Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php namespace MiniOrange\OAuth\Controller\Actions; use Magento\Framework\App\Act..
Decoded Output download
<?php
namespace MiniOrange\OAuth\Controller\Actions;
use Magento\Framework\App\Action\Context;
use MiniOrange\OAuth\Helper\OAuthUtility;
use MiniOrange\OAuth\Helper\OAuth\AuthorizationRequest;
use MiniOrange\OAuth\Helper\OAuthConstants;
use MiniOrange\OAuth\Helper\Data;
use MiniOrange\OAuth\Controller\Actions\PasswordGrant;
use Magento\Authorization\Model\ResourceModel\Role\Collection;
use Magento\Customer\Model\Customer;
use Magento\Customer\Model\CustomerFactory;
use Magento\Framework\App\ResponseFactory;
use Magento\Framework\Math\Random;
use Magento\Store\Model\StoreManagerInterface;
use Magento\User\Model\User;
use Magento\User\Model\UserFactory;
use MiniOrange\OAuth\Helper\Exception\MissingAttributesException;
use Magento\Customer\Model\AddressFactory;
use Magento\Framework\Serialize\SerializerInterface;
class SendAuthorizationRequest extends BaseAction
{
private $REQUEST;
private $POST;
private $_state;
private $passwordGrant;
protected $resultFactory;
protected $storeManager;
protected $serializer;
protected $messageManager;
public function __construct(Context $nk, OAuthUtility $qZ, StoreManagerInterface $fA, \Magento\Framework\App\State $Pp, \Magento\Framework\Controller\ResultFactory $FM, SerializerInterface $Y5, PasswordGrant $nl, \Magento\Framework\Message\ManagerInterface $R2)
{
$this->messageManager = $R2;
$this->resultFactory = $FM;
$this->storeManager = $fA;
$this->_state = $Pp;
$this->serializer = $Y5;
$this->passwordGrant = $nl;
parent::__construct($nk, $qZ);
}
public function execute()
{
if (!$this->oauthUtility->isTrialExpired()) {
goto fm;
}
$this->oauthUtility->log_debug("ProcessUserAction: execute : Your demo account has expired.");
print_r("Your Demo account has expired. Please contact [email protected]");
exit;
fm:
$oQ = false;
$this->oauthUtility->log_debug("SendAuthorizationRequest: execute");
if (!(!$this->oauthUtility->micr() || !$this->oauthUtility->mclv())) {
goto Ao;
}
return $this->getResponse()->setBody("Please Configure miniOrange OAuth module!");
Ao:
$SB = $this->getRequest()->getParams();
$Ig = $SB["app_name"];
$this->oauthUtility->log_debug("SendAuthorizationRequest: app_name", $Ig);
$this->oauthUtility->setSessionData(OAuthConstants::APP_NAME, $Ig);
$this->oauthUtility->setAdminSessionData(OAuthConstants::APP_NAME, $Ig);
$HU = $this->oauthUtility->getOAuthClientApps();
$XB = null;
$this->oauthUtility->log_debug("SendAuthorizationRequest: collection :", count($HU));
foreach ($HU as $JZ) {
if (!($JZ->getData()["app_name"] === $Ig)) {
goto L2;
}
$XB = $JZ->getData();
L2:
LJ:
}
ov:
$this->oauthUtility->log_debug("SendAuthorizationRequest: clientDetails :" . json_encode($XB));
$this->oauthUtility->log_debug("SendAuthorizationRequest: Request params:" . json_encode($SB));
$Vs = array_key_exists("relayState", $SB) ? $SB["relayState"] : "/";
$CJ = $XB["grant_type"];
$Xh = $this->resultFactory->create(\Magento\Framework\Controller\ResultFactory::TYPE_REDIRECT);
$eo = $this->oauthUtility->getBaseUrl();
$Jy = $eo . "mooauth/actions/ReadAuthorizationResponse";
$iu = $this->oauthUtility->isAutoRedirectEnabled($Ig);
$ya = $this->oauthUtility->isAllPageAutoRedirectEnabled($Ig);
if (!($iu && ($ya == NULL || $ya == 0) && $Vs != OAuthConstants::TEST_RELAYSTATE)) {
goto KH;
}
$ca = $this->_request->getServer("HTTP_REFERER");
$this->oauthUtility->log_debug("SendAuthorizationRequest: previous url:" . $ca);
if (is_null($ca)) {
goto AF;
}
$Vs = preg_replace("/\/$/", '', $ca);
AF:
$this->oauthUtility->flushCache();
KH:
$this->oauthUtility->setSessionData("error_redirect_url", $Vs);
$kO = $this->oauthUtility->checkIfFlowStartedFromBackend($Vs);
if ($Vs == OAuthConstants::TEST_RELAYSTATE) {
goto xk;
}
$VK = $this->storeManager->getStore()->getWebsiteId();
$Dh = $this->oauthUtility->getStoreConfig(OAuthConstants::WEBSITE_IDS);
$IV = $this->oauthUtility->getStoreConfig(OAuthConstants::WEBSITE_COUNT);
$G5 = $this->oauthUtility->isBlank($Dh) ? array() : json_decode($Dh);
$LE = $this->oauthUtility->getWebsiteLimit();
if ($this->oauthUtility->isBlank($G5)) {
goto RM;
}
foreach ($G5 as $ed => $WS) {
if (!($VK == $ed)) {
goto ms;
}
$oQ = true;
goto Tv;
ms:
QK:
}
Tv:
RM:
if (!(!$kO && ($oQ == false || $IV > $LE))) {
goto IY;
}
print_r("You have not selected this website for SSO");
return;
IY:
goto Up;
xk:
$this->oauthUtility->setStoreConfig(OAuthConstants::IS_TEST, true);
$this->oauthUtility->flushCache();
Up:
if (!($CJ == "password_grant")) {
goto KI;
}
if (!($Vs == OAuthConstants::TEST_RELAYSTATE)) {
goto Vi;
}
$Xh->setUrl($this->oauthUtility->getBaseUrl() . "mooauth/actions/PasswordGrant?relayState=" . $Vs);
return $Xh;
Vi:
$Xh->setUrl($this->oauthUtility->getBaseUrl() . "customer/account/login/?relayState=" . $Vs);
return $Xh;
KI:
if (isset($XB["authorize_endpoint"])) {
goto pS;
}
return;
pS:
$hc = $XB["clientID"];
$a0 = $XB["scope"];
$iI = $XB["authorize_endpoint"];
$qS = OAuthConstants::CODE;
$eo = $this->oauthUtility->getBaseUrl();
$Jy = $this->oauthUtility->getBaseUrl() . OAuthConstants::CALLBACK_URL;
$FU = $XB["pkce_flow"] == 1 ? true : false;
$nO = '';
if (!$FU) {
goto LX;
}
$zM = bin2hex(openssl_random_pseudo_bytes(32));
$TY = $this->oauthUtility->base64url_encode(pack("H*", $zM));
$_SESSION["mo_code_verifier"] = $TY;
$nO = $this->oauthUtility->base64url_encode(pack("H*", hash("sha256", $TY)));
LX:
$this->oauthUtility->log_debug("SendAuthorizationRequest: scope:", $a0);
$this->oauthUtility->log_debug("SendAuthorizationRequest: authorizeURL:", $iI);
$this->oauthUtility->log_debug("SendAuthorizationRequest: responseType:", $qS);
$this->oauthUtility->log_debug("SendAuthorizationRequest: currentBaseUrl:", $eo);
$this->oauthUtility->log_debug("SendAuthorizationRequest: redirectURL:", $Jy);
$EI = new AuthorizationRequest($hc, $a0, $iI, $qS, $Jy, $Vs, $FU, $nO);
$A2 = $EI->build();
$this->oauthUtility->log_debug("SendAuthorizationRequest: Authorization Request:", $A2);
return $this->sendHTTPRedirectRequest($A2, $iI);
}
}
?>Did this file decode correctly?
Original Code
<?php
namespace MiniOrange\OAuth\Controller\Actions;
use Magento\Framework\App\Action\Context;
use MiniOrange\OAuth\Helper\OAuthUtility;
use MiniOrange\OAuth\Helper\OAuth\AuthorizationRequest;
use MiniOrange\OAuth\Helper\OAuthConstants;
use MiniOrange\OAuth\Helper\Data;
use MiniOrange\OAuth\Controller\Actions\PasswordGrant;
use Magento\Authorization\Model\ResourceModel\Role\Collection;
use Magento\Customer\Model\Customer;
use Magento\Customer\Model\CustomerFactory;
use Magento\Framework\App\ResponseFactory;
use Magento\Framework\Math\Random;
use Magento\Store\Model\StoreManagerInterface;
use Magento\User\Model\User;
use Magento\User\Model\UserFactory;
use MiniOrange\OAuth\Helper\Exception\MissingAttributesException;
use Magento\Customer\Model\AddressFactory;
use Magento\Framework\Serialize\SerializerInterface;
class SendAuthorizationRequest extends BaseAction
{
private $REQUEST;
private $POST;
private $_state;
private $passwordGrant;
protected $resultFactory;
protected $storeManager;
protected $serializer;
protected $messageManager;
public function __construct(Context $nk, OAuthUtility $qZ, StoreManagerInterface $fA, \Magento\Framework\App\State $Pp, \Magento\Framework\Controller\ResultFactory $FM, SerializerInterface $Y5, PasswordGrant $nl, \Magento\Framework\Message\ManagerInterface $R2)
{
$this->messageManager = $R2;
$this->resultFactory = $FM;
$this->storeManager = $fA;
$this->_state = $Pp;
$this->serializer = $Y5;
$this->passwordGrant = $nl;
parent::__construct($nk, $qZ);
}
public function execute()
{
if (!$this->oauthUtility->isTrialExpired()) {
goto fm;
}
$this->oauthUtility->log_debug("\120\x72\157\143\x65\163\163\125\163\x65\162\x41\x63\164\x69\157\x6e\x3a\40\x65\170\145\143\165\164\145\40\72\40\131\x6f\x75\x72\x20\144\x65\x6d\157\x20\x61\143\x63\x6f\165\156\164\40\150\141\x73\40\145\170\x70\x69\162\x65\x64\x2e");
print_r("\x59\x6f\x75\162\40\104\x65\x6d\157\x20\x61\143\143\x6f\165\156\164\40\150\141\x73\x20\145\170\x70\151\162\x65\144\56\x20\x50\x6c\x65\141\163\x65\x20\x63\x6f\156\164\x61\x63\164\x20\x6d\141\147\x65\x6e\164\157\163\x75\160\160\x6f\162\164\x40\170\145\143\165\x72\151\146\171\x2e\143\157\155");
exit;
fm:
$oQ = false;
$this->oauthUtility->log_debug("\123\145\156\x64\x41\165\x74\150\157\x72\x69\x7a\141\164\x69\x6f\156\122\145\161\165\145\163\x74\x3a\x20\145\170\145\x63\165\x74\145");
if (!(!$this->oauthUtility->micr() || !$this->oauthUtility->mclv())) {
goto Ao;
}
return $this->getResponse()->setBody("\x50\x6c\145\x61\x73\145\40\x43\x6f\x6e\x66\151\147\x75\x72\145\40\155\x69\156\151\x4f\x72\141\x6e\x67\x65\40\x4f\x41\x75\164\150\40\x6d\157\144\165\154\145\x21");
Ao:
$SB = $this->getRequest()->getParams();
$Ig = $SB["\141\x70\x70\137\156\141\x6d\x65"];
$this->oauthUtility->log_debug("\x53\x65\156\144\101\x75\x74\x68\x6f\x72\151\172\x61\164\x69\157\156\122\x65\x71\x75\145\x73\x74\x3a\40\141\x70\160\x5f\156\x61\155\145", $Ig);
$this->oauthUtility->setSessionData(OAuthConstants::APP_NAME, $Ig);
$this->oauthUtility->setAdminSessionData(OAuthConstants::APP_NAME, $Ig);
$HU = $this->oauthUtility->getOAuthClientApps();
$XB = null;
$this->oauthUtility->log_debug("\x53\x65\x6e\x64\x41\165\164\x68\x6f\x72\151\172\141\x74\151\x6f\156\x52\x65\161\x75\145\163\164\72\x20\x63\x6f\x6c\154\145\x63\164\x69\x6f\x6e\40\x3a", count($HU));
foreach ($HU as $JZ) {
if (!($JZ->getData()["\141\x70\x70\137\x6e\x61\155\145"] === $Ig)) {
goto L2;
}
$XB = $JZ->getData();
L2:
LJ:
}
ov:
$this->oauthUtility->log_debug("\x53\145\x6e\x64\x41\x75\164\150\x6f\x72\x69\x7a\141\x74\151\157\x6e\122\x65\x71\x75\145\163\164\x3a\x20\143\154\151\145\156\x74\x44\x65\164\141\x69\x6c\163\x20\72" . json_encode($XB));
$this->oauthUtility->log_debug("\x53\145\x6e\144\101\165\x74\150\x6f\x72\151\172\x61\x74\151\157\x6e\x52\x65\161\165\x65\x73\x74\x3a\40\x52\145\x71\x75\145\163\x74\x20\x70\141\162\x61\x6d\x73\x3a" . json_encode($SB));
$Vs = array_key_exists("\x72\145\154\x61\x79\x53\x74\141\x74\x65", $SB) ? $SB["\x72\145\x6c\x61\x79\x53\164\141\164\145"] : "\x2f";
$CJ = $XB["\x67\x72\141\156\164\137\164\171\160\x65"];
$Xh = $this->resultFactory->create(\Magento\Framework\Controller\ResultFactory::TYPE_REDIRECT);
$eo = $this->oauthUtility->getBaseUrl();
$Jy = $eo . "\155\157\x6f\x61\x75\x74\x68\x2f\141\x63\x74\x69\x6f\x6e\x73\57\122\145\x61\144\x41\x75\164\x68\157\x72\151\172\x61\x74\x69\x6f\156\122\145\x73\x70\157\156\163\145";
$iu = $this->oauthUtility->isAutoRedirectEnabled($Ig);
$ya = $this->oauthUtility->isAllPageAutoRedirectEnabled($Ig);
if (!($iu && ($ya == NULL || $ya == 0) && $Vs != OAuthConstants::TEST_RELAYSTATE)) {
goto KH;
}
$ca = $this->_request->getServer("\110\x54\124\120\x5f\122\105\106\x45\122\x45\x52");
$this->oauthUtility->log_debug("\x53\145\x6e\144\101\x75\x74\150\x6f\162\x69\172\x61\x74\x69\157\x6e\122\145\x71\x75\145\163\x74\72\x20\160\x72\x65\166\151\x6f\165\x73\40\165\162\154\72" . $ca);
if (is_null($ca)) {
goto AF;
}
$Vs = preg_replace("\x2f\134\x2f\x24\x2f", '', $ca);
AF:
$this->oauthUtility->flushCache();
KH:
$this->oauthUtility->setSessionData("\145\x72\162\x6f\162\137\x72\145\x64\x69\x72\145\x63\x74\x5f\165\162\154", $Vs);
$kO = $this->oauthUtility->checkIfFlowStartedFromBackend($Vs);
if ($Vs == OAuthConstants::TEST_RELAYSTATE) {
goto xk;
}
$VK = $this->storeManager->getStore()->getWebsiteId();
$Dh = $this->oauthUtility->getStoreConfig(OAuthConstants::WEBSITE_IDS);
$IV = $this->oauthUtility->getStoreConfig(OAuthConstants::WEBSITE_COUNT);
$G5 = $this->oauthUtility->isBlank($Dh) ? array() : json_decode($Dh);
$LE = $this->oauthUtility->getWebsiteLimit();
if ($this->oauthUtility->isBlank($G5)) {
goto RM;
}
foreach ($G5 as $ed => $WS) {
if (!($VK == $ed)) {
goto ms;
}
$oQ = true;
goto Tv;
ms:
QK:
}
Tv:
RM:
if (!(!$kO && ($oQ == false || $IV > $LE))) {
goto IY;
}
print_r("\x59\157\165\40\x68\141\166\x65\x20\156\x6f\164\40\163\x65\x6c\145\143\x74\145\x64\40\x74\x68\151\x73\40\x77\x65\x62\x73\x69\x74\x65\40\146\157\162\x20\123\x53\x4f");
return;
IY:
goto Up;
xk:
$this->oauthUtility->setStoreConfig(OAuthConstants::IS_TEST, true);
$this->oauthUtility->flushCache();
Up:
if (!($CJ == "\160\141\x73\x73\x77\x6f\162\x64\x5f\147\162\x61\156\164")) {
goto KI;
}
if (!($Vs == OAuthConstants::TEST_RELAYSTATE)) {
goto Vi;
}
$Xh->setUrl($this->oauthUtility->getBaseUrl() . "\155\x6f\157\141\x75\x74\150\x2f\141\143\164\151\157\x6e\x73\x2f\120\141\x73\x73\167\157\162\x64\x47\162\x61\156\x74\x3f\162\x65\154\x61\171\123\164\141\164\x65\x3d" . $Vs);
return $Xh;
Vi:
$Xh->setUrl($this->oauthUtility->getBaseUrl() . "\x63\165\163\164\157\x6d\x65\162\x2f\x61\143\143\x6f\165\156\164\x2f\x6c\157\147\x69\x6e\57\77\x72\x65\x6c\141\171\123\164\x61\164\x65\75" . $Vs);
return $Xh;
KI:
if (isset($XB["\141\165\164\x68\x6f\162\151\x7a\x65\x5f\145\156\144\160\157\x69\156\164"])) {
goto pS;
}
return;
pS:
$hc = $XB["\x63\154\151\x65\156\x74\x49\104"];
$a0 = $XB["\x73\143\157\160\145"];
$iI = $XB["\x61\x75\164\150\157\x72\x69\x7a\145\137\145\x6e\x64\160\x6f\x69\x6e\164"];
$qS = OAuthConstants::CODE;
$eo = $this->oauthUtility->getBaseUrl();
$Jy = $this->oauthUtility->getBaseUrl() . OAuthConstants::CALLBACK_URL;
$FU = $XB["\160\153\143\x65\137\146\154\x6f\x77"] == 1 ? true : false;
$nO = '';
if (!$FU) {
goto LX;
}
$zM = bin2hex(openssl_random_pseudo_bytes(32));
$TY = $this->oauthUtility->base64url_encode(pack("\110\52", $zM));
$_SESSION["\x6d\x6f\137\x63\x6f\144\145\137\166\145\162\x69\x66\x69\x65\x72"] = $TY;
$nO = $this->oauthUtility->base64url_encode(pack("\x48\x2a", hash("\163\x68\x61\62\65\x36", $TY)));
LX:
$this->oauthUtility->log_debug("\x53\145\156\x64\101\x75\164\x68\157\x72\x69\172\x61\x74\151\x6f\x6e\122\x65\x71\x75\145\163\x74\72\x20\163\x63\157\160\145\x3a", $a0);
$this->oauthUtility->log_debug("\123\145\x6e\x64\x41\x75\x74\150\157\162\x69\172\x61\164\x69\x6f\156\x52\x65\161\x75\x65\163\164\72\40\141\165\164\x68\157\x72\151\x7a\x65\125\122\x4c\72", $iI);
$this->oauthUtility->log_debug("\123\145\156\x64\x41\x75\164\x68\157\x72\151\172\x61\164\151\157\x6e\122\x65\x71\x75\145\163\164\72\x20\x72\145\163\160\x6f\156\x73\x65\x54\x79\x70\145\x3a", $qS);
$this->oauthUtility->log_debug("\123\x65\x6e\x64\101\165\x74\x68\157\162\151\x7a\x61\164\x69\x6f\x6e\x52\145\161\x75\x65\163\x74\72\40\143\x75\x72\x72\145\156\164\x42\x61\x73\x65\125\162\154\x3a", $eo);
$this->oauthUtility->log_debug("\123\145\156\x64\101\165\x74\150\x6f\x72\151\x7a\141\164\x69\x6f\x6e\x52\145\161\165\145\x73\164\x3a\x20\162\145\144\151\x72\x65\x63\x74\x55\122\114\72", $Jy);
$EI = new AuthorizationRequest($hc, $a0, $iI, $qS, $Jy, $Vs, $FU, $nO);
$A2 = $EI->build();
$this->oauthUtility->log_debug("\x53\145\156\x64\101\x75\x74\150\x6f\162\x69\x7a\141\164\x69\157\156\122\145\x71\165\x65\x73\x74\x3a\40\x41\x75\x74\x68\157\x72\151\x7a\x61\164\151\157\x6e\x20\x52\145\161\165\145\x73\164\72", $A2);
return $this->sendHTTPRedirectRequest($A2, $iI);
}
}
Function Calls
| None |
Stats
| MD5 | c4657a545bf28947952b1c0a495bfa72 |
| Eval Count | 0 |
| Decode Time | 45 ms |