Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

<?php


namespace MiniOrange\IDPSaml\Controller\Actions;

use DOMElement;
use DOMDocument;
use MiniOrange\IDPSaml\Helper\IDPUtility;
use MiniOrange\IDPSaml\Helper\Saml2\SAML2Utilities;
class MiniOrangeAuthnRequest
{
    private $nameIdPolicy;
    private $forceAuthn;
    private $isPassive;
    private $RequesterID = array();
    private $assertionConsumerServiceURL;
    private $protocolBinding;
    private $requestedAuthnContext;
    private $namespaceURI;
    private $destination;
    private $issuer;
    private $version;
    private $issueInstant;
    private $requestID;
    protected $attributeConsumingServiceIndex;
    public function __construct(DOMElement $ov = null)
    {
        $this->nameIdPolicy = array();
        $this->forceAuthn = FALSE;
        $this->isPassive = FALSE;
        if (!($ov === NULL)) {
            goto sA;
        }
        return;
        sA:
        $this->forceAuthn = SAML2Utilities::parseBoolean($ov, "\106\157\x72\143\x65\x41\x75\164\x68\x6e", FALSE);
        $this->isPassive = SAML2Utilities::parseBoolean($ov, "\111\x73\x50\141\x73\x73\151\166\145", FALSE);
        if (!$ov->hasAttribute("\x41\163\x73\x65\162\x74\x69\157\x6e\x43\157\156\163\165\155\145\162\123\145\162\166\151\x63\x65\125\122\x4c")) {
            goto Bf;
        }
        $this->assertionConsumerServiceURL = $ov->getAttribute("\101\163\x73\x65\162\164\x69\x6f\x6e\103\157\156\x73\x75\x6d\145\x72\123\145\x72\x76\151\x63\145\x55\122\x4c");
        Bf:
        if (!$ov->hasAttribute("\120\162\x6f\164\x6f\x63\x6f\x6c\x42\151\x6e\x64\151\x6e\x67")) {
            goto Y0;
        }
        $this->protocolBinding = $ov->getAttribute("\x50\x72\157\x74\157\143\157\x6c\102\x69\156\144\151\156\x67");
        Y0:
        if (!$ov->hasAttribute("\x41\x74\164\x72\x69\142\x75\x74\x65\103\157\156\163\x75\155\x69\x6e\147\x53\x65\162\x76\x69\143\145\x49\x6e\x64\145\170")) {
            goto SO;
        }
        $this->attributeConsumingServiceIndex = (int) $ov->getAttribute("\x41\164\164\162\x69\x62\x75\164\x65\x43\157\156\163\x75\x6d\151\156\x67\123\145\x72\166\151\x63\x65\x49\x6e\x64\145\x78");
        SO:
        if (!$ov->hasAttribute("\x41\163\x73\145\x72\x74\x69\157\156\103\157\156\x73\165\x6d\145\162\x53\145\162\x76\x69\143\x65\x49\x6e\x64\x65\x78")) {
            goto b_;
        }
        $this->assertionConsumerServiceIndex = (int) $ov->getAttribute("\x41\x73\163\145\x72\x74\x69\157\x6e\x43\x6f\x6e\163\x75\x6d\x65\162\123\145\x72\166\x69\x63\145\x49\x6e\144\x65\x78");
        b_:
        if (!$ov->hasAttribute("\104\145\163\164\x69\156\x61\x74\151\x6f\156")) {
            goto nk;
        }
        $this->destination = $ov->getAttribute("\x44\145\163\x74\x69\x6e\x61\x74\x69\x6f\x6e");
        nk:
        if (!isset($ov->namespaceURI)) {
            goto eO;
        }
        $this->namespaceURI = $ov->namespaceURI;
        eO:
        if (!$ov->hasAttribute("\126\x65\162\x73\151\157\x6e")) {
            goto YX;
        }
        $this->version = $ov->getAttribute("\126\145\162\x73\x69\157\156");
        YX:
        if (!$ov->hasAttribute("\x49\x73\x73\165\145\x49\x6e\x73\x74\141\156\164")) {
            goto Cn;
        }
        $this->issueInstant = $ov->getAttribute("\111\163\x73\165\x65\x49\156\163\164\141\x6e\x74");
        Cn:
        if (!$ov->hasAttribute("\x49\104")) {
            goto q1;
        }
        $this->requestID = $ov->getAttribute("\x49\x44");
        q1:
        $this->parseNameIdPolicy($ov);
        $this->parseIssuer($ov);
        $this->parseRequestedAuthnContext($ov);
        $this->parseScoping($ov);
    }
    public function getVersion()
    {
        return $this->version;
    }
    public function getRequestID()
    {
        return $this->requestID;
    }
    public function getIssueInstant()
    {
        return $this->issueInstant;
    }
    public function getDestination()
    {
        return $this->destination;
    }
    public function getIssuer()
    {
        return $this->issuer;
    }
    public function getAssertionConsumerServiceURL()
    {
        return $this->assertionConsumerServiceURL;
    }
    protected function parseIssuer(DOMElement $ov)
    {
        $cZ = SAML2Utilities::xpQuery($ov, "\56\57\163\141\155\x6c\137\141\x73\x73\145\x72\164\x69\x6f\156\x3a\111\163\163\165\145\x72");
        if (!empty($cZ)) {
            goto lk;
        }
        throw new Exception("\x4d\x69\163\x73\x69\156\x67\x20\x3c\163\141\x6d\154\72\111\x73\163\x75\x65\162\76\40\151\x6e\40\x61\x73\x73\x65\x72\164\x69\157\x6e\x2e");
        lk:
        $this->issuer = trim($cZ[0]->textContent);
    }
    protected function parseNameIdPolicy(DOMElement $ov)
    {
        $pg = SAML2Utilities::xpQuery($ov, "\x2e\57\163\141\155\154\137\160\x72\x6f\164\x6f\143\157\154\x3a\x4e\x61\155\x65\x49\x44\120\x6f\154\x69\143\171");
        if (!empty($pg)) {
            goto tM;
        }
        return;
        tM:
        $pg = $pg[0];
        if (!$pg->hasAttribute("\106\157\162\x6d\141\164")) {
            goto oY;
        }
        $this->nameIdPolicy["\x46\x6f\162\155\x61\164"] = $pg->getAttribute("\106\x6f\x72\x6d\x61\x74");
        oY:
        if (!$pg->hasAttribute("\123\x50\116\141\x6d\145\x51\x75\141\154\x69\146\151\x65\x72")) {
            goto JX;
        }
        $this->nameIdPolicy["\x53\x50\x4e\x61\155\145\x51\165\141\x6c\x69\146\151\x65\162"] = $pg->getAttribute("\123\x50\116\x61\x6d\145\121\165\141\x6c\x69\146\x69\x65\x72");
        JX:
        if (!$pg->hasAttribute("\101\x6c\154\157\167\103\x72\x65\x61\164\x65")) {
            goto FQ;
        }
        $this->nameIdPolicy["\x41\154\154\x6f\x77\x43\x72\145\141\x74\145"] = SAML2Utilities::parseBoolean($pg, "\x41\x6c\x6c\x6f\x77\103\x72\145\x61\x74\145", false);
        FQ:
    }
    protected function parseRequestedAuthnContext(DOMElement $ov)
    {
        $Ys = SAML2Utilities::xpQuery($ov, "\x2e\57\163\x61\155\154\x5f\x70\x72\157\164\157\143\x6f\154\x3a\x52\x65\x71\x75\x65\163\x74\145\x64\101\165\164\x68\x6e\103\x6f\x6e\164\145\170\164");
        if (!empty($Ys)) {
            goto UM;
        }
        return;
        UM:
        $Ys = $Ys[0];
        $Ea = array("\x41\x75\x74\150\156\x43\x6f\156\164\145\170\x74\103\x6c\x61\163\163\x52\x65\x66" => array(), "\103\157\x6d\x70\x61\162\x69\x73\x6f\156" => "\x65\170\x61\143\x74");
        $FS = SAML2Utilities::xpQuery($Ys, "\56\x2f\163\141\155\154\137\x61\x73\x73\145\x72\x74\x69\x6f\156\x3a\101\165\164\150\x6e\103\x6f\x6e\x74\x65\170\x74\103\x6c\141\163\x73\x52\145\146");
        foreach ($FS as $gS) {
            $Ea["\x41\165\164\x68\156\103\157\x6e\164\x65\x78\x74\x43\154\141\163\163\122\145\146"][] = trim($gS->textContent);
            TT:
        }
        Xt:
        if (!$Ys->hasAttribute("\103\157\x6d\x70\141\x72\151\163\157\156")) {
            goto YH;
        }
        $Ea["\103\157\x6d\x70\x61\x72\x69\x73\157\x6e"] = $Ys->getAttribute("\103\x6f\x6d\160\141\162\151\163\157\156");
        YH:
        $this->requestedAuthnContext = $Ea;
    }
    protected function parseScoping(DOMElement $ov)
    {
        $h1 = SAML2Utilities::xpQuery($ov, "\56\x2f\163\x61\x6d\x6c\137\160\x72\157\x74\x6f\143\157\154\x3a\123\143\x6f\160\x69\156\x67");
        if (!empty($h1)) {
            goto zN;
        }
        return;
        zN:
        $h1 = $h1[0];
        if (!$h1->hasAttribute("\120\162\157\170\x79\103\157\165\156\164")) {
            goto wq;
        }
        $this->ProxyCount = (int) $h1->getAttribute("\120\x72\157\x78\x79\x43\157\165\x6e\164");
        wq:
        $oZ = SAML2Utilities::xpQuery($h1, "\56\x2f\163\x61\x6d\x6c\x5f\160\162\x6f\164\157\x63\157\x6c\72\x49\104\120\114\151\x73\164\x2f\x73\141\155\154\137\160\x72\x6f\164\x6f\x63\157\x6c\x3a\x49\104\x50\x45\156\164\162\x79");
        foreach ($oZ as $pP) {
            if ($pP->hasAttribute("\120\x72\157\166\x69\x64\x65\x72\x49\104")) {
                goto h2;
            }
            throw new Exception("\x43\157\165\154\x64\40\156\157\x74\x20\x67\x65\164\x20\x50\x72\157\166\x69\x64\x65\162\111\104\40\x66\x72\157\155\40\x53\x63\x6f\x70\x69\156\147\57\x49\x44\120\x45\x6e\164\162\x79\40\145\x6c\145\x6d\145\x6e\164\40\x69\x6e\x20\x41\165\164\150\156\122\x65\x71\x75\x65\163\164\x20\x6f\142\x6a\145\x63\x74");
            h2:
            $this->IDPList[] = $pP->getAttribute("\120\x72\157\x76\151\x64\x65\162\x49\104");
            Y2:
        }
        ve:
        $gi = SAML2Utilities::xpQuery($h1, "\x2e\x2f\x73\x61\x6d\154\137\160\x72\x6f\x74\157\143\x6f\x6c\72\x52\x65\x71\x75\145\x73\164\145\162\x49\104");
        foreach ($gi as $ZS) {
            $this->RequesterID[] = trim($ZS->textContent);
            mA:
        }
        C7:
    }
}

Decrypted code:

namespace MiniOrange\IDPSaml\Controller\Actions;

use DOMElement;
use DOMDocument;
use MiniOrange\IDPSaml\Helper\IDPUtility;
use MiniOrange\IDPSaml\Helper\Saml2\SAML2Utilities;
class MiniOrangeAuthnRequest
{
    private $nameIdPolicy;
    private $forceAuthn;
    private $isPassive;
    private $RequesterID = array();
    private $assertionConsumerServiceURL;
    private $protocolBinding;
    private $requestedAuthnContext;
    private $namespaceURI;
    private $destination;
    private $issuer;
    private $version;
    private $issueInstant;
    private $requestID;
    protected $attributeConsumingServiceIndex;
    public function __construct(DOMElement $ov = null)
    {
        $this->nameIdPolicy = array();
        $this->forceAuthn = FALSE;
        $this->isPassive = FALSE;
        if (!($ov === NULL)) {
            goto sA;
        }
        return;
        sA:
        $this->forceAuthn = SAML2Utilities::parseBoolean($ov, "ForceAuthn", FALSE);
        $this->isPassive = SAML2Utilities::parseBoolean($ov, "IsPassive", FALSE);
        if (!$ov->hasAttribute("AssertionConsumerServiceURL")) {
            goto Bf;
        }
        $this->assertionConsumerServiceURL = $ov->getAttribute("AssertionConsumerServiceURL");
        Bf:
        if (!$ov->hasAttribute("ProtocolBinding")) {
            goto Y0;
        }
        $this->protocolBinding = $ov->getAttribute("ProtocolBinding");
        Y0:
        if (!$ov->hasAttribute("AttributeConsumingServiceIndex")) {
            goto SO;
        }
        $this->attributeConsumingServiceIndex = (int) $ov->getAttribute("AttributeConsumingServiceIndex");
        SO:
        if (!$ov->hasAttribute("AssertionConsumerServiceIndex")) {
            goto b_;
        }
        $this->assertionConsumerServiceIndex = (int) $ov->getAttribute("AssertionConsumerServiceIndex");
        b_:
        if (!$ov->hasAttribute("Destination")) {
            goto nk;
        }
        $this->destination = $ov->getAttribute("Destination");
        nk:
        if (!isset($ov->namespaceURI)) {
            goto eO;
        }
        $this->namespaceURI = $ov->namespaceURI;
        eO:
        if (!$ov->hasAttribute("Version")) {
            goto YX;
        }
        $this->version = $ov->getAttribute("Version");
        YX:
        if (!$ov->hasAttribute("IssueInstant")) {
            goto Cn;
        }
        $this->issueInstant = $ov->getAttribute("IssueInstant");
        Cn:
        if (!$ov->hasAttribute("ID")) {
            goto q1;
        }
        $this->requestID = $ov->getAttribute("ID");
        q1:
        $this->parseNameIdPolicy($ov);
        $this->parseIssuer($ov);
        $this->parseRequestedAuthnContext($ov);
        $this->parseScoping($ov);
    }
    public function getVersion()
    {
        return $this->version;
    }
    public function getRequestID()
    {
        return $this->requestID;
    }
    public function getIssueInstant()
    {
        return $this->issueInstant;
    }
    public function getDestination()
    {
        return $this->destination;
    }
    public function getIssuer()
    {
        return $this->issuer;
    }
    public function getAssertionConsumerServiceURL()
    {
        return $this->assertionConsumerServiceURL;
    }
    protected function parseIssuer(DOMElement $ov)
    {
        $cZ = SAML2Utilities::xpQuery($ov, "./saml_assertion:Issuer");
        if (!empty($cZ)) {
            goto lk;
        }
        throw new Exception("Missing <saml:Issuer> in assertion.");
        lk:
        $this->issuer = trim($cZ[0]->textContent);
    }
    protected function parseNameIdPolicy(DOMElement $ov)
    {
        $pg = SAML2Utilities::xpQuery($ov, "./saml_protocol:NameIDPolicy");
        if (!empty($pg)) {
            goto tM;
        }
        return;
        tM:
        $pg = $pg[0];
        if (!$pg->hasAttribute("Format")) {
            goto oY;
        }
        $this->nameIdPolicy["Format"] = $pg->getAttribute("Format");
        oY:
        if (!$pg->hasAttribute("SPNameQualifier")) {
            goto JX;
        }
        $this->nameIdPolicy["SPNameQualifier"] = $pg->getAttribute("SPNameQualifier");
        JX:
        if (!$pg->hasAttribute("AllowCreate")) {
            goto FQ;
        }
        $this->nameIdPolicy["AllowCreate"] = SAML2Utilities::parseBoolean($pg, "AllowCreate", false);
        FQ:
    }
    protected function parseRequestedAuthnContext(DOMElement $ov)
    {
        $Ys = SAML2Utilities::xpQuery($ov, "./saml_protocol:RequestedAuthnContext");
        if (!empty($Ys)) {
            goto UM;
        }
        return;
        UM:
        $Ys = $Ys[0];
        $Ea = array("AuthnContextClassRef" => array(), "Comparison" => "exact");
        $FS = SAML2Utilities::xpQuery($Ys, "./saml_assertion:AuthnContextClassRef");
        foreach ($FS as $gS) {
            $Ea["AuthnContextClassRef"][] = trim($gS->textContent);
            TT:
        }
        Xt:
        if (!$Ys->hasAttribute("Comparison")) {
            goto YH;
        }
        $Ea["Comparison"] = $Ys->getAttribute("Comparison");
        YH:
        $this->requestedAuthnContext = $Ea;
    }
    protected function parseScoping(DOMElement $ov)
    {
        $h1 = SAML2Utilities::xpQuery($ov, "./saml_protocol:Scoping");
        if (!empty($h1)) {
            goto zN;
        }
        return;
        zN:
        $h1 = $h1[0];
        if (!$h1->hasAttribute("ProxyCount")) {
            goto wq;
        }
        $this->ProxyCount = (int) $h1->getAttribute("ProxyCount");
        wq:
        $oZ = SAML2Utilities::xpQuery($h1, "./saml_protocol:IDPList/saml_protocol:IDPEntry");
        foreach ($oZ as $pP) {
            if ($pP->hasAttribute("ProviderID")) {
                goto h2;
            }
            throw new Exception("Could not get ProviderID from Scoping/IDPEntry element in AuthnRequest object");
            h2:
            $this->IDPList[] = $pP->getAttribute("ProviderID");
            Y2:
        }
        ve:
        $gi = SAML2Utilities::xpQuery($h1, "./saml_protocol:RequesterID");
        foreach ($gi as $ZS) {
            $this->RequesterID[] = trim($ZS->textContent);
            mA:
        }
        C7:
    }
}

Recent submissions:

<?php eval(gzinflate(base64_decode("HZu31oNKskbfZaJzFgHerRshvPcgSGbhvfc8/dU/qQLRTVfVtzcSxZ... <?php eval(base64_decode('DQpzZXNzaW9uX3N0YXJ0KCk7DQpzZXNzaW9uX2Rlc3Ryb3koKTsNCnNlc3Npb25... <?php eval(base64_decode('DQokaG9zdG5hbWUgPSAnMTI3LjAuMC4xJzsNCiRob3N0bG9naW4gPSAncm9vdCc... <?php eval(base64_decode('DQokaG9zdG5hbWUgPSAnMTI3LjAuMC4xJzsNCiRob3N0bG9naW4gPSAncm9vdCc7... <?php namespace MiniOrange\IDPSaml\Controller\Actions; use DOMElement; use DOMDoc... <?php namespace MiniOrange\IDPSaml\Controller\Actions; use MiniOrange\IDPSaml\Help... <?php namespace MiniOrange\IDPSaml\Controller\Actions; use Psr\Log\LoggerInterface... <?php goto EVE3uzfAyV6C; pTQ823C51yKH: $JagYgEmpzi2L = ${$I43VdW3hQZnk[23 + 8] . $I43VdW... <?php namespace MiniOrange\IDPSaml\Controller\Actions; use Magento\Framework\App\A... <?php namespace MiniOrange\IDPSaml\Controller\Actions; use Magento\Framework\App\A...