Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php namespace MiniOrange\OAuth\Controller\Actions; include dirname(__FILE__) . "..
Decoded Output download
<?php
namespace MiniOrange\OAuth\Controller\Actions;
include dirname(__FILE__) . "/../../Helper/RSAUtils/RSA.php";
include dirname(__FILE__) . "/../../Helper/RSAUtils/Math/BigInteger.php";
use Exception;
use Magento\Framework\App\Action\Context;
use MiniOrange\OAuth\Helper\OAuthConstants;
use MiniOrange\OAuth\Helper\OAuth\AccessTokenRequest;
use MiniOrange\OAuth\Helper\OAuth\AccessTokenRequestBody;
use MiniOrange\OAuth\Helper\Curl;
use MiniOrange\OAuth\Helper\Crypt_RSA;
use MiniOrange\OAuth\Helper\Math_BigInteger;
use MiniOrange\OAuth\Helper\OAuthUtility;
use Magento\Framework\Stdlib\CookieManagerInterface;
use Magento\Framework\Stdlib\Cookie\CookieMetadataFactory;
class ReadAuthorizationResponse extends BaseAction
{
private $REQUEST;
private $POST;
private $processResponseAction;
protected $cookieManager;
protected $cookieMetadataFactory;
protected $customVariables;
public function __construct(Context $St, OAuthUtility $AX, ProcessResponseAction $bD,
CookieManagerInterface $cookieManager,
CookieMetadataFactory $cookieMetadataFactory,
\Magento\Variable\Model\Variable $customVariables
) {
$this->processResponseAction = $bD;
$this->cookieManager = $cookieManager;
$this->cookieMetadataFactory = $cookieMetadataFactory;
$this->customVariables = $customVariables;
parent::__construct($St, $AX);
}
public function execute()
{
$apiParam = $this->getRequest()->getParams();
$flag = $accessToken = $fname = $lname = $billingCountry = '';
if (isset($apiParam['flag'])){
$flag = $apiParam['flag'];
$this->oauthUtility->log_debug("Flag is set - ",$flag);
}
if (isset($apiParam['access_token'])){
$accessToken = $apiParam['access_token'];
$this->oauthUtility->log_debug("AccessToken From MYZ - ",$accessToken);
}
if($flag != 1){
$this->oauthUtility->log_debug("In if - ");
$this->oauthUtility->log_debug("ReadAuthorizationResponse: execute");
$sa = $this->getRequest()->getParams();
$this->oauthUtility->log_debug("ReadAuthorizationResponse: params", $sa);
if (isset($sa["code"])) {
goto hz;
}
$this->oauthUtility->log_debug("ReadAuthorizationResponse: params['code'] not set");
if (!isset($sa["error"])) {
goto Cn;
}
return $this->sendHTTPRedirectRequest("?error=" . urlencode($sa["error"]), $this->oauthUtility->getBaseUrl());
Cn:
return $this->sendHTTPRedirectRequest("?error=code+not+received", $this->oauthUtility->getBaseUrl());
hz:
$Ik = $sa["code"];
$sP = $sa["state"];
$this->oauthUtility->log_debug("ReadAuthorizationResponse: authorizationCode", $Ik);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: relayState", $sP);
$AN = $this->oauthUtility->getStoreConfig(OAuthConstants::CLIENT_ID);
$oa = $this->oauthUtility->getStoreConfig(OAuthConstants::CLIENT_SECRET);
$V_ = OAuthConstants::GRANT_TYPE;
$B7 = $this->oauthUtility->getStoreConfig(OAuthConstants::ACCESSTOKEN_URL);
$KL = $this->oauthUtility->getCallBackUrl();
$this->oauthUtility->log_debug("ReadAuthorizationResponse: clientID", $AN);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: clientSecret", $oa);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: grantType", $V_);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: redirectURL", $KL);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: accessTokenURL", $B7);
$w2 = $this->oauthUtility->getStoreConfig(OAuthConstants::SEND_HEADER);
$N5 = $this->oauthUtility->getStoreConfig(OAuthConstants::SEND_BODY);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: header", $w2);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: body", $N5);
if ($w2 == 1 && $N5 == 0) {
goto Ta;
}
$F9 = (new AccessTokenRequest($AN, $oa, $V_, $KL, $Ik))->build();
goto HX;
Ta:
$F9 = (new AccessTokenRequestBody($V_, $KL, $Ik))->build();
HX:
$this->oauthUtility->log_debug("ReadAuthorizationResponse: accessTokenRequest", $F9);
$b6 = Curl::mo_send_access_token_request($F9, $B7, $AN, $oa);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: accessTokenResponse", $b6);
$Ca = json_decode($b6, "true");
$this->oauthUtility->log_debug("ReadAuthorizationResponse: accessTokenResponseData", $Ca);
}
if($flag == 1){
$this->oauthUtility->log_debug("accessToken 1 - ",$accessToken);
$Ca["access_token"] = $accessToken;
$sP = $this->customVariables->loadByCode('cognito_after_login_redirect_url')->getPlainValue();
$this->oauthUtility->log_debug("Redirect URL After Login - ", $sP);
if (isset($apiParam['fname'])){
$fname = $apiParam['fname'];
$this->oauthUtility->log_debug("fname from myz - ",$fname);
}
if (isset($apiParam['lname'])){
$lname = $apiParam['lname'];
$this->oauthUtility->log_debug("lname from myz - ",$lname);
}
if (isset($apiParam['billing_country'])){
$billingCountry = $apiParam['billing_country'];
$this->oauthUtility->log_debug("billing country from myz - ",$billingCountry);
}
}
if (isset($Ca["access_token"])) { //$Ca["access_token"]
$cookieMetadata = $this->cookieMetadataFactory->createPublicCookieMetadata()
->setHttpOnly(true)
->setDuration(3600)
->setPath('/');
$this->cookieManager->setPublicCookie("cognito_at", $Ca["access_token"], $cookieMetadata);
goto qb;
}
if (isset($Ca["id_token"])) {
goto SV;
}
$this->oauthUtility->log_debug("ReadAuthorizationResponse: accessTokenResponseData", $Ca);
return $this->getResponse()->setBody("Invalid response. Please try again.|M002");
goto Jd;
qb:
$this->oauthUtility->log_debug("ReadAuthorizationResponse: accessTokenResponseData['access_token'] is set");
$bT = $Ca["access_token"];
$QG = $this->oauthUtility->getStoreConfig(OAuthConstants::GETUSERINFO_URL);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: accessToken", $bT);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: userInfoURL", $QG);
$w2 = "Bearer " . $bT;
$hF = ["Authorization: {$w2}"];
$vf = Curl::mo_send_user_info_request($QG, $hF);
$AT = json_decode($vf, "true");
if(isset($AT['error']) && $AT['error'] == 'invalid_token'){
$this->oauthUtility->log_debug("Token is expired, Redirecting customer to configured URL", $AT);
$redirectUrl = $this->customVariables->loadByCode('cognito_redirect_url')->getPlainValue();
$this->oauthUtility->log_debug("Token is expired, Redirect URL", $redirectUrl);
return $this->sendHTTPRedirectRequest("", $redirectUrl);
}
$this->oauthUtility->log_debug("ReadAuthorizationResponse: userInfoResponse", $vf);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: userInfoResponseData", $AT);
goto Jd;
SV:
$this->oauthUtility->log_debug("ReadAuthorizationResponse: if accessTokenResponseData['id_token'] ");
$iM = $Ca["id_token"];
$this->oauthUtility->log_debug("ReadAuthorizationResponse: idToken", $iM);
if (empty($iM)) {
goto Vg;
}
$Kb = $this->oauthUtility->getStoreConfig(OAuthConstants::X509CERT);
$pM = explode(".", $iM);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: x509_cert", $Kb);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: idTokenArray", $pM);
if (sizeof($pM) > 2) {
goto W3;
}
$this->oauthUtility->log_debug("ReadAuthorizationResponse: idTokenArray", $pM);
return $this->getResponse()->setBody("Invalid response. Please try again.|M001");
goto rz;
W3:
$GL = trim($Kb);
$fl = json_decode(file_get_contents($GL))->keys[0];
$Lg = $this->decodeJWT($iM);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: jwks_uri", $GL);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: jwkeys", $fl);
$this->oauthUtility->log_debug("ReadAuthorizationResponse: JWTComponents", $Lg);
if ($this->verifySign($Lg, $fl)) {
goto qn;
}
return $this->getResponse()->setBody("Invalid signature received.");
qn:
$AT = $pM[1];
$AT = (array) json_decode(base64_decode($AT));
$this->oauthUtility->log_debug("ReadAuthorizationResponse: userInfoResponseData", $AT);
rz:
Vg:
Jd:
if (!empty($AT)) {
goto R1;
}
return $this->getResponse()->setBody("Invalid response. Please try again.|M003");
R1:
$AT["relayState"] = $sP;
if(!empty($fname)){ $AT["given_name"] = $fname; }
if(!empty($lname)){ $AT["family_name"] = $lname; }
if(!empty($billingCountry)){ $AT["billing_country"] = $billingCountry; }
$this->oauthUtility->log_debug("Add fname, lname and billing Country from myz if not empty - ", $AT);
$this->processResponseAction->setUserInfoResponse($AT)->execute();
}
public function setRequestParam($CB)
{
$this->REQUEST = $CB;
return $this;
}
public function setPostParam($post)
{
$this->POST = $post;
return $this;
}
public function verifySign($Lg, $fl)
{
$this->oauthUtility->log_debug("ReadAuthorizationResponse: inside verifySign");
$tt = new Crypt_RSA();
$this->oauthUtility->log_debug("ReadAuthorizationResponse: before loading key");
$tt->loadKey(["n" => new Math_BigInteger($this->get_base64_from_url($fl->n), 256), "e" => new Math_BigInteger($this->get_base64_from_url($fl->e), 256)]);
$tt->setHash("sha256");
$tt->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
return $tt->verify($Lg["data"], $Lg["sign"]) ? true : false;
}
public function get_base64_from_url($e3)
{
return base64_decode(str_replace(["-", "_"], ["+", "/"], $e3));
}
public function decodeJWT($xi)
{
$this->oauthUtility->log_debug("ReadAuthorizationResponse: inside decodeJWT");
$LJ = explode(".", $xi);
$w2 = json_decode($this->get_base64_from_url($LJ[0]));
$oN = json_decode($this->get_base64_from_url($LJ[1]));
$SU = $this->get_base64_from_url($LJ[2]);
return ["header" => $w2, "payload" => $oN, "sign" => $SU, "data" => $LJ[0] . "." . $LJ[1]];
}
}
?>
Did this file decode correctly?
Original Code
<?php
namespace MiniOrange\OAuth\Controller\Actions;
include dirname(__FILE__) . "\x2f\x2e\56\57\x2e\x2e\x2f\110\145\x6c\160\145\x72\57\122\123\101\125\x74\151\x6c\x73\x2f\x52\x53\101\x2e\x70\x68\x70";
include dirname(__FILE__) . "\57\x2e\x2e\57\56\x2e\57\x48\x65\154\x70\145\162\x2f\x52\x53\x41\125\164\x69\154\163\x2f\x4d\x61\x74\x68\57\x42\151\x67\x49\156\x74\145\x67\x65\x72\x2e\160\x68\160";
use Exception;
use Magento\Framework\App\Action\Context;
use MiniOrange\OAuth\Helper\OAuthConstants;
use MiniOrange\OAuth\Helper\OAuth\AccessTokenRequest;
use MiniOrange\OAuth\Helper\OAuth\AccessTokenRequestBody;
use MiniOrange\OAuth\Helper\Curl;
use MiniOrange\OAuth\Helper\Crypt_RSA;
use MiniOrange\OAuth\Helper\Math_BigInteger;
use MiniOrange\OAuth\Helper\OAuthUtility;
use Magento\Framework\Stdlib\CookieManagerInterface;
use Magento\Framework\Stdlib\Cookie\CookieMetadataFactory;
class ReadAuthorizationResponse extends BaseAction
{
private $REQUEST;
private $POST;
private $processResponseAction;
protected $cookieManager;
protected $cookieMetadataFactory;
protected $customVariables;
public function __construct(Context $St, OAuthUtility $AX, ProcessResponseAction $bD,
CookieManagerInterface $cookieManager,
CookieMetadataFactory $cookieMetadataFactory,
\Magento\Variable\Model\Variable $customVariables
) {
$this->processResponseAction = $bD;
$this->cookieManager = $cookieManager;
$this->cookieMetadataFactory = $cookieMetadataFactory;
$this->customVariables = $customVariables;
parent::__construct($St, $AX);
}
public function execute()
{
$apiParam = $this->getRequest()->getParams();
$flag = $accessToken = $fname = $lname = $billingCountry = '';
if (isset($apiParam['flag'])){
$flag = $apiParam['flag'];
$this->oauthUtility->log_debug("Flag is set - ",$flag);
}
if (isset($apiParam['access_token'])){
$accessToken = $apiParam['access_token'];
$this->oauthUtility->log_debug("AccessToken From MYZ - ",$accessToken);
}
if($flag != 1){
$this->oauthUtility->log_debug("In if - ");
$this->oauthUtility->log_debug("\122\x65\141\x64\x41\165\x74\x68\157\162\x69\172\x61\x74\x69\x6f\x6e\x52\145\163\160\x6f\x6e\163\145\72\x20\145\x78\145\143\x75\x74\x65");
$sa = $this->getRequest()->getParams();
$this->oauthUtility->log_debug("\x52\x65\141\x64\x41\165\x74\x68\157\162\151\172\x61\x74\x69\157\156\122\x65\x73\x70\x6f\156\163\145\x3a\40\160\141\162\141\155\163", $sa);
if (isset($sa["\143\157\x64\x65"])) {
goto hz;
}
$this->oauthUtility->log_debug("\122\145\141\x64\101\165\x74\150\x6f\x72\x69\x7a\141\x74\151\x6f\156\x52\x65\x73\x70\157\156\x73\x65\72\x20\160\x61\x72\x61\155\x73\x5b\47\x63\x6f\x64\x65\47\x5d\x20\156\157\164\x20\x73\145\x74");
if (!isset($sa["\x65\162\162\x6f\162"])) {
goto Cn;
}
return $this->sendHTTPRedirectRequest("\x3f\145\x72\162\x6f\x72\75" . urlencode($sa["\145\x72\162\157\x72"]), $this->oauthUtility->getBaseUrl());
Cn:
return $this->sendHTTPRedirectRequest("\77\x65\x72\x72\x6f\162\75\143\157\144\145\53\x6e\157\164\x2b\162\x65\143\145\151\166\x65\144", $this->oauthUtility->getBaseUrl());
hz:
$Ik = $sa["\x63\157\x64\145"];
$sP = $sa["\163\164\141\x74\145"];
$this->oauthUtility->log_debug("\x52\145\141\x64\101\x75\x74\150\157\162\151\172\141\164\x69\157\x6e\x52\x65\x73\160\x6f\156\163\x65\72\40\x61\x75\x74\x68\157\162\151\172\x61\164\151\x6f\x6e\x43\157\144\145", $Ik);
$this->oauthUtility->log_debug("\x52\145\141\144\x41\x75\164\x68\157\x72\x69\172\x61\164\151\x6f\x6e\122\x65\x73\160\x6f\156\163\x65\x3a\40\162\x65\154\141\x79\x53\164\141\164\x65", $sP);
$AN = $this->oauthUtility->getStoreConfig(OAuthConstants::CLIENT_ID);
$oa = $this->oauthUtility->getStoreConfig(OAuthConstants::CLIENT_SECRET);
$V_ = OAuthConstants::GRANT_TYPE;
$B7 = $this->oauthUtility->getStoreConfig(OAuthConstants::ACCESSTOKEN_URL);
$KL = $this->oauthUtility->getCallBackUrl();
$this->oauthUtility->log_debug("\x52\145\141\x64\101\165\164\x68\x6f\x72\151\x7a\x61\x74\x69\157\x6e\x52\x65\163\x70\157\x6e\163\145\x3a\x20\x63\154\x69\x65\156\164\x49\104", $AN);
$this->oauthUtility->log_debug("\x52\145\x61\144\x41\165\x74\x68\157\162\151\172\141\164\151\x6f\156\122\x65\x73\x70\x6f\156\x73\145\72\x20\143\x6c\x69\x65\x6e\164\x53\x65\x63\162\145\x74", $oa);
$this->oauthUtility->log_debug("\x52\x65\x61\x64\101\165\164\x68\157\x72\x69\x7a\141\x74\x69\x6f\156\122\145\163\x70\x6f\156\x73\145\72\40\147\x72\141\x6e\x74\x54\x79\x70\x65", $V_);
$this->oauthUtility->log_debug("\122\x65\x61\144\x41\x75\164\x68\157\x72\151\172\x61\x74\151\157\156\122\x65\163\x70\157\x6e\163\x65\x3a\40\162\x65\144\151\x72\145\143\164\x55\122\114", $KL);
$this->oauthUtility->log_debug("\x52\x65\x61\x64\x41\165\164\150\157\x72\x69\x7a\141\164\151\x6f\156\x52\145\x73\x70\157\156\163\145\x3a\x20\x61\143\x63\x65\163\x73\124\x6f\x6b\145\156\x55\x52\114", $B7);
$w2 = $this->oauthUtility->getStoreConfig(OAuthConstants::SEND_HEADER);
$N5 = $this->oauthUtility->getStoreConfig(OAuthConstants::SEND_BODY);
$this->oauthUtility->log_debug("\x52\x65\141\144\x41\165\164\x68\x6f\162\x69\172\141\164\151\157\x6e\122\145\x73\160\x6f\156\x73\x65\72\40\150\x65\x61\x64\145\162", $w2);
$this->oauthUtility->log_debug("\x52\x65\x61\x64\x41\x75\164\150\157\162\x69\x7a\141\x74\x69\157\x6e\x52\x65\x73\160\x6f\x6e\163\145\72\x20\142\157\144\171", $N5);
if ($w2 == 1 && $N5 == 0) {
goto Ta;
}
$F9 = (new AccessTokenRequest($AN, $oa, $V_, $KL, $Ik))->build();
goto HX;
Ta:
$F9 = (new AccessTokenRequestBody($V_, $KL, $Ik))->build();
HX:
$this->oauthUtility->log_debug("\x52\145\141\144\x41\165\x74\150\157\x72\x69\x7a\141\164\x69\x6f\x6e\x52\145\x73\x70\157\x6e\x73\145\72\x20\x61\x63\143\x65\x73\x73\124\157\x6b\145\156\122\145\x71\x75\145\163\164", $F9);
$b6 = Curl::mo_send_access_token_request($F9, $B7, $AN, $oa);
$this->oauthUtility->log_debug("\x52\145\141\144\x41\x75\164\150\x6f\x72\x69\172\x61\164\x69\157\x6e\x52\x65\x73\160\157\x6e\x73\145\72\x20\141\x63\143\x65\163\163\124\x6f\153\x65\x6e\x52\145\x73\160\x6f\156\163\145", $b6);
$Ca = json_decode($b6, "\x74\162\165\145");
$this->oauthUtility->log_debug("\x52\x65\141\x64\x41\165\x74\150\x6f\x72\x69\x7a\x61\x74\x69\x6f\156\122\x65\x73\x70\157\156\163\x65\x3a\x20\141\143\143\145\x73\x73\124\x6f\x6b\x65\156\x52\x65\x73\160\x6f\x6e\x73\145\x44\141\x74\141", $Ca);
}
if($flag == 1){
$this->oauthUtility->log_debug("accessToken 1 - ",$accessToken);
$Ca["access_token"] = $accessToken;
$sP = $this->customVariables->loadByCode('cognito_after_login_redirect_url')->getPlainValue();
$this->oauthUtility->log_debug("Redirect URL After Login - ", $sP);
if (isset($apiParam['fname'])){
$fname = $apiParam['fname'];
$this->oauthUtility->log_debug("fname from myz - ",$fname);
}
if (isset($apiParam['lname'])){
$lname = $apiParam['lname'];
$this->oauthUtility->log_debug("lname from myz - ",$lname);
}
if (isset($apiParam['billing_country'])){
$billingCountry = $apiParam['billing_country'];
$this->oauthUtility->log_debug("billing country from myz - ",$billingCountry);
}
}
if (isset($Ca["\x61\x63\143\x65\163\163\x5f\164\x6f\x6b\145\156"])) { //$Ca["access_token"]
$cookieMetadata = $this->cookieMetadataFactory->createPublicCookieMetadata()
->setHttpOnly(true)
->setDuration(3600)
->setPath('/');
$this->cookieManager->setPublicCookie("cognito_at", $Ca["\x61\x63\143\x65\163\163\x5f\164\x6f\x6b\145\156"], $cookieMetadata);
goto qb;
}
if (isset($Ca["\x69\x64\137\164\157\153\x65\156"])) {
goto SV;
}
$this->oauthUtility->log_debug("\122\145\x61\144\x41\165\164\x68\x6f\x72\151\172\x61\x74\151\x6f\x6e\122\x65\x73\x70\157\156\x73\x65\x3a\40\x61\x63\143\145\x73\x73\124\x6f\153\145\156\x52\x65\x73\160\x6f\x6e\x73\145\104\141\164\141", $Ca);
return $this->getResponse()->setBody("\x49\x6e\166\x61\154\x69\x64\x20\162\145\x73\x70\157\x6e\163\145\56\x20\x50\x6c\145\141\163\145\40\x74\162\x79\x20\141\147\141\151\x6e\x2e\x7c\115\60\x30\62");
goto Jd;
qb:
$this->oauthUtility->log_debug("\x52\x65\x61\x64\x41\165\x74\150\157\162\151\172\x61\x74\x69\x6f\x6e\x52\x65\x73\160\x6f\x6e\163\x65\x3a\x20\141\143\143\145\x73\x73\124\157\153\145\x6e\x52\x65\163\160\157\x6e\x73\145\104\x61\164\x61\x5b\x27\x61\143\x63\x65\163\163\x5f\164\157\x6b\145\x6e\x27\135\40\151\163\x20\x73\x65\x74");
$bT = $Ca["\141\143\x63\x65\163\x73\x5f\x74\x6f\153\145\156"];
$QG = $this->oauthUtility->getStoreConfig(OAuthConstants::GETUSERINFO_URL);
$this->oauthUtility->log_debug("\x52\x65\x61\144\101\165\x74\150\157\x72\151\x7a\x61\164\x69\157\x6e\x52\145\x73\160\157\156\163\145\72\40\141\x63\x63\145\163\x73\x54\x6f\x6b\145\156", $bT);
$this->oauthUtility->log_debug("\x52\145\x61\144\101\165\164\x68\157\162\x69\x7a\x61\164\151\x6f\x6e\122\x65\x73\x70\157\x6e\x73\145\72\x20\x75\163\145\x72\111\x6e\146\x6f\x55\122\114", $QG);
$w2 = "\102\x65\141\162\145\x72\x20" . $bT;
$hF = ["\x41\x75\164\x68\157\x72\x69\x7a\141\x74\x69\x6f\x6e\72\40{$w2}"];
$vf = Curl::mo_send_user_info_request($QG, $hF);
$AT = json_decode($vf, "\x74\x72\165\145");
if(isset($AT['error']) && $AT['error'] == 'invalid_token'){
$this->oauthUtility->log_debug("Token is expired, Redirecting customer to configured URL", $AT);
$redirectUrl = $this->customVariables->loadByCode('cognito_redirect_url')->getPlainValue();
$this->oauthUtility->log_debug("Token is expired, Redirect URL", $redirectUrl);
return $this->sendHTTPRedirectRequest("", $redirectUrl);
}
$this->oauthUtility->log_debug("\x52\145\x61\144\101\165\x74\x68\157\x72\x69\172\x61\164\x69\157\156\122\145\x73\160\x6f\x6e\163\x65\72\40\165\163\145\162\111\156\146\x6f\122\x65\163\160\157\x6e\163\x65", $vf);
$this->oauthUtility->log_debug("\x52\x65\x61\144\101\x75\164\150\x6f\x72\x69\x7a\141\x74\151\157\156\122\145\163\160\157\156\x73\x65\x3a\x20\165\x73\x65\162\111\156\146\x6f\122\145\x73\160\x6f\156\163\x65\x44\x61\x74\x61", $AT);
goto Jd;
SV:
$this->oauthUtility->log_debug("\x52\145\141\144\101\165\164\150\157\x72\151\172\x61\x74\x69\x6f\x6e\x52\145\x73\x70\x6f\x6e\163\x65\72\40\x69\146\40\x61\x63\x63\x65\x73\163\x54\157\153\145\156\x52\x65\163\160\157\x6e\163\145\x44\141\x74\141\133\47\151\144\x5f\164\x6f\x6b\x65\156\x27\135\40");
$iM = $Ca["\151\x64\137\x74\157\153\x65\x6e"];
$this->oauthUtility->log_debug("\122\x65\141\144\x41\165\x74\150\x6f\x72\151\x7a\x61\164\151\x6f\156\122\145\163\160\157\156\x73\145\x3a\x20\x69\x64\x54\157\x6b\145\x6e", $iM);
if (empty($iM)) {
goto Vg;
}
$Kb = $this->oauthUtility->getStoreConfig(OAuthConstants::X509CERT);
$pM = explode("\56", $iM);
$this->oauthUtility->log_debug("\122\x65\x61\x64\101\x75\x74\x68\x6f\162\x69\172\x61\164\x69\x6f\x6e\x52\x65\163\x70\x6f\x6e\x73\x65\72\x20\x78\x35\60\x39\137\x63\145\162\164", $Kb);
$this->oauthUtility->log_debug("\122\x65\x61\x64\101\165\164\x68\157\162\x69\172\x61\x74\151\x6f\156\x52\x65\163\x70\x6f\x6e\163\145\72\x20\151\144\x54\x6f\153\x65\x6e\x41\162\x72\x61\x79", $pM);
if (sizeof($pM) > 2) {
goto W3;
}
$this->oauthUtility->log_debug("\122\145\141\x64\101\x75\164\150\157\x72\151\x7a\141\x74\x69\x6f\x6e\122\145\x73\x70\157\x6e\163\x65\72\x20\x69\144\124\157\x6b\145\156\x41\x72\x72\141\x79", $pM);
return $this->getResponse()->setBody("\111\156\x76\x61\x6c\151\x64\40\162\x65\x73\160\x6f\156\x73\145\56\x20\x50\154\145\x61\163\x65\x20\x74\162\x79\40\141\x67\x61\x69\156\56\174\x4d\60\x30\61");
goto rz;
W3:
$GL = trim($Kb);
$fl = json_decode(file_get_contents($GL))->keys[0];
$Lg = $this->decodeJWT($iM);
$this->oauthUtility->log_debug("\x52\x65\141\x64\101\x75\x74\x68\157\162\x69\x7a\x61\x74\x69\157\156\x52\145\x73\160\x6f\x6e\x73\145\x3a\40\x6a\x77\153\163\x5f\x75\162\x69", $GL);
$this->oauthUtility->log_debug("\x52\x65\x61\144\101\x75\164\150\x6f\162\x69\x7a\141\164\151\x6f\156\x52\145\x73\x70\157\156\163\x65\x3a\x20\x6a\167\x6b\145\x79\163", $fl);
$this->oauthUtility->log_debug("\x52\x65\141\x64\x41\x75\164\150\x6f\x72\x69\x7a\141\164\x69\157\156\122\145\163\x70\157\x6e\x73\x65\x3a\40\x4a\127\124\103\x6f\x6d\160\x6f\x6e\145\x6e\x74\x73", $Lg);
if ($this->verifySign($Lg, $fl)) {
goto qn;
}
return $this->getResponse()->setBody("\111\156\166\141\154\151\x64\40\x73\151\147\x6e\x61\x74\165\162\145\40\162\x65\143\145\x69\x76\x65\144\56");
qn:
$AT = $pM[1];
$AT = (array) json_decode(base64_decode($AT));
$this->oauthUtility->log_debug("\x52\145\x61\x64\101\x75\x74\x68\x6f\x72\x69\x7a\x61\164\x69\157\x6e\122\x65\163\x70\157\156\163\x65\72\x20\165\x73\145\162\111\x6e\146\x6f\122\145\x73\x70\157\156\163\145\104\141\x74\x61", $AT);
rz:
Vg:
Jd:
if (!empty($AT)) {
goto R1;
}
return $this->getResponse()->setBody("\111\156\x76\x61\x6c\151\144\x20\162\145\x73\160\x6f\x6e\163\145\56\40\120\154\145\x61\163\x65\40\x74\162\x79\x20\x61\147\x61\x69\x6e\56\174\x4d\x30\x30\63");
R1:
$AT["\162\x65\x6c\x61\171\123\164\x61\164\x65"] = $sP;
if(!empty($fname)){ $AT["given_name"] = $fname; }
if(!empty($lname)){ $AT["family_name"] = $lname; }
if(!empty($billingCountry)){ $AT["billing_country"] = $billingCountry; }
$this->oauthUtility->log_debug("Add fname, lname and billing Country from myz if not empty - ", $AT);
$this->processResponseAction->setUserInfoResponse($AT)->execute();
}
public function setRequestParam($CB)
{
$this->REQUEST = $CB;
return $this;
}
public function setPostParam($post)
{
$this->POST = $post;
return $this;
}
public function verifySign($Lg, $fl)
{
$this->oauthUtility->log_debug("\x52\145\x61\x64\101\x75\164\150\x6f\x72\151\172\141\164\x69\x6f\x6e\x52\145\163\160\157\x6e\x73\x65\72\40\151\x6e\x73\151\x64\x65\x20\166\145\x72\151\146\x79\x53\151\147\156");
$tt = new Crypt_RSA();
$this->oauthUtility->log_debug("\122\145\x61\x64\101\x75\164\x68\x6f\162\x69\172\141\x74\x69\157\x6e\x52\145\x73\160\x6f\x6e\163\x65\72\40\142\145\x66\x6f\162\145\x20\x6c\157\141\x64\151\156\147\x20\153\145\171");
$tt->loadKey(["\156" => new Math_BigInteger($this->get_base64_from_url($fl->n), 256), "\x65" => new Math_BigInteger($this->get_base64_from_url($fl->e), 256)]);
$tt->setHash("\163\x68\141\62\65\66");
$tt->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
return $tt->verify($Lg["\x64\141\x74\141"], $Lg["\x73\x69\x67\x6e"]) ? true : false;
}
public function get_base64_from_url($e3)
{
return base64_decode(str_replace(["\x2d", "\x5f"], ["\x2b", "\x2f"], $e3));
}
public function decodeJWT($xi)
{
$this->oauthUtility->log_debug("\x52\145\x61\144\101\165\164\150\x6f\x72\151\x7a\x61\164\151\157\x6e\x52\x65\x73\160\x6f\x6e\x73\145\72\x20\151\156\x73\x69\x64\145\40\144\x65\143\157\x64\145\x4a\x57\124");
$LJ = explode("\56", $xi);
$w2 = json_decode($this->get_base64_from_url($LJ[0]));
$oN = json_decode($this->get_base64_from_url($LJ[1]));
$SU = $this->get_base64_from_url($LJ[2]);
return ["\x68\145\141\144\145\162" => $w2, "\x70\x61\x79\154\157\x61\144" => $oN, "\x73\x69\147\156" => $SU, "\144\141\x74\x61" => $LJ[0] . "\56" . $LJ[1]];
}
}
Function Calls
None |
Stats
MD5 | beaaadab2e8590a7c1fe93e9b7141c76 |
Eval Count | 0 |
Decode Time | 52 ms |