/* Decoded by unphp.net */
config = $Fp->get("rest_api_authentication.settings");
$this->entityTypeManager = $k9;
}
public function applies(Request $BB)
{
$E_ = \Drupal::config("rest_api_authentication.settings")->get("rest_api_authentication_enable_authentication");
if (!($E_ == 1)) {
goto O0;
}
$aK = trim(\Drupal::config("rest_api_authentication.settings")->get("list_of_apis") ?? '');
$R3 = '';
$R3 = \Drupal::moduleHandler()->invokeAll("validate_jwt_in_authorization_header", [$BB]);
$R3 = isset($R3[0]) ? $R3[0] : null;
$ML = \Drupal::config("rest_api_authentication.settings")->get("rest_api_authentication_enable_custom_api_authentication");
if (!((!empty($aK) || $aK != null) && $ML)) {
goto mW;
}
$aK = explode(";", $aK);
foreach ($aK as $gL) {
if (strpos($BB->getRequestUri(), $gL) !== false && trim($gL) != '') {
goto WK;
}
if (strpos($gL, "{}")) {
goto Yc;
}
goto Kw;
WK:
return isset($R3) ? $R3 : true;
goto Kw;
Yc:
$Z3 = explode("/", $gL);
$ft = explode("/", $BB->getRequestUri());
if (!(count($Z3) == count($ft))) {
goto Ce;
}
$Hv = array();
$uY = 0;
Kn:
if (!($uY < count($Z3))) {
goto SG;
}
if ($Z3[$uY] == "{}") {
goto Zm;
}
$Hv[$uY] = 0;
goto MN;
Zm:
$Hv[$uY] = 1;
MN:
dk:
$uY++;
goto Kn;
SG:
$uY = 0;
Ab:
if (!($uY < count($Z3))) {
goto SA;
}
if (!($Z3[$uY] != $ft[$uY])) {
goto Vd;
}
if ($Hv[$uY] == 1) {
goto u0;
}
$Hv[$uY] = 2;
goto bm;
u0:
$Hv[$uY] = 0;
bm:
Vd:
Tb:
$uY++;
goto Ab;
SA:
if (!(array_sum($Hv) == 0)) {
goto Qr;
}
return isset($R3) ? $R3 : true;
Qr:
Ce:
Kw:
ix:
}
sV:
mW:
$hG = \Drupal::config("rest_api_authentication.settings")->get("whitelist_get_apis");
if (!($hG == 1)) {
goto ea;
}
if (!($BB->getMethod() == "GET")) {
goto m0;
}
return false;
m0:
ea:
if (!(strpos($BB->getRequestUri(), "/admin/config/services/jsonapi/") !== false)) {
goto Bm;
}
return false;
Bm:
$W8 = \Drupal::config("rest_api_authentication.settings")->get("rest_api_authentication_enable_json_api_authentication");
if (!(strpos($BB->getRequestUri(), "/jsonapi/") !== false && $W8)) {
goto II;
}
return isset($R3) ? $R3 : true;
II:
$if = \Drupal::config("rest_api_authentication.settings")->get("rest_api_authentication_enable_rest_api_authentication");
if (!(strpos($BB->getRequestUri(), "?_format=") !== false && $if)) {
goto GM;
}
return isset($R3) ? $R3 : true;
GM:
return false;
O0:
}
public function authenticate(Request $BB)
{
global $base_url;
\Drupal::logger("rest_api_authentication")->notice("Request Object Before Authentication
" . print_r($BB, TRUE) . "
");
$fE = \Drupal::config("rest_api_authentication.settings")->get("rest_api_authentication_customer_admin_fraud_check");
$NR = \Drupal::config("rest_api_authentication.settings")->get("rest_api_authentication_customer_admin_token");
$d3 = \Drupal::config("rest_api_authentication.settings")->get("rest_api_authentication_customer_admin_email");
$SQ = \Drupal::config("rest_api_authentication.settings")->get("rest_api_authentication_license_key");
$E_ = \Drupal::config("rest_api_authentication.settings")->get("rest_api_authentication_enable_authentication");
if (!MiniorangeApiAuthConstants::INTRANET) {
goto pC;
}
$Vw = true;
$jN = true;
goto vW;
pC:
$nQ = Utilities::check_fraud();
$Vw = $nQ == Utilities::decrypt_data($fE, $NR);
$jN = $nQ == Utilities::decrypt_data($fE, $NR, "AES-128-ECB");
vW:
$qw = \Drupal::config("rest_api_authentication.settings")->get("rest_api_authentication_multi_site_plugin") == true;
if (($qw || $Vw || $jN) && $d3 != null && $d3 != '') {
goto a0;
}
if ($d3 != null && $d3 != '') {
goto u_;
}
if (!($d3 == null || $d3 == '')) {
goto ZR;
}
$DT["status"] = "error";
$DT["http_code"] = "401";
$DT["message"] = "You are not logged in.";
$DT["error_description"] = "Make sure you have logged in or Register in to module.";
ZR:
goto um;
u_:
$DT["status"] = "error";
$DT["http_code"] = "403";
$DT["message"] = "License key you have entered has already been used.";
$DT["error_description"] = "Please enter a key which has not been used before on any other instance or if you have exausted all your keys then buy more license from Licensing.";
um:
goto Tz;
a0:
if (isset($SQ) && !empty($SQ) && $E_) {
goto kC;
}
if (!(!isset($SQ) && empty($SQ))) {
goto jn;
}
$DT["status"] = "error";
$DT["http_code"] = "401";
$DT["message"] = "You have not activated module yet.";
$DT["error_description"] = "Please enter a License key which has not been used before on any other instance or if you have exausted all your keys then buy more license from Licensing.";
jn:
goto Qk;
kC:
$OR = trim(\Drupal::config("rest_api_authentication.settings")->get("list_of_ips"));
if (!(!empty($OR) || $OR != null)) {
goto Z9;
}
$Ma = \Drupal::config("rest_api_authentication.settings")->get("ip_access_type");
$OR = explode(";", $OR);
if ($Ma) {
goto KB;
}
if (!(array_search($BB->getClientIp(), $OR) === FALSE)) {
goto OX;
}
$B3 = array("status" => "error", "http_code" => "403", "error" => "IP_ADDRESS_BLOCKED", "error_description" => "The request can not be completed as your IP address is not whitelisted. Please contact your site administrator");
echo json_encode($B3, JSON_PRETTY_PRINT);
http_response_code($B3["http_code"]);
exit;
OX:
goto nn;
KB:
if (!(array_search($BB->getClientIp(), $OR) !== FALSE)) {
goto ne;
}
$B3 = array("status" => "error", "http_code" => "403", "error" => "INVALID_IP", "error_description" => "This IP address is not allowed to make this request. Please contact your site administrator");
echo json_encode($B3, JSON_PRETTY_PRINT);
http_response_code($B3["http_code"]);
exit;
ne:
nn:
Z9:
$DT = array();
if (!($BB->getPathInfo() == "/user/login")) {
goto sW;
}
return null;
sW:
$rU = \Drupal::config("rest_api_authentication.settings")->get("authentication_method");
switch ($rU) {
case 0:
$DT = API_Authentication_Basic_Auth::validate_api_request($BB);
goto Ee;
case 1:
$DT = API_Authentication_API_Token::validate_api_request($BB);
goto Ee;
case 2:
$DT = API_Authentication_OAuth::validate_api_request($BB);
goto Ee;
case 3:
$DT = API_Authentication_JWT::validate_api_request($BB);
goto Ee;
case 4:
$DT = API_Authentication_Ext_OAuth::validate_api_request($BB);
goto Ee;
default:
return null;
}
R5:
Ee:
Qk:
Tz:
if (!(isset($DT["status"]) && $DT["status"] == "error")) {
goto ht;
}
if (isset($DT["message"]) && trim($DT["message"]) != '' || isset($DT["error_description"]) && trim($DT["error_description"]) != '') {
goto DM;
}
throw new AccessDeniedHttpException();
return null;
goto G5;
DM:
\Drupal::logger("rest_api_authentication")->notice("Request Object After Authentication
" . print_r($BB, TRUE) . "
");
echo json_encode($DT, JSON_PRETTY_PRINT);
http_response_code($DT["http_code"]);
exit;
G5:
ht:
$bz = $DT["user"];
$UE = $bz->id();
$hH = '';
$hH = trim(\Drupal::config("rest_api_authentication.settings")->get("list_of_role_restrictions"));
if (!(!empty($hH) || $hH != null)) {
goto cO;
}
$tP = explode(";", $hH);
foreach ($tP as $zL) {
$XW = explode(":", $zL);
$gL = $XW[0];
$T6 = $XW[1];
if (!(strpos($BB->getRequestUri(), $gL) !== false)) {
goto uE;
}
$Mr = explode(",", $T6);
$lp = array_intersect($Mr, $bz->getRoles());
if (count($lp) > 0) {
goto A1;
}
$B3 = array("status" => "error", "http_code" => "403", "error" => "ACCESS_DENIED", "error_description" => "User does not have the required permissions.");
echo json_encode($B3, JSON_PRETTY_PRINT);
http_response_code($B3["http_code"]);
exit;
goto sD;
A1:
goto ke;
sD:
uE:
sB:
}
ke:
cO:
$pm = $this->entityTypeManager->getStorage("user");
return $this->entityTypeManager->getStorage("user")->load($UE);
}
public function handleException(ExceptionEvent $od)
{
$ga = $od->getThrowable();
if (!$ga instanceof AccessDeniedHttpException) {
goto ZM;
}
$od->setThrowable(new UnauthorizedHttpException("Invalid consumer origin.", $ga));
return TRUE;
ZM:
return FALSE;
}
}
?>