Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php namespace Miniorange\SamlSpPremium\Controller; use Exception; use Miniorang..
Decoded Output download
<?php
namespace Miniorange\SamlSpPremium\Controller;
use Exception;
use Miniorange\Helper\Actions\ProcessResponseAction;
use Miniorange\Helper\Actions\ReadResponseAction;
use Miniorange\Helper\Actions\TestResultActions;
use Miniorange\Helper\Constants;
use MiniOrange\Helper\Exception\InvalidAudienceException;
use MiniOrange\Helper\Exception\InvalidDestinationException;
use MiniOrange\Helper\Exception\InvalidIssuerException;
use MiniOrange\Helper\Exception\InvalidSamlStatusCodeException;
use MiniOrange\Helper\Exception\InvalidSignatureInResponseException;
use Miniorange\Helper\SAMLUtilities;
use Miniorange\Helper\Utilities;
use PDO;
use ReflectionClass;
use ReflectionException;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Extbase\Mvc\Controller\ActionController;
use TYPO3\CMS\Extbase\Domain\Model\FrontendUser;
use Psr\Http\Message\ResponseFactoryInterface;
use TYPO3\CMS\Core\Session\UserSessionManager;
use TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController;
use TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication;
class ResponseController extends ActionController
{
protected $idp_name = null;
protected $acs_url = null;
protected $sp_entity_id = null;
protected $force_authn = null;
protected $saml_login_url = null;
private $issuer = null;
private $signedAssertion = null;
private $signedResponse = null;
protected $persistenceManager = null;
protected $frontendUserRepository = null;
private $ssoemail = null;
private $username = null;
private $ses_id = null;
private $attrsReceived = null;
private $amObject = null;
private $idpObject = null;
private $spObject = null;
protected $responseFactory = null;
public function responseAction()
{
GeneralUtility::makeInstance(\TYPO3\CMS\Core\Cache\CacheManager::class)->flushCaches();
error_log("In Responsecontroller file: ResponseAction started");
$this->spObject = json_decode(self::fetchFromTable(Constants::SAML_SPOBJECT, Constants::TABLE_SAML), true);
$this->idpObject = json_decode(self::fetchFromTable(Constants::SAML_IDPOBJECT, Constants::TABLE_SAML), true);
if (array_key_exists("SAMLResponse", $_REQUEST) && !empty($_REQUEST["SAMLResponse"])) {
goto VA;
}
if (!(array_key_exists("logintype", $_REQUEST) && $_REQUEST["logintype"] == "logout")) {
goto dN;
}
error_log("Logout intercepted.");
$v7 = $_COOKIE[Constants::FEUSER_TYPO3_SES_INDEX];
$vb = $_COOKIE[Constants::FEUSER_IDP_SESSION_INDEX];
$this->ssoemail = $_COOKIE[Constants::FE_USER_EMAIL];
$this->control();
$lH = $this->logout($v7, $vb);
header("Location: " . $lH);
dN:
goto eL;
VA:
$uN = ReadResponseAction::execute();
if (!($uN != null)) {
goto BQ;
}
$this->control();
$this->name_id = current(current($uN->getAssertions())->getNameId());
$Ai = current($uN->getAssertions())->getSessionIndex();
$this->amObject = json_decode(self::fetchFromTable(Constants::SAML_ATTROBJECT, Constants::TABLE_SAML), true);
$this->attrsReceived = current($uN->getAssertions())->getAttributes();
$this->attrsReceived["NameID"] = ["0" => $this->name_id];
$TL = array_key_exists("RelayState", $_REQUEST) ? $_REQUEST["RelayState"] : "/";
if (!($TL == "testconfig")) {
goto t2;
}
(new TestResultActions($this->attrsReceived))->execute();
die;
t2:
if (!($this->attrsReceived == null)) {
goto R4;
}
Utilities::showErrorFlashMessage("Attributes not received. Unable to login");
R4:
$zz = new ProcessResponseAction($uN, $this->acs_url, $this->issuer, $this->sp_entity_id, $this->signedResponse, $this->signedAssertion, $this->x509_certificate);
if ($this->attrsReceived != null) {
goto N_;
}
exit("Attributes not received. Unable to login");
goto HP;
N_:
error_log("Attributes received");
$Pt = $this->amObject[Constants::ATTRIBUTE_USERNAME];
if (!(!isset($Pt) || $Pt == '')) {
goto qD;
}
Utilities::log_php_error('', "No attribute Mapping for username. Please map a unique attribute from IDP as username in Attribute Mapping tab.");
exit("No attribute Mapping found for Username. Please contact your admin.");
qD:
$this->username = $this->attrsReceived[$Pt]["0"];
if (!(!isset($this->username) || $this->username == '')) {
goto fF;
}
Utilities::log_php_error('', "Failed to create user because didn't receive username attribute from IDP.");
exit("Unable to create user. Please contact your admin.");
fF:
$this->ssoemail = $this->attrsReceived[$this->amObject[Constants::ATTRIBUTE_EMAIL]]["0"];
/*$QM = self::getTypoScriptFrontendController();
$QM->fe_user->checkPid = 0;
$user = $this->createOrUpdateUser($this->username);
error_log("user: " . print_r($user, true));
$cr = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Context\Context::class);
$cr->getPropertyFromAspect("frontend.user", "isLoggedIn");
$QM->fe_user->forceSetCookie = TRUE;
$QM->fe_user->start();
$QM->fe_user->createUserSession($user);
$QM->fe_user->user = $user;
$QM->initUserGroups();
$QM->fe_user->loginSessionStarted = TRUE;
$QM->fe_user->setKey("user", "fe_typo_user", $user);
$GLOBALS["TSFE"]->fe_user->setKey("ses", "fe_typo_user", $user);
$QM->fe_user->setAndSaveSessionData("user", TRUE);
$sH = $QM->fe_user->fetchUserSession();
$K8 = new ReflectionClass($QM->fe_user);
$BO = $K8->getMethod("setSessionCookie");
$BO->setAccessible(TRUE);
$BO->invoke($QM->fe_user);
$QM->fe_user->storeSessionData();*/
/* EXTENDED - BEGIN */
/* Handle login by nnhelpers extension */
$user = $this->createOrUpdateUser($this->username);
error_log("user: " . print_r($user, true));
$loginResponse = \nn\t3::FrontendUser()->login($user['username']);
if($_SERVER["REMOTE_ADDR"] == "80.120.156.122"){
\TYPO3\CMS\Extbase\Utility\DebuggerUtility::var_dump($loginResponse);
die();
}
/* EXTENDED - END */
Utilities::log_php_error("User", $user);
if (isset($_SESSION)) {
goto re;
}
error_log("previous session not set...setting now");
session_id("email");
session_start();
$_SESSION["email"] = $this->ssoemail;
$_SESSION["id"] = $Ai;
re:
HP:
$bJ = $this->spObject["login_redirect_url"];
if (!empty($bJ)) {
goto aT;
}
$bJ = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on" ? "https" : "http") . "://{$_SERVER["HTTP_HOST"]}{$_SERVER["REQUEST_URI"]}";
/* EXTENDED - BEGIN */
/* sso_loginredirect2 not in use i guess */
$baseUrl = "https://".$_SERVER['HTTP_HOST'];
if(isset($_COOKIE['sso_loginredirect'])){
$bJ = $_COOKIE['sso_loginredirect'];
unset($_COOKIE['sso_loginredirect']);
setcookie('sso_loginredirect', '', time() - 3600, '/'); // empty value and old timestamp
}elseif(isset($_COOKIE['sso_loginredirect2'])){
switch ($_COOKIE['sso_loginredirect2']) {
case "/fename/":
$bJ = $baseUrl;
break;
case "/de/fename-de/":
$bJ = $baseUrl."/de/";
break;
case "/cz/fename-cz/":
$bJ = $baseUrl."/cz/";
break;
case "/hu/fename-hu/":
$bJ = $baseUrl."/hu/";
break;
case "/it/fename-it/":
$bJ = $baseUrl."/it/";
break;
case "/pl/fename-pl/":
$bJ = $baseUrl."/pl/";
break;
case "/ro/fename-ro/":
$bJ = $baseUrl."/ro/";
break;
case "/ru/fename-ru/":
$bJ = $baseUrl."/ru/";
break;
case "/sk/fename-sk/":
$bJ = $baseUrl."/sk/";
break;
case "/sv/fename-se/":
$bJ = $baseUrl."/sv/";
break;
case "/tr/fename-tr/":
$bJ = $baseUrl."/tr/";
break;
case "/hr/fename-hr/":
$bJ = $baseUrl."/hr/";
break;
case "/es/fename-es/":
$bJ = $baseUrl."/es/";
break;
default:
$bJ = $baseUrl;
}
unset($_COOKIE['sso_loginredirect2']);
setcookie('sso_loginredirect2', '', time() - 3600, '/'); // empty value and old timestamp
}else{
if(str_contains($bJ, 'saml-response')){
switch ($this->getCurrentSysLanguageUid()) {
case 0:
$bJ = $baseUrl;
break;
case 1:
$bJ = $baseUrl."/de/";
break;
case 2:
$bJ = $baseUrl."/cz/";
break;
case 3:
$bJ = $baseUrl."/hu/";
break;
case 4:
$bJ = $baseUrl."/it/";
break;
case 5:
$bJ = $baseUrl."/pl/";
break;
case 6:
$bJ = $baseUrl."/ro/";
break;
case 7:
$bJ = $baseUrl."/ru/";
break;
case 8:
$bJ = $baseUrl."/sk/";
break;
case 9:
$bJ = $baseUrl."/sv/";
break;
case 10:
$bJ = $baseUrl."/tr/";
break;
case 11:
$bJ = $baseUrl."/hr/";
break;
case 12:
$bJ = $baseUrl."/es/";
break;
default:
$bJ = $baseUrl;
}
}else{
$bJ = $baseUrl; //ignore language in this case - always default language
}
//if($bJ == "https://serviceportal.schrack-seconet.com/saml-response") $bJ = "https://serviceportal.schrack-seconet.com";
}
if($bJ){
\TYPO3\CMS\Core\Utility\HttpUtility::redirect($bJ);
die();
}
/* EXTENDED - END */
aT:
Utilities::log_php_error("RedirectURL", $bJ);
BQ:
eL:
}
public function createOrUpdateUser($pV)
{
$user = Utilities::fetchUserFromUsername($pV);
$XL = false;
/* EXTENDED - BEGIN */
$this->checkForUserGroupToCreate(); //check and create user groups
/* EXTENDED - END */
if ($user == false) {
goto Yb;
}
Utilities::log_php_error("USER EXISTS: ", $pV);
if (!($user["disable"] == 1)) {
goto x3;
}
Utilities::log_php_error("USER EXISTS BUT IS DISABLED", $pV);
exit("You are not allowed to login. Please contact your admin.");
x3:
$XL = true;
$As = GeneralUtility::makeInstance("TYPO3\CMS\Extbase\Domain\Repository\FrontendUserRepository")->findByUid($user["uid"]);
goto Sx;
Yb:
Utilities::log_php_error("CREATING USER", $pV);
$As = new FrontendUser();
$As->setUsername($pV);
$As->setPassword(SAMLUtilities::generateRandomAlphanumericValue(10));
Sx:
$As->setEmail($this->attrsReceived[$this->amObject["saml_am_email"]]["0"]);
if (!(array_key_exists("saml_am_title", $this->amObject) && isset($this->attrsReceived[$this->amObject["saml_am_title"]]["0"]))) {
goto vw;
}
$As->setTitle($this->attrsReceived[$this->amObject["saml_am_title"]]["0"]);
vw:
if (!(array_key_exists("saml_am_fname", $this->amObject) && isset($this->attrsReceived[$this->amObject["saml_am_fname"]]["0"]))) {
goto h8;
}
$As->setFirstName($this->attrsReceived[$this->amObject["saml_am_fname"]]["0"]);
h8:
if (!(array_key_exists("saml_am_lname", $this->amObject) && isset($this->attrsReceived[$this->amObject["saml_am_lname"]]["0"]))) {
goto sP;
}
$As->setLastName($this->attrsReceived[$this->amObject["saml_am_lname"]]["0"]);
sP:
if (!(array_key_exists("saml_am_address", $this->amObject) && isset($this->attrsReceived[$this->amObject["saml_am_address"]]["0"]))) {
goto a2;
}
$As->setAddress($this->attrsReceived[$this->amObject["saml_am_address"]]["0"]);
a2:
if (!(array_key_exists("saml_am_country", $this->amObject) && isset($this->attrsReceived[$this->amObject["saml_am_country"]]["0"]))) {
goto LJ;
}
$As->setCountry($this->attrsReceived[$this->amObject["saml_am_country"]]["0"]);
LJ:
if (!(array_key_exists("saml_am_city", $this->amObject) && isset($this->attrsReceived[$this->amObject["saml_am_city"]]["0"]))) {
goto iU;
}
$As->setCity($this->attrsReceived[$this->amObject["saml_am_city"]]["0"]);
iU:
if (!(array_key_exists("saml_am_zip", $this->amObject) && isset($this->attrsReceived[$this->amObject["saml_am_zip"]]["0"]))) {
goto XR;
}
$As->setZip($this->attrsReceived[$this->amObject["saml_am_zip"]]["0"]);
XR:
if (!(array_key_exists("saml_am_phone", $this->amObject) && isset($this->attrsReceived[$this->amObject["saml_am_phone"]]["0"]))) {
goto Mi;
}
$As->setTelephone($this->attrsReceived[$this->amObject["saml_am_phone"]]["0"]);
Mi:
error_log("frontend user: " . print_r($As, true));
Utilities::updateTable("usergroup", null, "fe_users");
/* EXTENDED - BEGIN */
/* USER GROUP HANDLING - IGNORE - WE DONT NEED THIS BECAUSE WE WANT IT DYNAMICALLY
/*$io = json_decode(self::fetchFromTable(Constants::SAML_GMOBJECT, Constants::TABLE_SAML), true); //GROUP MAPPING ARRAY - WE DONT NEED THIS BECAUSE WE WANT IT DYNAMICALLY
$r4 = $this->amObject[Constants::ATTRIBUTE_GROUPS];
/*Utilities::log_php_error("groupAttribute", $r4);
if ($r4 == '' || !isset($r4)) {
goto E1;
}
error_log("Group Attribute Mapped.");
if (!isset($this->attrsReceived[$r4])) {
goto qG;
}
$K7 = $this->attrsReceived[$r4];
qG:
$hH = 0;
if (!isset($K7)) {
goto mv;
}
Utilities::log_php_error("groupsReceived", print_r($K7, true));
if (sizeof($K7) > 0) {
goto UC;
}
error_log("Groups not received. Either mapping is wrong or IDP is not sending it. \xa \xaRemove attribute mapping for groups to set default group");
exit("Groups not assigned. Please contact your admin.");
goto Qy;
UC:
error_log("Group Attribute received from IDP");
Utilities::log_php_error("GROUPS RECEIVED: UPDATING ", $pV);
Utilities::log_php_error("GROUPS RECEIVED: ", $K7);
Utilities::log_php_error("gmObject: ", $io);*/
/*foreach ($K7 as $XV) {
$g8 = array_search($XV, $io);
Utilities::log_php_error("mappedTypo3Group ", $g8);
if (!$g8) {
goto b_;
}
error_log("Typo3 group mapped");
$Jr = GeneralUtility::makeInstance("TYPO3\CMS\Extbase\Domain\Repository\FrontendUserGroupRepository")->findByUid($g8);
$As->addUsergroup($Jr);
$hH++;
b_:
Yt:
}
EI:
Qy:
mv:
if (isset($hH) && $hH == 0) {
goto fh;
}
goto Bz;
fh:
error_log("No groups received is assigned to User. So assigning Default Group.");
$g8 = $io["defaultUserGroup"];
Utilities::log_php_error("Assigning DEFAULT group to user: ", $g8);
if ($g8) {
goto T8;
}
exit("Unable to assign user to default group. Please contact your admin." . $g8);
T8:
// WANTS TO ADD DEFAULT GROUP
$sS = Utilities::fetchUidFromGroupName($g8);
$Jr = GeneralUtility::makeInstance("TYPO3\CMS\Extbase\Domain\Repository\FrontendUserGroupRepository")->findByUid($sS);
$As->addUsergroup($Jr);
Bz:
goto YN;
E1:
error_log("GroupAttribute not mapped in Attribute Mapping Tab.");
if ($XL) {
goto Fk;
}
error_log("New User: Assigning Default Group.");
$g8 = $io["defaultUserGroup"];
Utilities::log_php_error("Assigning DEFAULT group to user: ", $g8);
if ($g8) {
goto SK;
}
exit("Unable to assign user to default group. Please contact your admin." . $g8);
SK:
$sS = Utilities::fetchUidFromGroupName($g8);
$Jr = GeneralUtility::makeInstance("TYPO3\CMS\Extbase\Domain\Repository\FrontendUserGroupRepository")->findByUid($sS);
error_log("userGroup assigned will be: " . print_r($Jr));
$As->addUsergroup($Jr);
Fk:
YN:
if ($XL) {
goto Hq;
}
$this->frontendUserRepository = GeneralUtility::makeInstance("TYPO3\CMS\Extbase\Domain\Repository\FrontendUserRepository")->add($As);
goto jt;
Hq:
$this->frontendUserRepository = GeneralUtility::makeInstance("TYPO3\CMS\Extbase\Domain\Repository\FrontendUserRepository")->update($As);
jt:*/
/* EXTENDED - END */
/* EXTENDED - BEGIN */
$roleUids = [];
if(array_key_exists("Role",$this->attrsReceived)){
if(!empty($this->attrsReceived['Role'])){
foreach($this->attrsReceived['Role'] as $roleName){
/* --- Fetch Role UIDs --- */
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_groups');
$roleUid = $queryBuilder
->select('uid')
->from('fe_groups')
->where(
$queryBuilder->expr()->eq('title', $queryBuilder->createNamedParameter($roleName))
)
->execute()->fetchColumn(0);
$roleUids[] = $roleUid;
/* --- Fetch Role UIDs -- END --- */
}
}
}
$io = json_decode(self::fetchFromTable(Constants::SAML_GMOBJECT, Constants::TABLE_SAML), true); //GROUP MAPPING ARRAY
$frontendUserGroupRepository = GeneralUtility::makeInstance("TYPO3\CMS\Extbase\Domain\Repository\FrontendUserGroupRepository");
if($roleUids){
foreach($roleUids as $userGroupUid){
$As->addUsergroup($frontendUserGroupRepository->findByUid($userGroupUid));
}
}else{
$As->addUsergroup($frontendUserGroupRepository->findByUid(Utilities::fetchUidFromGroupName($io['defaultUserGroup']))); //Set the given defaultUserGroup (default-saml-user-group-v11)
}
if($As->getUid()){
$this->frontendUserRepository = GeneralUtility::makeInstance("TYPO3\CMS\Extbase\Domain\Repository\FrontendUserRepository")->update($As);
}else{
$this->frontendUserRepository = GeneralUtility::makeInstance("TYPO3\CMS\Extbase\Domain\Repository\FrontendUserRepository")->add($As);
}
/* EXTENDED - END */
$this->persistenceManager = GeneralUtility::makeInstance("TYPO3\CMS\Extbase\Persistence\Generic\PersistenceManager")->persistAll();
$ws = json_decode(self::fetchFromTable(Constants::SAML_CUSTOM_ATTROBJECT, Constants::TABLE_SAML), true);
if (!(isset($ws) or !empty($ws))) {
goto kX;
}
unset($ws["option"]);
$ja = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable(Constants::TABLE_FE_USERS);
$AE = $ja->createNamedParameter($As->getUid(), PDO::PARAM_INT);
if (!(count($ws) > 0)) {
goto jw;
}
foreach ($ws as $bu => $Mc) {
$ja->update(Constants::TABLE_FE_USERS)->where($ja->expr()->eq("uid", $AE))->set($bu, $this->attrsReceived[$Mc]["0"])->execute();
hq:
}
QS:
jw:
kX:
$user = Utilities::fetchUserFromUsername($pV);
return $user;
}
/*
* Create Roles in Database if they do not exist
*/
private function checkForUserGroupToCreate(){
if(array_key_exists("Role",$this->attrsReceived)){
if(empty($this->attrsReceived['Role'])) return;
foreach($this->attrsReceived['Role'] as $roleName){
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_groups');
$count = $queryBuilder
->count('uid')
->from('fe_groups')
->where( $queryBuilder->expr()->eq('title', $queryBuilder->createNamedParameter($roleName)))
->execute()
->fetchColumn(0);
if(!$count){
$queryBuilderInsert = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_groups');
$affectedRows = $queryBuilderInsert
->insert('fe_groups')
->values([
'title' => $roleName,
'pid' => 367,
])
->execute();
}
}
}
}
public function logout($l6, $Ai)
{
$VY = $this->idpObject[Constants::IDP_LOGOUT_URL];
$lK = $this->idpObject[Constants::IDP_BINDING_TYPE];
if (!empty($VY)) {
goto sx;
}
$QM->fe_user->logoff();
unset($_SESSION["email"]);
unset($_SESSION["id"]);
unset($_SESSION["sessionIndex"]);
setcookie(Constants::FE_USER_EMAIL, '', time() - 3600);
setcookie(Constants::FEUSER_TYPO3_SES_INDEX, '', time() - 3600);
setcookie(Constants::FEUSER_IDP_SESSION_INDEX, '', time() - 3600);
$e0 = $this->spObject[Constants::SAML_LOGOUT_URL] . "#success";
goto X2;
sx:
$Qh = $this->ssoemail;
if (!(null == $Qh)) {
goto qg;
}
$Qh = $_COOKIE[Constants::FE_USER_EMAIL];
qg:
$gF = $this->sp_entity_id;
$Af = $VY;
$ro = $Af;
$wz = $VY;
$Md = SAMLUtilities::createLogoutRequest($Qh, $Ai, $gF, $ro, $lK);
if (empty($this->bindingType) || $this->bindingType == Constants::HTTP_REDIRECT) {
goto Ja;
}
SAMLUtilities::sendHTTPPostRequest($Md, $wz, $Af);
goto VM;
Ja:
SAMLUtilities::sendHTTPRedirectRequest($Md, $wz, $Af);
VM:
X2:
return $e0;
}
public static function fetchFromTable($B_, $xO)
{
$ja = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($xO);
$f5 = $ja->select($B_)->from($xO)->where($ja->expr()->eq("uid", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
return $f5;
}
public function setFlag($OP)
{
$ja = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable("saml");
$ja->update("saml")->where($ja->expr()->eq("uid", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->set("custom_attr", $OP)->execute();
}
function generateTimestamp($fR = NULL)
{
if (!($fR === NULL)) {
goto qR;
}
$fR = time();
qR:
return gmdate("Y-m-d\TH:i:s\Z", $fR);
}
function generateID()
{
return "_" . $this->stringToHex($this->generateRandomBytes(21));
}
function stringToHex($oy)
{
$J0 = '';
$Gv = 0;
Gt:
if (!($Gv < strlen($oy))) {
goto BX;
}
$J0 .= sprintf("%02x", ord($oy[$Gv]));
Ev:
$Gv++;
goto Gt;
BX:
return $J0;
}
function generateRandomBytes($Od, $Cm = TRUE)
{
return openssl_random_pseudo_bytes($Od);
}
public function control()
{
$ja = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable(Constants::TABLE_SAML);
$this->idp_name = $ja->select("idp_name")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("uid", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->acs_url = $ja->select("acs_url")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("uid", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->sp_entity_id = $ja->select("sp_entity_id")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("uid", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->saml_login_url = $ja->select("saml_login_url")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("uid", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->force_authn = $ja->select("force_authn")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("uid", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->x509_certificate = $ja->select("x509_certificate")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("uid", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->issuer = $ja->select("idp_entity_id")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("uid", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$Qf = true;
$zh = true;
}
protected function getTypoScriptFrontendController() : TypoScriptFrontendController
{
return $GLOBALS["TSFE"];
}
/*
* Get current sys_language_uid
*/
private function getCurrentSysLanguageUid(){
$languageAspect = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Core\Context\Context::class)->getAspect('language');
return $languageAspect->getId();
}
}
?>Did this file decode correctly?
Original Code
<?php
namespace Miniorange\SamlSpPremium\Controller;
use Exception;
use Miniorange\Helper\Actions\ProcessResponseAction;
use Miniorange\Helper\Actions\ReadResponseAction;
use Miniorange\Helper\Actions\TestResultActions;
use Miniorange\Helper\Constants;
use MiniOrange\Helper\Exception\InvalidAudienceException;
use MiniOrange\Helper\Exception\InvalidDestinationException;
use MiniOrange\Helper\Exception\InvalidIssuerException;
use MiniOrange\Helper\Exception\InvalidSamlStatusCodeException;
use MiniOrange\Helper\Exception\InvalidSignatureInResponseException;
use Miniorange\Helper\SAMLUtilities;
use Miniorange\Helper\Utilities;
use PDO;
use ReflectionClass;
use ReflectionException;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Extbase\Mvc\Controller\ActionController;
use TYPO3\CMS\Extbase\Domain\Model\FrontendUser;
use Psr\Http\Message\ResponseFactoryInterface;
use TYPO3\CMS\Core\Session\UserSessionManager;
use TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController;
use TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication;
class ResponseController extends ActionController
{
protected $idp_name = null;
protected $acs_url = null;
protected $sp_entity_id = null;
protected $force_authn = null;
protected $saml_login_url = null;
private $issuer = null;
private $signedAssertion = null;
private $signedResponse = null;
protected $persistenceManager = null;
protected $frontendUserRepository = null;
private $ssoemail = null;
private $username = null;
private $ses_id = null;
private $attrsReceived = null;
private $amObject = null;
private $idpObject = null;
private $spObject = null;
protected $responseFactory = null;
public function responseAction()
{
GeneralUtility::makeInstance(\TYPO3\CMS\Core\Cache\CacheManager::class)->flushCaches();
error_log("\111\156\40\122\x65\x73\160\x6f\156\x73\145\143\x6f\156\x74\x72\157\x6c\154\x65\x72\x20\146\x69\154\145\72\40\x52\145\x73\160\157\x6e\163\145\101\x63\164\151\157\x6e\x20\x73\x74\x61\x72\x74\145\144");
$this->spObject = json_decode(self::fetchFromTable(Constants::SAML_SPOBJECT, Constants::TABLE_SAML), true);
$this->idpObject = json_decode(self::fetchFromTable(Constants::SAML_IDPOBJECT, Constants::TABLE_SAML), true);
if (array_key_exists("\123\x41\x4d\x4c\122\145\x73\x70\157\156\x73\x65", $_REQUEST) && !empty($_REQUEST["\x53\x41\115\x4c\122\x65\163\x70\x6f\156\163\145"])) {
goto VA;
}
if (!(array_key_exists("\154\157\x67\x69\x6e\164\171\x70\x65", $_REQUEST) && $_REQUEST["\154\x6f\x67\x69\156\x74\x79\x70\145"] == "\x6c\157\x67\x6f\x75\164")) {
goto dN;
}
error_log("\x4c\x6f\x67\x6f\165\164\40\151\156\164\145\162\x63\145\x70\164\x65\144\56");
$v7 = $_COOKIE[Constants::FEUSER_TYPO3_SES_INDEX];
$vb = $_COOKIE[Constants::FEUSER_IDP_SESSION_INDEX];
$this->ssoemail = $_COOKIE[Constants::FE_USER_EMAIL];
$this->control();
$lH = $this->logout($v7, $vb);
header("\x4c\157\143\141\x74\151\x6f\156\x3a\x20" . $lH);
dN:
goto eL;
VA:
$uN = ReadResponseAction::execute();
if (!($uN != null)) {
goto BQ;
}
$this->control();
$this->name_id = current(current($uN->getAssertions())->getNameId());
$Ai = current($uN->getAssertions())->getSessionIndex();
$this->amObject = json_decode(self::fetchFromTable(Constants::SAML_ATTROBJECT, Constants::TABLE_SAML), true);
$this->attrsReceived = current($uN->getAssertions())->getAttributes();
$this->attrsReceived["\x4e\141\x6d\145\x49\x44"] = ["\x30" => $this->name_id];
$TL = array_key_exists("\x52\145\154\x61\x79\123\x74\141\x74\x65", $_REQUEST) ? $_REQUEST["\122\x65\x6c\141\x79\x53\x74\x61\164\145"] : "\x2f";
if (!($TL == "\x74\145\x73\164\143\x6f\156\146\151\147")) {
goto t2;
}
(new TestResultActions($this->attrsReceived))->execute();
die;
t2:
if (!($this->attrsReceived == null)) {
goto R4;
}
Utilities::showErrorFlashMessage("\x41\x74\x74\x72\x69\142\165\164\145\x73\x20\156\157\x74\40\162\145\143\x65\x69\166\x65\144\56\40\125\x6e\x61\x62\154\145\40\x74\157\40\154\157\x67\x69\156");
R4:
$zz = new ProcessResponseAction($uN, $this->acs_url, $this->issuer, $this->sp_entity_id, $this->signedResponse, $this->signedAssertion, $this->x509_certificate);
if ($this->attrsReceived != null) {
goto N_;
}
exit("\101\164\164\162\151\x62\165\164\x65\163\40\156\x6f\x74\40\162\x65\x63\x65\x69\x76\x65\144\56\x20\x55\x6e\x61\142\x6c\x65\x20\164\157\40\x6c\x6f\x67\x69\156");
goto HP;
N_:
error_log("\101\164\x74\162\x69\x62\165\164\145\x73\x20\x72\x65\x63\145\151\x76\x65\144");
$Pt = $this->amObject[Constants::ATTRIBUTE_USERNAME];
if (!(!isset($Pt) || $Pt == '')) {
goto qD;
}
Utilities::log_php_error('', "\116\157\x20\141\x74\x74\162\151\142\x75\x74\145\x20\115\x61\x70\x70\151\156\x67\40\146\x6f\162\x20\x75\x73\x65\x72\x6e\141\155\x65\56\x20\120\154\145\141\163\145\x20\x6d\x61\160\40\141\40\165\156\151\x71\165\145\x20\x61\164\x74\x72\151\x62\x75\x74\x65\x20\146\162\x6f\x6d\40\111\104\120\x20\x61\x73\40\165\x73\145\162\156\x61\155\x65\x20\x69\156\x20\101\164\164\162\x69\x62\x75\x74\145\40\x4d\141\x70\160\151\x6e\x67\x20\x74\x61\x62\56");
exit("\x4e\157\40\141\164\164\x72\151\142\165\164\x65\x20\115\x61\160\x70\x69\x6e\147\40\146\157\x75\156\144\40\146\x6f\162\x20\x55\x73\x65\162\156\x61\155\x65\56\40\120\x6c\145\141\x73\145\40\143\x6f\x6e\164\141\143\164\x20\x79\157\x75\162\40\x61\x64\155\x69\x6e\x2e");
qD:
$this->username = $this->attrsReceived[$Pt]["\60"];
if (!(!isset($this->username) || $this->username == '')) {
goto fF;
}
Utilities::log_php_error('', "\x46\x61\151\x6c\145\x64\40\164\x6f\x20\143\x72\145\x61\164\145\x20\x75\163\x65\162\x20\142\x65\x63\141\165\163\145\x20\144\x69\x64\x6e\47\x74\x20\x72\x65\x63\145\x69\166\145\x20\x75\x73\145\x72\156\x61\x6d\145\x20\x61\x74\x74\x72\x69\142\165\x74\145\x20\146\162\157\x6d\x20\111\104\120\x2e");
exit("\x55\156\x61\142\154\x65\40\164\157\40\143\x72\x65\141\x74\x65\x20\165\x73\145\162\56\x20\x50\x6c\145\x61\x73\145\40\x63\157\x6e\164\x61\143\164\40\171\x6f\165\x72\x20\x61\x64\155\151\x6e\x2e");
fF:
$this->ssoemail = $this->attrsReceived[$this->amObject[Constants::ATTRIBUTE_EMAIL]]["\x30"];
/*$QM = self::getTypoScriptFrontendController();
$QM->fe_user->checkPid = 0;
$user = $this->createOrUpdateUser($this->username);
error_log("\x75\x73\x65\x72\x3a\x20" . print_r($user, true));
$cr = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Context\Context::class);
$cr->getPropertyFromAspect("\x66\162\157\x6e\164\145\156\x64\x2e\165\163\145\x72", "\x69\x73\x4c\x6f\x67\x67\x65\x64\x49\156");
$QM->fe_user->forceSetCookie = TRUE;
$QM->fe_user->start();
$QM->fe_user->createUserSession($user);
$QM->fe_user->user = $user;
$QM->initUserGroups();
$QM->fe_user->loginSessionStarted = TRUE;
$QM->fe_user->setKey("\165\x73\145\x72", "\x66\145\137\164\171\x70\x6f\x5f\165\163\x65\162", $user);
$GLOBALS["\124\x53\x46\105"]->fe_user->setKey("\163\x65\163", "\146\145\137\164\171\x70\157\137\x75\163\x65\162", $user);
$QM->fe_user->setAndSaveSessionData("\165\x73\145\x72", TRUE);
$sH = $QM->fe_user->fetchUserSession();
$K8 = new ReflectionClass($QM->fe_user);
$BO = $K8->getMethod("\163\x65\164\123\145\x73\163\x69\x6f\x6e\103\157\x6f\153\x69\145");
$BO->setAccessible(TRUE);
$BO->invoke($QM->fe_user);
$QM->fe_user->storeSessionData();*/
/* EXTENDED - BEGIN */
/* Handle login by nnhelpers extension */
$user = $this->createOrUpdateUser($this->username);
error_log("\x75\x73\x65\x72\x3a\x20" . print_r($user, true));
$loginResponse = \nn\t3::FrontendUser()->login($user['username']);
if($_SERVER["REMOTE_ADDR"] == "80.120.156.122"){
\TYPO3\CMS\Extbase\Utility\DebuggerUtility::var_dump($loginResponse);
die();
}
/* EXTENDED - END */
Utilities::log_php_error("\x55\x73\145\162", $user);
if (isset($_SESSION)) {
goto re;
}
error_log("\x70\x72\x65\x76\x69\x6f\165\163\x20\x73\145\x73\x73\151\157\x6e\x20\x6e\157\164\40\x73\x65\164\x2e\56\x2e\163\145\x74\x74\x69\156\x67\x20\156\157\167");
session_id("\x65\x6d\141\x69\154");
session_start();
$_SESSION["\x65\155\141\151\154"] = $this->ssoemail;
$_SESSION["\151\144"] = $Ai;
re:
HP:
$bJ = $this->spObject["\154\x6f\147\151\156\x5f\162\145\144\x69\162\145\x63\x74\x5f\x75\162\x6c"];
if (!empty($bJ)) {
goto aT;
}
$bJ = (isset($_SERVER["\110\x54\124\120\123"]) && $_SERVER["\110\x54\124\120\123"] === "\x6f\156" ? "\x68\164\x74\160\x73" : "\150\x74\164\x70") . "\x3a\x2f\x2f{$_SERVER["\x48\124\124\x50\137\110\x4f\x53\124"]}{$_SERVER["\122\105\121\125\105\123\x54\137\125\x52\x49"]}";
/* EXTENDED - BEGIN */
/* sso_loginredirect2 not in use i guess */
$baseUrl = "https://".$_SERVER['HTTP_HOST'];
if(isset($_COOKIE['sso_loginredirect'])){
$bJ = $_COOKIE['sso_loginredirect'];
unset($_COOKIE['sso_loginredirect']);
setcookie('sso_loginredirect', '', time() - 3600, '/'); // empty value and old timestamp
}elseif(isset($_COOKIE['sso_loginredirect2'])){
switch ($_COOKIE['sso_loginredirect2']) {
case "/fename/":
$bJ = $baseUrl;
break;
case "/de/fename-de/":
$bJ = $baseUrl."/de/";
break;
case "/cz/fename-cz/":
$bJ = $baseUrl."/cz/";
break;
case "/hu/fename-hu/":
$bJ = $baseUrl."/hu/";
break;
case "/it/fename-it/":
$bJ = $baseUrl."/it/";
break;
case "/pl/fename-pl/":
$bJ = $baseUrl."/pl/";
break;
case "/ro/fename-ro/":
$bJ = $baseUrl."/ro/";
break;
case "/ru/fename-ru/":
$bJ = $baseUrl."/ru/";
break;
case "/sk/fename-sk/":
$bJ = $baseUrl."/sk/";
break;
case "/sv/fename-se/":
$bJ = $baseUrl."/sv/";
break;
case "/tr/fename-tr/":
$bJ = $baseUrl."/tr/";
break;
case "/hr/fename-hr/":
$bJ = $baseUrl."/hr/";
break;
case "/es/fename-es/":
$bJ = $baseUrl."/es/";
break;
default:
$bJ = $baseUrl;
}
unset($_COOKIE['sso_loginredirect2']);
setcookie('sso_loginredirect2', '', time() - 3600, '/'); // empty value and old timestamp
}else{
if(str_contains($bJ, 'saml-response')){
switch ($this->getCurrentSysLanguageUid()) {
case 0:
$bJ = $baseUrl;
break;
case 1:
$bJ = $baseUrl."/de/";
break;
case 2:
$bJ = $baseUrl."/cz/";
break;
case 3:
$bJ = $baseUrl."/hu/";
break;
case 4:
$bJ = $baseUrl."/it/";
break;
case 5:
$bJ = $baseUrl."/pl/";
break;
case 6:
$bJ = $baseUrl."/ro/";
break;
case 7:
$bJ = $baseUrl."/ru/";
break;
case 8:
$bJ = $baseUrl."/sk/";
break;
case 9:
$bJ = $baseUrl."/sv/";
break;
case 10:
$bJ = $baseUrl."/tr/";
break;
case 11:
$bJ = $baseUrl."/hr/";
break;
case 12:
$bJ = $baseUrl."/es/";
break;
default:
$bJ = $baseUrl;
}
}else{
$bJ = $baseUrl; //ignore language in this case - always default language
}
//if($bJ == "https://serviceportal.schrack-seconet.com/saml-response") $bJ = "https://serviceportal.schrack-seconet.com";
}
if($bJ){
\TYPO3\CMS\Core\Utility\HttpUtility::redirect($bJ);
die();
}
/* EXTENDED - END */
aT:
Utilities::log_php_error("\122\x65\x64\151\162\145\x63\164\125\x52\x4c", $bJ);
BQ:
eL:
}
public function createOrUpdateUser($pV)
{
$user = Utilities::fetchUserFromUsername($pV);
$XL = false;
/* EXTENDED - BEGIN */
$this->checkForUserGroupToCreate(); //check and create user groups
/* EXTENDED - END */
if ($user == false) {
goto Yb;
}
Utilities::log_php_error("\125\x53\105\x52\x20\x45\130\x49\123\124\123\72\x20", $pV);
if (!($user["\x64\x69\163\141\142\x6c\x65"] == 1)) {
goto x3;
}
Utilities::log_php_error("\125\123\x45\122\x20\x45\130\111\123\124\123\40\102\x55\x54\40\x49\123\x20\x44\x49\x53\x41\x42\x4c\105\104", $pV);
exit("\x59\157\165\x20\x61\x72\145\40\x6e\x6f\x74\x20\141\x6c\154\157\x77\x65\x64\40\164\x6f\40\154\157\147\x69\x6e\56\40\120\x6c\145\141\163\x65\40\x63\x6f\x6e\164\x61\143\164\40\x79\x6f\x75\x72\x20\x61\x64\155\151\156\56");
x3:
$XL = true;
$As = GeneralUtility::makeInstance("\124\131\120\117\x33\x5c\103\x4d\x53\x5c\x45\170\164\x62\141\163\x65\x5c\x44\157\x6d\x61\151\156\134\x52\145\160\x6f\x73\151\x74\157\x72\171\134\x46\162\x6f\156\164\x65\156\144\125\163\x65\162\122\145\160\157\x73\151\x74\157\x72\171")->findByUid($user["\165\x69\144"]);
goto Sx;
Yb:
Utilities::log_php_error("\x43\122\105\x41\124\x49\x4e\107\x20\125\x53\105\122", $pV);
$As = new FrontendUser();
$As->setUsername($pV);
$As->setPassword(SAMLUtilities::generateRandomAlphanumericValue(10));
Sx:
$As->setEmail($this->attrsReceived[$this->amObject["\163\141\155\x6c\x5f\141\155\x5f\145\x6d\x61\151\x6c"]]["\60"]);
if (!(array_key_exists("\x73\x61\155\154\137\x61\155\x5f\x74\x69\x74\154\x65", $this->amObject) && isset($this->attrsReceived[$this->amObject["\163\x61\x6d\154\137\141\155\x5f\x74\151\164\154\145"]]["\60"]))) {
goto vw;
}
$As->setTitle($this->attrsReceived[$this->amObject["\163\x61\x6d\x6c\137\141\155\x5f\164\151\x74\154\145"]]["\60"]);
vw:
if (!(array_key_exists("\x73\x61\155\x6c\x5f\141\x6d\137\x66\156\141\155\x65", $this->amObject) && isset($this->attrsReceived[$this->amObject["\x73\141\155\x6c\137\141\x6d\137\146\156\x61\x6d\x65"]]["\60"]))) {
goto h8;
}
$As->setFirstName($this->attrsReceived[$this->amObject["\x73\141\155\x6c\137\x61\x6d\x5f\146\156\141\x6d\x65"]]["\x30"]);
h8:
if (!(array_key_exists("\x73\x61\x6d\154\137\141\155\137\154\156\141\x6d\x65", $this->amObject) && isset($this->attrsReceived[$this->amObject["\x73\x61\x6d\154\137\x61\155\137\154\x6e\x61\155\x65"]]["\x30"]))) {
goto sP;
}
$As->setLastName($this->attrsReceived[$this->amObject["\163\141\155\x6c\137\141\x6d\137\154\x6e\x61\155\145"]]["\x30"]);
sP:
if (!(array_key_exists("\163\141\x6d\x6c\137\141\x6d\137\141\x64\x64\x72\x65\x73\163", $this->amObject) && isset($this->attrsReceived[$this->amObject["\163\141\x6d\x6c\137\x61\155\137\x61\144\x64\162\x65\163\163"]]["\x30"]))) {
goto a2;
}
$As->setAddress($this->attrsReceived[$this->amObject["\x73\141\155\x6c\137\x61\x6d\x5f\x61\144\x64\x72\145\163\163"]]["\60"]);
a2:
if (!(array_key_exists("\163\141\x6d\154\137\141\x6d\x5f\x63\x6f\165\156\164\x72\171", $this->amObject) && isset($this->attrsReceived[$this->amObject["\x73\x61\x6d\x6c\x5f\x61\x6d\x5f\143\x6f\165\156\x74\162\x79"]]["\60"]))) {
goto LJ;
}
$As->setCountry($this->attrsReceived[$this->amObject["\x73\141\x6d\154\x5f\141\x6d\137\x63\157\x75\156\164\162\x79"]]["\x30"]);
LJ:
if (!(array_key_exists("\163\x61\155\154\137\x61\155\x5f\x63\x69\x74\x79", $this->amObject) && isset($this->attrsReceived[$this->amObject["\163\141\x6d\x6c\x5f\x61\x6d\137\143\151\164\x79"]]["\x30"]))) {
goto iU;
}
$As->setCity($this->attrsReceived[$this->amObject["\x73\x61\x6d\x6c\137\x61\155\137\x63\151\164\x79"]]["\60"]);
iU:
if (!(array_key_exists("\163\x61\155\154\137\141\155\137\x7a\151\160", $this->amObject) && isset($this->attrsReceived[$this->amObject["\163\141\x6d\154\137\x61\x6d\x5f\x7a\151\160"]]["\x30"]))) {
goto XR;
}
$As->setZip($this->attrsReceived[$this->amObject["\x73\x61\155\x6c\x5f\x61\155\x5f\172\151\x70"]]["\60"]);
XR:
if (!(array_key_exists("\163\x61\x6d\154\x5f\x61\155\x5f\x70\x68\x6f\x6e\145", $this->amObject) && isset($this->attrsReceived[$this->amObject["\x73\x61\x6d\154\137\x61\155\x5f\x70\x68\x6f\156\x65"]]["\x30"]))) {
goto Mi;
}
$As->setTelephone($this->attrsReceived[$this->amObject["\x73\x61\155\154\137\x61\155\x5f\160\150\157\156\145"]]["\x30"]);
Mi:
error_log("\146\x72\x6f\156\x74\x65\156\x64\x20\165\163\x65\162\x3a\x20" . print_r($As, true));
Utilities::updateTable("\x75\x73\145\x72\147\162\157\x75\x70", null, "\x66\145\137\165\163\145\162\x73");
/* EXTENDED - BEGIN */
/* USER GROUP HANDLING - IGNORE - WE DONT NEED THIS BECAUSE WE WANT IT DYNAMICALLY
/*$io = json_decode(self::fetchFromTable(Constants::SAML_GMOBJECT, Constants::TABLE_SAML), true); //GROUP MAPPING ARRAY - WE DONT NEED THIS BECAUSE WE WANT IT DYNAMICALLY
$r4 = $this->amObject[Constants::ATTRIBUTE_GROUPS];
/*Utilities::log_php_error("\x67\162\157\x75\x70\x41\x74\164\162\151\x62\165\164\x65", $r4);
if ($r4 == '' || !isset($r4)) {
goto E1;
}
error_log("\107\x72\157\165\x70\x20\101\164\x74\x72\151\142\x75\x74\145\40\115\x61\160\x70\x65\144\x2e");
if (!isset($this->attrsReceived[$r4])) {
goto qG;
}
$K7 = $this->attrsReceived[$r4];
qG:
$hH = 0;
if (!isset($K7)) {
goto mv;
}
Utilities::log_php_error("\147\162\157\165\x70\163\x52\145\143\x65\151\166\145\x64", print_r($K7, true));
if (sizeof($K7) > 0) {
goto UC;
}
error_log("\x47\162\157\165\x70\x73\40\156\157\x74\x20\162\145\143\x65\x69\x76\145\x64\x2e\40\105\x69\164\x68\145\162\40\x6d\141\160\x70\x69\x6e\x67\40\151\163\x20\167\162\x6f\x6e\x67\x20\x6f\162\x20\x49\x44\x50\x20\x69\x73\40\x6e\x6f\164\40\163\145\x6e\144\151\x6e\x67\40\151\x74\x2e\40\xa\x20\40\40\x20\40\40\40\40\x20\x20\40\40\x20\x20\x20\x20\40\40\40\40\xa\122\145\x6d\x6f\166\145\40\141\164\164\x72\151\x62\x75\164\145\40\155\141\160\160\x69\x6e\147\x20\146\157\162\x20\147\162\x6f\165\x70\x73\40\x74\x6f\x20\163\x65\x74\40\144\145\x66\x61\165\x6c\x74\x20\147\162\157\165\160");
exit("\107\162\157\x75\160\163\x20\x6e\157\x74\x20\x61\163\x73\151\x67\156\145\144\x2e\40\120\154\145\141\x73\145\40\143\157\156\x74\x61\143\164\40\x79\157\x75\162\40\141\144\x6d\x69\156\56");
goto Qy;
UC:
error_log("\107\x72\x6f\165\160\x20\x41\164\164\x72\x69\142\x75\x74\145\40\x72\145\x63\x65\151\166\x65\144\40\146\162\x6f\x6d\40\111\104\x50");
Utilities::log_php_error("\x47\122\x4f\125\x50\x53\40\122\x45\103\x45\111\126\105\104\72\x20\125\x50\x44\101\124\111\116\x47\40", $pV);
Utilities::log_php_error("\107\122\117\125\120\x53\x20\122\105\103\x45\111\x56\105\x44\72\x20\x20", $K7);
Utilities::log_php_error("\147\x6d\x4f\142\152\145\x63\164\72\x20\40", $io);*/
/*foreach ($K7 as $XV) {
$g8 = array_search($XV, $io);
Utilities::log_php_error("\155\x61\x70\x70\145\x64\124\x79\x70\157\x33\107\162\157\165\x70\40", $g8);
if (!$g8) {
goto b_;
}
error_log("\124\171\160\157\x33\40\x67\x72\x6f\165\160\x20\155\141\160\x70\x65\x64");
$Jr = GeneralUtility::makeInstance("\124\x59\120\117\63\134\x43\115\123\134\x45\x78\164\142\141\x73\x65\134\104\157\x6d\x61\151\156\134\122\x65\160\157\163\151\164\x6f\162\x79\x5c\x46\162\157\x6e\164\x65\x6e\144\125\x73\x65\162\107\x72\x6f\x75\160\x52\x65\x70\157\163\x69\164\x6f\x72\171")->findByUid($g8);
$As->addUsergroup($Jr);
$hH++;
b_:
Yt:
}
EI:
Qy:
mv:
if (isset($hH) && $hH == 0) {
goto fh;
}
goto Bz;
fh:
error_log("\116\x6f\40\x67\162\x6f\x75\x70\x73\x20\162\x65\x63\x65\151\166\145\x64\40\x69\163\40\x61\163\163\x69\147\x6e\x65\x64\x20\x74\x6f\x20\x55\163\x65\162\x2e\x20\123\157\x20\141\x73\163\x69\x67\156\x69\x6e\147\x20\x44\145\146\141\165\x6c\x74\40\107\162\x6f\x75\x70\x2e");
$g8 = $io["\x64\x65\x66\x61\165\154\x74\125\163\145\162\107\x72\157\x75\160"];
Utilities::log_php_error("\x41\x73\x73\x69\147\x6e\x69\x6e\147\40\104\105\x46\x41\x55\x4c\x54\x20\147\162\x6f\x75\160\x20\164\x6f\40\165\x73\x65\x72\x3a\40", $g8);
if ($g8) {
goto T8;
}
exit("\x55\156\141\x62\x6c\145\x20\x74\x6f\x20\x61\x73\x73\151\147\156\40\165\x73\145\162\x20\164\157\x20\144\x65\146\x61\x75\154\x74\40\147\162\x6f\x75\x70\x2e\40\x50\x6c\x65\x61\163\x65\40\143\x6f\x6e\x74\141\x63\164\40\171\x6f\x75\162\40\x61\x64\155\x69\x6e\56" . $g8);
T8:
// WANTS TO ADD DEFAULT GROUP
$sS = Utilities::fetchUidFromGroupName($g8);
$Jr = GeneralUtility::makeInstance("\124\131\x50\x4f\x33\x5c\x43\115\x53\x5c\105\170\164\142\x61\163\x65\134\104\157\x6d\x61\x69\x6e\134\122\145\x70\x6f\x73\x69\x74\x6f\162\x79\134\106\162\157\x6e\164\x65\156\144\125\x73\145\162\x47\x72\x6f\x75\160\122\x65\x70\x6f\163\x69\x74\157\x72\x79")->findByUid($sS);
$As->addUsergroup($Jr);
Bz:
goto YN;
E1:
error_log("\x47\162\157\x75\x70\101\164\x74\162\151\x62\x75\x74\x65\x20\x6e\x6f\x74\x20\x6d\141\160\160\145\144\x20\151\x6e\40\x41\x74\164\162\151\142\165\164\145\x20\115\141\x70\x70\x69\x6e\147\x20\x54\x61\142\56");
if ($XL) {
goto Fk;
}
error_log("\x4e\145\167\40\125\163\145\162\72\40\x41\x73\163\151\147\156\x69\x6e\147\40\104\145\x66\141\165\x6c\164\x20\x47\162\157\x75\160\x2e");
$g8 = $io["\x64\x65\146\x61\x75\154\x74\125\163\145\162\x47\x72\157\165\x70"];
Utilities::log_php_error("\x41\x73\163\x69\147\156\x69\156\147\x20\104\x45\106\101\125\x4c\124\40\147\x72\157\x75\160\x20\164\x6f\40\x75\x73\145\162\72\40", $g8);
if ($g8) {
goto SK;
}
exit("\125\x6e\x61\142\154\x65\x20\x74\157\40\141\163\163\151\x67\156\x20\165\x73\x65\x72\x20\164\157\40\x64\145\x66\x61\165\x6c\164\x20\147\x72\x6f\x75\160\x2e\x20\120\154\145\x61\x73\145\x20\143\157\156\164\x61\x63\164\x20\171\x6f\165\162\x20\x61\x64\x6d\x69\156\x2e" . $g8);
SK:
$sS = Utilities::fetchUidFromGroupName($g8);
$Jr = GeneralUtility::makeInstance("\x54\x59\120\117\63\134\x43\x4d\123\134\105\x78\x74\142\141\163\145\x5c\104\157\155\141\x69\156\134\122\145\160\157\x73\x69\164\157\x72\x79\x5c\x46\x72\x6f\156\164\x65\x6e\x64\x55\163\145\x72\x47\x72\157\x75\x70\122\x65\x70\x6f\163\151\x74\157\x72\x79")->findByUid($sS);
error_log("\x75\163\145\162\x47\162\x6f\x75\x70\x20\141\163\x73\151\x67\x6e\x65\144\x20\x77\151\154\x6c\x20\142\x65\72\x20" . print_r($Jr));
$As->addUsergroup($Jr);
Fk:
YN:
if ($XL) {
goto Hq;
}
$this->frontendUserRepository = GeneralUtility::makeInstance("\124\x59\x50\x4f\x33\134\103\115\123\x5c\105\x78\164\142\141\x73\x65\x5c\x44\157\x6d\x61\x69\x6e\x5c\x52\x65\x70\x6f\x73\151\164\x6f\162\171\134\x46\x72\157\x6e\164\145\156\144\x55\163\145\x72\x52\x65\160\157\163\151\164\157\162\x79")->add($As);
goto jt;
Hq:
$this->frontendUserRepository = GeneralUtility::makeInstance("\x54\x59\120\117\x33\134\x43\115\x53\134\x45\x78\164\x62\x61\x73\145\134\x44\x6f\155\141\151\x6e\134\122\x65\160\x6f\163\x69\x74\x6f\x72\171\134\x46\x72\x6f\156\164\x65\x6e\x64\125\163\145\x72\122\145\160\157\x73\151\164\157\x72\x79")->update($As);
jt:*/
/* EXTENDED - END */
/* EXTENDED - BEGIN */
$roleUids = [];
if(array_key_exists("Role",$this->attrsReceived)){
if(!empty($this->attrsReceived['Role'])){
foreach($this->attrsReceived['Role'] as $roleName){
/* --- Fetch Role UIDs --- */
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_groups');
$roleUid = $queryBuilder
->select('uid')
->from('fe_groups')
->where(
$queryBuilder->expr()->eq('title', $queryBuilder->createNamedParameter($roleName))
)
->execute()->fetchColumn(0);
$roleUids[] = $roleUid;
/* --- Fetch Role UIDs -- END --- */
}
}
}
$io = json_decode(self::fetchFromTable(Constants::SAML_GMOBJECT, Constants::TABLE_SAML), true); //GROUP MAPPING ARRAY
$frontendUserGroupRepository = GeneralUtility::makeInstance("TYPO3\CMS\Extbase\Domain\Repository\FrontendUserGroupRepository");
if($roleUids){
foreach($roleUids as $userGroupUid){
$As->addUsergroup($frontendUserGroupRepository->findByUid($userGroupUid));
}
}else{
$As->addUsergroup($frontendUserGroupRepository->findByUid(Utilities::fetchUidFromGroupName($io['defaultUserGroup']))); //Set the given defaultUserGroup (default-saml-user-group-v11)
}
if($As->getUid()){
$this->frontendUserRepository = GeneralUtility::makeInstance("\x54\x59\120\117\x33\134\x43\115\x53\134\x45\x78\164\x62\x61\x73\145\134\x44\x6f\155\141\151\x6e\134\122\x65\160\x6f\163\x69\x74\x6f\x72\171\134\x46\x72\x6f\156\164\x65\x6e\x64\125\163\145\x72\122\145\160\157\x73\151\164\157\x72\x79")->update($As);
}else{
$this->frontendUserRepository = GeneralUtility::makeInstance("\124\x59\x50\x4f\x33\134\103\115\123\x5c\105\x78\164\142\141\x73\x65\x5c\x44\157\x6d\x61\x69\x6e\x5c\x52\x65\x70\x6f\x73\151\164\x6f\162\171\134\x46\x72\157\x6e\164\145\156\144\x55\163\145\x72\x52\x65\160\157\163\151\164\157\162\x79")->add($As);
}
/* EXTENDED - END */
$this->persistenceManager = GeneralUtility::makeInstance("\124\x59\120\x4f\63\x5c\103\115\x53\134\105\170\164\142\141\163\x65\134\x50\145\x72\x73\151\x73\164\x65\156\x63\x65\x5c\107\145\x6e\x65\162\x69\143\134\x50\x65\x72\163\151\x73\164\x65\x6e\x63\x65\x4d\141\156\141\147\145\162")->persistAll();
$ws = json_decode(self::fetchFromTable(Constants::SAML_CUSTOM_ATTROBJECT, Constants::TABLE_SAML), true);
if (!(isset($ws) or !empty($ws))) {
goto kX;
}
unset($ws["\x6f\x70\164\151\x6f\x6e"]);
$ja = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable(Constants::TABLE_FE_USERS);
$AE = $ja->createNamedParameter($As->getUid(), PDO::PARAM_INT);
if (!(count($ws) > 0)) {
goto jw;
}
foreach ($ws as $bu => $Mc) {
$ja->update(Constants::TABLE_FE_USERS)->where($ja->expr()->eq("\165\151\144", $AE))->set($bu, $this->attrsReceived[$Mc]["\x30"])->execute();
hq:
}
QS:
jw:
kX:
$user = Utilities::fetchUserFromUsername($pV);
return $user;
}
/*
* Create Roles in Database if they do not exist
*/
private function checkForUserGroupToCreate(){
if(array_key_exists("Role",$this->attrsReceived)){
if(empty($this->attrsReceived['Role'])) return;
foreach($this->attrsReceived['Role'] as $roleName){
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_groups');
$count = $queryBuilder
->count('uid')
->from('fe_groups')
->where( $queryBuilder->expr()->eq('title', $queryBuilder->createNamedParameter($roleName)))
->execute()
->fetchColumn(0);
if(!$count){
$queryBuilderInsert = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_groups');
$affectedRows = $queryBuilderInsert
->insert('fe_groups')
->values([
'title' => $roleName,
'pid' => 367,
])
->execute();
}
}
}
}
public function logout($l6, $Ai)
{
$VY = $this->idpObject[Constants::IDP_LOGOUT_URL];
$lK = $this->idpObject[Constants::IDP_BINDING_TYPE];
if (!empty($VY)) {
goto sx;
}
$QM->fe_user->logoff();
unset($_SESSION["\x65\155\x61\151\x6c"]);
unset($_SESSION["\x69\144"]);
unset($_SESSION["\x73\x65\163\x73\x69\x6f\156\x49\156\144\x65\x78"]);
setcookie(Constants::FE_USER_EMAIL, '', time() - 3600);
setcookie(Constants::FEUSER_TYPO3_SES_INDEX, '', time() - 3600);
setcookie(Constants::FEUSER_IDP_SESSION_INDEX, '', time() - 3600);
$e0 = $this->spObject[Constants::SAML_LOGOUT_URL] . "\43\x73\165\x63\143\x65\x73\163";
goto X2;
sx:
$Qh = $this->ssoemail;
if (!(null == $Qh)) {
goto qg;
}
$Qh = $_COOKIE[Constants::FE_USER_EMAIL];
qg:
$gF = $this->sp_entity_id;
$Af = $VY;
$ro = $Af;
$wz = $VY;
$Md = SAMLUtilities::createLogoutRequest($Qh, $Ai, $gF, $ro, $lK);
if (empty($this->bindingType) || $this->bindingType == Constants::HTTP_REDIRECT) {
goto Ja;
}
SAMLUtilities::sendHTTPPostRequest($Md, $wz, $Af);
goto VM;
Ja:
SAMLUtilities::sendHTTPRedirectRequest($Md, $wz, $Af);
VM:
X2:
return $e0;
}
public static function fetchFromTable($B_, $xO)
{
$ja = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($xO);
$f5 = $ja->select($B_)->from($xO)->where($ja->expr()->eq("\165\151\144", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
return $f5;
}
public function setFlag($OP)
{
$ja = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable("\x73\x61\155\154");
$ja->update("\163\141\x6d\x6c")->where($ja->expr()->eq("\x75\151\x64", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->set("\143\x75\x73\x74\x6f\x6d\x5f\141\164\x74\162", $OP)->execute();
}
function generateTimestamp($fR = NULL)
{
if (!($fR === NULL)) {
goto qR;
}
$fR = time();
qR:
return gmdate("\x59\55\155\x2d\x64\x5c\x54\110\72\151\x3a\x73\x5c\132", $fR);
}
function generateID()
{
return "\x5f" . $this->stringToHex($this->generateRandomBytes(21));
}
function stringToHex($oy)
{
$J0 = '';
$Gv = 0;
Gt:
if (!($Gv < strlen($oy))) {
goto BX;
}
$J0 .= sprintf("\45\60\62\x78", ord($oy[$Gv]));
Ev:
$Gv++;
goto Gt;
BX:
return $J0;
}
function generateRandomBytes($Od, $Cm = TRUE)
{
return openssl_random_pseudo_bytes($Od);
}
public function control()
{
$ja = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable(Constants::TABLE_SAML);
$this->idp_name = $ja->select("\151\144\x70\137\156\141\155\x65")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("\x75\x69\x64", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->acs_url = $ja->select("\141\x63\x73\x5f\165\x72\154")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("\x75\x69\144", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->sp_entity_id = $ja->select("\163\160\137\x65\156\x74\x69\164\171\x5f\151\x64")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("\x75\x69\x64", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->saml_login_url = $ja->select("\x73\x61\155\154\137\154\x6f\x67\x69\156\x5f\x75\x72\x6c")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("\x75\151\144", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->force_authn = $ja->select("\146\x6f\x72\143\145\137\141\x75\x74\150\x6e")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("\x75\151\144", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->x509_certificate = $ja->select("\x78\x35\60\x39\137\x63\x65\162\x74\151\x66\151\x63\x61\164\145")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("\165\x69\x64", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$this->issuer = $ja->select("\x69\144\x70\x5f\145\156\164\x69\164\x79\137\x69\144")->from(Constants::TABLE_SAML)->where($ja->expr()->eq("\x75\x69\144", $ja->createNamedParameter(1, \PDO::PARAM_INT)))->execute()->fetchColumn(0);
$Qf = true;
$zh = true;
}
protected function getTypoScriptFrontendController() : TypoScriptFrontendController
{
return $GLOBALS["\x54\x53\x46\x45"];
}
/*
* Get current sys_language_uid
*/
private function getCurrentSysLanguageUid(){
$languageAspect = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Core\Context\Context::class)->getAspect('language');
return $languageAspect->getId();
}
}
Function Calls
| None |
Stats
| MD5 | 8c33d7c9dc4e385207bd903e446e2687 |
| Eval Count | 0 |
| Decode Time | 70 ms |