Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
/* Decoded by unphp.net */ <?php namespace Drupal\miniorange_oauth_client\Contr..
Decoded Output download
/* Decoded by unphp.net */
<?php
namespace Drupal\miniorange_oauth_client\Controller;
use Drupal\user\Entity\User;
use Drupal\Component\Utility\Html;
use Drupal\Core\Controller\ControllerBase;
use Drupal\miniorange_oauth_client\Utilities;
use Symfony\Component\HttpFoundation\Response;
use Drupal\miniorange_oauth_client\DBQueries;
use Drupal\Core\Url;
use Drupal\miniorange_oauth_client\appValues;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Drupal\miniorange_oauth_client\GrantTypes\HandleJWT;
use Drupal\miniorange_oauth_client\MiniorangeOAuthClientCustomer;
use Drupal\profile\Entity\Profile;
use Drupal\Core\Ajax\AjaxResponse;
use Drupal\Core\Ajax\OpenModalDialogCommand;
use Drupal\miniorange_oauth_client\GrantTypes\ImplicitGrant;
use Drupal\miniorange_oauth_client\MiniorangeOAuthRoleRestriction;
use Drupal\miniorange_oauth_client\mOOAuthLogout;
use Drupal\miniorange_oauth_client\mOUserRegistration;
use Drupal\profile\Entity\ProfileType;
use Drupal\Core\Entity\EntityStorageException;
class miniorange_oauth_clientController extends ControllerBase
{
public static function miniorange_oauth_client_mo_login()
{
$BG = \Drupal::service("session");
$mQ = \Drupal::moduleHandler();
$IR = \Drupal::service("current_route_match")->getParameter("app_name");
if (!(session_status() == PHP_SESSION_NONE)) {
goto vi;
}
session_start();
vi:
if (!(!empty($IR) && (new appValues($IR))->grantTypevalue == "implicit")) {
goto j2;
}
if (!(isset($_SERVER["QUERY_STRING"]) && !empty($_SERVER["QUERY_STRING"]))) {
goto Hi;
}
$Ww = $_GET;
Hi:
if (!(!isset($_COOKIE["login_query"]) && empty($_SERVER["QUERY_STRING"]))) {
goto KS;
}
echo "<script type="text/javascript">\xd\xa var qfragment = window.location.hash;\xd\xa const currentpath = window.location.protocol + window.location.pathname;
qfragment = qfragment.split("#")[1];
document.cookie = "login_query=" + qfragment;\xd\xa window.location.href = currentpath + "?" + qfragment;\xd
</script>";
exit;
KS:
if (!(isset($_COOKIE["login_query"]) && !empty($_COOKIE["login_query"]))) {
goto rv;
}
$AH = $_COOKIE["login_query"];
$IT = explode("&", $AH);
$Ww = [];
foreach ($IT as $wZ) {
$C3 = explode("=", $wZ);
if (!(sizeof($C3) > 1)) {
goto Ho;
}
$Ww[$C3[0]] = $C3[1];
Ho:
Ln:
}
Z9:
rv:
$mQ->invokeAll("mo_pre_auth_response_process", [$Ww]);
ImplicitGrant::validate_token_and_state($Ww);
$xM = isset($Ww["state"]) ? $Ww["state"] : '';
$KL = Utilities::decodeState($xM);
$GF = isset($KL["testsso"]) ? $KL["testsso"] === true ? true : false : false;
$tw = $BG->get("appname");
$PN = new appValues($tw);
$Qq = $PN->get_appType();
$U1 = $PN->loginflowtype;
if ($Qq == "Custom_Open_id" || $U1 == "OpenID") {
goto uK;
}
$d0 = isset($Ww["access_token"]) && !empty($Ww["access_token"]) ? $Ww["access_token"] : '';
goto bL;
uK:
$d0 = isset($Ww["id_token"]) && !empty($Ww["id_token"]) ? $Ww["id_token"] : '';
bL:
if (!(empty($d0) && isset($Ww["token"]) && !empty($Ww["token"]))) {
goto jY;
}
$d0 = $Ww["token"];
jY:
Utilities::save_tokens_in_cookie_and_session($Ww, new appValues($tw), $GF);
$Zi = new ImplicitGrant($tw);
return $Zi->mo_oauth_client_mo_login($PN, $d0, $Ww);
j2:
$mQ->invokeAll("mo_pre_auth_response_process", [$_GET]);
$rI = isset($_GET["code"]) ? $_GET["code"] : '';
$rI = Html::escape($rI);
$xM = isset($_GET["state"]) ? $_GET["state"] : '';
$xM = Html::escape($xM);
$KL = Utilities::decodeState($xM);
$GF = isset($KL["testsso"]) ? $KL["testsso"] === true ? true : false : false;
$IR = self::validate_code_and_state($rI, $xM, $GF);
$BG->remove("oauth2state");
$PN = new appValues($IR);
$Qq = $PN->get_appType();
$U1 = $PN->loginflowtype;
[$CK, $uE] = $Qq == "Custom_Open_id" || $U1 == "OpenID" ? self::implement_openid_flow($PN, $rI, '', $GF) : self::implement_oauth_flow($PN, $rI, '', $GF);
$N8 = self::flattenArray($uE);
if (!($GF || isset($_COOKIE["mo_testConfig"]))) {
goto IR;
}
self::Test_Configuration($N8, $PN->appName);
IR:
return self::performSSOinDrupal($uE, $N8, $PN, $CK, $xM);
}
public static function flattenArray($mu, $av = '')
{
$s0 = array();
foreach ($mu as $C3 => $wZ) {
$ZI = $av . $C3;
if (is_array($wZ)) {
goto qa;
}
$s0[$ZI] = $wZ;
goto ww;
qa:
$s0 = array_merge($s0, self::flattenArray($wZ, $ZI . ">"));
ww:
v5:
}
bc:
return $s0;
}
public static function mo_oauth_attr_map($dm, $Zw, $KP = "attr")
{
$uk = array();
foreach ($dm as $C3 => $wZ) {
if (!(!empty($wZ) && !empty($Zw[$C3]))) {
goto K9;
}
if (array_key_exists($wZ, $uk) && $KP == "role") {
goto FW;
}
$uk[trim($wZ, " ")] = $Zw[$C3];
goto SO;
FW:
if ($uk[$wZ][-1] != ";") {
goto W2;
}
$uk[trim($wZ, " ")] = $uk[$wZ] . $Zw[$C3];
goto F5;
W2:
$uk[trim($wZ, " ")] = $uk[$wZ] . ";" . $Zw[$C3];
F5:
SO:
K9:
St:
}
Jy:
return $uk;
}
public static function to_explode_semicolon($wh)
{
$YQ = array();
foreach ($wh as $C3 => $vi) {
$vi = explode(";", $vi);
$YQ[$C3] = $vi;
za:
}
Z7:
return $YQ;
}
public static function create_profile($Pv, $nV, $PN)
{
if (\Drupal::service("module_handler")->moduleExists("profile")) {
goto fH;
}
return new Response();
fH:
$XZ = $PN->enable_profile_mapping;
if ($XZ) {
goto T9;
}
return new Response();
T9:
$mM = $PN->profile_entity_type;
$P3 = isset($nV->toArray()[$mM . "_profiles"][0]) ? $nV->toArray()[$mM . "_profiles"][0]["target_id"] : NULL;
$sa = ProfileType::load($mM);
$nt = $sa->toArray()["roles"];
$yw = $nV->getRoles();
if (!(!empty(array_intersect($nt, $yw)) || empty($nt))) {
goto N2;
}
if (!is_null($P3)) {
goto j9;
}
try {
$Y_ = Profile::create(["type" => $mM, "uid" => $nV->id(), "field_agree_terms" => 1]);
$Y_->save();
$P3 = $Y_->toArray()["profile_id"][0]["value"];
} catch (EntityStorageException $ia) {
\Drupal::logger("miniorange_oauth_client")->notice("EntityStorageException: Error while creating and saving the profile type.");
}
j9:
if (empty($Pv)) {
goto c7;
}
foreach ($Pv as $C3 => $wZ) {
$Y_ = Profile::load($P3);
$Y_->set($C3, $wZ);
da:
}
SM:
$Y_->save();
c7:
N2:
}
public static function perform_role_mapping($PN, $Tc, $nV, $rq, $NC = '')
{
$F6 = $PN->get_roleAttribute();
$dX = $PN->get_enableRolemapping();
$TF = $PN->get_disableRoleUpdate();
$w4 = $PN->get_roleMap();
$w4 = !empty($w4) ? $w4 : array();
$d7 = array();
$tK = array();
foreach ($w4 as $C3) {
if (!($C3["user_sp_role_name"] != '' && $C3["user_idp_role_name"] != '')) {
goto EQ;
}
array_push($d7, $C3["user_sp_role_name"]);
array_push($tK, $C3["user_idp_role_name"]);
EQ:
m2:
}
E3:
$HQ = self::mo_oauth_attr_map($d7, $tK, "role");
$Ds = array();
if (!is_array($rq) && !empty($rq)) {
goto NH;
}
$Ds = is_array($rq) ? $rq : [];
goto p0;
NH:
$rq = str_replace(["[", "]"], '', $rq);
$rq = explode(",", $rq);
foreach ($rq as $C3 => $wZ) {
$Ds[] = str_replace(""", '', trim($wZ));
va:
}
pH:
p0:
if (!($dX && !is_null($F6) && !empty($F6))) {
goto SF;
}
$Cg = $nV->getRoles();
if ($TF) {
goto Rt;
}
foreach ($Cg as $C3 => $wZ) {
if (in_array($wZ, array_keys($HQ))) {
goto Hg;
}
if (!($wZ != $PN->get_defaultRole())) {
goto ZJ;
}
$nV->removeRole($wZ);
$nV->save();
ZJ:
Hg:
tw:
}
H8:
Rt:
foreach ($HQ as $C3 => $wZ) {
$eB = FALSE;
$K4 = explode(";", $wZ);
foreach ($K4 as $Kr => $sQ) {
if (strpos($sQ, "&") !== false) {
goto pw;
}
if (!in_array($sQ, $Ds)) {
goto tv;
}
$eB = TRUE;
goto Kh;
tv:
goto N1;
pw:
$l0 = true;
$Kf = explode("&", $sQ);
foreach ($Kf as $l2 => $DD) {
if (in_array($DD, $Ds)) {
goto p7;
}
$l0 = false;
goto ZR;
p7:
Fq:
}
ZR:
$eB = $l0 ? TRUE : FALSE;
if (!$eB) {
goto TS;
}
goto Kh;
TS:
N1:
fi:
}
Kh:
if ($eB && $C3 != "authenticated") {
goto Ud;
}
$nV->removeRole($C3);
$nV->save();
goto kf;
Ud:
$nV->addRole($C3);
$nV->save();
kf:
Er:
}
U6:
SF:
}
public static function getToken($FD, $ok, $DT, $sm, $rI, $eu, $QE, $FL, $IR, $GF = false, $YI = '')
{
$base_url = \Drupal::request()->getSchemeAndHttpHost() . \Drupal::request()->getBasePath();
$BG = \Drupal::service("session");
$PN = new appValues($IR);
$Wy = array();
$KM = $PN->scope;
if ($ok == "authorization_code_with_pkce") {
goto LW;
}
if ($ok == "refresh_token") {
goto aR;
}
if ($QE && !$FL) {
goto T1;
}
if (!$QE && $FL) {
goto X5;
}
$Wy = Utilities::callService($FD, "redirect_uri=" . urlencode($eu) . "&grant_type=" . $ok . "&client_id=" . urlencode($DT) . "&client_secret=" . urlencode($sm) . "&code=" . $rI, array("Authorization" => "Basic " . base64_encode($DT . ":" . $sm), "Accept" => "application/json", "Content-Type" => "application/x-www-form-urlencoded"), '', $GF);
goto oq;
X5:
$Wy = Utilities::callService($FD, "redirect_uri=" . urlencode($eu) . "&grant_type=" . $ok . "&client_id=" . urlencode($DT) . "&client_secret=" . urlencode($sm) . "&code=" . $rI, array("Accept" => "application/json", "Content-Type" => "application/x-www-form-urlencoded"), '', $GF);
oq:
goto CQ;
T1:
$Wy = Utilities::callService($FD, "redirect_uri=" . urlencode($eu) . "&grant_type=" . $ok . "&code=" . $rI, array("Authorization" => "Basic " . base64_encode($DT . ":" . $sm), "Accept" => "application/json", "Content-Type" => "application/x-www-form-urlencoded"), '', $GF);
CQ:
goto s7;
LW:
$NZ = $BG->get("codeVerifier");
$BG->remove("codeVerifier");
$Wy = Utilities::callService($FD, "redirect_uri=" . urlencode($eu) . "&grant_type=authorization_code" . "&code=" . $rI . "&code_verifier=" . $NZ . "&client_id=" . urlencode($DT), array("Accept" => "application/json", "Content-Type" => "application/x-www-form-urlencoded", "Origin" => $base_url), '', $GF);
goto s7;
aR:
$MY = [];
$p5 = "redirect_uri=" . urlencode($eu) . "&grant_type=" . $ok . "&refresh_token=" . $YI;
if (!$QE) {
goto zs;
}
$MY = ["Authorization" => "Basic " . base64_encode($DT . ":" . $sm), "Accept" => "application/json", "Content-Type" => "application/x-www-form-urlencoded"];
zs:
if (!$FL) {
goto j_;
}
$p5 = $p5 . "&client_id=" . urlencode($DT) . "&client_secret=" . urlencode($sm);
j_:
$Wy = Utilities::callService($FD, $p5, $MY, '', $GF);
s7:
$HP = json_decode($Wy, true);
if (isset($HP["access_token"]) || isset($HP["id_token"])) {
goto iy;
}
\Drupal::logger("miniorange_oauth_client")->error("Invalid response received while fetching access token from url-<br> {$FD} <br><br> Response => <pre><code>" . print_r($HP, TRUE) . "<pre><code>");
if ($ok == "refresh_token") {
goto CV;
}
if ($GF) {
goto fl;
}
Utilities::anonymousRedirect('', '', "Something went wrong, Please contact the site administrator.");
goto u8;
CV:
\Drupal::logger("mo_session_manager")->warning("access token renewal failed.<br> response = '%response' ", ["%response" => print_r($HP, TRUE)]);
goto u8;
fl:
Utilities::show_error_message_testconfig("Invalid response received while fetching access token from url-<br>{$FD} <br><br> Response => <pre><code>" . print_r($HP, TRUE) . "<pre><code>");
u8:
iy:
Utilities::save_tokens_in_cookie_and_session($HP, new appValues($IR), $GF);
return $HP;
}
public static function validate_code_and_state($rI, $xM, $GF)
{
$BG = \Drupal::service("session");
if (empty($rI)) {
goto Uw;
}
if (empty($xM)) {
goto wp;
}
$IR = '';
$xM = Utilities::decodeState($xM);
if (!empty($BG->get("appname"))) {
goto FB;
}
if (!(isset($xM["appname"]) && !empty($xM["appname"]))) {
goto Kg;
}
$IR = $xM["appname"];
Kg:
goto Hj;
FB:
$IR = $BG->get("appname");
Hj:
if (!empty($IR)) {
goto xQ;
}
\Drupal::logger("miniorange_oauth_client")->error("Invalid state parameter");
if ($GF) {
goto R_;
}
Utilities::anonymousRedirect();
goto Ys;
R_:
Utilities::show_error_message_testconfig("Invalid state parameter");
Ys:
xQ:
goto Og;
Uw:
\Drupal::logger("miniorange_oauth_client")->error("<pre><code>" . print_r($_GET, true) . "<pre><code>");
if ($GF) {
goto T0;
}
Utilities::anonymousRedirect();
goto Ru;
T0:
Utilities::show_error_message_testconfig("<pre><code>" . print_r($_GET, true) . "<pre><code>");
Ru:
goto Og;
wp:
$lD = DBQueries::get_all_app_names_with_oauth_login_enabled();
return $lD[0]->app_name;
Og:
return $IR;
}
public static function implement_openid_flow($PN, $tX = '', $JK = '', $GF = false)
{
$rI = $tX;
$do = $PN->get_valuesInHeader();
$dG = $PN->get_valuesInBody();
$ok = $PN->grantTypevalue;
$rI = $tX;
$qO = Utilities::getCallbackUrl($PN->appName);
if (!(!$do == TRUE || !$do == 1)) {
goto zv;
}
$do = false;
zv:
if (!(!$dG == TRUE || !$dG == 1)) {
goto cm;
}
$dG = false;
cm:
if ($ok == "password") {
goto BR;
}
$CK = self::getToken($PN->get_accessTokenEndpoint(), $ok, $PN->get_clientId(), $PN->get_clientSecret(), $rI, $qO, $do, $dG, $PN->appName, $GF);
goto QY;
BR:
$CK = $JK->getToken($PN, $GF);
QY:
if (isset($CK["id_token"])) {
goto h1;
}
\Drupal::logger("miniorange_oauth_client")->error("The OAuth response doesn't contain an ID token. Please try selecting 'OAuth 2.0 Application' from the 'Select Application Type' radio button, if it contains an access token.<br><br><b>Response : </b><pre><code>" . print_r($CK, true) . "</code></pre>");
if ($GF) {
goto Cy;
}
Utilities::anonymousRedirect('', '', "Something went wrong, Please contact the site administrator.");
goto h6;
Cy:
Utilities::show_error_message_testconfig("The OAuth response doesn't contain an ID token. Please try selecting 'OAuth 2.0 Application' from the 'Select Application Type' radio button, if it contains an access token.<br><br><b>Response : </b><pre><code>" . print_r($CK, true) . "</code></pre>");
h6:
h1:
$H6 = new HandleJWT($PN, $CK["id_token"], $GF);
$uE = $H6->getUserAttributesFromIDToken();
return [$CK, $uE];
}
public static function implement_oauth_flow($PN, $tX = '', $JK = '', $GF = false)
{
$do = $PN->get_valuesInHeader();
$dG = $PN->get_valuesInBody();
$BS = $PN->appName;
$ok = $PN->grantTypevalue;
$rI = $tX;
$qO = Utilities::getCallbackUrl($PN->appName);
$hR = \Drupal::config("miniorange_oauth_client.settings")->get("miniorange_oauth_client_group_info_ep_" . $BS);
if (!(!$do == TRUE || !$do == 1)) {
goto vb;
}
$do = false;
vb:
if (!(!$dG == TRUE || !$dG == 1)) {
goto XD;
}
$dG = false;
XD:
if ($ok == "password" && !empty($JK)) {
goto LI;
}
$CK = self::getToken($PN->get_accessTokenEndpoint(), $ok, $PN->get_clientId(), $PN->get_clientSecret(), $rI, $qO, $do, $dG, $BS, $GF);
goto qP;
LI:
$CK = $JK->getToken($PN, $GF);
qP:
if (isset($CK["access_token"])) {
goto Lc;
}
\Drupal::logger("miniorange_oauth_client")->error("The OAuth response doesn't contain an access token. Please try selecting 'OpenID Connect Application' from the 'Select Application Type' radio button, if it contains an ID token.<br><br><b>Response : </b><pre><code>" . print_r($CK, true) . "</code></pre>");
if ($GF) {
goto RM;
}
Utilities::anonymousRedirect('', '', "Something went wrong, Please contact the site administrator.");
goto TL;
RM:
Utilities::show_error_message_testconfig("The OAuth response doesn't contain an access token. Please try selecting 'OpenID Connect Application' from the 'Select Application Type' radio button, if it contains an ID token.<br><br><b>Response : </b><pre><code>" . print_r($CK, true) . "</code></pre>");
TL:
goto vs;
Lc:
$qf = $CK["access_token"];
vs:
$GW = $PN->get_userInfoEndpoint();
if (!(substr($GW, -1) == "=")) {
goto tS;
}
$GW .= $qf;
tS:
$uE = self::getResourceOwner($GW, $qf, $GF);
if (empty($hR)) {
goto xq;
}
$vD = Utilities::getGroupsInfo($hR, $qf, $GF);
$vD = !empty($vD) ? $vD : [];
$uE = array_merge($uE, $vD);
xq:
return [$CK, $uE];
}
public static function final_redirect_url_after_login($xM, $M0, $T2)
{
$xM = Utilities::decodeState($xM);
$AV = '';
if (isset($xM["destination"]) && !empty($xM["destination"])) {
goto US;
}
if (isset($xM["restrictedpagedestination"]) && !empty($xM["restrictedpagedestination"])) {
goto v6;
}
if ($M0 != '') {
goto p5;
}
if (isset($xM["referer"]) && !empty($xM["referer"])) {
goto B5;
}
$AV = Url::fromRoute("entity.user.canonical", ["user" => $T2])->toString();
goto BO;
B5:
$AV = $xM["referer"];
BO:
goto lN;
p5:
$AV = $M0;
lN:
goto VP;
v6:
$AV = $xM["restrictedpagedestination"];
VP:
goto Eg;
US:
$AV = $xM["destination"];
Eg:
return $AV;
}
public static function performSSOinDrupal($uE, $N8, $PN, $CK, $xM = '')
{
$BG = \Drupal::service("session");
$mQ = \Drupal::moduleHandler();
$BU = \Drupal::config("miniorange_oauth_client.settings");
$mQ->invokeAll("mo_pre_user_load", [$uE, $CK]);
$GN = '';
$gL = '';
$el = '';
$q1 = '';
if (empty($PN->get_emailAttr())) {
goto V0;
}
$gL = $PN->get_emailAttr();
V0:
if (empty($PN->get_nameAttr())) {
goto Ic;
}
$GN = $PN->get_nameAttr();
Ic:
if (!(!empty($gL) && isset($N8[$gL]))) {
goto Tt;
}
$q1 = $N8[$gL];
Tt:
if (!($GN != "Select" && isset($N8[$GN]))) {
goto CZ;
}
$el = $N8[$GN];
CZ:
$w8 = $BU->get("miniorange_oauth_client_load_user");
if (!($w8 == "Email" && empty($q1))) {
goto hv;
}
Utilities::save_SSO_report_data("FAILURE. Email not mapped", $PN->appName, $el ? $el : "-", "-");
Utilities::show_sso_error_message("Email address not received.", "Please ensure Email Attribute field is configured properly in the Attribute & Role Mapping tab of the module.");
hv:
if (!($w8 == "Username" && empty($el))) {
goto et;
}
Utilities::save_SSO_report_data("FAILURE. Username not mapped", $PN->appName, $el ? $el : "-", "-");
Utilities::show_sso_error_message("Username not received.", "Please ensure Username Attribute field is configured properly in the Attribute & Role Mapping tab of the module.");
et:
$gw = Utilities::Is_Restricted_Domain($q1);
if (!$gw) {
goto i8;
}
Utilities::save_SSO_report_data("FAILURE. Domain Restricted", $PN->appName, $el ? $el : "-", $q1);
Utilities::anonymousRedirect('', "A user (email - <i>" . $q1 . "</i>, username - <i>" . $el . "</i>) with restricted domain is attemping to login", "You are not allowed to login to this site, please contact the site administrator.");
i8:
self::is_role_allowed($PN, $uE);
if ($w8 == "Email") {
goto W4;
}
if ($w8 == "Username") {
goto eX;
}
goto uY;
W4:
$nV = user_load_by_mail($q1);
goto uY;
eX:
$nV = user_load_by_name($el);
uY:
$dX = $PN->get_enableRolemapping();
$HN = $PN->get_defaultRole();
if (!empty($el)) {
goto r5;
}
$el = $q1;
r5:
$sw = $BU->get("miniorange_oauth_require_profile_field");
if (!empty($nV->uid)) {
goto Cm;
}
$mQ->invokeAll("mo_pre_user_register", [$uE]);
$Cb = new mOUserRegistration($PN->autocreateuser, $PN->create_disable_user, $PN->redirect_disable, $PN->redirect_unregister, $el, $q1, $dX, $HN, $PN->appName);
$nV = $Cb->create_new_user($uE);
Cm:
$nV = User::load($nV->id());
$mQ->invokeAll("mo_post_user_load", [$nV, $uE, $CK]);
if ($nV->isActive()) {
goto zc;
}
$EA = $BU->get("miniorange_oauth_activate_users");
if ($EA) {
goto kw;
}
Utilities::anonymousRedirect($PN->redirect_disable, '', "The username <i>" . $nV->getAccountName() . "</i> has not been activated or is blocked.");
goto UF;
kw:
$nV->set("status", TRUE);
$nV->save();
\Drupal::logger("miniorange_oauth_client")->notice("The username <i>" . $nV->getAccountName() . "</i> has been activated");
UF:
zc:
$G7 = $BU->get("miniorange_oauth_restrict_sso_for_admin");
if (!($G7 && $nV->hasRole("administrator"))) {
goto yB;
}
Utilities::anonymousRedirect($PN->redirect_disable, "A user with administrator Role is attemping SSO", "Something went wrong, Please contact the site administrator.");
yB:
self::perform_attribute_mapping($nV, $PN, $N8);
self::implement_role_mapping($nV, $PN, $uE);
self::perform_profile_mapping($nV, $PN, $uE);
self::perform_group_mapping($nV, $PN, $uE);
$mQ->invokeAll("mo_post_mapping", [$nV, $uE, $CK]);
$AV = self::final_redirect_url_after_login($xM, $PN->redirect_after_login, $nV->id());
Utilities::save_SSO_report_data("SUCCESS", $PN->appName, $el, $q1, $AV);
$BG->set("mo_sso_session", true);
$BG->set("appname", $PN->appName);
if (!($PN->sendidtokeninslorequest && isset($CK["id_token"]))) {
goto k8;
}
$BG->set("mo_id_token", $CK["id_token"]);
k8:
$WT = array();
$WT["redirect"] = $AV;
user_login_finalize($nV);
$BG->set("mo_sso_session", true);
$BG->set("appname", $PN->appName);
$mQ->invokeAll("mo_post_user_login", [&$nV, $uE]);
$mQ->invokeAll("mo_oauth_user_token", [&$nV, $CK, $AV]);
if (!($sw == 1 && !Utilities::check_for_redirect_to_user_profile_form($q1))) {
goto rN;
}
Utilities::redirect_to_profile_form($nV->id());
rN:
$Wy = new RedirectResponse($WT["redirect"]);
\Drupal::service("page_cache_kill_switch")->trigger();
return $Wy;
}
public static function is_role_allowed($PN, $uE)
{
$wS = $PN->enable_role_based_restriction;
$hm = $PN->role_restriction_attrname;
$SM = $PN->list_of_roles;
$v6 = $PN->typeof_role_restriction;
$TI = $PN->redirect_url_for_role_restriction;
if (!($wS && $SM && $v6 && $hm)) {
goto VV;
}
$Jh = new MiniorangeOAuthRoleRestriction($uE, $hm, $SM, $TI);
if ($v6 === "whitelist") {
goto tR;
}
$Jh->validate_blacklisted_role_restriction();
goto hS;
tR:
$Jh->validate_whitelisted_role_restriction();
hS:
VV:
return new Response();
}
public static function perform_attribute_mapping($nV, $PN, $uE)
{
$at = $PN->get_attributeMap();
$at = !empty($at) ? $at : array();
$dm = array();
$Zw = array();
foreach ($at as $C3) {
if (!($C3["machine_name"] != '' && $C3["attribute_name"] != '')) {
goto n0;
}
array_push($Zw, $C3["machine_name"]);
array_push($dm, $C3["attribute_name"]);
n0:
Tv:
}
xo:
$a2 = self::mo_oauth_attr_map($dm, $Zw);
$Au = array();
if (!(isset($a2) && !empty($a2))) {
goto fk;
}
foreach ($a2 as $Kr => $sQ) {
if (!isset($uE[$Kr])) {
goto wo;
}
$Au[$sQ] = $uE[$Kr];
wo:
YH:
}
Gp:
foreach ($Au as $C3 => $wZ) {
$nV->{$C3} = $wZ;
$nV->save();
aE:
}
cw:
fk:
}
public static function implement_role_mapping($nV, $PN, $uE)
{
$A0 = $PN->get_roleAttribute();
if (!(isset($A0) && !empty($A0))) {
goto dT;
}
$rq = self::getnestedattribute($uE, $A0);
if (is_null($nV)) {
goto fV;
}
self::perform_role_mapping($PN, $uE, $nV, $rq, $PN->appName);
fV:
dT:
}
public static function perform_profile_mapping($nV, $PN, $uE)
{
$NG = $PN->get_profileMap();
$NG = !empty($NG) ? $NG : array();
$b3 = array();
$Qg = array();
if (empty($NG)) {
goto RO;
}
foreach ($NG as $C3) {
if (!($C3["user_profile_field_name"] != '' && $C3["user_profile_idp_attribute_name"] != '')) {
goto mM;
}
array_push($b3, $C3["user_profile_field_name"]);
array_push($Qg, $C3["user_profile_idp_attribute_name"]);
mM:
Tm:
}
pY:
$Pr = self::mo_oauth_attr_map($b3, $Qg, "role");
$Ao = array();
if (!(isset($Pr) && !empty($Pr))) {
goto rn;
}
$Pr = self::to_explode_semicolon($Pr);
foreach ($Pr as $C3 => $vi) {
$yl = array();
foreach ($vi as $wZ) {
if (!array_key_exists($wZ, $uE)) {
goto vo;
}
array_push($yl, $uE[$wZ]);
vo:
P_:
}
D4:
$Ao[$C3] = $yl;
Wb:
}
GT:
self::create_profile($Ao, $nV, $PN);
rn:
RO:
}
public static function perform_group_mapping($nV, $PN, $uE)
{
$Ji = $PN->enablegroupmapping;
$bv = $PN->keepExistingGroups;
$a7 = $PN->groupAttribute;
$mp = !empty($PN->groupmap) ? json_decode($PN->groupmap, true) : [];
$IH = '';
if (empty($a7)) {
goto jS;
}
$IH = self::getnestedattribute($uE, $a7);
jS:
$TH = [];
if (!is_array($IH) && !empty($IH)) {
goto Cu;
}
$TH = is_array($IH) ? $IH : [];
goto bz;
Cu:
$IH = str_replace(["[", "]"], '', $IH);
$IH = explode(",", $IH);
foreach ($IH as $C3 => $wZ) {
$TH[] = str_replace(""", '', trim($wZ));
Rs:
}
EI:
bz:
$DI = [];
$FB = [];
foreach ($mp as $C3) {
if (empty(trim($C3["oauth_server_attrs"]))) {
goto oH;
}
array_push($DI, $C3["group_name"]);
array_push($FB, $C3["oauth_server_attrs"]);
oH:
VO:
}
rO:
$YN = self::mo_oauth_attr_map($DI, $FB, "role");
if (!($Ji && is_array($TH) && !empty($YN) && $nV)) {
goto by;
}
foreach ($YN as $C3 => $wZ) {
$Kt = false;
$Nn = \Drupal::entityTypeManager()->getStorage("group");
$CP = $Nn->load($C3);
if (!$CP) {
goto aT;
}
if (!$CP->getMember($nV)) {
goto he;
}
$Kt = true;
he:
$us = explode(";", $wZ);
if (!empty(array_intersect($TH, $us))) {
goto HO;
}
if (!($Kt && !$bv)) {
goto wz;
}
$CP->removeMember($nV);
$CP->save();
wz:
goto uH;
HO:
if ($CP->getMember($nV)) {
goto dp;
}
$CP->addMember($nV);
$CP->save();
dp:
uH:
aT:
fg:
}
vE:
by:
}
public static function Test_Configuration($uE, $IR)
{
$s9 = \Drupal::service("extension.list.module")->getPath("miniorange_oauth_client");
$base_url = \Drupal::request()->getSchemeAndHttpHost() . \Drupal::request()->getBasePath();
setrawcookie("mo.testConfig", true, \Drupal::time()->getRequestTime() - 300, "/");
$Yu = isset($uE["email"]) ? $uE["email"] : "User";
$H3 = '';
Utilities::show_attr($uE, $H3, 0, '', "<tr style="text-align:center;">", "<td style='font-weight:bold;padding:2%;border:2px solid #949090; word-wrap:break-word;'>");
$cK = is_array($uE) ? json_encode($uE) : '';
\Drupal::configFactory()->getEditable("miniorange_oauth_client.settings")->set("miniorange_oauth_client_attr_list_from_server_" . $IR, $cK)->save();
$ns = [];
if (!is_array($uE)) {
goto Dq;
}
$ns = array_combine(array_keys($uE), array_keys($uE));
Dq:
$ns = is_array($ns) ? json_encode($ns) : '';
\Drupal::configFactory()->getEditable("miniorange_oauth_client.settings")->set("miniorange_oauth_client_attr_list_from_server_mapping_" . $IR, $ns)->save();
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #3c763d;background-color: #dff0d8; padding:2%;margin-bottom:20px;text-align:center; border:1px solid #AEDB9A;
\xa font-size:15pt;">
TEST SUCCESSFUL\xd
</div>\xd\xa <div style="display:block;text-align:center;margin-bottom:4%;">\xd\xa <img style="width:15%;"src="" . $base_url . "/" . $s9 . "/assets/img/green_check.png">
\xa </div>";
echo "<span style="font-size:13pt;"><b>Hello</b>, " . $Yu . "</span><br/>\xd
<p style="font-weight:bold;font-size:13pt;margin-left:1%;">ATTRIBUTES RECEIVED:</p>
\xa <table style="border-collapse:collapse;border-spacing:0; display:table;width:100%; font-size:13pt;background-color:#EDEDED;">\xd\xa <tr style="text-align:center;">
<td style="font-weight:bold;border:2px solid #949090;padding:2%;">ATTRIBUTE NAME</td>
\xa <td style="font-weight:bold;padding:2%;border:2px solid #949090; word-wrap:break-word;">ATTRIBUTE VALUE</td>\xd\xa </tr>";
echo $H3;
echo "</table></div>";
echo "<div style="margin:3%;display:block;text-align:center;">
<input style="padding:1%;width:37%;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;\xd
border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;
\xa box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Configure Attribute/Role Mapping"\xd\xa onClick="close_and_redirect();">\xd
\xd\xa <input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;\xd\xa border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;
\xa box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();">\xd
</div>
<script>
function close_and_redirect(){\xd
window.opener.location.href = "" . Url::fromRoute("miniorange_oauth_client.mapping")->toString() . "";\xd
self.close();
}
\xa </script>";
exit;
}
public static function getResourceOwner($GW, $FZ, $GF = false)
{
$Wy = Utilities::callService($GW, NULL, array("Authorization" => "Bearer " . $FZ), "GET", $GF);
$HP = json_decode($Wy, true);
if (isset($HP["error_description"])) {
goto TQ;
}
if (!isset($HP["error"])) {
goto ng;
}
if (is_array($HP["error"])) {
goto E2;
}
echo $HP["error"];
goto qv;
E2:
print_r($HP["error"]);
qv:
exit;
ng:
goto uI;
TQ:
if (is_array($HP["error_description"])) {
goto vA;
}
echo $HP["error_description"];
goto n_;
vA:
print_r($HP["error_description"]);
n_:
exit;
uI:
return $HP;
}
public static function testattrmappingconfig($zm, $rh)
{
foreach ($rh as $C3 => $Dp) {
if (is_array($Dp) || is_object($Dp)) {
goto C5;
}
echo "<tr style='text-align:center;'><td style='font-weight:bold;border:2px solid #949090;padding:2%;'>";
if (empty($zm)) {
goto Zb;
}
echo $zm . ".";
Zb:
echo $C3 . "</td><td style='font-weight:bold;padding:2%;border:2px solid #949090; word-wrap:break-word;'>" . $Dp . "</td></tr>";
goto Bx;
C5:
if (empty($zm)) {
goto xO;
}
$zm .= ".";
xO:
self::testattrmappingconfig($zm . $C3, $Dp);
Bx:
Qb:
}
Xz:
return new Response();
}
public static function getnestedattribute($Dp, $C3)
{
if (isset($C3)) {
goto yd;
}
return '';
yd:
$YR = explode(">", $C3);
$U8 = '';
if (sizeof($YR) > 1) {
goto sT;
}
$U8 = $YR[0];
if (isset($Dp[$U8]) && !is_array($Dp[$U8])) {
goto wN;
}
if (!isset($Dp[$U8])) {
goto BB;
}
return self::extractLeafNodes($Dp[$U8]);
BB:
goto Mm;
wN:
return $Dp[$U8];
Mm:
goto OD;
sT:
$U8 = $YR[0];
if (!isset($Dp[$U8])) {
goto Ca;
}
return self::getnestedattribute($Dp[$U8], str_replace($U8 . ">", '', $C3));
Ca:
OD:
}
public static function extractLeafNodes($mu)
{
$s0 = array();
foreach ($mu as $C3 => $wZ) {
if (is_array($wZ)) {
goto rd;
}
$s0[] = $wZ;
goto Y1;
rd:
$s0 = array_merge($s0, self::extractLeafNodes($wZ));
Y1:
Aj:
}
cP:
return $s0;
}
public static function mo_oauth_client_initiateLogin($GF = false, $fn = '')
{
\Drupal::service("page_cache_kill_switch")->trigger();
Utilities::checkUpgradeUrlStatus();
$mQ = \Drupal::moduleHandler();
if (isset($_GET["appname"]) && !empty($_GET["appname"])) {
goto eV;
}
$pW = \Drupal::config("miniorange_oauth_client.settings")->get("auto_redirect_app_name");
goto ZQ;
eV:
$pW = trim(Html::escape($_GET["appname"]));
ZQ:
$PN = new appValues($pW);
$Gz = $PN->getAllConfig();
$qO = Utilities::getCallbackUrl($pW);
$mh = $Gz["authorizeEndpoint"];
$xM = Utilities::generateState($Gz["appName"], $fn, $GF);
$ok = $Gz["grantTypevalue"];
if (!($ok == "implicit")) {
goto ey;
}
$mc = new ImplicitGrant($Gz["appName"]);
$mc->mo_oauth_client_initiateLogin($PN, $fn, $GF);
ey:
if (strpos($mh, "?") !== false) {
goto Zt;
}
$mh = $mh . "?client_id=" . $PN->get_clientId() . "&scope=" . $Gz["scope"] . "&redirect_uri=" . $qO . "&response_type=code&state=" . $xM;
goto td;
Zt:
$mh = $mh . "&client_id=" . $PN->get_clientId() . "&scope=" . $Gz["scope"] . "&redirect_uri=" . $qO . "&response_type=code&state=" . $xM;
td:
if (!(session_status() == PHP_SESSION_NONE)) {
goto zF;
}
session_start();
zF:
$BG = \Drupal::service("session");
$BG->set("oauth2state", $xM);
$BG->set("appname", $Gz["appName"]);
if (!($ok == "authorization_code_with_pkce")) {
goto GP;
}
$Vh = random_bytes(64);
$NZ = rtrim(strtr(base64_encode($Vh), "+/", "-_"), "=");
$mb = hash("sha256", $NZ, true);
$ja = rtrim(strtr(base64_encode($mb), "+/", "-_"), "=");
$mh = $mh . "&code_challenge=" . $ja . "&code_challenge_method=S256";
$BG->set("codeVerifier", $NZ);
GP:
$mQ->invokeAll("mo_pre_authorization_request", [&$mh, $_GET]);
$Wy = new RedirectResponse($mh);
$Wy->send();
exit;
}
public static function test_mo_config()
{
setrawcookie("mo.testConfig", true, \Drupal::time()->getRequestTime() + 300, "/");
miniorange_oauth_clientController::miniorange_oauth_client_mologin("testOAuthConfig");
}
public static function miniorange_oauth_client_mologin($fn = '')
{
$C_ = \Drupal::request();
$BU = \Drupal::config("miniorange_oauth_client.settings");
$cM = $BU->get("miniorange_oauth_client_customer_admin_fraud_check");
$lp = $BU->get("miniorange_oauth_client_customer_admin_token");
$ql = $BU->get("miniorange_oauth_client_customer_admin_email");
$BX = $BU->get("miniorange_oauth_client_license_key");
$J9 = $BU->get("auto_redirect_app_name");
$OS = $BU->get("miniorange_oauth_isMultiSitePluginRequested") == true;
$nd = $BU->get("mo_last_license_fetch_time");
$Yb = time();
if (!($Yb - $nd > 604800)) {
goto yh;
}
self::moOAuthLicenseFetch(true);
yh:
$yg = \Drupal::state()->get("miniorange_oauth_is_trial");
$L0 = $BU->get("miniorange_oauth_licenseExpiry") ?? '';
$BS = $C_->query->get("appname", $J9);
$P6 = DBQueries::get_all_apps_from_db();
$l3 = in_array($BS, $P6) ? (new appValues($BS))->enable_login_with_oauth : 0;
$iO = Utilities::check_fraud();
if (empty($ql)) {
goto nf;
}
if (empty($BX)) {
goto d_;
}
if (!$OS && ($iO !== Utilities::decrypt_data($cM, $lp) && $iO !== Utilities::decrypt_data($cM, $lp, "AES-128-ECB"))) {
goto aL;
}
if ($yg && (!$L0 || strtotime($L0) < $Yb)) {
goto Pv;
}
if ($fn === "testOAuthConfig" && isset($_GET["appname"]) && !empty($_GET["appname"])) {
goto AZ;
}
if ($fn !== "testOAuthConfig" && $l3) {
goto BA;
}
Utilities::show_sso_error_message("Configurations not found or Login using OAuth provider is disabled.", "Please ensure the SSO or Test Connection URL is correct and Login with OAuth is enabled.");
goto gN;
nf:
Utilities::show_sso_error_message("It appears that you are not logged into the module.", "Please log in to the module.");
goto gN;
d_:
Utilities::show_sso_error_message("It appears that you have not verified your license key", "Please verify your license key.");
goto gN;
aL:
Utilities::show_sso_error_message("The license key you have entered has already been used.", "Please enter a key which has not been used before on any other instance or if you have exhausted all your keys, you can purchase more licenses.");
goto gN;
Pv:
Utilities::show_sso_error_message("Your trial license has expired on " . date("l M j, Y", strtotime($L0)), ". Reach out to us at <a href="mailto::[email protected]">[email protected]</a> to upgrade your license.");
goto gN;
AZ:
return self::mo_oauth_client_initiateLogin(true);
goto gN;
BA:
return self::mo_oauth_client_initiateLogin(false, $fn);
gN:
}
public function oauth_client_logout()
{
$eK = new mOOAuthLogout();
return $eK->mo_oauth_logout();
}
public static function openCustomerRequestForm()
{
$Wy = new AjaxResponse();
$wn = \Drupal::formBuilder()->getForm("\Drupal\miniorange_oauth_client\Form\MiniorangeCustomerRequest");
$Wy->addCommand(new OpenModalDialogCommand("miniOrange OAuth Client Customer Support", $wn, ["width" => "45%"]));
return $Wy;
}
public static function moOAuthLicenseFetch($kI = FALSE)
{
$BU = \Drupal::config("miniorange_oauth_client.settings");
$NH = \Drupal::configFactory()->getEditable("miniorange_oauth_client.settings");
$Yu = $BU->get("miniorange_oauth_client_customer_admin_email");
$nQ = new MiniorangeOAuthClientCustomer($Yu, null);
$uX = json_decode($nQ->ccl(), true);
if (isset($uX["status"]) && $uX["status"] == "SUCCESS") {
goto DH;
}
$XR = t("Failed to fetch licensing update");
$S6 = "error";
goto xV;
DH:
$NH->set("mo_last_license_fetch_time", time())->save();
$NH->set("miniorange_oauth_licenseExpiry", $uX["licenseExpiry"])->save();
$NH->set("miniorange_oauth_supportExpiry", $uX["supportExpiry"])->save();
$NH->set("miniorange_oauth_isMultiSitePluginRequested", isset($uX["isMultiSitePluginRequested"]) ? $uX["isMultiSitePluginRequested"] : false)->save();
$cd = isset($uX["noOfSP"]) ? $uX["noOfSP"] : 1;
$NH->set("miniorange_oauth_noOfSP", $cd)->save();
$zM = isset($uX["trial"]) ? $uX["trial"] : false;
\Drupal::state()->set("miniorange_oauth_is_trial", $zM);
$XR = t("Successfully fetched the licensing update");
$S6 = "status";
xV:
$S6 == "status" ? \Drupal::logger("miniorange_oauth_client")->notice($XR) : \Drupal::logger("miniorange_oauth_client")->error($XR);
if ($kI) {
goto gJ;
}
$S6 == "status" ? \Drupal::messenger()->addStatus($XR) : \Drupal::messenger()->addError($XR);
return new RedirectResponse(Url::fromRoute("miniorange_oauth_client.customer_setup")->toString());
gJ:
return new Response();
}
}
?>
Did this file decode correctly?
Original Code
/* Decoded by unphp.net */
<?php
namespace Drupal\miniorange_oauth_client\Controller;
use Drupal\user\Entity\User;
use Drupal\Component\Utility\Html;
use Drupal\Core\Controller\ControllerBase;
use Drupal\miniorange_oauth_client\Utilities;
use Symfony\Component\HttpFoundation\Response;
use Drupal\miniorange_oauth_client\DBQueries;
use Drupal\Core\Url;
use Drupal\miniorange_oauth_client\appValues;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Drupal\miniorange_oauth_client\GrantTypes\HandleJWT;
use Drupal\miniorange_oauth_client\MiniorangeOAuthClientCustomer;
use Drupal\profile\Entity\Profile;
use Drupal\Core\Ajax\AjaxResponse;
use Drupal\Core\Ajax\OpenModalDialogCommand;
use Drupal\miniorange_oauth_client\GrantTypes\ImplicitGrant;
use Drupal\miniorange_oauth_client\MiniorangeOAuthRoleRestriction;
use Drupal\miniorange_oauth_client\mOOAuthLogout;
use Drupal\miniorange_oauth_client\mOUserRegistration;
use Drupal\profile\Entity\ProfileType;
use Drupal\Core\Entity\EntityStorageException;
class miniorange_oauth_clientController extends ControllerBase
{
public static function miniorange_oauth_client_mo_login()
{
$BG = \Drupal::service("session");
$mQ = \Drupal::moduleHandler();
$IR = \Drupal::service("current_route_match")->getParameter("app_name");
if (!(session_status() == PHP_SESSION_NONE)) {
goto vi;
}
session_start();
vi:
if (!(!empty($IR) && (new appValues($IR))->grantTypevalue == "implicit")) {
goto j2;
}
if (!(isset($_SERVER["QUERY_STRING"]) && !empty($_SERVER["QUERY_STRING"]))) {
goto Hi;
}
$Ww = $_GET;
Hi:
if (!(!isset($_COOKIE["login_query"]) && empty($_SERVER["QUERY_STRING"]))) {
goto KS;
}
echo "<script type="text/javascript">\xd\xa var qfragment = window.location.hash;\xd\xa const currentpath = window.location.protocol + window.location.pathname;
qfragment = qfragment.split("#")[1];
document.cookie = "login_query=" + qfragment;\xd\xa window.location.href = currentpath + "?" + qfragment;\xd
</script>";
exit;
KS:
if (!(isset($_COOKIE["login_query"]) && !empty($_COOKIE["login_query"]))) {
goto rv;
}
$AH = $_COOKIE["login_query"];
$IT = explode("&", $AH);
$Ww = [];
foreach ($IT as $wZ) {
$C3 = explode("=", $wZ);
if (!(sizeof($C3) > 1)) {
goto Ho;
}
$Ww[$C3[0]] = $C3[1];
Ho:
Ln:
}
Z9:
rv:
$mQ->invokeAll("mo_pre_auth_response_process", [$Ww]);
ImplicitGrant::validate_token_and_state($Ww);
$xM = isset($Ww["state"]) ? $Ww["state"] : '';
$KL = Utilities::decodeState($xM);
$GF = isset($KL["testsso"]) ? $KL["testsso"] === true ? true : false : false;
$tw = $BG->get("appname");
$PN = new appValues($tw);
$Qq = $PN->get_appType();
$U1 = $PN->loginflowtype;
if ($Qq == "Custom_Open_id" || $U1 == "OpenID") {
goto uK;
}
$d0 = isset($Ww["access_token"]) && !empty($Ww["access_token"]) ? $Ww["access_token"] : '';
goto bL;
uK:
$d0 = isset($Ww["id_token"]) && !empty($Ww["id_token"]) ? $Ww["id_token"] : '';
bL:
if (!(empty($d0) && isset($Ww["token"]) && !empty($Ww["token"]))) {
goto jY;
}
$d0 = $Ww["token"];
jY:
Utilities::save_tokens_in_cookie_and_session($Ww, new appValues($tw), $GF);
$Zi = new ImplicitGrant($tw);
return $Zi->mo_oauth_client_mo_login($PN, $d0, $Ww);
j2:
$mQ->invokeAll("mo_pre_auth_response_process", [$_GET]);
$rI = isset($_GET["code"]) ? $_GET["code"] : '';
$rI = Html::escape($rI);
$xM = isset($_GET["state"]) ? $_GET["state"] : '';
$xM = Html::escape($xM);
$KL = Utilities::decodeState($xM);
$GF = isset($KL["testsso"]) ? $KL["testsso"] === true ? true : false : false;
$IR = self::validate_code_and_state($rI, $xM, $GF);
$BG->remove("oauth2state");
$PN = new appValues($IR);
$Qq = $PN->get_appType();
$U1 = $PN->loginflowtype;
[$CK, $uE] = $Qq == "Custom_Open_id" || $U1 == "OpenID" ? self::implement_openid_flow($PN, $rI, '', $GF) : self::implement_oauth_flow($PN, $rI, '', $GF);
$N8 = self::flattenArray($uE);
if (!($GF || isset($_COOKIE["mo_testConfig"]))) {
goto IR;
}
self::Test_Configuration($N8, $PN->appName);
IR:
return self::performSSOinDrupal($uE, $N8, $PN, $CK, $xM);
}
public static function flattenArray($mu, $av = '')
{
$s0 = array();
foreach ($mu as $C3 => $wZ) {
$ZI = $av . $C3;
if (is_array($wZ)) {
goto qa;
}
$s0[$ZI] = $wZ;
goto ww;
qa:
$s0 = array_merge($s0, self::flattenArray($wZ, $ZI . ">"));
ww:
v5:
}
bc:
return $s0;
}
public static function mo_oauth_attr_map($dm, $Zw, $KP = "attr")
{
$uk = array();
foreach ($dm as $C3 => $wZ) {
if (!(!empty($wZ) && !empty($Zw[$C3]))) {
goto K9;
}
if (array_key_exists($wZ, $uk) && $KP == "role") {
goto FW;
}
$uk[trim($wZ, " ")] = $Zw[$C3];
goto SO;
FW:
if ($uk[$wZ][-1] != ";") {
goto W2;
}
$uk[trim($wZ, " ")] = $uk[$wZ] . $Zw[$C3];
goto F5;
W2:
$uk[trim($wZ, " ")] = $uk[$wZ] . ";" . $Zw[$C3];
F5:
SO:
K9:
St:
}
Jy:
return $uk;
}
public static function to_explode_semicolon($wh)
{
$YQ = array();
foreach ($wh as $C3 => $vi) {
$vi = explode(";", $vi);
$YQ[$C3] = $vi;
za:
}
Z7:
return $YQ;
}
public static function create_profile($Pv, $nV, $PN)
{
if (\Drupal::service("module_handler")->moduleExists("profile")) {
goto fH;
}
return new Response();
fH:
$XZ = $PN->enable_profile_mapping;
if ($XZ) {
goto T9;
}
return new Response();
T9:
$mM = $PN->profile_entity_type;
$P3 = isset($nV->toArray()[$mM . "_profiles"][0]) ? $nV->toArray()[$mM . "_profiles"][0]["target_id"] : NULL;
$sa = ProfileType::load($mM);
$nt = $sa->toArray()["roles"];
$yw = $nV->getRoles();
if (!(!empty(array_intersect($nt, $yw)) || empty($nt))) {
goto N2;
}
if (!is_null($P3)) {
goto j9;
}
try {
$Y_ = Profile::create(["type" => $mM, "uid" => $nV->id(), "field_agree_terms" => 1]);
$Y_->save();
$P3 = $Y_->toArray()["profile_id"][0]["value"];
} catch (EntityStorageException $ia) {
\Drupal::logger("miniorange_oauth_client")->notice("EntityStorageException: Error while creating and saving the profile type.");
}
j9:
if (empty($Pv)) {
goto c7;
}
foreach ($Pv as $C3 => $wZ) {
$Y_ = Profile::load($P3);
$Y_->set($C3, $wZ);
da:
}
SM:
$Y_->save();
c7:
N2:
}
public static function perform_role_mapping($PN, $Tc, $nV, $rq, $NC = '')
{
$F6 = $PN->get_roleAttribute();
$dX = $PN->get_enableRolemapping();
$TF = $PN->get_disableRoleUpdate();
$w4 = $PN->get_roleMap();
$w4 = !empty($w4) ? $w4 : array();
$d7 = array();
$tK = array();
foreach ($w4 as $C3) {
if (!($C3["user_sp_role_name"] != '' && $C3["user_idp_role_name"] != '')) {
goto EQ;
}
array_push($d7, $C3["user_sp_role_name"]);
array_push($tK, $C3["user_idp_role_name"]);
EQ:
m2:
}
E3:
$HQ = self::mo_oauth_attr_map($d7, $tK, "role");
$Ds = array();
if (!is_array($rq) && !empty($rq)) {
goto NH;
}
$Ds = is_array($rq) ? $rq : [];
goto p0;
NH:
$rq = str_replace(["[", "]"], '', $rq);
$rq = explode(",", $rq);
foreach ($rq as $C3 => $wZ) {
$Ds[] = str_replace(""", '', trim($wZ));
va:
}
pH:
p0:
if (!($dX && !is_null($F6) && !empty($F6))) {
goto SF;
}
$Cg = $nV->getRoles();
if ($TF) {
goto Rt;
}
foreach ($Cg as $C3 => $wZ) {
if (in_array($wZ, array_keys($HQ))) {
goto Hg;
}
if (!($wZ != $PN->get_defaultRole())) {
goto ZJ;
}
$nV->removeRole($wZ);
$nV->save();
ZJ:
Hg:
tw:
}
H8:
Rt:
foreach ($HQ as $C3 => $wZ) {
$eB = FALSE;
$K4 = explode(";", $wZ);
foreach ($K4 as $Kr => $sQ) {
if (strpos($sQ, "&") !== false) {
goto pw;
}
if (!in_array($sQ, $Ds)) {
goto tv;
}
$eB = TRUE;
goto Kh;
tv:
goto N1;
pw:
$l0 = true;
$Kf = explode("&", $sQ);
foreach ($Kf as $l2 => $DD) {
if (in_array($DD, $Ds)) {
goto p7;
}
$l0 = false;
goto ZR;
p7:
Fq:
}
ZR:
$eB = $l0 ? TRUE : FALSE;
if (!$eB) {
goto TS;
}
goto Kh;
TS:
N1:
fi:
}
Kh:
if ($eB && $C3 != "authenticated") {
goto Ud;
}
$nV->removeRole($C3);
$nV->save();
goto kf;
Ud:
$nV->addRole($C3);
$nV->save();
kf:
Er:
}
U6:
SF:
}
public static function getToken($FD, $ok, $DT, $sm, $rI, $eu, $QE, $FL, $IR, $GF = false, $YI = '')
{
$base_url = \Drupal::request()->getSchemeAndHttpHost() . \Drupal::request()->getBasePath();
$BG = \Drupal::service("session");
$PN = new appValues($IR);
$Wy = array();
$KM = $PN->scope;
if ($ok == "authorization_code_with_pkce") {
goto LW;
}
if ($ok == "refresh_token") {
goto aR;
}
if ($QE && !$FL) {
goto T1;
}
if (!$QE && $FL) {
goto X5;
}
$Wy = Utilities::callService($FD, "redirect_uri=" . urlencode($eu) . "&grant_type=" . $ok . "&client_id=" . urlencode($DT) . "&client_secret=" . urlencode($sm) . "&code=" . $rI, array("Authorization" => "Basic " . base64_encode($DT . ":" . $sm), "Accept" => "application/json", "Content-Type" => "application/x-www-form-urlencoded"), '', $GF);
goto oq;
X5:
$Wy = Utilities::callService($FD, "redirect_uri=" . urlencode($eu) . "&grant_type=" . $ok . "&client_id=" . urlencode($DT) . "&client_secret=" . urlencode($sm) . "&code=" . $rI, array("Accept" => "application/json", "Content-Type" => "application/x-www-form-urlencoded"), '', $GF);
oq:
goto CQ;
T1:
$Wy = Utilities::callService($FD, "redirect_uri=" . urlencode($eu) . "&grant_type=" . $ok . "&code=" . $rI, array("Authorization" => "Basic " . base64_encode($DT . ":" . $sm), "Accept" => "application/json", "Content-Type" => "application/x-www-form-urlencoded"), '', $GF);
CQ:
goto s7;
LW:
$NZ = $BG->get("codeVerifier");
$BG->remove("codeVerifier");
$Wy = Utilities::callService($FD, "redirect_uri=" . urlencode($eu) . "&grant_type=authorization_code" . "&code=" . $rI . "&code_verifier=" . $NZ . "&client_id=" . urlencode($DT), array("Accept" => "application/json", "Content-Type" => "application/x-www-form-urlencoded", "Origin" => $base_url), '', $GF);
goto s7;
aR:
$MY = [];
$p5 = "redirect_uri=" . urlencode($eu) . "&grant_type=" . $ok . "&refresh_token=" . $YI;
if (!$QE) {
goto zs;
}
$MY = ["Authorization" => "Basic " . base64_encode($DT . ":" . $sm), "Accept" => "application/json", "Content-Type" => "application/x-www-form-urlencoded"];
zs:
if (!$FL) {
goto j_;
}
$p5 = $p5 . "&client_id=" . urlencode($DT) . "&client_secret=" . urlencode($sm);
j_:
$Wy = Utilities::callService($FD, $p5, $MY, '', $GF);
s7:
$HP = json_decode($Wy, true);
if (isset($HP["access_token"]) || isset($HP["id_token"])) {
goto iy;
}
\Drupal::logger("miniorange_oauth_client")->error("Invalid response received while fetching access token from url-<br> {$FD} <br><br> Response => <pre><code>" . print_r($HP, TRUE) . "<pre><code>");
if ($ok == "refresh_token") {
goto CV;
}
if ($GF) {
goto fl;
}
Utilities::anonymousRedirect('', '', "Something went wrong, Please contact the site administrator.");
goto u8;
CV:
\Drupal::logger("mo_session_manager")->warning("access token renewal failed.<br> response = '%response' ", ["%response" => print_r($HP, TRUE)]);
goto u8;
fl:
Utilities::show_error_message_testconfig("Invalid response received while fetching access token from url-<br>{$FD} <br><br> Response => <pre><code>" . print_r($HP, TRUE) . "<pre><code>");
u8:
iy:
Utilities::save_tokens_in_cookie_and_session($HP, new appValues($IR), $GF);
return $HP;
}
public static function validate_code_and_state($rI, $xM, $GF)
{
$BG = \Drupal::service("session");
if (empty($rI)) {
goto Uw;
}
if (empty($xM)) {
goto wp;
}
$IR = '';
$xM = Utilities::decodeState($xM);
if (!empty($BG->get("appname"))) {
goto FB;
}
if (!(isset($xM["appname"]) && !empty($xM["appname"]))) {
goto Kg;
}
$IR = $xM["appname"];
Kg:
goto Hj;
FB:
$IR = $BG->get("appname");
Hj:
if (!empty($IR)) {
goto xQ;
}
\Drupal::logger("miniorange_oauth_client")->error("Invalid state parameter");
if ($GF) {
goto R_;
}
Utilities::anonymousRedirect();
goto Ys;
R_:
Utilities::show_error_message_testconfig("Invalid state parameter");
Ys:
xQ:
goto Og;
Uw:
\Drupal::logger("miniorange_oauth_client")->error("<pre><code>" . print_r($_GET, true) . "<pre><code>");
if ($GF) {
goto T0;
}
Utilities::anonymousRedirect();
goto Ru;
T0:
Utilities::show_error_message_testconfig("<pre><code>" . print_r($_GET, true) . "<pre><code>");
Ru:
goto Og;
wp:
$lD = DBQueries::get_all_app_names_with_oauth_login_enabled();
return $lD[0]->app_name;
Og:
return $IR;
}
public static function implement_openid_flow($PN, $tX = '', $JK = '', $GF = false)
{
$rI = $tX;
$do = $PN->get_valuesInHeader();
$dG = $PN->get_valuesInBody();
$ok = $PN->grantTypevalue;
$rI = $tX;
$qO = Utilities::getCallbackUrl($PN->appName);
if (!(!$do == TRUE || !$do == 1)) {
goto zv;
}
$do = false;
zv:
if (!(!$dG == TRUE || !$dG == 1)) {
goto cm;
}
$dG = false;
cm:
if ($ok == "password") {
goto BR;
}
$CK = self::getToken($PN->get_accessTokenEndpoint(), $ok, $PN->get_clientId(), $PN->get_clientSecret(), $rI, $qO, $do, $dG, $PN->appName, $GF);
goto QY;
BR:
$CK = $JK->getToken($PN, $GF);
QY:
if (isset($CK["id_token"])) {
goto h1;
}
\Drupal::logger("miniorange_oauth_client")->error("The OAuth response doesn't contain an ID token. Please try selecting 'OAuth 2.0 Application' from the 'Select Application Type' radio button, if it contains an access token.<br><br><b>Response : </b><pre><code>" . print_r($CK, true) . "</code></pre>");
if ($GF) {
goto Cy;
}
Utilities::anonymousRedirect('', '', "Something went wrong, Please contact the site administrator.");
goto h6;
Cy:
Utilities::show_error_message_testconfig("The OAuth response doesn't contain an ID token. Please try selecting 'OAuth 2.0 Application' from the 'Select Application Type' radio button, if it contains an access token.<br><br><b>Response : </b><pre><code>" . print_r($CK, true) . "</code></pre>");
h6:
h1:
$H6 = new HandleJWT($PN, $CK["id_token"], $GF);
$uE = $H6->getUserAttributesFromIDToken();
return [$CK, $uE];
}
public static function implement_oauth_flow($PN, $tX = '', $JK = '', $GF = false)
{
$do = $PN->get_valuesInHeader();
$dG = $PN->get_valuesInBody();
$BS = $PN->appName;
$ok = $PN->grantTypevalue;
$rI = $tX;
$qO = Utilities::getCallbackUrl($PN->appName);
$hR = \Drupal::config("miniorange_oauth_client.settings")->get("miniorange_oauth_client_group_info_ep_" . $BS);
if (!(!$do == TRUE || !$do == 1)) {
goto vb;
}
$do = false;
vb:
if (!(!$dG == TRUE || !$dG == 1)) {
goto XD;
}
$dG = false;
XD:
if ($ok == "password" && !empty($JK)) {
goto LI;
}
$CK = self::getToken($PN->get_accessTokenEndpoint(), $ok, $PN->get_clientId(), $PN->get_clientSecret(), $rI, $qO, $do, $dG, $BS, $GF);
goto qP;
LI:
$CK = $JK->getToken($PN, $GF);
qP:
if (isset($CK["access_token"])) {
goto Lc;
}
\Drupal::logger("miniorange_oauth_client")->error("The OAuth response doesn't contain an access token. Please try selecting 'OpenID Connect Application' from the 'Select Application Type' radio button, if it contains an ID token.<br><br><b>Response : </b><pre><code>" . print_r($CK, true) . "</code></pre>");
if ($GF) {
goto RM;
}
Utilities::anonymousRedirect('', '', "Something went wrong, Please contact the site administrator.");
goto TL;
RM:
Utilities::show_error_message_testconfig("The OAuth response doesn't contain an access token. Please try selecting 'OpenID Connect Application' from the 'Select Application Type' radio button, if it contains an ID token.<br><br><b>Response : </b><pre><code>" . print_r($CK, true) . "</code></pre>");
TL:
goto vs;
Lc:
$qf = $CK["access_token"];
vs:
$GW = $PN->get_userInfoEndpoint();
if (!(substr($GW, -1) == "=")) {
goto tS;
}
$GW .= $qf;
tS:
$uE = self::getResourceOwner($GW, $qf, $GF);
if (empty($hR)) {
goto xq;
}
$vD = Utilities::getGroupsInfo($hR, $qf, $GF);
$vD = !empty($vD) ? $vD : [];
$uE = array_merge($uE, $vD);
xq:
return [$CK, $uE];
}
public static function final_redirect_url_after_login($xM, $M0, $T2)
{
$xM = Utilities::decodeState($xM);
$AV = '';
if (isset($xM["destination"]) && !empty($xM["destination"])) {
goto US;
}
if (isset($xM["restrictedpagedestination"]) && !empty($xM["restrictedpagedestination"])) {
goto v6;
}
if ($M0 != '') {
goto p5;
}
if (isset($xM["referer"]) && !empty($xM["referer"])) {
goto B5;
}
$AV = Url::fromRoute("entity.user.canonical", ["user" => $T2])->toString();
goto BO;
B5:
$AV = $xM["referer"];
BO:
goto lN;
p5:
$AV = $M0;
lN:
goto VP;
v6:
$AV = $xM["restrictedpagedestination"];
VP:
goto Eg;
US:
$AV = $xM["destination"];
Eg:
return $AV;
}
public static function performSSOinDrupal($uE, $N8, $PN, $CK, $xM = '')
{
$BG = \Drupal::service("session");
$mQ = \Drupal::moduleHandler();
$BU = \Drupal::config("miniorange_oauth_client.settings");
$mQ->invokeAll("mo_pre_user_load", [$uE, $CK]);
$GN = '';
$gL = '';
$el = '';
$q1 = '';
if (empty($PN->get_emailAttr())) {
goto V0;
}
$gL = $PN->get_emailAttr();
V0:
if (empty($PN->get_nameAttr())) {
goto Ic;
}
$GN = $PN->get_nameAttr();
Ic:
if (!(!empty($gL) && isset($N8[$gL]))) {
goto Tt;
}
$q1 = $N8[$gL];
Tt:
if (!($GN != "Select" && isset($N8[$GN]))) {
goto CZ;
}
$el = $N8[$GN];
CZ:
$w8 = $BU->get("miniorange_oauth_client_load_user");
if (!($w8 == "Email" && empty($q1))) {
goto hv;
}
Utilities::save_SSO_report_data("FAILURE. Email not mapped", $PN->appName, $el ? $el : "-", "-");
Utilities::show_sso_error_message("Email address not received.", "Please ensure Email Attribute field is configured properly in the Attribute & Role Mapping tab of the module.");
hv:
if (!($w8 == "Username" && empty($el))) {
goto et;
}
Utilities::save_SSO_report_data("FAILURE. Username not mapped", $PN->appName, $el ? $el : "-", "-");
Utilities::show_sso_error_message("Username not received.", "Please ensure Username Attribute field is configured properly in the Attribute & Role Mapping tab of the module.");
et:
$gw = Utilities::Is_Restricted_Domain($q1);
if (!$gw) {
goto i8;
}
Utilities::save_SSO_report_data("FAILURE. Domain Restricted", $PN->appName, $el ? $el : "-", $q1);
Utilities::anonymousRedirect('', "A user (email - <i>" . $q1 . "</i>, username - <i>" . $el . "</i>) with restricted domain is attemping to login", "You are not allowed to login to this site, please contact the site administrator.");
i8:
self::is_role_allowed($PN, $uE);
if ($w8 == "Email") {
goto W4;
}
if ($w8 == "Username") {
goto eX;
}
goto uY;
W4:
$nV = user_load_by_mail($q1);
goto uY;
eX:
$nV = user_load_by_name($el);
uY:
$dX = $PN->get_enableRolemapping();
$HN = $PN->get_defaultRole();
if (!empty($el)) {
goto r5;
}
$el = $q1;
r5:
$sw = $BU->get("miniorange_oauth_require_profile_field");
if (!empty($nV->uid)) {
goto Cm;
}
$mQ->invokeAll("mo_pre_user_register", [$uE]);
$Cb = new mOUserRegistration($PN->autocreateuser, $PN->create_disable_user, $PN->redirect_disable, $PN->redirect_unregister, $el, $q1, $dX, $HN, $PN->appName);
$nV = $Cb->create_new_user($uE);
Cm:
$nV = User::load($nV->id());
$mQ->invokeAll("mo_post_user_load", [$nV, $uE, $CK]);
if ($nV->isActive()) {
goto zc;
}
$EA = $BU->get("miniorange_oauth_activate_users");
if ($EA) {
goto kw;
}
Utilities::anonymousRedirect($PN->redirect_disable, '', "The username <i>" . $nV->getAccountName() . "</i> has not been activated or is blocked.");
goto UF;
kw:
$nV->set("status", TRUE);
$nV->save();
\Drupal::logger("miniorange_oauth_client")->notice("The username <i>" . $nV->getAccountName() . "</i> has been activated");
UF:
zc:
$G7 = $BU->get("miniorange_oauth_restrict_sso_for_admin");
if (!($G7 && $nV->hasRole("administrator"))) {
goto yB;
}
Utilities::anonymousRedirect($PN->redirect_disable, "A user with administrator Role is attemping SSO", "Something went wrong, Please contact the site administrator.");
yB:
self::perform_attribute_mapping($nV, $PN, $N8);
self::implement_role_mapping($nV, $PN, $uE);
self::perform_profile_mapping($nV, $PN, $uE);
self::perform_group_mapping($nV, $PN, $uE);
$mQ->invokeAll("mo_post_mapping", [$nV, $uE, $CK]);
$AV = self::final_redirect_url_after_login($xM, $PN->redirect_after_login, $nV->id());
Utilities::save_SSO_report_data("SUCCESS", $PN->appName, $el, $q1, $AV);
$BG->set("mo_sso_session", true);
$BG->set("appname", $PN->appName);
if (!($PN->sendidtokeninslorequest && isset($CK["id_token"]))) {
goto k8;
}
$BG->set("mo_id_token", $CK["id_token"]);
k8:
$WT = array();
$WT["redirect"] = $AV;
user_login_finalize($nV);
$BG->set("mo_sso_session", true);
$BG->set("appname", $PN->appName);
$mQ->invokeAll("mo_post_user_login", [&$nV, $uE]);
$mQ->invokeAll("mo_oauth_user_token", [&$nV, $CK, $AV]);
if (!($sw == 1 && !Utilities::check_for_redirect_to_user_profile_form($q1))) {
goto rN;
}
Utilities::redirect_to_profile_form($nV->id());
rN:
$Wy = new RedirectResponse($WT["redirect"]);
\Drupal::service("page_cache_kill_switch")->trigger();
return $Wy;
}
public static function is_role_allowed($PN, $uE)
{
$wS = $PN->enable_role_based_restriction;
$hm = $PN->role_restriction_attrname;
$SM = $PN->list_of_roles;
$v6 = $PN->typeof_role_restriction;
$TI = $PN->redirect_url_for_role_restriction;
if (!($wS && $SM && $v6 && $hm)) {
goto VV;
}
$Jh = new MiniorangeOAuthRoleRestriction($uE, $hm, $SM, $TI);
if ($v6 === "whitelist") {
goto tR;
}
$Jh->validate_blacklisted_role_restriction();
goto hS;
tR:
$Jh->validate_whitelisted_role_restriction();
hS:
VV:
return new Response();
}
public static function perform_attribute_mapping($nV, $PN, $uE)
{
$at = $PN->get_attributeMap();
$at = !empty($at) ? $at : array();
$dm = array();
$Zw = array();
foreach ($at as $C3) {
if (!($C3["machine_name"] != '' && $C3["attribute_name"] != '')) {
goto n0;
}
array_push($Zw, $C3["machine_name"]);
array_push($dm, $C3["attribute_name"]);
n0:
Tv:
}
xo:
$a2 = self::mo_oauth_attr_map($dm, $Zw);
$Au = array();
if (!(isset($a2) && !empty($a2))) {
goto fk;
}
foreach ($a2 as $Kr => $sQ) {
if (!isset($uE[$Kr])) {
goto wo;
}
$Au[$sQ] = $uE[$Kr];
wo:
YH:
}
Gp:
foreach ($Au as $C3 => $wZ) {
$nV->{$C3} = $wZ;
$nV->save();
aE:
}
cw:
fk:
}
public static function implement_role_mapping($nV, $PN, $uE)
{
$A0 = $PN->get_roleAttribute();
if (!(isset($A0) && !empty($A0))) {
goto dT;
}
$rq = self::getnestedattribute($uE, $A0);
if (is_null($nV)) {
goto fV;
}
self::perform_role_mapping($PN, $uE, $nV, $rq, $PN->appName);
fV:
dT:
}
public static function perform_profile_mapping($nV, $PN, $uE)
{
$NG = $PN->get_profileMap();
$NG = !empty($NG) ? $NG : array();
$b3 = array();
$Qg = array();
if (empty($NG)) {
goto RO;
}
foreach ($NG as $C3) {
if (!($C3["user_profile_field_name"] != '' && $C3["user_profile_idp_attribute_name"] != '')) {
goto mM;
}
array_push($b3, $C3["user_profile_field_name"]);
array_push($Qg, $C3["user_profile_idp_attribute_name"]);
mM:
Tm:
}
pY:
$Pr = self::mo_oauth_attr_map($b3, $Qg, "role");
$Ao = array();
if (!(isset($Pr) && !empty($Pr))) {
goto rn;
}
$Pr = self::to_explode_semicolon($Pr);
foreach ($Pr as $C3 => $vi) {
$yl = array();
foreach ($vi as $wZ) {
if (!array_key_exists($wZ, $uE)) {
goto vo;
}
array_push($yl, $uE[$wZ]);
vo:
P_:
}
D4:
$Ao[$C3] = $yl;
Wb:
}
GT:
self::create_profile($Ao, $nV, $PN);
rn:
RO:
}
public static function perform_group_mapping($nV, $PN, $uE)
{
$Ji = $PN->enablegroupmapping;
$bv = $PN->keepExistingGroups;
$a7 = $PN->groupAttribute;
$mp = !empty($PN->groupmap) ? json_decode($PN->groupmap, true) : [];
$IH = '';
if (empty($a7)) {
goto jS;
}
$IH = self::getnestedattribute($uE, $a7);
jS:
$TH = [];
if (!is_array($IH) && !empty($IH)) {
goto Cu;
}
$TH = is_array($IH) ? $IH : [];
goto bz;
Cu:
$IH = str_replace(["[", "]"], '', $IH);
$IH = explode(",", $IH);
foreach ($IH as $C3 => $wZ) {
$TH[] = str_replace(""", '', trim($wZ));
Rs:
}
EI:
bz:
$DI = [];
$FB = [];
foreach ($mp as $C3) {
if (empty(trim($C3["oauth_server_attrs"]))) {
goto oH;
}
array_push($DI, $C3["group_name"]);
array_push($FB, $C3["oauth_server_attrs"]);
oH:
VO:
}
rO:
$YN = self::mo_oauth_attr_map($DI, $FB, "role");
if (!($Ji && is_array($TH) && !empty($YN) && $nV)) {
goto by;
}
foreach ($YN as $C3 => $wZ) {
$Kt = false;
$Nn = \Drupal::entityTypeManager()->getStorage("group");
$CP = $Nn->load($C3);
if (!$CP) {
goto aT;
}
if (!$CP->getMember($nV)) {
goto he;
}
$Kt = true;
he:
$us = explode(";", $wZ);
if (!empty(array_intersect($TH, $us))) {
goto HO;
}
if (!($Kt && !$bv)) {
goto wz;
}
$CP->removeMember($nV);
$CP->save();
wz:
goto uH;
HO:
if ($CP->getMember($nV)) {
goto dp;
}
$CP->addMember($nV);
$CP->save();
dp:
uH:
aT:
fg:
}
vE:
by:
}
public static function Test_Configuration($uE, $IR)
{
$s9 = \Drupal::service("extension.list.module")->getPath("miniorange_oauth_client");
$base_url = \Drupal::request()->getSchemeAndHttpHost() . \Drupal::request()->getBasePath();
setrawcookie("mo.testConfig", true, \Drupal::time()->getRequestTime() - 300, "/");
$Yu = isset($uE["email"]) ? $uE["email"] : "User";
$H3 = '';
Utilities::show_attr($uE, $H3, 0, '', "<tr style="text-align:center;">", "<td style='font-weight:bold;padding:2%;border:2px solid #949090; word-wrap:break-word;'>");
$cK = is_array($uE) ? json_encode($uE) : '';
\Drupal::configFactory()->getEditable("miniorange_oauth_client.settings")->set("miniorange_oauth_client_attr_list_from_server_" . $IR, $cK)->save();
$ns = [];
if (!is_array($uE)) {
goto Dq;
}
$ns = array_combine(array_keys($uE), array_keys($uE));
Dq:
$ns = is_array($ns) ? json_encode($ns) : '';
\Drupal::configFactory()->getEditable("miniorange_oauth_client.settings")->set("miniorange_oauth_client_attr_list_from_server_mapping_" . $IR, $ns)->save();
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #3c763d;background-color: #dff0d8; padding:2%;margin-bottom:20px;text-align:center; border:1px solid #AEDB9A;
\xa font-size:15pt;">
TEST SUCCESSFUL\xd
</div>\xd\xa <div style="display:block;text-align:center;margin-bottom:4%;">\xd\xa <img style="width:15%;"src="" . $base_url . "/" . $s9 . "/assets/img/green_check.png">
\xa </div>";
echo "<span style="font-size:13pt;"><b>Hello</b>, " . $Yu . "</span><br/>\xd
<p style="font-weight:bold;font-size:13pt;margin-left:1%;">ATTRIBUTES RECEIVED:</p>
\xa <table style="border-collapse:collapse;border-spacing:0; display:table;width:100%; font-size:13pt;background-color:#EDEDED;">\xd\xa <tr style="text-align:center;">
<td style="font-weight:bold;border:2px solid #949090;padding:2%;">ATTRIBUTE NAME</td>
\xa <td style="font-weight:bold;padding:2%;border:2px solid #949090; word-wrap:break-word;">ATTRIBUTE VALUE</td>\xd\xa </tr>";
echo $H3;
echo "</table></div>";
echo "<div style="margin:3%;display:block;text-align:center;">
<input style="padding:1%;width:37%;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;\xd
border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;
\xa box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Configure Attribute/Role Mapping"\xd\xa onClick="close_and_redirect();">\xd
\xd\xa <input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;\xd\xa border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;
\xa box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();">\xd
</div>
<script>
function close_and_redirect(){\xd
window.opener.location.href = "" . Url::fromRoute("miniorange_oauth_client.mapping")->toString() . "";\xd
self.close();
}
\xa </script>";
exit;
}
public static function getResourceOwner($GW, $FZ, $GF = false)
{
$Wy = Utilities::callService($GW, NULL, array("Authorization" => "Bearer " . $FZ), "GET", $GF);
$HP = json_decode($Wy, true);
if (isset($HP["error_description"])) {
goto TQ;
}
if (!isset($HP["error"])) {
goto ng;
}
if (is_array($HP["error"])) {
goto E2;
}
echo $HP["error"];
goto qv;
E2:
print_r($HP["error"]);
qv:
exit;
ng:
goto uI;
TQ:
if (is_array($HP["error_description"])) {
goto vA;
}
echo $HP["error_description"];
goto n_;
vA:
print_r($HP["error_description"]);
n_:
exit;
uI:
return $HP;
}
public static function testattrmappingconfig($zm, $rh)
{
foreach ($rh as $C3 => $Dp) {
if (is_array($Dp) || is_object($Dp)) {
goto C5;
}
echo "<tr style='text-align:center;'><td style='font-weight:bold;border:2px solid #949090;padding:2%;'>";
if (empty($zm)) {
goto Zb;
}
echo $zm . ".";
Zb:
echo $C3 . "</td><td style='font-weight:bold;padding:2%;border:2px solid #949090; word-wrap:break-word;'>" . $Dp . "</td></tr>";
goto Bx;
C5:
if (empty($zm)) {
goto xO;
}
$zm .= ".";
xO:
self::testattrmappingconfig($zm . $C3, $Dp);
Bx:
Qb:
}
Xz:
return new Response();
}
public static function getnestedattribute($Dp, $C3)
{
if (isset($C3)) {
goto yd;
}
return '';
yd:
$YR = explode(">", $C3);
$U8 = '';
if (sizeof($YR) > 1) {
goto sT;
}
$U8 = $YR[0];
if (isset($Dp[$U8]) && !is_array($Dp[$U8])) {
goto wN;
}
if (!isset($Dp[$U8])) {
goto BB;
}
return self::extractLeafNodes($Dp[$U8]);
BB:
goto Mm;
wN:
return $Dp[$U8];
Mm:
goto OD;
sT:
$U8 = $YR[0];
if (!isset($Dp[$U8])) {
goto Ca;
}
return self::getnestedattribute($Dp[$U8], str_replace($U8 . ">", '', $C3));
Ca:
OD:
}
public static function extractLeafNodes($mu)
{
$s0 = array();
foreach ($mu as $C3 => $wZ) {
if (is_array($wZ)) {
goto rd;
}
$s0[] = $wZ;
goto Y1;
rd:
$s0 = array_merge($s0, self::extractLeafNodes($wZ));
Y1:
Aj:
}
cP:
return $s0;
}
public static function mo_oauth_client_initiateLogin($GF = false, $fn = '')
{
\Drupal::service("page_cache_kill_switch")->trigger();
Utilities::checkUpgradeUrlStatus();
$mQ = \Drupal::moduleHandler();
if (isset($_GET["appname"]) && !empty($_GET["appname"])) {
goto eV;
}
$pW = \Drupal::config("miniorange_oauth_client.settings")->get("auto_redirect_app_name");
goto ZQ;
eV:
$pW = trim(Html::escape($_GET["appname"]));
ZQ:
$PN = new appValues($pW);
$Gz = $PN->getAllConfig();
$qO = Utilities::getCallbackUrl($pW);
$mh = $Gz["authorizeEndpoint"];
$xM = Utilities::generateState($Gz["appName"], $fn, $GF);
$ok = $Gz["grantTypevalue"];
if (!($ok == "implicit")) {
goto ey;
}
$mc = new ImplicitGrant($Gz["appName"]);
$mc->mo_oauth_client_initiateLogin($PN, $fn, $GF);
ey:
if (strpos($mh, "?") !== false) {
goto Zt;
}
$mh = $mh . "?client_id=" . $PN->get_clientId() . "&scope=" . $Gz["scope"] . "&redirect_uri=" . $qO . "&response_type=code&state=" . $xM;
goto td;
Zt:
$mh = $mh . "&client_id=" . $PN->get_clientId() . "&scope=" . $Gz["scope"] . "&redirect_uri=" . $qO . "&response_type=code&state=" . $xM;
td:
if (!(session_status() == PHP_SESSION_NONE)) {
goto zF;
}
session_start();
zF:
$BG = \Drupal::service("session");
$BG->set("oauth2state", $xM);
$BG->set("appname", $Gz["appName"]);
if (!($ok == "authorization_code_with_pkce")) {
goto GP;
}
$Vh = random_bytes(64);
$NZ = rtrim(strtr(base64_encode($Vh), "+/", "-_"), "=");
$mb = hash("sha256", $NZ, true);
$ja = rtrim(strtr(base64_encode($mb), "+/", "-_"), "=");
$mh = $mh . "&code_challenge=" . $ja . "&code_challenge_method=S256";
$BG->set("codeVerifier", $NZ);
GP:
$mQ->invokeAll("mo_pre_authorization_request", [&$mh, $_GET]);
$Wy = new RedirectResponse($mh);
$Wy->send();
exit;
}
public static function test_mo_config()
{
setrawcookie("mo.testConfig", true, \Drupal::time()->getRequestTime() + 300, "/");
miniorange_oauth_clientController::miniorange_oauth_client_mologin("testOAuthConfig");
}
public static function miniorange_oauth_client_mologin($fn = '')
{
$C_ = \Drupal::request();
$BU = \Drupal::config("miniorange_oauth_client.settings");
$cM = $BU->get("miniorange_oauth_client_customer_admin_fraud_check");
$lp = $BU->get("miniorange_oauth_client_customer_admin_token");
$ql = $BU->get("miniorange_oauth_client_customer_admin_email");
$BX = $BU->get("miniorange_oauth_client_license_key");
$J9 = $BU->get("auto_redirect_app_name");
$OS = $BU->get("miniorange_oauth_isMultiSitePluginRequested") == true;
$nd = $BU->get("mo_last_license_fetch_time");
$Yb = time();
if (!($Yb - $nd > 604800)) {
goto yh;
}
self::moOAuthLicenseFetch(true);
yh:
$yg = \Drupal::state()->get("miniorange_oauth_is_trial");
$L0 = $BU->get("miniorange_oauth_licenseExpiry") ?? '';
$BS = $C_->query->get("appname", $J9);
$P6 = DBQueries::get_all_apps_from_db();
$l3 = in_array($BS, $P6) ? (new appValues($BS))->enable_login_with_oauth : 0;
$iO = Utilities::check_fraud();
if (empty($ql)) {
goto nf;
}
if (empty($BX)) {
goto d_;
}
if (!$OS && ($iO !== Utilities::decrypt_data($cM, $lp) && $iO !== Utilities::decrypt_data($cM, $lp, "AES-128-ECB"))) {
goto aL;
}
if ($yg && (!$L0 || strtotime($L0) < $Yb)) {
goto Pv;
}
if ($fn === "testOAuthConfig" && isset($_GET["appname"]) && !empty($_GET["appname"])) {
goto AZ;
}
if ($fn !== "testOAuthConfig" && $l3) {
goto BA;
}
Utilities::show_sso_error_message("Configurations not found or Login using OAuth provider is disabled.", "Please ensure the SSO or Test Connection URL is correct and Login with OAuth is enabled.");
goto gN;
nf:
Utilities::show_sso_error_message("It appears that you are not logged into the module.", "Please log in to the module.");
goto gN;
d_:
Utilities::show_sso_error_message("It appears that you have not verified your license key", "Please verify your license key.");
goto gN;
aL:
Utilities::show_sso_error_message("The license key you have entered has already been used.", "Please enter a key which has not been used before on any other instance or if you have exhausted all your keys, you can purchase more licenses.");
goto gN;
Pv:
Utilities::show_sso_error_message("Your trial license has expired on " . date("l M j, Y", strtotime($L0)), ". Reach out to us at <a href="mailto::[email protected]">[email protected]</a> to upgrade your license.");
goto gN;
AZ:
return self::mo_oauth_client_initiateLogin(true);
goto gN;
BA:
return self::mo_oauth_client_initiateLogin(false, $fn);
gN:
}
public function oauth_client_logout()
{
$eK = new mOOAuthLogout();
return $eK->mo_oauth_logout();
}
public static function openCustomerRequestForm()
{
$Wy = new AjaxResponse();
$wn = \Drupal::formBuilder()->getForm("\Drupal\miniorange_oauth_client\Form\MiniorangeCustomerRequest");
$Wy->addCommand(new OpenModalDialogCommand("miniOrange OAuth Client Customer Support", $wn, ["width" => "45%"]));
return $Wy;
}
public static function moOAuthLicenseFetch($kI = FALSE)
{
$BU = \Drupal::config("miniorange_oauth_client.settings");
$NH = \Drupal::configFactory()->getEditable("miniorange_oauth_client.settings");
$Yu = $BU->get("miniorange_oauth_client_customer_admin_email");
$nQ = new MiniorangeOAuthClientCustomer($Yu, null);
$uX = json_decode($nQ->ccl(), true);
if (isset($uX["status"]) && $uX["status"] == "SUCCESS") {
goto DH;
}
$XR = t("Failed to fetch licensing update");
$S6 = "error";
goto xV;
DH:
$NH->set("mo_last_license_fetch_time", time())->save();
$NH->set("miniorange_oauth_licenseExpiry", $uX["licenseExpiry"])->save();
$NH->set("miniorange_oauth_supportExpiry", $uX["supportExpiry"])->save();
$NH->set("miniorange_oauth_isMultiSitePluginRequested", isset($uX["isMultiSitePluginRequested"]) ? $uX["isMultiSitePluginRequested"] : false)->save();
$cd = isset($uX["noOfSP"]) ? $uX["noOfSP"] : 1;
$NH->set("miniorange_oauth_noOfSP", $cd)->save();
$zM = isset($uX["trial"]) ? $uX["trial"] : false;
\Drupal::state()->set("miniorange_oauth_is_trial", $zM);
$XR = t("Successfully fetched the licensing update");
$S6 = "status";
xV:
$S6 == "status" ? \Drupal::logger("miniorange_oauth_client")->notice($XR) : \Drupal::logger("miniorange_oauth_client")->error($XR);
if ($kI) {
goto gJ;
}
$S6 == "status" ? \Drupal::messenger()->addStatus($XR) : \Drupal::messenger()->addError($XR);
return new RedirectResponse(Url::fromRoute("miniorange_oauth_client.customer_setup")->toString());
gJ:
return new Response();
}
}
?>
Function Calls
None |
Stats
MD5 | 7c845195d1356d1de2cd550fa8b6eb3c |
Eval Count | 0 |
Decode Time | 104 ms |