")) {
goto GV;
}
mo_saml_show_SAML_log(SAMLSPUtilities::createAuthnRequest($re, $jH, $RB, $q5, "\110\x54\124\x50\120\x6f\163\164", $D1), $Ox);
GV:
$N5 = $RB;
if (strpos($RB, "\x3f") !== false) {
goto fv;
}
$N5 .= "\x3f";
goto O9;
fv:
$N5 .= "\x26";
O9:
cldjkasjdksalc();
$Ox = mo_saml_get_relay_state($Ox);
$Ox = empty($Ox) ? "\x2f" : $Ox;
if (empty($VL) || $VL == "\110\x74\x74\160\x52\145\144\151\x72\145\x63\x74") {
goto Xa;
}
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "\x63\150\145\143\153\x65\144")) {
goto vD;
}
$VZ = base64_encode($H9);
SAMLSPUtilities::postSAMLRequest($RB, $VZ, $Ox);
exit;
vD:
$Kx = '';
$UN = '';
if ($_REQUEST["\x6f\x70\x74\x69\157\156"] == "\x74\x65\x73\x74\x69\x64\x70\143\157\x6e\146\x69\147" && isset($_REQUEST["\x6e\145\x77\143\145\162\164"])) {
goto ce;
}
$VZ = SAMLSPUtilities::signXML($H9, "\116\141\155\145\x49\x44\120\157\154\x69\143\171");
goto cj;
ce:
$VZ = SAMLSPUtilities::signXML($H9, "\x4e\141\155\145\x49\x44\120\157\154\x69\x63\x79", true);
cj:
SAMLSPUtilities::postSAMLRequest($RB, $VZ, $Ox, $mQ);
update_option("\155\157\137\163\x61\155\154\x5f\x6e\x65\167\137\x63\x65\x72\x74\x5f\164\x65\x73\164", true);
goto fJ;
Xa:
if (!(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Request_signed) != "\143\x68\x65\x63\153\x65\144")) {
goto CR;
}
$N5 .= "\x53\x41\x4d\114\122\145\161\165\145\163\164\x3d" . $H9 . "\46\122\145\x6c\x61\171\x53\x74\x61\x74\x65\75" . urlencode($Ox);
if (empty($mQ)) {
goto rh;
}
$N5 .= "\46\x75\x73\145\162\x4e\141\x6d\x65\75" . $mQ;
rh:
header("\143\141\x63\x68\x65\x2d\143\x6f\156\164\x72\x6f\x6c\72\40\155\141\x78\x2d\x61\147\145\x3d\x30\54\40\x70\162\151\166\x61\x74\x65\x2c\40\x6e\x6f\55\x73\x74\x6f\x72\145\54\40\x6e\157\x2d\143\x61\143\x68\x65\x2c\40\155\165\163\164\55\162\x65\x76\x61\x6c\x69\144\141\164\x65");
header("\114\157\x63\x61\x74\x69\157\x6e\72\x20" . $N5);
exit;
CR:
$H9 = "\123\101\x4d\114\122\x65\161\x75\145\x73\x74\75" . $H9 . "\x26\122\145\x6c\x61\171\123\x74\141\164\x65\75" . urlencode($Ox) . "\x26\123\151\x67\101\154\147\75" . urlencode(XMLSecurityKey::RSA_SHA256);
$MO = array("\x74\171\160\x65" => "\x70\x72\151\x76\141\x74\145");
$W4 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $MO);
if ($_REQUEST["\157\x70\164\x69\157\156"] == "\x74\145\x73\x74\x69\144\x70\x63\x6f\156\x66\x69\147" && isset($_REQUEST["\156\x65\x77\x63\x65\162\x74"])) {
goto B3;
}
$FV = get_option("\x6d\x6f\x5f\163\141\155\154\x5f\143\x75\162\x72\x65\x6e\x74\x5f\143\x65\x72\164\137\160\162\151\166\x61\164\x65\137\x6b\145\171");
goto rX;
B3:
$FV = file_get_contents(plugin_dir_path(__FILE__) . "\x72\x65\163\x6f\165\x72\x63\x65\x73" . DIRECTORY_SEPARATOR . "\x6d\151\x6e\151\157\x72\141\156\x67\145\x2d\163\160\55\143\145\162\164\151\x66\x69\x63\x61\x74\x65\55\x70\x72\151\x76\x2e\153\145\x79");
rX:
$W4->loadKey($FV, FALSE);
$wm = new XMLSecurityDSig();
$N4 = $W4->signData($H9);
$N4 = base64_encode($N4);
$N5 .= $H9 . "\46\123\151\x67\156\141\164\x75\162\145\x3d" . urlencode($N4);
if (empty($mQ)) {
goto yU;
}
$N5 .= "\46\x75\163\145\x72\x4e\141\155\145\75" . $mQ;
yU:
header("\143\x61\143\150\x65\x2d\143\x6f\156\164\162\157\x6c\x3a\40\155\141\170\55\x61\147\x65\x3d\x30\x2c\x20\160\x72\151\166\141\x74\x65\x2c\40\x6e\x6f\x2d\163\164\x6f\x72\x65\54\x20\156\157\x2d\x63\x61\143\150\x65\54\x20\155\165\163\164\x2d\x72\145\166\x61\x6c\x69\144\141\x74\145");
header("\x4c\157\x63\141\x74\151\x6f\156\x3a\40" . $N5);
exit;
fJ:
VD:
Wn:
if (empty($_REQUEST["\123\101\115\x4c\122\x65\163\160\157\156\x73\x65"])) {
goto OW;
}
if (!empty($_POST["\x52\x65\154\x61\171\123\x74\x61\164\x65"]) && $_POST["\x52\x65\154\141\x79\123\164\141\x74\x65"] != "\57") {
goto SH;
}
$j2 = '';
goto k3;
SH:
$j2 = $_POST["\x52\145\154\141\171\x53\164\x61\164\x65"];
k3:
$tB = get_option("\155\157\137\x73\141\155\154\x5f\163\x70\137\x62\x61\x73\x65\137\x75\162\x6c");
if (!empty($tB)) {
goto lD;
}
$tB = home_url();
lD:
$hB = htmlspecialchars($_REQUEST["\x53\x41\x4d\114\122\x65\x73\160\157\x6e\163\145"]);
$hB = base64_decode($hB);
if (!($j2 == "\144\x69\163\x70\x6c\141\x79\123\x41\115\x4c\x52\x65\163\160\157\156\x73\145")) {
goto QF;
}
mo_saml_show_SAML_log($hB, $j2);
QF:
if (empty($_GET["\x53\101\x4d\x4c\122\145\x73\160\x6f\x6e\163\x65"])) {
goto Yw;
}
$hB = gzinflate($hB);
Yw:
$lu = new DOMDocument();
$lu->loadXML($hB);
$w_ = $lu->firstChild;
$hU = $lu->documentElement;
$J9 = new DOMXpath($lu);
$J9->registerNamespace("\163\x61\155\154\x70", "\165\162\156\x3a\157\141\x73\151\x73\72\156\141\155\x65\163\x3a\x74\143\x3a\123\x41\115\x4c\72\62\56\x30\x3a\160\162\157\164\x6f\x63\x6f\x6c");
$J9->registerNamespace("\x73\141\x6d\x6c", "\165\162\x6e\x3a\157\x61\x73\151\163\x3a\156\141\155\145\x73\x3a\164\143\x3a\123\101\115\x4c\72\62\56\x30\72\141\163\163\x65\162\x74\151\157\156");
if ($w_->localName == "\114\x6f\147\x6f\x75\164\122\145\163\x70\x6f\156\163\145") {
goto Ob;
}
$G2 = $J9->query("\57\163\141\155\x6c\160\72\122\x65\163\x70\157\x6e\163\145\57\x73\141\155\x6c\x70\x3a\x53\164\141\164\x75\163\x2f\x73\x61\x6d\x6c\160\x3a\123\164\141\164\x75\x73\103\157\144\145", $hU);
$VD = $G2->item(0)->getAttribute("\126\x61\x6c\x75\x65");
$Vy = $J9->query("\x2f\x73\x61\x6d\154\160\72\x52\x65\x73\x70\157\156\163\145\57\163\141\x6d\154\x70\72\123\164\x61\x74\165\x73\57\x73\x61\x6d\x6c\x70\72\123\164\x61\x74\165\163\x4d\145\163\x73\141\147\145", $hU)->item(0);
if (empty($Vy)) {
goto Jl;
}
$Vy = $Vy->nodeValue;
Jl:
$hv = explode("\72", $VD);
$G2 = $hv[7];
if (!empty($_POST["\x52\145\154\x61\171\x53\x74\141\164\145"]) && $_POST["\122\145\x6c\x61\x79\123\x74\x61\x74\x65"] != "\57") {
goto FD;
}
$j2 = '';
goto qc;
FD:
$j2 = $_POST["\122\x65\154\141\171\x53\164\141\x74\x65"];
qc:
if (!($j2 == "\164\145\163\x74\x56\x61\154\151\x64\141\x74\x65" && !Mo_Saml_License_Utility::is_customer_license_valid())) {
goto hh;
}
wp_die("\74\142\76\133\127\x50\123\101\115\114\x45\x52\122\60\x30\60\135\74\x2f\x62\76\40\127\145\40\143\157\x75\154\x64\40\156\x6f\164\40\163\x69\147\x6e\x20\171\157\165\40\x69\156\56\x20\x50\x6c\x65\x61\x73\145\40\x63\x6f\156\x74\141\143\x74\x20\x79\x6f\x75\x72\40\x61\x64\x6d\151\156\x69\x73\164\x72\x61\x74\157\x72\x20\167\x69\164\x68\40\164\150\x65\40\x6d\145\156\x74\151\x6f\x6e\145\144\40\x65\x72\x72\157\x72\40\x63\x6f\x64\x65\56", "\x5b\127\x50\x53\x41\115\114\105\122\x52\x30\60\60\135\x20\x49\156\166\141\154\151\144\40\114\x69\x63\145\x6e\x73\x65");
hh:
if (!($G2 != "\123\165\143\x63\145\163\163")) {
goto VW;
}
show_status_error($G2, $j2, $Vy);
VW:
$Tn = maybe_unserialize(LicenseHelper::getCurrentOption(mo_options_enum_service_provider::X509_certificate));
$re = $tB . "\x2f";
update_option("\x6d\x6f\x5f\163\x61\x6d\154\x5f\x72\145\x73\160\157\x6e\163\145", base64_encode($hB));
if ($j2 == "\x74\x65\x73\x74\116\x65\x77\103\145\162\164\x69\x66\x69\x63\141\164\x65") {
goto E9;
}
$hB = new SAML2SPResponse($w_, get_option("\x6d\157\x5f\x73\141\155\x6c\137\x63\x75\x72\162\145\156\x74\137\x63\145\x72\x74\x5f\x70\162\x69\x76\141\x74\x65\137\153\x65\171"));
goto ZU;
E9:
$QU = file_get_contents(plugin_dir_path(__FILE__) . "\162\x65\x73\x6f\x75\x72\143\x65\163" . DIRECTORY_SEPARATOR . "\155\151\156\151\x6f\162\141\x6e\147\x65\55\163\x70\55\x63\x65\162\x74\x69\x66\x69\143\x61\x74\145\x2d\160\162\x69\166\x2e\153\x65\171");
$hB = new SAML2SPResponse($w_, $QU);
ZU:
$xh = $hB->getSignatureData();
$LB = current($hB->getAssertions())->getSignatureData();
if (!(empty($LB) && empty($xh))) {
goto kE;
}
if ($j2 == "\164\x65\163\x74\x56\141\x6c\151\144\x61\x74\x65" or $j2 == "\164\x65\x73\x74\x4e\x65\167\103\145\162\x74\x69\x66\x69\143\x61\164\145") {
goto S2;
}
wp_die("\127\x65\40\143\x6f\x75\154\144\40\x6e\x6f\164\40\163\x69\x67\156\40\171\157\x75\x20\x69\156\x2e\x20\120\x6c\x65\x61\163\145\x20\143\157\x6e\164\141\x63\x74\x20\x61\144\x6d\151\156\x69\163\164\x72\x61\164\157\x72", "\105\x72\x72\157\x72\x3a\40\111\156\x76\x61\154\x69\x64\x20\123\101\115\114\x20\122\x65\163\160\157\x6e\163\x65");
goto mn;
S2:
$ne = mo_options_error_constants::Error_no_certificate;
$bd = mo_options_error_constants::Cause_no_certificate;
echo "\x3c\144\151\x76\40\x73\164\171\154\x65\x3d\x22\x66\157\x6e\164\x2d\x66\141\155\151\154\x79\x3a\x43\x61\154\x69\x62\x72\x69\73\x70\x61\144\144\151\156\147\x3a\x30\40\x33\x25\73\x22\x3e\12\11\x9\11\x9\74\144\151\166\x20\163\x74\x79\154\x65\75\42\x63\x6f\154\x6f\x72\72\40\x23\141\71\x34\x34\64\62\x3b\142\141\143\153\147\x72\157\165\156\x64\x2d\x63\x6f\x6c\157\162\x3a\x20\x23\146\x32\x64\145\144\145\x3b\x70\x61\x64\144\x69\x6e\147\x3a\40\61\65\x70\x78\73\155\x61\162\x67\x69\156\x2d\142\157\164\164\x6f\155\x3a\x20\62\x30\160\170\73\164\x65\170\x74\55\x61\x6c\151\x67\x6e\72\x63\145\156\164\145\162\73\142\x6f\x72\x64\145\162\72\61\x70\170\40\x73\x6f\154\151\144\x20\43\x45\x36\x42\63\102\62\x3b\146\x6f\x6e\x74\55\163\151\172\x65\x3a\x31\x38\x70\164\x3b\x22\76\40\x45\x52\122\117\x52\x3c\x2f\x64\151\x76\x3e\12\11\x9\11\x9\74\x64\x69\x76\x20\x73\x74\x79\154\145\75\42\x63\x6f\154\157\x72\72\40\43\141\71\64\x34\x34\62\x3b\146\x6f\x6e\164\55\163\151\172\x65\72\x31\64\x70\164\x3b\x20\155\141\x72\147\x69\x6e\x2d\x62\157\x74\164\157\x6d\72\62\x30\160\170\x3b\42\76\x3c\x70\76\74\x73\x74\162\x6f\x6e\147\76\x45\162\x72\x6f\162\40\x20\x3a" . esc_html($ne) . "\40\74\57\x73\164\162\157\x6e\147\x3e\74\57\x70\76\12\11\x9\x9\11\12\x9\11\11\11\74\160\x3e\74\x73\164\162\157\156\x67\76\120\157\163\x73\x69\142\x6c\x65\x20\x43\141\x75\x73\145\72\x20" . esc_html($bd) . "\x3c\57\x73\164\162\157\x6e\147\76\74\57\x70\76\xa\11\x9\11\x9\12\x9\11\11\11\74\x2f\144\151\166\x3e\74\x2f\144\151\x76\x3e";
mo_saml_download_logs($ne, $bd);
exit;
mn:
kE:
$vB = '';
if (is_array($Tn)) {
goto Oe;
}
$C1 = XMLSecurityKey::getRawThumbprint($Tn);
$C1 = mo_saml_convert_to_windows_iconv($C1);
$C1 = preg_replace("\x2f\134\x73\x2b\x2f", '', $C1);
if (empty($xh)) {
goto w1;
}
$vB = SAMLSPUtilities::processResponse($re, $C1, $xh, $hB, 0, $j2);
w1:
if (empty($LB)) {
goto e1;
}
$vB = SAMLSPUtilities::processResponse($re, $C1, $LB, $hB, 0, $j2);
e1:
goto iw;
Oe:
foreach ($Tn as $W4 => $tp) {
$C1 = XMLSecurityKey::getRawThumbprint($tp);
$C1 = mo_saml_convert_to_windows_iconv($C1);
$C1 = preg_replace("\x2f\134\x73\x2b\x2f", '', $C1);
if (empty($xh)) {
goto Ff;
}
$vB = SAMLSPUtilities::processResponse($re, $C1, $xh, $hB, $W4, $j2);
Ff:
if (empty($LB)) {
goto xO;
}
$vB = SAMLSPUtilities::processResponse($re, $C1, $LB, $hB, $W4, $j2);
xO:
if (!$vB) {
goto lK;
}
goto HC;
lK:
ib:
}
HC:
iw:
if ($xh) {
goto bp;
}
if ($LB) {
goto AT;
}
goto z1;
bp:
$eH = $xh["\103\145\162\x74\x69\146\x69\143\x61\164\x65\x73"][0];
goto z1;
AT:
$eH = $LB["\x43\145\x72\164\151\x66\x69\x63\141\x74\x65\163"][0];
z1:
if ($vB) {
goto te;
}
if ($j2 == "\164\145\x73\x74\x56\x61\154\x69\144\141\164\145" or $j2 == "\164\145\163\164\116\x65\x77\103\145\x72\164\x69\146\151\x63\141\164\x65") {
goto kk;
}
wp_die("\x57\145\40\x63\x6f\x75\154\x64\40\156\x6f\x74\x20\163\x69\x67\x6e\40\171\157\165\40\151\x6e\56\x20\120\x6c\145\x61\x73\145\40\x63\157\x6e\x74\x61\143\x74\x20\x79\157\x75\162\40\141\x64\155\151\x6e\151\x73\164\x72\x61\x74\x6f\x72", "\x45\x72\162\157\x72\x3a\x20\111\x6e\166\x61\154\x69\144\40\123\x41\115\x4c\40\122\145\163\160\157\x6e\x73\x65");
goto Ql;
kk:
$ne = mo_options_error_constants::Error_wrong_certificate;
$bd = mo_options_error_constants::Cause_wrong_certificate;
$ti = "\55\55\x2d\x2d\55\x42\x45\x47\111\x4e\40\x43\x45\122\x54\x49\106\x49\103\x41\124\x45\x2d\55\55\x2d\x2d\74\x62\162\76" . chunk_split($eH, 64) . "\74\x62\162\76\x2d\55\55\x2d\55\x45\x4e\104\40\x43\105\x52\124\x49\106\111\103\x41\124\x45\55\55\x2d\x2d\55";
echo "\74\x64\151\166\40\163\x74\171\x6c\145\x3d\x22\x66\x6f\x6e\164\x2d\x66\x61\155\x69\x6c\x79\72\x43\141\x6c\151\142\162\x69\73\x70\141\x64\144\151\x6e\147\72\x30\40\63\45\73\42\x3e";
echo "\x3c\144\151\x76\40\x73\164\x79\154\x65\75\x22\x63\157\154\x6f\x72\72\x20\43\141\x39\x34\64\64\x32\x3b\142\141\143\x6b\x67\162\x6f\165\x6e\x64\x2d\x63\157\x6c\157\162\72\40\x23\x66\x32\144\145\144\x65\x3b\x70\141\144\144\x69\156\147\72\x20\61\65\x70\170\73\155\141\x72\x67\x69\x6e\x2d\142\157\164\164\157\x6d\x3a\x20\x32\60\x70\x78\x3b\164\x65\x78\164\55\141\x6c\x69\147\x6e\x3a\x63\145\156\x74\145\162\x3b\142\x6f\x72\x64\145\162\72\x31\160\x78\40\163\157\x6c\151\x64\40\43\x45\66\102\63\102\x32\x3b\x66\x6f\x6e\x74\55\163\x69\x7a\145\72\x31\x38\160\x74\x3b\42\x3e\40\105\x52\x52\117\x52\74\57\144\x69\x76\x3e\12\11\x9\x9\x3c\x64\151\x76\40\163\164\x79\154\x65\75\x22\x63\157\x6c\x6f\x72\x3a\40\x23\x61\x39\x34\64\64\62\73\146\x6f\156\x74\x2d\163\151\x7a\x65\72\x31\x34\160\164\x3b\x20\155\141\x72\x67\x69\156\55\142\x6f\x74\164\x6f\x6d\72\x32\x30\160\170\x3b\42\76\74\160\76\74\163\164\162\x6f\156\x67\76\x45\x72\x72\157\162\72\x20\x3c\57\x73\x74\162\x6f\156\147\x3e\x55\x6e\141\x62\154\x65\x20\x74\157\40\146\x69\156\x64\40\141\x20\x63\145\x72\164\151\146\x69\143\x61\x74\x65\40\155\141\164\143\150\x69\156\x67\x20\164\x68\145\40\x63\157\x6e\x66\x69\147\x75\x72\145\144\x20\x66\x69\156\x67\x65\x72\160\x72\151\x6e\164\x2e\x3c\x2f\160\x3e\12\11\x9\11\x3c\x70\x3e\120\x6c\x65\x61\163\x65\40\x63\157\x6e\164\x61\x63\164\40\171\x6f\x75\162\40\141\144\155\151\156\151\163\x74\x72\141\164\157\162\x20\x61\156\x64\x20\162\145\x70\157\162\164\x20\x74\150\145\40\146\157\x6c\x6c\x6f\x77\x69\x6e\147\40\x65\162\162\157\x72\x3a\74\x2f\160\76\xa\x9\11\11\x3c\x70\x3e\x3c\163\164\162\157\156\147\76\x50\x6f\x73\163\x69\142\154\x65\40\x43\x61\165\x73\x65\x3a\x20\x3c\x2f\x73\x74\162\x6f\156\147\x3e\47\130\x2e\x35\60\71\40\x43\145\x72\164\151\146\x69\x63\141\164\x65\x27\x20\x66\x69\x65\154\x64\40\x69\x6e\40\160\x6c\165\147\x69\156\x20\x64\157\x65\163\40\x6e\157\164\x20\x6d\141\164\143\150\40\164\150\145\x20\x63\x65\x72\164\x69\146\151\143\x61\x74\145\40\146\157\165\156\144\x20\151\156\40\x53\101\115\114\x20\122\145\163\160\x6f\x6e\x73\145\x2e\x3c\57\160\x3e\xa\x9\x9\11\74\x70\76\x3c\163\164\162\x6f\156\x67\76\103\145\x72\164\151\x66\x69\143\141\164\x65\40\146\157\x75\x6e\144\x20\151\156\40\123\x41\115\x4c\40\122\145\163\x70\157\156\x73\145\x3a\40\74\57\x73\x74\x72\157\156\147\76\74\146\x6f\x6e\164\40\x66\141\x63\x65\75\x22\x43\x6f\x75\162\x69\145\x72\40\116\145\x77\42\73\146\157\156\x74\x2d\x73\151\172\x65\x3a\61\60\160\164\76\74\142\162\76\x3c\142\162\76" . $ti . "\x3c\x2f\160\x3e\x3c\57\146\157\156\164\x3e\xa\x9\x9\11\74\x70\76\x3c\163\x74\162\x6f\156\147\76\123\157\154\165\164\151\157\x6e\72\x20\74\57\x73\164\x72\157\x6e\147\x3e\x3c\57\160\76\xa\11\11\11\40\74\x6f\x6c\x3e\12\40\x20\40\40\x20\40\40\40\x20\40\40\40\40\40\40\x20\x3c\x6c\x69\76\103\x6f\160\171\x20\160\141\x73\x74\145\40\164\150\145\40\143\x65\162\x74\151\146\x69\143\x61\164\x65\x20\160\x72\x6f\x76\151\144\x65\x64\40\141\x62\157\x76\x65\x20\151\x6e\x20\x58\x35\60\71\40\103\145\162\164\151\x66\151\143\x61\x74\145\x20\x75\156\x64\x65\x72\x20\123\145\162\166\x69\143\x65\40\x50\162\x6f\x76\151\144\x65\x72\x20\x53\x65\164\165\160\40\x74\141\x62\56\74\57\154\x69\x3e\12\40\x20\40\x20\40\40\40\40\40\40\40\40\x20\40\x20\x20\74\x6c\151\x3e\x49\x66\40\151\163\x73\x75\x65\40\160\145\x72\163\151\x73\164\163\40\x64\151\163\x61\x62\154\145\x20\x3c\142\x3e\103\150\x61\162\x61\x63\164\x65\162\x20\145\156\x63\157\144\151\x6e\147\74\x2f\142\76\x20\165\156\144\x65\162\x20\x53\145\x72\166\151\x63\145\x20\x50\x72\157\x76\x64\x65\162\x20\123\x65\164\165\160\40\164\x61\142\x2e\x3c\x2f\x6c\151\76\xa\40\x20\40\40\40\x20\x20\40\x20\x20\x20\40\40\x3c\57\x6f\154\76\x9\11\12\11\x9\x9\74\57\144\x69\x76\76\xa\x9\x9\x9\x9\11\x3c\x64\151\166\40\163\x74\171\154\145\75\x22\x6d\x61\162\x67\151\x6e\72\63\x25\x3b\x64\x69\163\x70\154\141\x79\72\142\154\x6f\x63\153\73\164\145\170\164\55\x61\154\151\147\156\x3a\x63\145\156\164\145\x72\73\x22\x3e\xa\11\11\11\11\x9\x3c\x64\151\x76\40\163\x74\171\x6c\x65\75\42\x6d\x61\x72\147\151\x6e\72\x33\x25\73\x64\151\x73\x70\x6c\141\x79\72\x62\154\x6f\143\x6b\x3b\164\145\170\164\x2d\x61\154\151\x67\156\x3a\143\145\156\x74\145\162\73\42\x3e\74\x69\x6e\x70\x75\164\x20\x73\x74\171\154\145\75\x22\160\x61\144\144\151\156\x67\72\61\45\x3b\167\x69\x64\x74\150\72\61\60\60\x70\x78\x3b\142\x61\143\x6b\x67\x72\x6f\165\156\144\72\x20\x23\x30\60\71\61\x43\x44\x20\x6e\x6f\x6e\145\x20\x72\x65\x70\x65\x61\164\40\163\x63\162\x6f\x6c\154\40\60\x25\40\60\45\x3b\x63\x75\x72\163\157\162\x3a\40\x70\157\x69\156\x74\145\x72\x3b\146\157\156\x74\55\163\151\x7a\145\72\61\65\160\170\x3b\x62\157\x72\144\x65\x72\55\167\151\144\164\x68\x3a\x20\61\160\x78\x3b\142\157\162\144\145\x72\55\x73\164\171\x6c\x65\x3a\40\x73\157\154\151\x64\x3b\x62\157\x72\144\x65\162\x2d\x72\141\144\x69\x75\163\x3a\40\x33\160\170\x3b\x77\150\151\x74\x65\55\163\x70\141\143\145\x3a\40\156\157\x77\x72\141\160\73\142\157\x78\x2d\x73\151\172\151\x6e\x67\x3a\40\142\157\x72\x64\145\x72\x2d\x62\x6f\170\x3b\142\x6f\x72\144\x65\x72\x2d\x63\x6f\154\x6f\162\72\x20\43\60\x30\x37\x33\101\101\x3b\x62\x6f\x78\x2d\163\x68\x61\x64\x6f\167\72\40\60\160\170\40\x31\160\170\x20\60\160\170\40\x72\147\142\x61\x28\x31\62\x30\x2c\x20\62\x30\x30\54\40\62\63\x30\54\x20\60\56\x36\x29\40\x69\156\x73\145\x74\x3b\x63\x6f\154\157\162\72\x20\x23\106\x46\x46\73\x22\x74\x79\160\x65\x3d\42\x62\x75\164\164\x6f\x6e\42\x20\166\x61\154\x75\145\x3d\x22\x44\x6f\156\145\42\40\157\x6e\x43\x6c\151\x63\153\75\42\163\x65\154\x66\56\143\154\x6f\163\x65\50\x29\73\x22\x3e\x3c\57\x64\x69\166\x3e";
mo_saml_download_logs($ne, $bd);
exit;
Ql:
te:
$VS = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Issuer);
$jH = get_option("\x6d\x6f\137\163\141\155\x6c\137\163\160\137\145\x6e\164\151\x74\x79\137\151\x64");
if (!empty($jH)) {
goto y_;
}
$jH = $tB . "\57\x77\160\x2d\x63\x6f\x6e\x74\145\156\164\x2f\160\x6c\165\x67\151\156\x73\x2f\x6d\151\x6e\x69\x6f\x72\x61\x6e\147\145\x2d\x73\x61\155\x6c\55\x32\60\55\163\x69\x6e\x67\154\x65\x2d\x73\x69\x67\156\55\x6f\156\x2f";
y_:
SAMLSPUtilities::validateIssuerAndAudience($hB, $jH, $VS, $j2);
$BH = current(current($hB->getAssertions())->getNameId());
$lP = current($hB->getAssertions())->getAttributes();
$lP["\116\141\x6d\145\x49\x44"] = array("\60" => $BH);
$RR = current($hB->getAssertions())->getSessionIndex();
mo_saml_checkMapping($lP, $j2, $RR);
goto Cg;
Ob:
if (!isset($_REQUEST["\x52\x65\x6c\141\x79\x53\164\x61\164\145"])) {
goto su;
}
$HI = $_REQUEST["\122\145\154\141\171\x53\x74\141\x74\x65"];
su:
$g3 = get_option("\x6d\157\137\x73\141\155\x6c\137\x6c\x6f\x67\157\x75\164\137\x72\145\154\x61\x79\137\163\x74\141\164\x65");
if (empty($g3)) {
goto EK;
}
$HI = $g3;
EK:
if (!is_user_logged_in()) {
goto DR;
}
wp_destroy_current_session();
wp_clear_auth_cookie();
wp_set_current_user(0);
DR:
if (!empty($HI)) {
goto Yz;
}
$HI = home_url();
Yz:
header("\x4c\157\x63\141\x74\151\x6f\x6e\x3a\x20" . $HI);
exit;
Cg:
OW:
if (empty($_REQUEST["\123\101\115\x4c\122\145\161\165\x65\x73\164"])) {
goto i2;
}
$H9 = htmlspecialchars($_REQUEST["\x53\x41\115\114\122\145\161\x75\x65\x73\x74"]);
$j2 = "\57";
if (empty($_REQUEST["\122\x65\x6c\x61\x79\x53\164\x61\164\145"])) {
goto Qh;
}
$j2 = $_REQUEST["\122\145\154\141\171\123\x74\141\164\145"];
Qh:
$H9 = base64_decode($H9);
if (empty($_GET["\x53\x41\115\114\x52\x65\x71\165\x65\x73\164"])) {
goto A5;
}
$H9 = gzinflate($H9);
A5:
$lu = new DOMDocument();
$lu->loadXML($H9);
$Je = $lu->firstChild;
if (!($Je->localName == "\x4c\157\x67\157\165\164\122\145\x71\x75\145\x73\164")) {
goto pN;
}
$OG = new SAML2SPLogoutRequest($Je);
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto Wm;
}
session_start();
Wm:
$_SESSION["\x6d\157\x5f\x73\141\x6d\x6c\x5f\154\157\x67\x6f\165\x74\137\x72\x65\161\x75\145\163\164"] = $H9;
$_SESSION["\155\157\137\x73\x61\x6d\154\137\154\x6f\147\x6f\165\164\x5f\x72\145\154\141\x79\x5f\163\x74\x61\164\x65"] = $j2;
wp_redirect(htmlspecialchars_decode(wp_logout_url()));
exit;
pN:
i2:
}
function cldjkasjdksalc()
{
$NQ = plugin_dir_path(__FILE__);
$Sz = wp_upload_dir();
$se = home_url();
$se = trim($se, "\x2f");
if (preg_match("\43\136\x68\164\x74\160\x28\163\51\x3f\x3a\57\x2f\43", $se)) {
goto zY;
}
$se = "\x68\x74\164\x70\x3a\x2f\57" . $se;
zY:
$v2 = parse_url($se);
$if = preg_replace("\57\136\167\x77\167\134\56\57", '', $v2["\150\x6f\163\x74"]);
$hr = $if . "\55" . $Sz["\x62\141\163\145\x64\151\162"];
$XL = hash_hmac("\163\150\141\62\65\66", $hr, "\x34\x44\x48\146\x6a\147\146\x6a\141\163\156\x64\x66\x73\141\152\146\110\107\112");
if (is_writable($NQ . "\x6c\x69\143\x65\x6e\163\145")) {
goto TX;
}
$t7 = base64_decode("bGNkamthc2pka3NhY2w=");
$Mu = get_option($t7);
if (empty($Mu)) {
goto Hm;
}
$cT = str_rot13($Mu);
Hm:
goto VL;
TX:
$Mu = file_get_contents($NQ . "\x6c\x69\x63\145\x6e\163\x65");
if (!$Mu) {
goto Hh;
}
$cT = base64_encode($Mu);
Hh:
VL:
if (!empty($Mu)) {
goto Pu;
}
$Fm = base64_decode("TGljZW5zZSBGaWxlIG1pc3NpbmcgZnJvbSB0aGUgcGx1Z2luLg==");
wp_die($Fm);
Pu:
if (strpos($cT, $XL) !== false) {
goto qNX;
}
$or = new Customersaml();
$W4 = get_option("\155\157\137\x73\141\155\x6c\137\x63\x75\x73\164\x6f\x6d\145\x72\x5f\164\x6f\x6b\x65\156");
$NX = AESEncryption::decrypt_data(get_option("\163\x6d\154\x5f\x6c\153"), $W4);
$iZ = $or->mo_saml_vl($NX, false);
if ($iZ) {
goto xx;
}
return;
xx:
$iZ = json_decode($iZ, true);
if (!empty($iZ["\151\x73\124\162\151\141\x6c"])) {
goto NP;
}
update_option("\155\157\137\x73\141\x6d\x6c\137\164\154\141", false);
goto C9O;
NP:
update_option("\155\x6f\x5f\163\x61\x6d\x6c\137\164\x6c\141", $iZ["\x69\x73\x54\162\151\141\x6c"]);
update_option("\155\157\137\x73\141\x6d\154\137\154\x65\144", $iZ["\x6c\151\143\145\x6e\163\x65\105\x78\160\151\162\x79\x44\x61\x74\x65"]);
C9O:
if (!empty($iZ["\163\164\x61\164\x75\163"]) and strcasecmp($iZ["\163\164\141\164\165\x73"], "\123\x55\103\103\x45\123\x53") == 0) {
goto RgD;
}
$Ki = base64_decode("SW52YWxpZCBMaWNlbnNlIEZvdW5kLiBQbGVhc2UgY29udGFjdCB5b3VyIGFkbWluaXN0cmF0b3IgdG8gdXNlIHRoZSBjb3JyZWN0IGxpY2Vuc2UuIEZvciBtb3JlIGRldGFpbHMsIHByb3ZpZGUgdGhlIFJlZmVyZW5jZSBJRDogTU8yNDI4MTAyMTcwNSB0byB5b3VyIGFkbWluaXN0cmF0b3IgdG8gY2hlY2sgaXQgdW5kZXIgSGVscCAmIEZBUSB0YWIgaW4gdGhlIHBsdWdpbi4=");
$Ki = str_replace("\110\x65\x6c\x70\40\46\x20\x46\101\x51\40\x74\141\142\x20\x69\x6e", "\x46\101\121\x73\x20\x73\145\143\x74\x69\157\x6e\40\x6f\x66", $Ki);
$NO = base64_decode("RXJyb3I6IEludmFsaWQgTGljZW5zZQ==");
wp_die($Ki, $NO);
goto CuX;
RgD:
$NQ = plugin_dir_path(__FILE__);
$se = home_url();
$se = trim($se, "\57");
if (preg_match("\x23\x5e\150\164\x74\x70\50\163\x29\x3f\72\57\x2f\43", $se)) {
goto ICW;
}
$se = "\x68\164\164\x70\72\x2f\57" . $se;
ICW:
$v2 = parse_url($se);
$if = preg_replace("\x2f\136\x77\x77\167\x5c\56\x2f", '', $v2["\x68\x6f\163\x74"]);
$Sz = wp_upload_dir();
$hr = $if . "\x2d" . $Sz["\142\141\x73\145\144\x69\x72"];
$XL = hash_hmac("\x73\150\x61\62\x35\x36", $hr, "\x34\x44\x48\x66\152\x67\x66\152\141\163\156\144\x66\163\141\x6a\146\110\x47\x4a");
$Id = djkasjdksa();
$oi = round(strlen($Id) / rand(2, 20));
$Id = substr_replace($Id, $XL, $oi, 0);
$Lp = base64_decode($Id);
if (is_writable($NQ . "\x6c\151\143\x65\156\163\x65")) {
goto iXi;
}
$Id = str_rot13($Id);
$t7 = base64_decode("bGNkamthc2pka3NhY2w=");
update_option($t7, $Id);
goto LBV;
iXi:
file_put_contents($NQ . "\x6c\151\x63\x65\x6e\x73\x65", $Lp);
LBV:
return true;
CuX:
goto Z7M;
qNX:
return true;
Z7M:
}
function djkasjdksa()
{
$AB = "\41\x7e\x40\x23\x24\45\x5e\x26\x2a\50\51\x5f\53\174\x7b\175\x3c\x3e\x3f\x30\61\x32\63\x34\65\66\x37\x38\x39\x61\142\143\144\x65\146\x67\150\x69\x6a\x6b\x6c\x6d\156\x6f\x70\x71\x72\x73\x74\x75\x76\x77\170\x79\172\101\102\x43\x44\105\106\107\x48\x49\112\113\114\x4d\x4e\117\x50\121\x52\123\x54\x55\126\127\x58\x59\132";
$OP = strlen($AB);
$u3 = '';
$mJ = 0;
h8M:
if (!($mJ < 10000)) {
goto zfD;
}
$u3 .= $AB[rand(0, $OP - 1)];
j0R:
$mJ++;
goto h8M;
zfD:
return $u3;
}
function mo_saml_show_SAML_log($Je, $f0)
{
header("\x43\x6f\156\x74\145\156\x74\55\124\x79\160\x65\72\x20\x74\x65\x78\x74\57\x68\164\155\x6c");
$hU = new DOMDocument();
$hU->preserveWhiteSpace = false;
$hU->formatOutput = true;
$hU->loadXML($Je);
if ($f0 == "\144\x69\x73\160\x6c\141\171\x53\x41\x4d\114\122\x65\161\x75\x65\x73\164") {
goto blh;
}
$Fq = "\123\x41\x4d\114\x20\122\145\163\x70\x6f\156\163\x65";
goto iQb;
blh:
$Fq = "\x53\101\115\114\x20\122\145\161\x75\145\163\x74";
iQb:
$Ju = $hU->saveXML();
$Od = htmlentities($Ju);
$Od = rtrim($Od);
$Wp = simplexml_load_string($Ju);
$HQ = json_encode($Wp);
$bO = json_decode($HQ);
$hc = plugins_url("\151\156\x63\154\165\x64\x65\163\57\x63\x73\x73\x2f\163\164\x79\154\145\137\x73\x65\x74\164\151\x6e\147\163\56\x63\x73\x73\77\166\x65\162\75\64\x2e\x38\x2e\64\x30", __FILE__);
echo "\x3c\x6c\x69\x6e\x6b\x20\162\x65\154\75\47\x73\x74\171\x6c\145\163\x68\145\x65\164\x27\40\151\x64\x3d\47\155\x6f\x5f\163\141\x6d\154\x5f\x61\144\155\x69\156\137\x73\145\164\164\x69\156\147\x73\x5f\163\164\171\154\x65\x2d\x63\163\163\x27\x20\x20\x68\x72\145\146\75\x27" . $hc . "\x27\x20\x74\x79\x70\x65\75\47\164\145\x78\x74\x2f\x63\163\x73\47\x20\155\145\144\151\x61\75\47\x61\x6c\x6c\x27\40\x2f\x3e\xa\x20\x20\40\x20\40\40\x20\x20\x20\40\x20\40\12\x9\11\x9\x3c\x64\x69\x76\40\143\154\x61\163\163\75\42\155\x6f\55\x64\151\163\160\154\141\171\x2d\154\x6f\x67\163\x22\40\x3e\74\x70\x20\164\171\160\145\75\x22\x74\x65\170\x74\42\40\40\40\151\144\75\x22\123\x41\x4d\114\137\164\171\x70\145\x22\x3e" . $Fq . "\74\57\160\76\74\57\144\151\x76\76\12\x9\11\11\x9\xa\x9\x9\x9\74\144\x69\x76\40\164\171\160\x65\75\x22\164\145\170\x74\42\40\x69\x64\75\x22\x53\101\x4d\x4c\x5f\x64\151\x73\x70\x6c\x61\x79\42\40\x63\x6c\x61\x73\163\x3d\42\155\157\x2d\144\x69\163\160\x6c\141\171\x2d\x62\154\157\143\153\x22\76\x3c\x70\162\x65\x20\143\154\141\163\163\75\47\142\162\x75\x73\x68\x3a\x20\x78\155\154\73\x27\76" . $Od . "\x3c\57\x70\x72\x65\76\x3c\57\x64\151\x76\76\12\x9\x9\x9\74\x62\162\76\12\11\11\11\74\x64\151\166\11\40\x73\164\171\154\145\x3d\42\155\141\x72\147\x69\156\x3a\63\45\x3b\144\x69\163\x70\154\141\171\72\x62\154\157\x63\153\x3b\x74\145\170\x74\55\141\154\151\147\156\72\143\145\156\x74\145\x72\73\42\x3e\12\40\40\40\x20\x20\x20\40\x20\40\x20\40\x20\xa\x9\11\11\x3c\x64\151\166\40\x73\164\171\154\145\75\42\155\141\162\x67\x69\x6e\72\x33\45\73\144\x69\163\x70\154\x61\171\x3a\142\x6c\157\x63\153\73\x74\145\170\x74\55\x61\154\151\147\156\x3a\x63\145\x6e\x74\145\162\x3b\x22\40\76\12\11\xa\40\40\40\x20\40\40\40\x20\x20\x20\40\40\x3c\x2f\x64\151\x76\x3e\12\11\11\11\74\x62\x75\x74\x74\157\156\40\x69\x64\x3d\x22\143\157\x70\x79\x22\x20\x6f\x6e\143\x6c\x69\x63\153\75\42\143\x6f\160\x79\104\x69\166\x54\x6f\103\154\x69\160\142\157\141\162\x64\x28\51\42\x20\40\163\x74\171\154\145\x3d\x22\x70\x61\x64\144\x69\x6e\x67\x3a\61\x25\x3b\x77\x69\144\x74\150\72\x31\x30\x30\x70\x78\73\x62\141\x63\153\147\x72\157\165\156\x64\72\x20\43\60\60\x39\x31\x43\104\x20\156\157\x6e\x65\x20\x72\145\160\x65\141\164\40\x73\143\x72\157\154\x6c\40\60\45\40\x30\x25\x3b\x63\165\162\x73\x6f\x72\72\x20\x70\157\151\x6e\164\145\x72\x3b\146\x6f\x6e\164\x2d\x73\x69\x7a\145\72\x31\x35\x70\170\x3b\142\157\162\x64\x65\162\x2d\x77\151\x64\164\150\72\40\61\160\170\x3b\x62\x6f\x72\144\x65\x72\55\x73\x74\x79\x6c\145\x3a\40\163\x6f\154\x69\144\x3b\x62\157\x72\144\x65\162\x2d\x72\x61\x64\x69\x75\163\x3a\40\x33\160\170\73\x77\150\x69\x74\x65\55\x73\160\x61\x63\145\x3a\40\x6e\x6f\167\x72\141\x70\73\x62\x6f\170\x2d\163\x69\172\x69\x6e\x67\x3a\40\142\157\x72\x64\145\162\x2d\142\157\x78\x3b\x62\x6f\162\144\x65\x72\x2d\x63\x6f\154\x6f\162\x3a\x20\43\x30\x30\67\x33\101\x41\x3b\x62\157\x78\55\x73\x68\141\x64\x6f\x77\72\40\x30\x70\170\x20\61\160\x78\x20\x30\160\x78\x20\162\x67\x62\x61\50\61\x32\60\x2c\40\x32\x30\x30\54\x20\x32\x33\x30\54\x20\x30\56\x36\x29\x20\x69\156\163\x65\x74\73\143\157\154\x6f\162\x3a\x20\x23\106\106\x46\x3b\x22\x20\x3e\x43\157\x70\x79\x3c\x2f\x62\x75\x74\164\x6f\x6e\x3e\xa\x9\11\x9\46\156\142\163\x70\73\xa\40\40\x20\40\x20\40\40\x20\40\x20\x20\x20\x20\x20\x20\74\151\x6e\160\x75\164\40\x69\x64\75\x22\144\167\156\x2d\x62\164\x6e\42\x20\163\x74\x79\154\145\75\x22\x70\141\144\144\x69\156\x67\72\x31\45\x3b\167\151\x64\x74\x68\72\x31\60\x30\160\x78\x3b\x62\141\143\153\147\162\157\165\156\144\72\40\x23\x30\x30\71\x31\x43\104\x20\x6e\157\156\x65\x20\162\145\x70\x65\141\164\40\163\143\x72\157\x6c\154\x20\60\45\40\60\45\73\x63\165\x72\163\157\162\72\x20\160\157\x69\156\164\145\162\73\146\157\156\164\x2d\163\x69\172\x65\x3a\x31\x35\x70\170\73\142\x6f\162\x64\x65\162\55\x77\151\x64\164\150\72\40\61\160\x78\x3b\142\157\162\x64\145\x72\x2d\x73\164\171\154\x65\72\40\x73\157\x6c\151\x64\x3b\142\157\162\144\x65\162\55\x72\141\144\151\165\x73\72\x20\63\160\170\73\x77\150\x69\164\x65\x2d\163\x70\x61\x63\145\x3a\x20\x6e\x6f\x77\x72\x61\160\73\x62\x6f\170\55\163\151\172\151\x6e\x67\x3a\40\x62\157\x72\144\145\x72\55\x62\157\x78\x3b\x62\157\162\x64\x65\x72\x2d\143\x6f\x6c\157\x72\72\40\43\x30\60\x37\x33\x41\101\x3b\x62\157\x78\55\163\150\141\x64\x6f\167\x3a\x20\x30\160\170\40\x31\160\170\x20\60\160\x78\x20\x72\x67\x62\x61\x28\61\62\60\x2c\x20\x32\60\x30\54\x20\62\x33\60\54\x20\60\x2e\66\51\x20\151\156\163\145\x74\x3b\x63\157\x6c\x6f\x72\72\x20\x23\106\106\x46\73\42\164\171\160\145\x3d\x22\x62\x75\x74\164\x6f\x6e\x22\40\166\141\x6c\165\x65\75\42\104\157\167\156\154\x6f\x61\x64\x22\40\12\40\x20\40\40\40\40\x20\40\x20\40\x20\x20\x20\40\x20\42\x3e\12\x9\x9\x9\74\57\x64\151\x76\x3e\xa\11\11\11\74\x2f\144\151\x76\76\12\x9\11\x9\12\x9\11\xa\11\11\x9";
ob_end_flush();
echo "\12\x9\x3c\163\x63\x72\x69\160\x74\x3e\xa\xa\x20\x20\x20\x20\40\x20\x20\x20\146\x75\156\143\164\151\157\156\x20\143\157\160\x79\104\x69\166\x54\157\x43\x6c\151\160\142\157\x61\x72\x64\x28\x29\x20\x7b\12\40\x20\40\x20\x20\40\x20\40\40\40\x20\x20\x76\x61\x72\x20\x61\x75\x78\x20\x3d\40\x64\x6f\x63\x75\155\145\x6e\x74\56\143\162\145\x61\x74\x65\105\154\x65\x6d\145\156\164\50\42\x69\x6e\x70\x75\x74\42\x29\73\12\40\40\40\x20\40\40\40\x20\x20\x20\x20\x20\x61\165\170\x2e\x73\x65\x74\x41\x74\164\162\151\142\165\164\145\50\42\166\x61\x6c\x75\145\x22\54\40\x64\157\143\165\x6d\x65\156\164\56\x67\x65\x74\105\x6c\x65\155\x65\156\164\x42\x79\x49\144\50\x22\x53\101\115\x4c\x5f\144\x69\x73\160\x6c\141\171\42\51\x2e\x74\x65\x78\164\103\157\x6e\164\145\156\x74\x29\x3b\12\x20\40\x20\40\x20\40\x20\40\x20\40\x20\x20\144\157\x63\x75\155\145\x6e\x74\56\x62\x6f\x64\171\56\x61\x70\x70\x65\x6e\x64\103\x68\x69\154\x64\x28\x61\165\x78\51\73\xa\x20\x20\40\x20\x20\40\40\x20\x20\x20\x20\40\x61\165\170\56\163\x65\154\x65\143\x74\50\51\x3b\xa\x20\x20\40\40\40\x20\x20\40\40\x20\40\40\x64\157\x63\165\x6d\x65\x6e\164\x2e\x65\170\145\x63\103\x6f\155\x6d\141\x6e\144\50\42\143\157\x70\x79\42\51\73\12\40\x20\x20\40\40\40\40\x20\x20\40\40\40\x64\x6f\143\165\x6d\x65\156\x74\x2e\x62\157\144\x79\x2e\x72\145\x6d\x6f\166\x65\103\x68\x69\154\144\x28\x61\165\170\x29\73\xa\x20\40\x20\x20\x20\40\x20\40\40\40\40\x20\x64\157\x63\x75\x6d\145\156\x74\56\147\x65\164\105\154\145\x6d\145\156\x74\102\x79\x49\144\x28\47\x63\x6f\x70\171\x27\51\x2e\164\145\170\x74\x43\157\156\x74\x65\x6e\x74\40\x3d\x20\x22\103\x6f\160\x69\145\x64\x22\x3b\xa\x20\40\x20\40\40\40\x20\x20\x20\x20\x20\x20\x64\157\x63\165\x6d\145\x6e\x74\56\x67\x65\x74\x45\x6c\145\155\x65\x6e\164\102\171\x49\144\50\47\x63\x6f\160\171\x27\51\x2e\x73\x74\171\154\145\x2e\142\x61\143\153\147\x72\157\165\156\x64\x20\75\40\42\x67\x72\x65\171\x22\73\12\x20\x20\x20\x20\x20\x20\40\40\x20\x20\x20\x20\x77\x69\156\144\x6f\x77\56\x67\x65\x74\x53\x65\x6c\x65\143\164\151\157\x6e\x28\x29\56\163\145\x6c\x65\143\x74\x41\154\x6c\x43\x68\x69\x6c\x64\x72\145\x6e\x28\x20\x64\157\x63\165\155\x65\x6e\164\x2e\x67\145\164\105\x6c\145\155\145\156\164\x42\171\111\144\x28\40\42\x53\101\x4d\x4c\x5f\x64\x69\163\160\x6c\141\x79\42\x20\51\x20\x29\x3b\xa\12\40\40\x20\40\x20\40\40\40\175\xa\xa\x20\40\x20\x20\x20\x20\x20\x20\x66\165\156\143\164\151\x6f\x6e\40\x64\157\167\156\154\157\x61\x64\x28\x66\x69\154\x65\156\141\155\x65\54\x20\x74\145\170\164\x29\40\x7b\12\40\x20\40\x20\x20\x20\x20\40\x20\x20\40\40\166\141\162\x20\145\154\145\155\145\x6e\x74\40\75\x20\144\157\143\165\155\x65\x6e\164\56\143\x72\145\141\164\x65\x45\154\x65\155\145\x6e\x74\x28\47\x61\x27\x29\73\12\40\x20\40\40\x20\x20\40\x20\40\x20\40\x20\x65\154\145\x6d\x65\x6e\164\x2e\163\x65\x74\101\164\x74\x72\151\x62\x75\164\x65\50\47\150\162\x65\x66\47\54\40\47\x64\x61\164\x61\x3a\101\x70\x70\x6c\151\x63\x61\164\x69\157\x6e\x2f\x6f\x63\164\x65\x74\x2d\x73\164\x72\x65\x61\155\x3b\x63\x68\141\162\x73\145\164\x3d\x75\x74\146\x2d\70\x2c\47\x20\53\40\x65\x6e\x63\157\144\x65\x55\122\111\x43\x6f\155\x70\157\x6e\145\156\x74\50\x74\x65\170\x74\51\51\73\12\40\40\40\x20\x20\x20\x20\40\x20\40\x20\x20\145\x6c\x65\x6d\x65\156\164\x2e\x73\145\x74\x41\164\x74\162\151\x62\x75\164\x65\50\x27\x64\x6f\x77\x6e\x6c\x6f\x61\x64\47\54\x20\x66\151\x6c\x65\156\141\x6d\x65\x29\x3b\12\xa\x20\x20\40\40\40\x20\40\40\40\x20\x20\40\x65\154\x65\155\145\x6e\x74\56\163\x74\171\154\145\x2e\x64\x69\163\x70\x6c\141\x79\40\75\40\x27\x6e\157\x6e\x65\47\x3b\12\x20\40\x20\x20\x20\x20\40\40\40\x20\40\40\x64\157\143\165\155\145\x6e\x74\x2e\142\157\x64\x79\56\x61\x70\160\x65\156\144\103\150\151\x6c\x64\x28\x65\154\x65\155\x65\156\164\51\73\xa\xa\40\40\x20\x20\x20\40\40\x20\40\40\40\40\x65\x6c\x65\x6d\145\156\x74\x2e\x63\x6c\151\143\x6b\50\x29\x3b\xa\xa\x20\x20\40\x20\x20\x20\x20\x20\x20\40\40\40\x64\x6f\143\x75\x6d\x65\156\x74\56\142\x6f\x64\171\56\x72\x65\x6d\x6f\x76\145\103\150\x69\154\144\x28\x65\x6c\145\155\x65\156\x74\x29\x3b\xa\x20\x20\40\40\x20\40\40\40\175\xa\12\40\x20\x20\x20\40\x20\40\x20\x64\157\x63\165\x6d\145\156\x74\56\147\x65\x74\105\154\145\x6d\x65\156\x74\102\x79\x49\144\x28\x22\x64\167\156\x2d\142\x74\156\42\51\56\141\144\144\x45\x76\145\x6e\164\114\x69\x73\x74\145\156\145\162\x28\x22\143\154\151\x63\153\x22\x2c\40\146\165\x6e\x63\x74\x69\157\x6e\40\50\51\40\x7b\12\xa\x20\x20\x20\x20\40\x20\x20\40\40\40\40\40\x76\x61\162\40\x66\151\154\145\156\x61\x6d\145\40\75\40\144\157\x63\165\x6d\145\156\164\x2e\147\x65\164\105\x6c\145\x6d\145\156\x74\102\x79\x49\144\50\42\x53\x41\115\x4c\137\164\x79\x70\x65\42\51\56\164\145\170\x74\x43\x6f\x6e\x74\145\156\x74\53\x22\56\x78\155\154\x22\x3b\xa\40\40\40\x20\40\40\x20\x20\40\x20\40\40\166\x61\x72\x20\156\x6f\144\x65\x20\75\x20\x64\157\x63\x75\x6d\145\156\x74\56\x67\x65\164\x45\x6c\x65\155\145\156\164\102\x79\x49\144\50\42\x53\x41\115\114\x5f\x64\x69\x73\160\154\x61\171\x22\51\x3b\12\x20\x20\x20\40\x20\x20\x20\40\x20\40\x20\x20\150\x74\155\154\x43\157\x6e\164\x65\156\x74\x20\75\40\156\x6f\144\145\56\151\156\156\145\162\x48\124\x4d\114\73\12\40\x20\40\40\x20\40\x20\40\x20\40\x20\x20\164\145\x78\164\40\75\x20\156\x6f\x64\x65\56\x74\145\170\164\103\x6f\x6e\x74\145\156\164\73\12\40\40\x20\x20\x20\x20\x20\40\40\x20\40\40\x63\157\x6e\163\157\154\145\56\x6c\157\x67\50\164\x65\x78\x74\x29\73\12\x20\x20\x20\x20\40\x20\x20\x20\40\40\40\x20\144\157\x77\x6e\x6c\x6f\x61\144\x28\146\x69\x6c\x65\156\141\155\x65\54\40\x74\145\x78\164\x29\x3b\12\40\x20\40\x20\40\40\40\x20\x7d\54\x20\146\141\x6c\163\x65\51\x3b\12\xa\xa\xa\12\12\x20\x20\x20\x20\x3c\x2f\163\x63\x72\151\160\164\x3e\xa";
exit;
}
function mo_saml_checkMapping($lP, $j2, $RR)
{
try {
$YV = get_option("\163\x61\x6d\154\137\x61\155\137\x65\x6d\141\x69\x6c");
$Go = get_option("\163\x61\155\154\137\141\x6d\137\165\163\145\x72\156\141\x6d\x65");
$qn = get_option("\x73\x61\x6d\x6c\137\x61\155\137\x66\151\162\x73\164\137\x6e\141\x6d\x65");
$mp = get_option("\x73\x61\x6d\154\137\x61\x6d\137\154\x61\163\164\x5f\x6e\x61\x6d\145");
$sD = get_option("\x73\141\155\x6c\137\141\155\137\x67\162\157\165\160\x5f\x6e\x61\155\145");
$Sb = get_option("\163\x61\x6d\x6c\x5f\x61\155\137\x64\145\x66\x61\x75\154\164\x5f\x75\x73\145\x72\137\x72\157\x6c\x65");
$Oa = get_option("\163\x61\155\x6c\x5f\x61\155\137\144\157\x6e\x74\137\141\154\x6c\157\167\x5f\165\156\154\151\x73\164\145\144\137\x75\163\x65\x72\x5f\x72\157\x6c\x65");
$m5 = get_option("\x73\141\x6d\x6c\x5f\x61\x6d\137\x61\x63\x63\x6f\165\156\x74\x5f\155\141\164\x63\150\145\162");
$MA = '';
$cc = '';
if (empty($lP)) {
goto Mra;
}
if (!empty($lP[$qn])) {
goto Z4Z;
}
$qn = '';
goto WeH;
Z4Z:
$qn = $lP[$qn][0];
WeH:
if (!empty($lP[$mp])) {
goto l2R;
}
$mp = '';
goto yDK;
l2R:
$mp = $lP[$mp][0];
yDK:
if (!empty($lP[$Go])) {
goto Lfo;
}
$cc = $lP["\116\x61\155\x65\x49\x44"][0];
goto Q7U;
Lfo:
$cc = $lP[$Go][0];
Q7U:
if (!empty($lP[$YV])) {
goto C2N;
}
$MA = $lP["\x4e\141\x6d\145\x49\104"][0];
goto qqM;
C2N:
$MA = $lP[$YV][0];
qqM:
if (!empty($lP[$sD])) {
goto Rpk;
}
$sD = array();
goto gVd;
Rpk:
$sD = $lP[$sD];
gVd:
if (!empty($m5)) {
goto nDM;
}
$m5 = "\145\x6d\141\151\154";
nDM:
Mra:
if ($j2 == "\164\x65\163\164\126\x61\x6c\x69\144\x61\x74\145") {
goto Mzl;
}
if ($j2 == "\164\145\163\164\116\x65\167\103\x65\162\x74\x69\146\151\143\x61\x74\x65") {
goto l6N;
}
mo_saml_login_user($MA, $qn, $mp, $cc, $sD, $Oa, $Sb, $j2, $m5, $RR, $lP["\x4e\x61\155\145\111\x44"][0], $lP);
goto FpT;
Mzl:
update_option("\x6d\157\x5f\163\141\x6d\154\x5f\x74\145\x73\164", "\x54\145\x73\164\x20\x73\165\143\x63\145\163\x73\146\165\x6c");
mo_saml_show_test_result($qn, $mp, $MA, $sD, $lP, $j2);
goto FpT;
l6N:
update_option("\x6d\x6f\x5f\163\x61\155\154\x5f\164\x65\x73\x74\137\x6e\x65\x77\137\143\x65\x72\x74", "\x54\x65\x73\x74\40\163\x75\143\x63\x65\x73\163\146\165\154");
mo_saml_show_test_result($qn, $mp, $MA, $sD, $lP, $j2);
FpT:
} catch (Exception $u6) {
echo sprintf("\101\156\x20\x65\162\x72\157\x72\40\157\x63\143\165\x72\162\145\x64\x20\167\150\151\x6c\x65\40\160\162\157\x63\x65\x73\x73\x69\x6e\147\40\x74\x68\145\x20\x53\101\x4d\114\x20\122\145\x73\160\x6f\x6e\163\145\56");
exit;
}
}
function mo_saml_show_test_result($qn, $mp, $MA, $sD, $lP, $j2)
{
echo "\74\x64\151\166\x20\163\164\x79\154\x65\x3d\42\x66\x6f\x6e\164\x2d\x66\x61\x6d\x69\154\171\72\x43\x61\x6c\x69\x62\162\151\73\160\141\144\x64\151\x6e\147\72\60\x20\63\45\73\42\76";
if (!empty($MA)) {
goto VJJ;
}
echo "\x3c\144\x69\166\40\163\x74\171\154\145\75\x22\x63\157\x6c\x6f\x72\x3a\x20\x23\141\x39\64\64\64\x32\73\142\x61\143\x6b\x67\x72\157\x75\156\144\55\143\157\x6c\x6f\x72\72\40\43\146\x32\144\145\x64\145\73\x70\x61\144\x64\x69\156\147\x3a\x20\61\65\x70\x78\73\155\x61\162\147\151\156\55\142\x6f\x74\164\157\x6d\x3a\x20\62\x30\x70\x78\73\164\145\x78\x74\55\141\x6c\x69\147\x6e\72\x63\145\156\164\x65\162\x3b\x62\157\x72\144\x65\x72\72\61\x70\x78\x20\163\x6f\154\151\144\40\43\105\x36\x42\63\102\62\x3b\x66\157\156\x74\55\163\x69\x7a\145\x3a\x31\70\160\164\73\42\x3e\124\x45\123\124\40\106\x41\x49\x4c\x45\x44\x3c\57\144\151\x76\76\12\x9\11\x9\11\x3c\x64\151\166\x20\163\x74\171\x6c\x65\75\x22\x63\x6f\x6c\x6f\x72\72\40\x23\x61\71\64\64\64\62\73\146\x6f\x6e\x74\55\163\151\172\x65\x3a\x31\x34\160\164\73\40\x6d\141\x72\147\151\x6e\x2d\142\x6f\164\x74\157\x6d\72\x32\x30\160\170\73\42\x3e\x57\x41\122\116\x49\116\x47\72\x20\123\157\155\145\40\101\164\164\x72\151\142\165\164\145\163\x20\104\x69\x64\x20\116\x6f\x74\40\x4d\141\x74\x63\150\x2e\74\57\x64\x69\166\x3e\12\x9\11\x9\x9\74\x64\x69\166\x20\163\x74\x79\154\x65\75\42\x64\151\x73\160\154\141\x79\x3a\142\154\x6f\143\153\73\x74\145\170\164\x2d\x61\x6c\x69\147\156\72\143\x65\156\x74\x65\x72\73\155\x61\x72\147\x69\156\x2d\142\157\x74\x74\157\x6d\72\x34\45\73\x22\76\74\151\x6d\147\40\x73\164\x79\x6c\x65\75\42\x77\151\144\164\150\x3a\61\65\45\73\42\x73\162\143\x3d\x22" . plugin_dir_url(__FILE__) . "\x69\155\x61\x67\145\163\57\x77\x72\x6f\x6e\x67\x2e\x70\x6e\x67\x22\x3e\74\x2f\x64\x69\166\x3e";
goto L__;
VJJ:
update_option("\155\157\x5f\163\x61\155\x6c\137\x74\x65\163\x74\137\x63\x6f\x6e\146\x69\x67\137\141\164\164\x72\x73", $lP);
echo "\74\144\151\166\40\163\164\x79\154\x65\x3d\x22\x63\157\154\x6f\x72\x3a\40\43\63\x63\x37\x36\63\x64\73\xa\11\11\11\11\x62\x61\x63\x6b\x67\x72\x6f\165\156\144\x2d\143\x6f\x6c\x6f\162\x3a\x20\x23\144\146\146\60\x64\70\x3b\x20\x70\x61\x64\x64\151\x6e\x67\72\x32\45\x3b\x6d\141\162\x67\x69\x6e\55\142\157\x74\x74\157\155\x3a\x32\x30\x70\x78\73\164\x65\170\164\55\x61\154\x69\147\156\x3a\143\145\156\164\x65\x72\x3b\x20\142\157\162\x64\x65\x72\72\61\160\170\40\x73\x6f\x6c\x69\144\x20\43\101\x45\x44\102\71\101\73\40\146\x6f\x6e\x74\x2d\x73\151\172\x65\x3a\61\x38\x70\164\x3b\x22\x3e\x54\105\123\124\40\123\125\103\x43\105\x53\x53\106\125\x4c\x3c\57\x64\x69\x76\x3e\xa\11\11\x9\11\x3c\x64\151\x76\x20\x73\164\x79\x6c\x65\75\x22\144\x69\163\x70\x6c\x61\x79\72\x62\x6c\x6f\143\x6b\x3b\x74\x65\170\164\55\x61\154\x69\147\x6e\x3a\x63\x65\x6e\164\x65\162\x3b\x6d\141\162\147\151\x6e\x2d\x62\157\164\x74\157\155\72\x34\45\x3b\x22\76\74\x69\x6d\147\x20\163\164\171\154\145\75\42\167\151\x64\x74\150\x3a\61\x35\45\73\42\163\x72\143\75\x22" . plugin_dir_url(__FILE__) . "\151\x6d\141\147\145\x73\x2f\x67\x72\145\x65\156\x5f\x63\x68\145\x63\153\56\160\x6e\x67\42\76\74\x2f\144\x69\166\x3e";
L__:
$yn = get_option("\155\x6f\x5f\163\141\155\154\137\145\x6e\141\x62\154\x65\x5f\144\x6f\155\141\x69\156\137\162\x65\x73\x74\x72\x69\x63\x74\x69\157\156\x5f\154\x6f\x67\x69\x6e");
$N2 = $j2 == "\x74\145\x73\164\x4e\x65\167\103\145\162\164\151\x66\151\143\141\164\x65" ? "\144\151\163\x70\x6c\141\x79\x3a\x6e\x6f\x6e\145" : '';
if (!$yn) {
goto QR_;
}
$Ii = get_option("\155\x6f\137\x73\x61\155\x6c\137\141\154\154\x6f\167\137\x64\145\156\171\x5f\165\163\x65\162\137\x77\151\164\x68\x5f\x64\x6f\155\x61\151\156");
if (!empty($Ii) && $Ii == "\x64\145\x6e\x79") {
goto W7X;
}
$rQ = get_option("\163\x61\155\154\x5f\141\x6d\x5f\145\x6d\141\151\154\137\144\157\155\x61\151\x6e\x73");
$rk = explode("\73", $rQ);
$QQ = explode("\100", $MA);
$TH = !empty($QQ[1]) ? $QQ[1] : '';
if (in_array($TH, $rk)) {
goto RpO;
}
echo "\x3c\x70\40\163\x74\171\154\x65\75\x22\x63\157\154\x6f\x72\x3a\162\145\x64\x3b\42\76\x54\150\x69\163\x20\165\x73\x65\162\40\x77\151\x6c\154\40\x6e\x6f\x74\x20\x62\145\40\141\x6c\154\x6f\167\145\x64\40\x74\157\x20\x6c\x6f\x67\x69\x6e\x20\x61\x73\x20\x74\x68\x65\x20\x64\157\x6d\x61\151\x6e\x20\157\x66\40\164\x68\145\x20\x65\x6d\141\151\x6c\40\x69\163\x20\156\157\164\40\x69\x6e\x63\x6c\165\x64\145\x64\x20\x69\x6e\x20\164\x68\145\x20\141\154\x6c\x6f\x77\x65\144\x20\154\151\163\x74\x20\157\x66\x20\104\x6f\x6d\141\x69\156\40\122\x65\163\164\162\x69\x63\164\x69\157\156\56\74\x2f\x70\76";
RpO:
goto v5_;
W7X:
$rQ = get_option("\x73\x61\155\x6c\137\141\x6d\x5f\x65\x6d\x61\x69\x6c\137\x64\157\155\x61\x69\x6e\163");
$rk = explode("\73", $rQ);
$QQ = explode("\100", $MA);
$TH = !empty($QQ[1]) ? $QQ[1] : '';
if (!in_array($TH, $rk)) {
goto nMH;
}
echo "\x3c\x70\40\x73\164\x79\x6c\145\x3d\x22\143\157\154\157\x72\72\x72\145\144\73\x22\x3e\x54\x68\x69\x73\40\x75\x73\145\x72\x20\167\x69\154\x6c\40\156\x6f\164\40\x62\x65\x20\x61\x6c\x6c\x6f\x77\x65\144\40\x74\157\40\x6c\157\x67\x69\x6e\40\x61\x73\x20\164\x68\x65\40\144\157\x6d\141\151\x6e\40\x6f\146\40\164\150\x65\40\145\155\141\151\x6c\x20\151\x73\x20\151\x6e\x63\x6c\x75\x64\145\144\x20\151\x6e\40\164\150\145\x20\144\145\156\151\145\144\40\154\x69\x73\164\40\x6f\146\40\104\157\x6d\141\151\156\x20\122\x65\163\164\162\x69\x63\164\151\157\156\56\x3c\x2f\x70\x3e";
nMH:
v5_:
QR_:
$Y9 = get_option("\x73\141\x6d\x6c\x5f\141\155\137\165\163\x65\162\156\x61\x6d\x65");
if (empty($lP[$Y9])) {
goto EQK;
}
$zq = $lP[$Y9][0];
if (!(strlen($zq) > 60)) {
goto j4A;
}
echo "\74\160\x20\x73\x74\171\154\145\75\42\143\x6f\154\x6f\x72\72\162\145\x64\73\42\x3e\116\117\124\105\40\x3a\x20\x54\150\x69\163\40\x75\x73\x65\162\x20\x77\x69\x6c\x6c\x20\x6e\157\164\x20\x62\145\40\141\x62\154\x65\x20\x74\x6f\x20\x6c\157\x67\x69\156\x20\x61\163\x20\164\150\x65\40\165\x73\x65\x72\x6e\x61\155\x65\40\x76\141\x6c\x75\145\x20\151\163\x20\x6d\157\x72\x65\40\x74\150\141\x6e\40\66\x30\x20\x63\150\x61\162\x61\x63\x74\x65\162\x73\x20\x6c\x6f\x6e\x67\56\x3c\x62\162\x2f\76\12\x9\11\11\x50\154\145\x61\x73\x65\x20\x74\162\171\x20\143\150\141\156\x67\x69\156\147\x20\164\150\x65\x20\x6d\141\160\x70\151\156\x67\40\x6f\x66\x20\x55\163\x65\162\x6e\141\155\145\40\x66\x69\145\154\144\40\x69\x6e\x20\x3c\141\x20\150\x72\x65\x66\x3d\x22\43\42\x20\x6f\x6e\x43\154\x69\x63\x6b\x3d\x22\143\154\157\163\145\x5f\x61\156\144\137\162\145\x64\151\x72\x65\x63\164\50\51\x3b\42\x3e\101\164\x74\162\151\142\165\164\145\x2f\122\157\x6c\145\40\x4d\x61\160\160\x69\156\x67\74\x2f\141\x3e\x20\x74\141\x62\x2e\74\57\x70\x3e";
j4A:
EQK:
echo "\x3c\163\160\x61\x6e\x20\x73\x74\171\x6c\x65\x3d\x22\146\157\156\164\x2d\163\x69\x7a\145\x3a\61\64\160\x74\x3b\42\76\x3c\x62\76\x48\x65\x6c\x6c\x6f\x3c\x2f\142\76\x2c\40" . $MA . "\x3c\x2f\x73\x70\141\x6e\x3e\74\x62\x72\x2f\76\74\160\x20\163\x74\x79\154\145\x3d\x22\x66\x6f\x6e\164\55\x77\145\151\147\150\164\72\x62\157\154\x64\73\146\157\x6e\164\55\163\x69\172\145\x3a\x31\x34\x70\x74\x3b\x6d\141\162\x67\x69\x6e\55\x6c\x65\x66\164\72\x31\x25\x3b\42\x3e\101\x54\124\x52\x49\102\x55\124\105\x53\x20\x52\x45\103\x45\111\126\x45\x44\x3a\74\x2f\x70\76\12\11\x9\x9\11\x3c\x74\x61\142\x6c\x65\x20\163\164\x79\154\x65\75\42\x62\157\x72\144\145\162\55\x63\x6f\x6c\x6c\141\x70\x73\145\72\143\x6f\x6c\x6c\141\160\x73\x65\x3b\x62\157\162\x64\x65\x72\x2d\163\x70\x61\x63\x69\x6e\147\x3a\x30\x3b\x20\144\151\163\x70\x6c\x61\171\72\164\141\x62\x6c\x65\73\167\x69\144\x74\x68\72\x31\x30\60\45\73\40\146\x6f\x6e\164\x2d\x73\151\172\145\x3a\61\64\x70\164\73\x62\141\143\x6b\x67\162\157\x75\x6e\144\55\143\x6f\x6c\x6f\x72\72\43\105\104\105\104\105\x44\x3b\42\x3e\xa\x9\11\11\11\x3c\164\162\x20\163\x74\171\154\145\x3d\x22\164\145\x78\x74\x2d\141\x6c\151\147\x6e\x3a\x63\x65\156\164\145\162\73\x22\x3e\x3c\164\144\40\163\x74\x79\154\x65\x3d\x22\146\157\x6e\x74\55\167\145\151\147\150\x74\x3a\142\157\x6c\x64\x3b\142\x6f\x72\144\x65\162\x3a\62\x70\170\x20\163\157\x6c\151\144\x20\x23\x39\64\71\x30\71\60\x3b\x70\141\144\x64\151\x6e\x67\x3a\x32\45\x3b\42\x3e\101\124\124\x52\x49\102\x55\x54\x45\40\116\101\115\x45\74\x2f\164\x64\76\x3c\x74\144\40\163\x74\171\154\x65\75\42\x66\157\156\164\x2d\x77\145\151\147\x68\x74\x3a\142\x6f\154\x64\x3b\160\141\x64\144\x69\x6e\x67\72\62\45\x3b\x62\157\162\144\145\162\72\x32\x70\170\40\x73\157\x6c\x69\144\40\43\x39\64\71\60\71\60\73\40\167\157\162\x64\55\167\x72\141\160\72\142\x72\x65\141\x6b\55\x77\x6f\x72\x64\x3b\42\x3e\x41\x54\124\x52\111\x42\125\124\105\x20\126\x41\x4c\x55\105\74\x2f\x74\x64\76\74\57\164\x72\x3e";
if (!empty($lP)) {
goto N_C;
}
echo "\116\x6f\x20\101\164\164\x72\x69\142\165\164\x65\163\40\122\x65\x63\x65\151\166\145\x64\56";
goto anW;
N_C:
foreach ($lP as $W4 => $tp) {
echo "\x3c\164\162\x3e\74\164\x64\x20\163\x74\x79\154\145\x3d\47\146\x6f\x6e\164\x2d\167\x65\151\x67\x68\x74\x3a\x62\157\x6c\144\73\142\x6f\162\x64\145\x72\x3a\62\x70\170\40\x73\157\154\151\x64\40\43\71\64\71\60\71\60\73\x70\x61\144\144\151\156\x67\72\x32\45\x3b\x27\x3e" . $W4 . "\x3c\x2f\164\x64\x3e\x3c\x74\x64\40\163\164\x79\154\145\75\47\160\141\144\x64\151\156\147\x3a\62\x25\73\x62\x6f\x72\x64\145\x72\x3a\x32\160\x78\40\163\x6f\x6c\151\144\x20\x23\x39\x34\x39\60\x39\x30\x3b\40\167\x6f\x72\x64\55\x77\x72\141\x70\x3a\x62\x72\145\141\x6b\x2d\x77\x6f\x72\x64\73\x27\76" . implode("\74\150\162\57\76", $tp) . "\74\57\164\x64\x3e\74\57\164\x72\x3e";
qyd:
}
h_q:
anW:
echo "\x3c\x2f\164\141\142\x6c\145\76\x3c\57\x64\x69\x76\x3e";
echo "\74\144\151\166\40\163\164\x79\x6c\x65\75\x22\155\x61\162\x67\151\x6e\72\63\45\x3b\x64\x69\x73\160\154\141\x79\72\x62\154\157\143\x6b\73\164\145\170\x74\x2d\x61\154\x69\147\156\72\x63\x65\156\x74\x65\162\73\x22\76\12\11\11\74\151\156\x70\165\x74\x20\x73\164\171\154\145\x3d\42\160\x61\144\144\151\156\x67\x3a\x31\45\73\x77\x69\144\164\150\x3a\62\65\60\160\x78\73\142\x61\x63\153\147\162\157\x75\156\x64\x3a\40\x23\x30\60\71\x31\103\x44\x20\x6e\x6f\156\x65\x20\162\145\160\145\x61\x74\40\x73\x63\162\x6f\154\154\x20\60\45\40\x30\45\x3b\xa\x9\x9\143\165\x72\x73\157\x72\72\x20\160\157\151\156\164\x65\162\73\x66\157\x6e\164\x2d\x73\151\x7a\145\72\61\65\x70\170\x3b\x62\157\x72\144\x65\x72\55\x77\151\x64\x74\x68\x3a\x20\x31\160\170\73\142\x6f\162\144\x65\x72\55\x73\164\x79\154\145\72\40\163\157\154\x69\144\x3b\142\157\162\144\x65\x72\55\x72\141\144\x69\x75\163\x3a\x20\x33\x70\x78\73\x77\150\151\x74\x65\x2d\163\x70\141\x63\x65\x3a\12\x9\x9\40\x6e\157\167\x72\x61\x70\73\142\157\170\55\163\x69\x7a\x69\156\x67\72\40\142\x6f\162\144\145\x72\55\x62\x6f\170\73\142\157\162\144\x65\162\x2d\143\x6f\x6c\157\x72\72\40\x23\x30\60\67\x33\101\101\x3b\x62\x6f\x78\55\x73\x68\x61\x64\x6f\167\x3a\x20\60\x70\170\40\61\x70\170\x20\x30\160\x78\40\162\x67\142\141\50\61\62\60\54\40\62\x30\60\x2c\x20\62\63\x30\x2c\x20\x30\56\66\51\x20\x69\x6e\x73\x65\164\x3b\x63\157\x6c\x6f\162\72\40\43\x46\x46\106\x3b" . $N2 . "\x22\xa\40\x20\40\x20\x20\40\x20\x20\40\40\x20\40\x74\171\160\x65\75\x22\x62\x75\x74\164\157\156\42\40\x76\141\x6c\x75\145\75\x22\x43\x6f\x6e\146\x69\147\x75\162\x65\x20\101\164\164\x72\151\x62\x75\164\x65\57\122\157\x6c\x65\x20\x4d\x61\x70\x70\151\156\147\42\x20\x6f\x6e\x43\x6c\x69\143\153\x3d\x22\x63\154\157\163\145\x5f\141\x6e\x64\137\x72\145\x64\151\x72\145\143\x74\x28\x29\x3b\42\x3e\40\46\x6e\142\x73\160\x3b\40\12\x20\40\x20\40\40\40\40\40\40\40\40\x20\xa\11\x9\x3c\x69\156\x70\x75\164\x20\163\164\171\x6c\145\x3d\x22\x70\x61\x64\x64\151\156\147\72\61\45\x3b\167\x69\144\164\150\72\61\x30\x30\160\x78\x3b\142\x61\143\x6b\x67\x72\157\x75\156\144\72\x20\x23\60\x30\71\61\x43\x44\x20\156\x6f\x6e\145\x20\162\x65\x70\x65\141\x74\x20\x73\x63\x72\157\x6c\x6c\x20\x30\45\x20\x30\x25\73\x63\x75\x72\x73\x6f\162\72\40\160\157\151\x6e\x74\x65\x72\x3b\x66\x6f\156\x74\x2d\163\151\x7a\145\x3a\61\x35\x70\x78\73\x62\x6f\162\x64\145\162\55\167\x69\144\164\150\x3a\x20\x31\160\170\73\142\157\x72\x64\x65\162\x2d\163\x74\171\154\145\x3a\40\163\x6f\x6c\151\144\x3b\142\157\x72\x64\x65\162\x2d\x72\x61\x64\151\165\x73\x3a\x20\x33\x70\x78\73\x77\150\x69\164\x65\55\x73\x70\x61\143\145\x3a\x20\x6e\157\167\162\x61\160\x3b\142\x6f\x78\55\x73\x69\172\x69\x6e\x67\72\40\x62\157\x72\144\145\x72\55\x62\x6f\170\73\142\157\162\144\145\162\x2d\143\157\154\x6f\162\x3a\x20\x23\x30\60\x37\63\x41\x41\x3b\x62\x6f\170\55\163\150\x61\x64\x6f\x77\x3a\x20\x30\x70\x78\40\x31\160\x78\40\x30\160\170\x20\x72\147\142\x61\x28\x31\x32\x30\x2c\x20\62\x30\x30\54\40\x32\x33\60\x2c\40\60\56\66\51\x20\x69\156\163\145\x74\x3b\x63\x6f\x6c\x6f\162\x3a\x20\43\106\x46\x46\x3b\x22\x74\171\160\145\x3d\x22\x62\x75\164\x74\x6f\x6e\x22\40\x76\x61\x6c\165\x65\x3d\x22\x44\157\156\x65\42\x20\x6f\156\x43\x6c\x69\x63\x6b\75\42\x73\145\154\x66\x2e\x63\154\x6f\x73\145\x28\x29\x3b\42\x3e\x3c\x2f\144\151\x76\76\12\x9\x9\12\11\x9\x3c\163\x63\x72\x69\x70\164\x3e\xa\x20\40\x20\40\x20\40\40\x20\40\40\x20\x20\40\x66\x75\x6e\x63\x74\x69\x6f\156\40\143\154\x6f\163\145\137\x61\156\x64\x5f\162\145\144\151\162\145\143\164\50\51\173\xa\40\40\x20\40\x20\40\40\40\x20\40\x20\40\x20\40\x20\40\40\167\151\x6e\x64\x6f\167\56\x6f\160\145\x6e\x65\162\x2e\x72\145\x64\x69\162\x65\x63\164\137\164\x6f\x5f\x61\164\x74\162\151\142\x75\164\x65\x5f\x6d\141\160\160\x69\x6e\x67\x28\x29\73\12\40\x20\x20\x20\x20\40\x20\40\x20\40\x20\40\x20\40\40\x20\40\x73\x65\x6c\146\56\x63\x6c\x6f\x73\145\50\51\73\12\40\x20\x20\x20\40\x20\40\40\x20\x20\x20\40\x20\175\x20\40\40\xa\xa\x9\x9\74\57\163\143\162\151\160\164\76";
exit;
}
function mo_saml_convert_to_windows_iconv($C1)
{
$xC = LicenseHelper::getCurrentOption(mo_options_enum_service_provider::Is_encoding_enabled);
if (!($xC === "\143\x68\145\143\153\145\x64")) {
goto YTw;
}
return iconv("\x55\124\106\x2d\x38", "\103\120\x31\x32\x35\62\x2f\x2f\111\x47\x4e\117\x52\x45", $C1);
YTw:
return $C1;
}
function mo_saml_login_user($MA, $qn, $mp, $cc, $sD, $Oa, $Sb, $j2, $m5, $RR = '', $aL = '', $lP = null)
{
do_action("\x6d\157\x5f\x61\x62\x72\x5f\146\x69\x6c\x74\x65\x72\137\x6c\157\x67\151\x6e", $lP, $aL, $RR);
check_if_user_allowed_to_login_due_to_role_restriction($sD);
$tB = get_option("\x6d\157\x5f\x73\141\155\154\x5f\x73\x70\x5f\x62\x61\x73\x65\137\165\x72\x6c");
if (!empty($tB)) {
goto PML;
}
$tB = home_url();
PML:
mo_saml_restrict_users_based_on_domain($MA);
$cc = mo_saml_sanitize_username($cc);
if (!(strlen($cc) > 60)) {
goto kp6;
}
wp_die("\x57\x65\x20\143\157\x75\x6c\144\x20\156\157\x74\40\163\151\x67\x6e\40\x79\x6f\x75\x20\x69\156\56\x20\120\154\x65\x61\163\145\x20\x63\x6f\156\164\x61\x63\x74\40\x79\157\165\x72\x20\141\144\x6d\151\x6e\151\x73\x74\162\x61\164\157\x72\x2e", "\105\162\x72\157\162\x20\x3a\x20\125\x73\145\x72\156\x61\155\145\x20\x6c\145\156\147\164\150\40\x6c\x69\x6d\x69\164\40\162\145\x61\143\x68\145\144");
exit;
kp6:
$Zs = array("\x69\144\x70\x5f\x6e\x61\155\145" => get_option("\163\x61\155\x6c\137\151\144\145\x6e\x74\151\164\171\x5f\156\x61\x6d\145"));
$G8 = get_option("\155\x6f\x5f\x61\x6c\x6c\x6f\167\x5f\145\x78\x69\x73\164\x69\x6e\x67\x5f\x75\x73\x65\162\x5f\154\157\x67\x69\x6e");
if (username_exists($cc) || email_exists($MA)) {
goto fuX;
}
if (Mo_Saml_License_Utility::is_customer_license_valid()) {
goto UMp;
}
wp_die("\74\142\76\x5b\127\120\x53\101\x4d\114\x45\x52\122\x30\x30\60\x5d\74\57\142\x3e\x20\x57\145\x20\x63\157\165\154\144\40\x6e\x6f\164\40\163\x69\147\x6e\x20\x79\x6f\165\40\x69\x6e\56\40\120\154\x65\141\x73\x65\40\x63\157\x6e\x74\141\143\x74\x20\171\157\165\162\40\x61\x64\x6d\151\156\151\163\164\162\x61\164\x6f\x72\40\167\151\164\150\x20\164\150\x65\x20\155\145\156\164\x69\x6f\x6e\x65\x64\40\x65\x72\x72\157\x72\40\143\157\144\145\x2e", "\105\162\162\x6f\x72\x20\72\40\x5b\127\x50\123\101\x4d\114\x45\122\122\x30\x30\x30\x5d\x20\x49\156\x76\141\154\x69\144\40\114\151\143\145\x6e\163\145");
UMp:
do_action("\x6d\x6f\137\147\165\x65\x73\x74\137\154\157\147\151\x6e", $aL, $RR, $Zs);
$n4 = get_option("\163\141\155\x6c\x5f\x61\x6d\x5f\x72\157\x6c\145\x5f\x6d\x61\x70\160\151\x6e\x67");
$n4 = maybe_unserialize($n4);
$oG = true;
$Aa = get_option("\155\x6f\x5f\x73\x61\x6d\154\x5f\x64\157\156\x74\x5f\x63\x72\x65\141\x74\x65\137\x75\x73\x65\162\x5f\151\146\137\x72\157\x6c\145\x5f\156\x6f\x74\137\x6d\141\160\x70\145\x64");
if (!(!empty($Aa) && strcmp($Aa, "\x63\x68\x65\x63\x6b\x65\144") == 0)) {
goto itm;
}
$Is = is_role_mapping_configured_for_user($n4, $sD);
$oG = $Is;
itm:
if ($oG === true) {
goto pRr;
}
$gp = get_option("\155\x6f\137\163\141\x6d\154\137\141\143\143\157\165\156\164\x5f\143\162\x65\141\164\x69\x6f\156\x5f\144\x69\163\x61\x62\154\x65\x64\137\x6d\163\x67");
if (!empty($gp)) {
goto o5S;
}
$gp = "\x57\145\x20\143\157\x75\x6c\x64\40\156\x6f\x74\x20\x73\x69\x67\156\40\x79\157\165\x20\151\x6e\56\x20\x50\x6c\145\141\x73\x65\40\x63\157\156\x74\x61\143\x74\40\171\x6f\x75\162\40\x41\144\155\151\x6e\x69\163\x74\162\x61\x74\157\x72\x2e";
o5S:
wp_die($gp, "\105\x72\x72\x6f\162\72\40\x4e\x6f\x74\x20\141\40\x57\157\x72\x64\x50\162\x65\163\163\40\115\145\x6d\x62\x65\x72");
exit;
goto d6a;
pRr:
$P9 = wp_generate_password(10, false);
if (!empty($cc)) {
goto LEc;
}
$kP = wp_create_user($MA, $P9, $MA);
goto rdU;
LEc:
$kP = wp_create_user($cc, $P9, $MA);
rdU:
if (!is_wp_error($kP)) {
goto s2_;
}
wp_die($kP->get_error_message() . "\74\142\x72\x3e\120\154\x65\x61\x73\x65\40\x63\157\x6e\164\141\143\164\40\x79\157\x75\162\x20\x41\x64\155\x69\x6e\151\163\x74\x72\x61\164\157\162\x2e\74\x62\162\x3e\74\x62\x3e\125\163\145\x72\156\x61\x6d\145\x3c\57\142\76\x3a\40" . $MA, "\x45\162\x72\157\162\x3a\x20\103\x6f\x75\x6c\144\156\x27\x74\x20\x63\162\x65\x61\164\145\40\x75\163\x65\x72");
s2_:
$user = get_user_by("\151\x64", $kP);
$of = assign_roles_to_user($user, $n4, $sD);
if ($of !== true && !empty($Oa) && $Oa == "\143\x68\145\143\x6b\x65\x64") {
goto gyh;
}
if ($of !== true && !empty($Sb)) {
goto VLq;
}
if ($of !== true) {
goto wO5;
}
goto kmZ;
gyh:
$JG = wp_update_user(array("\x49\104" => $kP, "\162\157\x6c\145" => false));
goto kmZ;
VLq:
$JG = wp_update_user(array("\x49\x44" => $kP, "\162\x6f\154\145" => $Sb));
goto kmZ;
wO5:
$Sb = get_option("\144\x65\x66\141\x75\154\x74\137\162\157\154\x65");
$JG = wp_update_user(array("\111\104" => $kP, "\x72\157\154\145" => $Sb));
kmZ:
mo_saml_map_attributes($user, $qn, $mp, $lP);
mo_saml_set_auth_cookie($user, $RR, $aL, true);
do_action("\155\157\x5f\163\x61\155\x6c\137\141\164\164\x72\x69\142\165\x74\145\x73", $cc, $MA, $qn, $mp, $sD);
d6a:
goto FBF;
fuX:
if (!($G8 != "\x74\162\165\x65")) {
goto zh4;
}
do_action("\155\x6f\137\x67\165\x65\163\x74\137\154\157\147\151\x6e", $aL, $RR, $Zs);
zh4:
if (username_exists($cc)) {
goto e_1;
}
if (!email_exists($MA)) {
goto pN6;
}
$user = get_user_by("\145\x6d\141\151\154", $MA);
$kP = $user->ID;
pN6:
goto J7i;
e_1:
$user = get_user_by("\x6c\x6f\147\151\156", $cc);
$kP = $user->ID;
if (!(!empty($MA) && is_email($MA))) {
goto FKG;
}
$JG = wp_update_user(array("\111\x44" => $kP, "\x75\163\145\162\137\x65\155\x61\x69\x6c" => $MA));
FKG:
J7i:
if (!(!Mo_Saml_License_Utility::is_customer_license_valid() && !is_administrator_user($user))) {
goto f0t;
}
wp_die("\74\142\76\x5b\x57\x50\123\x41\x4d\x4c\x45\x52\x52\60\x30\x30\135\x3c\57\142\x3e\x20\x57\145\x20\x63\157\165\x6c\x64\40\156\x6f\x74\40\x73\151\x67\x6e\x20\x79\x6f\165\40\x69\156\x2e\x20\120\154\145\x61\x73\x65\x20\x63\x6f\x6e\x74\x61\143\164\40\x79\157\165\162\40\x61\144\x6d\x69\x6e\151\163\164\162\x61\164\157\162\x20\x77\151\164\150\40\164\x68\145\40\x6d\145\156\x74\x69\157\x6e\145\144\x20\x65\162\x72\157\162\40\143\157\144\145\x2e", "\105\x72\x72\x6f\x72\x20\72\40\133\x57\x50\x53\x41\115\x4c\105\x52\x52\60\x30\x30\135\x20\111\x6e\166\x61\154\x69\x64\40\114\x69\x63\x65\x6e\x73\x65");
f0t:
mo_saml_map_attributes($user, $qn, $mp, $lP);
$n4 = maybe_unserialize(get_option("\x73\141\x6d\x6c\x5f\141\x6d\x5f\x72\157\154\145\x5f\155\141\x70\160\x69\x6e\147"));
$UW = get_option("\163\141\x6d\154\137\141\x6d\137\x64\x6f\x6e\164\137\x75\x70\x64\x61\164\145\x5f\x65\x78\x69\x73\164\151\156\x67\137\165\163\x65\x72\x5f\x72\157\x6c\x65");
if (!(empty($UW) || $UW != "\143\x68\x65\x63\x6b\x65\x64")) {
goto T24;
}
$of = assign_roles_to_user($user, $n4, $sD);
$k_ = get_option("\163\141\155\154\x5f\141\155\137\165\x70\x64\x61\x74\x65\137\141\144\155\x69\156\137\165\x73\145\162\x73\137\x72\157\154\145");
if ($of !== true && !is_administrator_user($user) && !empty($Oa) && $Oa == "\x63\x68\x65\143\153\145\144") {
goto XZ5;
}
if ($of !== true && !is_administrator_user($user) && !empty($Sb)) {
goto L5a;
}
if ($of !== true && is_administrator_user($user) && !empty($k_) && $k_ == "\143\150\x65\x63\153\145\144" && !empty($Oa) && $Oa == "\143\x68\145\143\x6b\145\144") {
goto Pzq;
}
if ($of !== true && is_administrator_user($user) && !empty($k_) && $k_ == "\x63\x68\x65\x63\x6b\145\x64" && !empty($Sb)) {
goto eQS;
}
goto jp6;
XZ5:
$JG = wp_update_user(array("\x49\x44" => $kP, "\162\x6f\154\x65" => false));
goto jp6;
L5a:
$JG = wp_update_user(array("\111\104" => $kP, "\162\157\154\x65" => $Sb));
goto jp6;
Pzq:
$JG = wp_update_user(array("\x49\x44" => $kP, "\162\x6f\x6c\145" => false));
goto jp6;
eQS:
$JG = wp_update_user(array("\111\x44" => $kP, "\162\157\154\145" => $Sb));
jp6:
T24:
mo_saml_set_auth_cookie($user, $RR, $aL);
do_action("\155\x6f\x5f\163\141\x6d\x6c\137\141\x74\x74\162\151\x62\x75\x74\145\163", $cc, $MA, $qn, $mp, $sD);
FBF:
mo_saml_post_login_redirection($j2, $tB);
}
function mo_saml_sanitize_username($cc)
{
$Aq = sanitize_user($cc, true);
$PA = apply_filters("\160\162\145\x5f\x75\163\145\x72\x5f\154\x6f\147\x69\156", $Aq);
$cc = trim($PA);
return $cc;
}
function mo_saml_restrict_users_based_on_domain($MA)
{
$yn = get_option("\155\157\x5f\x73\x61\x6d\x6c\x5f\145\156\x61\x62\154\145\137\144\157\x6d\x61\151\156\137\162\x65\x73\x74\x72\151\143\164\x69\x6f\156\137\154\157\x67\151\156");
if (!$yn) {
goto IV7;
}
$rQ = get_option("\163\141\x6d\x6c\x5f\141\155\x5f\145\x6d\141\151\x6c\137\144\157\155\x61\151\156\x73");
$rk = explode("\x3b", $rQ);
$QQ = explode("\x40", $MA);
$TH = !empty($QQ[1]) ? $QQ[1] : '';
$Ii = get_option("\155\x6f\137\163\141\x6d\154\137\x61\x6c\x6c\157\x77\x5f\144\x65\156\171\137\165\163\145\162\137\x77\151\x74\x68\x5f\144\157\x6d\141\x69\156");
$gp = get_option("\x6d\157\137\x73\x61\x6d\154\137\x72\x65\163\164\162\151\x63\x74\145\x64\137\144\157\x6d\141\151\156\x5f\x65\162\x72\157\x72\x5f\x6d\163\x67");
if (!empty($gp)) {
goto US6;
}
$gp = "\x59\157\165\x20\x61\x72\145\40\x6e\x6f\x74\40\x61\x6c\x6c\157\167\145\144\40\x74\157\40\154\157\147\x69\156\56\x20\120\x6c\145\141\x73\145\40\143\157\x6e\164\141\x63\164\x20\x79\x6f\x75\162\x20\x41\x64\155\x69\x6e\x69\x73\x74\x72\x61\x74\157\x72\56";
US6:
if (!empty($Ii) && $Ii == "\144\x65\x6e\x79") {
goto hJy;
}
if (in_array($TH, $rk)) {
goto FJ_;
}
wp_die($gp, "\120\x65\162\x6d\151\163\x73\151\x6f\x6e\40\x44\145\x6e\x69\x65\144\40\x3a\40\116\157\164\x20\141\x20\127\150\x69\164\x65\x6c\x69\x73\164\x65\x64\40\x75\163\145\162\x2e");
FJ_:
goto WzC;
hJy:
if (!in_array($TH, $rk)) {
goto uwS;
}
wp_die($gp, "\120\145\x72\x6d\x69\163\x73\x69\157\x6e\40\x44\x65\156\151\145\x64\x20\x3a\x20\102\154\141\x63\153\154\x69\x73\164\145\x64\x20\165\163\x65\162\x2e");
uwS:
WzC:
IV7:
}
function mo_saml_map_attributes($user, $qn, $mp, $lP)
{
mo_saml_map_basic_attributes($user, $qn, $mp, $lP);
mo_saml_map_custom_attributes($user, $lP);
}
function mo_saml_map_basic_attributes($user, $qn, $mp, $lP)
{
$kP = $user->ID;
if (empty($qn)) {
goto aGT;
}
$JG = wp_update_user(array("\x49\x44" => $kP, "\x66\151\x72\x73\164\137\x6e\141\x6d\x65" => $qn));
aGT:
if (empty($mp)) {
goto SHq;
}
$JG = wp_update_user(array("\111\x44" => $kP, "\154\141\163\164\x5f\156\x61\155\145" => $mp));
SHq:
if (is_null($lP)) {
goto tfT;
}
update_user_meta($kP, "\155\157\x5f\x73\141\x6d\154\x5f\165\163\145\x72\137\141\x74\x74\x72\151\x62\x75\164\145\x73", $lP);
$Zm = get_option("\163\141\x6d\x6c\137\141\x6d\137\x64\151\163\160\x6c\x61\x79\137\156\x61\155\145");
if (empty($Zm)) {
goto SSP;
}
if (strcmp($Zm, "\125\123\x45\122\116\101\115\105") == 0) {
goto itO;
}
if (strcmp($Zm, "\106\x4e\101\x4d\105") == 0 && !empty($qn)) {
goto pdU;
}
if (strcmp($Zm, "\114\116\x41\x4d\105") == 0 && !empty($mp)) {
goto TzV;
}
if (strcmp($Zm, "\106\x4e\101\x4d\105\x5f\x4c\x4e\x41\x4d\x45") == 0 && !empty($mp) && !empty($qn)) {
goto rcT;
}
if (!(strcmp($Zm, "\114\x4e\x41\115\105\137\106\116\101\115\x45") == 0 && !empty($mp) && !empty($qn))) {
goto tFG;
}
$JG = wp_update_user(array("\x49\x44" => $kP, "\x64\151\x73\x70\154\141\x79\x5f\156\141\x6d\x65" => $mp . "\x20" . $qn));
tFG:
goto TWX;
rcT:
$JG = wp_update_user(array("\x49\104" => $kP, "\144\x69\x73\x70\x6c\x61\171\x5f\156\141\x6d\x65" => $qn . "\40" . $mp));
TWX:
goto YSO;
TzV:
$JG = wp_update_user(array("\x49\104" => $kP, "\x64\151\163\160\x6c\141\171\137\x6e\141\x6d\145" => $mp));
YSO:
goto W1O;
pdU:
$JG = wp_update_user(array("\x49\104" => $kP, "\x64\x69\x73\x70\154\141\171\137\x6e\x61\x6d\x65" => $qn));
W1O:
goto cYT;
itO:
$JG = wp_update_user(array("\111\x44" => $kP, "\x64\151\x73\x70\154\141\171\137\156\x61\x6d\x65" => $user->user_login));
cYT:
SSP:
tfT:
}
function mo_saml_map_custom_attributes($user, $lP)
{
$kP = $user->ID;
if (!get_option("\155\157\x5f\163\141\x6d\x6c\137\143\165\x73\x74\157\155\137\x61\x74\164\x72\x73\x5f\x6d\141\160\160\x69\156\x67")) {
goto b1i;
}
$z7 = maybe_unserialize(get_option("\x6d\157\137\x73\x61\x6d\154\137\143\165\163\164\157\155\x5f\x61\x74\164\x72\163\x5f\155\x61\x70\160\151\156\x67"));
foreach ($z7 as $W4 => $tp) {
if (empty($lP[$tp])) {
goto G48;
}
$oR = false;
if (!(count($lP[$tp]) == 1)) {
goto CTh;
}
$oR = true;
CTh:
if (!$oR) {
goto RmX;
}
update_user_meta($kP, $W4, $lP[$tp][0]);
goto r4N;
RmX:
$LY = array();
foreach ($lP[$tp] as $P3) {
array_push($LY, $P3);
JhN:
}
c6j:
update_user_meta($kP, $W4, $LY);
r4N:
G48:
rLi:
}
CCz:
b1i:
}
function mo_saml_set_auth_cookie($user, $RR, $aL, $gQ = false)
{
$kP = $user->ID;
wp_set_current_user($kP);
$RO = false;
$RO = apply_filters("\x6d\x6f\137\x72\x65\x6d\145\x6d\x62\145\162\137\x6d\145", $RO);
wp_set_auth_cookie($kP, $RO);
if (empty($RR)) {
goto jqQ;
}
update_user_meta($kP, "\155\157\x5f\163\141\x6d\x6c\137\x73\x65\163\163\151\x6f\x6e\x5f\x69\156\144\145\x78", $RR);
jqQ:
if (empty($aL)) {
goto EKP;
}
update_user_meta($kP, "\155\x6f\137\x73\x61\155\154\x5f\x6e\x61\x6d\145\x5f\151\x64", $aL);
EKP:
setcookie("\154\x6f\x67\x67\145\144\x5f\x69\x6e\x5f\x77\151\x74\150\137\151\x64\160", base64_encode($RR . true));
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto ecJ;
}
session_start();
ecJ:
$_SESSION["\155\x6f\x5f\x73\141\x6d\x6c"]["\x6c\x6f\147\x67\x65\x64\137\151\x6e\137\167\151\164\x68\x5f\151\x64\160"] = TRUE;
if (!$gQ) {
goto fY8;
}
do_action("\x75\163\x65\162\137\162\x65\147\151\x73\x74\x65\x72", $kP);
fY8:
do_action("\x77\160\x5f\154\x6f\147\151\156", $user->user_login, $user);
}
function mo_saml_post_login_redirection($j2, $tB)
{
$j2 = htmlspecialchars_decode($j2);
$Ch = get_option("\155\157\x5f\x73\141\155\154\137\x72\145\154\x61\x79\137\x73\x74\141\164\145");
if (!empty($Ch)) {
goto LMB;
}
if (empty($j2)) {
goto pgy;
}
$EX = '';
if (!get_option("\155\157\137\163\141\155\154\x5f\163\145\x6e\144\137\x61\142\x73\x6f\154\165\164\x65\137\x72\145\x6c\x61\x79\x5f\163\164\141\x74\x65")) {
goto WpJ;
}
$PR = get_option("\x6d\157\x5f\163\141\x6d\154\x5f\x63\x75\x73\x74\x6f\x6d\145\x72\137\164\x6f\153\145\x6e");
$EX = AESEncryption::decrypt_data($j2, $PR);
WpJ:
if (!empty($EX)) {
goto Uju;
}
if (filter_var($j2, FILTER_VALIDATE_URL) === FALSE) {
goto Lu4;
}
if (strpos($j2, home_url()) !== false) {
goto rGL;
}
$Cr = htmlspecialchars_decode($tB);
goto B8O;
rGL:
$Cr = htmlspecialchars_decode($j2);
B8O:
goto jTS;
Uju:
$Cr = htmlspecialchars_decode($EX);
goto jTS;
Lu4:
$Cr = htmlspecialchars_decode($j2);
jTS:
pgy:
goto rlC;
LMB:
$Cr = htmlspecialchars_decode($Ch);
rlC:
if (!empty($Cr)) {
goto Gmz;
}
$Cr = htmlspecialchars_decode($tB);
Gmz:
wp_redirect($Cr);
exit;
}
function check_if_user_allowed_to_login_due_to_role_restriction($sD)
{
$an = get_option("\163\x61\x6d\154\137\141\155\x5f\x64\157\156\164\137\x61\x6c\154\x6f\167\137\x75\163\145\162\x5f\x74\157\x6c\x6f\x67\x69\x6e\x5f\x63\162\145\x61\x74\x65\137\x77\151\x74\150\x5f\147\151\x76\145\x6e\137\147\x72\x6f\x75\160\x73");
if (!($an == "\143\x68\145\x63\x6b\x65\x64")) {
goto noB;
}
if (empty($sD)) {
goto Pzi;
}
$j0 = get_option("\155\157\x5f\x73\x61\x6d\x6c\137\162\145\x73\x74\162\x69\143\x74\x5f\165\163\145\162\x73\137\x77\151\x74\x68\137\147\x72\x6f\x75\160\x73");
$PW = explode("\x3b", $j0);
foreach ($PW as $zf) {
foreach ($sD as $CL) {
$CL = trim($CL);
if (!(!empty($CL) && $CL == $zf)) {
goto oes;
}
wp_die("\x59\157\x75\x20\141\x72\145\x20\156\x6f\164\x20\x61\165\x74\150\x6f\162\x69\x7a\x65\144\x20\x74\x6f\40\x6c\x6f\x67\x69\156\x2e\40\x50\154\145\141\x73\x65\40\x63\x6f\x6e\164\141\143\x74\40\x79\157\165\x72\x20\141\x64\155\151\156\x69\163\164\x72\141\164\x6f\x72\x2e", "\105\162\x72\157\162");
oes:
EdH:
}
Zys:
LrC:
}
Boo:
Pzi:
noB:
}
function assign_roles_to_user($user, $n4, $sD)
{
$of = false;
if (!(!empty($sD) && !empty($n4) && !is_administrator_user($user))) {
goto qBo;
}
$user->set_role(false);
$B6 = '';
$h4 = false;
foreach ($n4 as $vF => $bI) {
$PW = explode("\73", $bI);
foreach ($PW as $zf) {
foreach ($sD as $CL) {
$CL = trim($CL);
if (!(!empty($CL) && $CL == $zf)) {
goto bpL;
}
$of = true;
$user->add_role($vF);
bpL:
WfZ:
}
KyB:
NZ2:
}
zZR:
yec:
}
lSj:
qBo:
return $of;
}
function is_role_mapping_configured_for_user($n4, $sD)
{
if (!(!empty($sD) && !empty($n4))) {
goto iTZ;
}
foreach ($n4 as $vF => $bI) {
$PW = explode("\73", $bI);
foreach ($PW as $zf) {
foreach ($sD as $CL) {
$CL = trim($CL);
if (!(!empty($CL) && $CL == $zf)) {
goto u9W;
}
return true;
u9W:
zjH:
}
VzU:
qxe:
}
Dne:
xwc:
}
KVE:
iTZ:
return false;
}
function is_administrator_user($user)
{
$x5 = $user->roles;
if (!is_null($x5) && in_array("\x61\x64\x6d\151\156\151\x73\164\162\141\164\x6f\x72", $x5, TRUE)) {
goto ffV;
}
return false;
goto cIZ;
ffV:
return true;
cIZ:
}
function mo_saml_is_customer_registered()
{
$Uw = get_option("\x6d\157\x5f\163\141\x6d\154\x5f\x61\x64\155\151\156\x5f\x65\x6d\141\x69\x6c");
$MH = get_option("\x6d\157\x5f\x73\x61\x6d\154\x5f\x61\x64\155\x69\x6e\x5f\143\x75\163\x74\x6f\x6d\x65\162\137\153\x65\x79");
if (!$Uw || !$MH || !is_numeric(trim($MH))) {
goto Kzy;
}
return 1;
goto sT8;
Kzy:
return 0;
sT8:
}
function saml_get_current_page_url()
{
$Py = $_SERVER["\x48\x54\124\x50\x5f\x48\117\123\124"];
if (!(substr($Py, -1) == "\57")) {
goto Y0L;
}
$Py = substr($Py, 0, -1);
Y0L:
$hT = $_SERVER["\x52\x45\x51\x55\x45\x53\124\x5f\125\x52\x49"];
if (!(substr($hT, 0, 1) == "\x2f")) {
goto w5E;
}
$hT = substr($hT, 1);
w5E:
$cF = !empty($_SERVER["\x48\x54\124\120\123"]) && strcasecmp($_SERVER["\110\124\x54\x50\123"], "\157\156") == 0;
$HI = "\150\164\164\x70" . ($cF ? "\163" : '') . "\72\x2f\x2f" . $Py . "\57" . $hT;
return $HI;
}
function show_status_error($Qz, $j2, $SN)
{
$Qz = strip_tags($Qz);
$SN = strip_tags($SN);
if ($j2 == "\x74\145\x73\164\126\x61\x6c\151\x64\x61\164\145" or $j2 == "\x74\145\x73\164\116\145\167\103\x65\162\164\x69\x66\151\x63\141\164\x65") {
goto o1t;
}
wp_die("\127\145\40\143\x6f\165\154\144\x20\x6e\x6f\x74\40\x73\151\x67\156\x20\171\157\x75\x20\151\156\56\x20\120\x6c\145\x61\163\x65\40\x63\157\156\x74\141\x63\x74\40\171\x6f\165\x72\40\x41\x64\x6d\151\156\151\163\x74\162\141\164\x6f\162\56", "\105\x72\x72\157\x72\x3a\40\111\156\x76\141\154\151\144\40\x53\x41\x4d\x4c\40\122\x65\163\x70\x6f\156\x73\x65\40\123\164\x61\x74\x75\163");
goto ayC;
o1t:
echo "\74\x64\x69\x76\x20\163\164\x79\154\145\x3d\42\146\157\156\164\x2d\x66\141\x6d\x69\x6c\171\x3a\103\141\154\x69\x62\162\x69\73\160\141\144\x64\x69\156\x67\x3a\60\40\x33\45\x3b\x22\x3e";
echo "\x3c\144\x69\x76\x20\x73\164\171\x6c\145\x3d\42\x63\x6f\x6c\157\x72\72\40\x23\141\71\64\64\64\62\x3b\142\x61\x63\x6b\x67\162\x6f\x75\156\144\x2d\x63\x6f\x6c\157\x72\x3a\40\43\146\62\144\x65\x64\x65\73\x70\141\144\144\151\156\147\x3a\40\61\x35\x70\170\73\x6d\141\162\147\151\x6e\x2d\142\157\164\x74\157\155\72\x20\x32\60\160\x78\73\164\x65\x78\x74\55\141\x6c\x69\x67\156\x3a\x63\145\156\164\x65\x72\73\x62\157\162\144\145\162\72\x31\160\x78\x20\163\157\154\151\x64\x20\43\x45\x36\x42\x33\102\x32\x3b\x66\157\156\x74\x2d\163\151\x7a\x65\72\x31\x38\x70\x74\73\x22\x3e\40\105\x52\122\x4f\122\x3c\x2f\x64\151\166\76\12\x20\x20\40\x20\x20\x20\40\x20\x20\40\x20\x20\40\x20\x20\40\74\144\x69\x76\40\x73\164\x79\154\145\75\42\x63\x6f\x6c\157\x72\72\x20\x23\141\71\x34\x34\x34\x32\73\146\x6f\156\164\55\163\x69\x7a\x65\72\61\x34\160\164\73\40\x6d\x61\162\x67\151\156\55\x62\x6f\164\x74\x6f\155\x3a\x32\x30\160\x78\x3b\x22\x3e\74\160\x3e\x3c\x73\164\162\x6f\156\147\x3e\x45\x72\x72\x6f\x72\x3a\40\x3c\x2f\x73\x74\162\x6f\156\147\x3e\40\x49\156\166\x61\154\x69\144\x20\123\101\x4d\114\40\x52\x65\x73\160\x6f\x6e\x73\x65\40\123\164\x61\x74\165\163\x2e\x3c\57\160\76\12\x20\40\40\40\40\x20\40\40\40\x20\40\x20\40\x20\40\x20\x3c\160\x3e\x3c\x73\164\x72\157\156\147\x3e\103\x61\x75\163\145\163\x3c\57\163\164\162\157\156\x67\76\x3a\40\111\144\145\x6e\x74\151\164\171\x20\120\162\157\x76\x69\x64\145\x72\x20\150\141\163\40\x73\x65\156\164\x20\47" . esc_html($Qz) . "\47\x20\x73\164\x61\164\x75\163\40\143\x6f\x64\145\40\x69\x6e\40\123\101\115\x4c\x20\122\x65\x73\160\x6f\x6e\x73\145\56\40\x3c\x2f\160\76\12\11\11\11\11\x9\x9\x9\x9\x3c\x70\76\x3c\x73\164\162\x6f\156\x67\76\122\145\141\x73\x6f\x6e\x3c\57\163\164\x72\157\x6e\147\x3e\72\x20" . get_status_message(esc_html($Qz)) . "\74\x2f\160\76\40";
if (empty($SN)) {
goto ATy;
}
echo "\74\x70\76\74\x73\x74\162\x6f\x6e\147\76\x53\x74\141\164\165\x73\40\115\145\x73\163\x61\147\145\40\151\156\x20\164\150\x65\40\123\101\x4d\x4c\x20\122\145\163\x70\x6f\x6e\163\145\72\74\57\x73\164\162\157\x6e\x67\x3e\x20\x3c\142\162\x2f\76" . esc_html($SN) . "\74\x2f\x70\x3e";
ATy:
echo "\74\x62\162\76\xa\40\40\x20\40\40\40\x20\x20\40\x20\x20\x20\40\40\x20\40\x3c\x2f\x64\x69\x76\x3e\12\xa\x20\40\x20\x20\x20\x20\x20\x20\x20\x20\40\40\x20\40\40\40\74\x64\151\166\40\163\x74\x79\x6c\145\x3d\42\x6d\141\x72\x67\151\x6e\72\63\x25\x3b\x64\x69\163\x70\x6c\x61\171\x3a\142\x6c\157\143\x6b\73\164\145\x78\x74\55\141\x6c\x69\x67\156\x3a\143\145\156\x74\x65\162\x3b\x22\x3e\xa\40\40\40\x20\40\x20\40\40\40\x20\x20\x20\40\40\40\40\74\x64\x69\x76\40\x73\164\171\x6c\x65\75\x22\x6d\x61\162\x67\x69\156\x3a\63\45\73\144\151\163\160\x6c\141\171\72\x62\x6c\x6f\x63\153\73\164\145\x78\164\55\141\x6c\151\147\156\72\x63\145\x6e\164\x65\162\x3b\x22\x3e\x3c\151\x6e\x70\x75\164\40\163\x74\171\154\145\75\42\x70\x61\144\144\x69\156\x67\x3a\x31\45\73\167\x69\144\164\150\x3a\61\x30\x30\x70\x78\x3b\142\141\x63\153\147\162\x6f\165\x6e\x64\72\x20\43\x30\60\x39\x31\103\104\x20\156\157\x6e\x65\40\x72\x65\160\145\141\164\x20\x73\143\x72\157\x6c\x6c\40\x30\45\x20\60\x25\73\143\x75\x72\x73\157\x72\72\x20\160\x6f\151\x6e\x74\x65\x72\73\x66\157\156\164\55\x73\x69\172\x65\72\61\65\160\x78\73\142\x6f\162\x64\x65\x72\55\x77\151\x64\164\150\72\x20\61\x70\170\73\x62\x6f\x72\144\x65\x72\55\x73\x74\171\154\x65\72\40\163\x6f\x6c\151\x64\73\x62\x6f\162\x64\x65\x72\x2d\x72\141\144\x69\x75\163\x3a\40\63\x70\170\73\x77\150\x69\x74\145\55\163\160\x61\x63\x65\72\x20\156\157\x77\162\141\x70\73\x62\157\x78\55\x73\x69\172\x69\156\x67\72\x20\142\157\162\144\145\162\x2d\x62\157\x78\x3b\142\x6f\x72\x64\x65\x72\x2d\143\x6f\x6c\x6f\162\x3a\40\43\60\60\67\x33\x41\x41\73\x62\157\170\x2d\x73\x68\141\144\x6f\x77\x3a\40\x30\x70\x78\40\x31\160\x78\40\x30\160\170\40\x72\x67\142\x61\x28\61\x32\60\x2c\x20\62\60\x30\54\40\x32\x33\60\54\x20\x30\x2e\x36\x29\40\x69\x6e\163\x65\164\x3b\143\x6f\154\x6f\162\x3a\40\x23\x46\106\106\x3b\x22\x74\171\x70\145\75\x22\142\x75\164\x74\157\x6e\x22\40\166\141\x6c\x75\x65\75\42\104\157\156\x65\x22\x20\x6f\x6e\x43\154\151\143\153\75\42\163\145\x6c\146\56\x63\x6c\157\x73\145\50\51\x3b\x22\x3e\74\x2f\x64\151\166\x3e";
exit;
ayC:
}
function addLink($Fl, $nC)
{
$eT = "\74\141\x20\150\162\x65\146\75\42" . $nC . "\42\x3e" . $Fl . "\74\x2f\x61\x3e";
return $eT;
}
function get_status_message($Qz)
{
switch ($Qz) {
case "\122\145\x71\165\x65\x73\164\x65\162":
return "\124\150\x65\40\x72\145\161\165\x65\x73\164\40\143\x6f\x75\x6c\144\40\156\x6f\x74\40\x62\x65\40\x70\145\x72\146\157\x72\155\x65\x64\40\x64\165\145\x20\164\x6f\40\141\x6e\40\x65\x72\162\157\162\x20\157\156\x20\164\x68\x65\x20\x70\141\162\x74\x20\x6f\146\x20\x74\150\x65\40\x72\145\161\x75\145\163\x74\145\162\x2e";
goto h3H;
case "\x52\x65\163\x70\157\156\x64\145\162":
return "\x54\150\145\x20\162\x65\x71\x75\x65\163\x74\x20\x63\157\165\x6c\x64\40\156\x6f\164\x20\x62\x65\40\x70\x65\x72\146\157\x72\155\x65\x64\40\144\165\145\40\164\157\x20\141\156\x20\x65\162\x72\x6f\x72\x20\157\x6e\40\164\150\x65\40\x70\141\x72\164\x20\157\x66\x20\x74\x68\145\x20\x53\101\x4d\114\40\162\x65\x73\x70\157\x6e\144\x65\162\40\157\162\x20\123\101\x4d\x4c\x20\x61\x75\x74\150\157\162\x69\164\x79\x2e";
goto h3H;
case "\x56\x65\162\163\151\x6f\x6e\x4d\151\x73\155\141\x74\143\x68":
return "\x54\150\x65\x20\x53\101\115\114\x20\162\145\x73\x70\x6f\x6e\x64\x65\162\40\x63\157\165\x6c\144\x20\156\157\164\x20\160\162\157\143\x65\163\163\x20\x74\x68\145\x20\162\145\161\165\145\x73\164\x20\x62\145\x63\141\x75\x73\x65\40\x74\150\x65\x20\166\145\x72\x73\x69\x6f\x6e\x20\157\146\40\164\x68\145\40\162\x65\161\x75\145\x73\x74\40\x6d\x65\x73\163\141\147\145\40\167\141\163\40\x69\x6e\143\x6f\x72\162\145\143\164\56";
goto h3H;
default:
return "\x55\x6e\x6b\156\157\x77\156";
}
vLH:
h3H:
}
function mo_saml_register_widget()
{
register_widget("\x6d\157\137\154\x6f\x67\151\156\137\167\x69\144");
}
function mo_saml_get_relay_state($HI)
{
if (!($HI == "\x74\145\163\164\x56\141\x6c\151\x64\141\164\145" || $HI == "\x74\145\x73\164\x4e\145\167\103\x65\x72\x74\151\146\151\143\141\x74\145")) {
goto VKL;
}
return $HI;
VKL:
if (get_option("\x6d\157\137\163\x61\x6d\x6c\137\x73\145\x6e\x64\x5f\x61\142\x73\x6f\x6c\165\164\145\137\x72\145\154\141\x79\x5f\x73\x74\141\x74\x65")) {
goto ufj;
}
$QA = parse_url($HI, PHP_URL_PATH);
if (!parse_url($HI, PHP_URL_QUERY)) {
goto cJy;
}
$Ew = parse_url($HI, PHP_URL_QUERY);
$QA = $QA . "\x3f" . $Ew;
cJy:
if (!parse_url($HI, PHP_URL_FRAGMENT)) {
goto AhF;
}
$Eq = parse_url($HI, PHP_URL_FRAGMENT);
$QA = $QA . "\x23" . $Eq;
AhF:
goto ehl;
ufj:
$PR = get_option("\155\157\x5f\x73\x61\155\x6c\137\143\x75\163\x74\x6f\155\x65\x72\137\164\x6f\153\x65\x6e");
$QA = AESEncryption::encrypt_data($HI, $PR);
ehl:
return $QA;
}
add_action("\167\151\144\x67\145\164\163\137\x69\156\x69\164", "\x6d\157\x5f\x73\x61\x6d\154\137\162\145\x67\x69\x73\164\x65\162\137\167\x69\x64\x67\x65\x74");
add_action("\x69\156\151\164", "\x6d\157\137\x6c\157\x67\151\156\137\x76\141\x6c\x69\x64\141\164\x65");
Function Calls
| None |
Stats
| MD5 | 7ae0d80a80c67f3f2b92a65628c05fff |
| Eval Count | 0 |
| Decode Time | 102 ms |