Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

<?php


namespace MiniOrange\IDPSaml\Controller\Actions;

use Magento\Framework\App\Action\Context;
use MiniOrange\IDPSaml\Helper\IDPUtility;
use MiniOrange\IDPSaml\Helper\IDPConstants;
use MiniOrange\IDPSaml\Helper\Data;
use MiniOrange\IDPSaml\Controller\Actions\PasswordGrant;
use Magento\Framework\App\CsrfAwareActionInterface;
use Magento\Framework\App\RequestInterface;
use Magento\Framework\App\Request\InvalidRequestException;
use Magento\Customer\Model\CustomerFactory;
use Magento\Customer\Model\ResourceModel\Customer\CollectionFactory;
use Magento\Framework\App\Bootstrap;
use Magento\Customer\Model\Customer;
use Magento\Framework\App\Response\Http;
use Magento\Customer\Api\CustomerRepositoryInterface;
use Magento\Customer\Model\Session;
use Magento\Framework\Controller\ResultFactory;
use Magento\Customer\Model\AddressFactory;
class Userinfo extends \Magento\Framework\App\Action\Action implements CsrfAwareActionInterface
{
    private $REQUEST;
    private $POST;
    private $passwordGrant;
    protected $resultFactory;
    private $customerSession;
    private $customerFactory;
    private $customerRepository;
    protected $response;
    protected $idpUtility;
    protected $customerCollectionFactory;
    protected $_addressFactory;
    public function __construct(Context $FF, IDPUtility $Ng, ResultFactory $Fb, Session $d9, CustomerFactory $o2, CustomerRepositoryInterface $ql, Http $WG, CollectionFactory $Fn, AddressFactory $uw)
    {
        $this->resultFactory = $Fb;
        $this->customerSession = $d9;
        $this->idpUtility = $Ng;
        $this->customerFactory = $o2;
        $this->customerRepository = $ql;
        $this->response = $WG;
        $this->customerCollectionFactory = $Fn;
        $this->_addressFactory = $uw;
        parent::__construct($FF);
    }
    public function execute()
    {
        $this->idpUtility->log_debug("\x55\163\x65\x72\x49\156\x66\157\x3a\x20\163\x74\x61\x72\x74\145\144");
        foreach (getallheaders() as $uM => $TC) {
            $this->idpUtility->log_debug("\x55\163\x65\162\111\156\146\157\x3a\40\x61\164\164\x72\x69\142\x75\x74\145\40\156\x61\x6d\x65\72\40" . $uM . "\x20\x61\x74\x74\x72\151\142\x75\x74\145\x20\x76\x61\154\x75\x65\72\40" . $TC);
            if (!($uM == "\x41\x75\164\x68\x6f\162\x69\172\x61\x74\151\157\x6e" && !empty($TC))) {
                goto Xy;
            }
            $TC = ltrim(substr($TC, 6));
            $Ii = explode("\x63\x6c\x69\x65\x6e\x74", $TC);
            $Wm = $Ii[1];
            $this->idpUtility->log_debug("\162\x65\x63\x65\x69\166\x65\144\x20\143\x6c\x69\x65\x6e\x74\40\x69\x64\40\x69\x6e\x20\165\163\x65\162\x69\x6e\146\x6f\x3a\40", $Wm);
            Xy:
            dB:
        }
        Ge:
        $Kb = $this->idpUtility->getMiniOrangeOAuthClients();
        foreach ($Kb as $av) {
            if (!($av->getData()[IDPConstants::CLIENT_ID] === $Wm)) {
                goto b2;
            }
            $AG = $av->getData();
            b2:
            Hc:
        }
        ER:
        if (isset($AG)) {
            goto NQ;
        }
        foreach ($Kb as $av) {
            $AG = $av->getData();
            goto t6;
            T6:
        }
        t6:
        NQ:
        $this->idpUtility->log_debug("\x55\x73\x65\x72\x49\x6e\x66\157\72\40\x63\154\x69\x65\156\164\x20\x73\145\154\145\x63\164\145\144\x20\146\157\162\40\141\x74\164\162\x69\142\165\164\145\x20\155\x61\160\160\151\x6e\x67\x20\x69\x6e\40\165\x73\145\x72\x69\156\x66\157\x3a\40", $AG[IDPConstants::CLIENT_NAME]);
        $sg = $AG[IDPConstants::CLIENT_ID];
        $lw = $this->getRequest()->getParams();
        $U0 = [];
        foreach (getallheaders() as $uM => $TC) {
            $U0[$uM] = $TC;
            Kk:
        }
        xj:
        $Lk = $U0["\101\x75\x74\x68\157\162\151\x7a\x61\x74\151\x6f\x6e"];
        $VV = trim(substr($Lk, 6));
        $this->idpUtility->log_debug("\x55\x73\145\162\111\x6e\146\x6f\72\40\x61\143\143\x65\163\x73\40\164\157\153\x65\x6e\40\162\145\x63\x65\x69\x76\145\144\x3a\40", $VV);
        $Ug = $this->idpUtility->getUserDataFromToken($VV);
        if (!empty($Ug)) {
            goto C9;
        }
        $rd = json_encode(["\x65\x72\162\x6f\162" => "\x69\x6e\166\x61\154\151\x64\x5f\x67\162\141\156\164", "\x65\x72\x72\x6f\162\137\144\x65\x73\x63\162\151\x70\164\151\x6f\156" => "\101\x63\143\145\163\163\x20\164\x6f\153\x65\x6e\x20\156\157\x74\40\146\157\x75\x6e\144"]);
        $this->response->setBody($rd);
        $this->response->setStatusCode(200);
        $this->response->setHeader("\x43\157\156\164\145\156\x74\x2d\124\x79\160\x65", "\141\x70\160\154\x69\143\141\164\151\x6f\x6e\57\x6a\x73\157\x6e", true);
        $this->response->setHeader("\103\x6f\156\x74\x65\x6e\x74\x2d\x4c\x65\x6e\x67\x74\150", strlen($rd));
        $this->response->send();
        return;
        C9:
        $Rd = $Ug["\165\x73\145\162\137\151\144"];
        $oq = $Ug["\141\143\143\145\163\163\x5f\x74\x6f\153\x65\x6e\x5f\145\x78\x70\151\x72\x79\x5f\164\151\x6d\x65"];
        $this->idpUtility->log_debug("\125\x73\145\162\x49\156\146\157\72\x20\x55\163\145\162\40\x49\144\x3a\40", $Rd);
        if (!empty($Rd)) {
            goto E9;
        }
        $rd = json_encode(["\145\162\162\x6f\x72" => "\151\x6e\x76\x61\x6c\151\x64\x5f\x67\x72\141\x6e\x74", "\x65\162\x72\x6f\x72\137\144\x65\163\143\162\151\x70\164\151\157\156" => "\x41\143\143\145\x73\x73\x20\124\157\153\145\156\40\x63\x6f\165\x6c\144\x20\156\157\164\x20\142\x65\x20\x72\x65\164\x72\x65\x69\166\145\x64\56\x20\x50\x6c\x65\x61\x73\145\x20\164\162\171\40\141\x67\x61\x69\x6e\x20\157\162\x20\143\157\x6e\x74\x61\143\164\x20\171\157\165\162\40\x61\x64\x6d\x69\156\x69\x73\164\162\141\x74\x6f\162"]);
        $this->response->setBody($rd);
        $this->response->setStatusCode(200);
        $this->response->setHeader("\103\157\156\164\x65\x6e\164\x2d\x54\x79\160\x65", "\141\160\x70\154\x69\x63\x61\x74\151\157\156\57\x6a\x73\x6f\x6e", true);
        $this->response->setHeader("\103\157\x6e\164\x65\156\164\x2d\x4c\145\x6e\x67\164\x68", strlen($rd));
        $this->response->send();
        return;
        goto U5;
        E9:
        $Es = $this->idpUtility->ValidateAccessToken($oq);
        $this->idpUtility->log_debug("\125\163\x65\162\x49\x6e\146\x6f\x3a\40\141\143\x63\x65\x73\163\124\x6f\x6b\x65\x6e\x56\141\154\x69\144\141\x74\x69\x6f\x6e\122\x65\x73\165\154\164\x3a\x20", $Es);
        if (!$Es) {
            goto gZ;
        }
        $rd = json_encode(["\x65\x72\162\157\x72" => "\151\x6e\x76\141\154\151\144\137\147\162\x61\156\164", "\145\x72\162\157\x72\x5f\144\x65\x73\x63\162\151\x70\x74\x69\x6f\156" => "\x41\x63\x63\145\x73\163\40\x74\157\x6b\x65\x6e\x20\150\x61\163\40\145\x78\160\x69\x72\145\144"]);
        $this->response->setBody($rd);
        $this->response->setStatusCode(200);
        $this->response->setHeader("\103\157\x6e\x74\145\x6e\x74\x2d\x54\x79\x70\x65", "\x61\x70\160\154\x69\143\141\164\151\x6f\156\57\x6a\x73\157\x6e", true);
        $this->response->setHeader("\x43\x6f\x6e\164\x65\x6e\x74\x2d\114\x65\156\147\164\150", strlen($rd));
        $this->response->send();
        return;
        gZ:
        U5:
        if (!$AG[IDPConstants::IS_BACKEND_SSO_ENABLED]) {
            goto to;
        }
        $Zf = $this->idpUtility->getAdminUserById($Rd);
        $this->idpUtility->log_debug("\125\163\145\x72\x49\156\x66\157\72\40\163\x74\x61\162\x74\x65\144\40\145\155\x61\151\154", $Zf->getEmail());
        $this->idpUtility->log_debug("\x55\x73\x65\162\x49\156\x66\x6f\72\40\163\x74\141\x72\x74\145\144\x20\x67\x65\x74\125\163\x65\x72\156\141\x6d\145", $Zf->getUsername());
        $EF = (object) ["\x4e\141\x6d\145\111\x64" => $Zf->getEmail(), "\146\151\162\x73\164\x4e\x61\x6d\145" => $Zf->getFirstName(), "\154\141\163\x74\x4e\x61\x6d\145" => $Zf->getLastName(), "\x72\157\x6c\145\x5f\x69\144" => $Zf->getRole()->getId()];
        $this->idpUtility->log_debug("\106\151\x6e\141\x6c\x20\165\x73\145\x72\x69\x6e\146\157\x20\157\142\152\145\x63\x74\x20\x66\x6f\x72\40\x62\x61\x63\153\x65\156\144\x20\x75\163\x65\162\x3a\x20", $EF);
        $rd = json_encode($EF);
        $this->response->setBody($rd);
        $this->response->setStatusCode(200);
        $this->response->setHeader("\x43\x6f\x6e\164\x65\x6e\164\55\x54\171\160\145", "\141\x70\160\x6c\151\x63\x61\164\151\x6f\x6e\x2f\x6a\x73\x6f\x6e", true);
        $this->response->setHeader("\103\157\156\x74\145\x6e\164\x2d\x4c\x65\x6e\147\x74\150", strlen($rd));
        $this->response->send();
        return;
        goto cC;
        to:
        $Zf = $this->customerRepository->getById($Rd);
        $Rd = $Zf->getId();
        $GV = $AG[IDPConstants::ATTRIBUTE_MAPPING];
        $rk = $AG[IDPConstants::CUSTOM_ATTRIBUTE_MAPPING];
        $this->idpUtility->log_debug("\x55\x73\x65\x72\x49\156\x66\157\72\x20\x6d\x61\160\160\145\144\x5f\x61\x74\164\162\163\x3a\40", $GV);
        $Qq = $this->customerFactory->create()->load($Rd);
        $JM = $Qq->getData();
        $this->idpUtility->log_debug("\x63\x75\x73\164\x6f\155\145\162\x5f\145\156\164\151\164\171\40\x61\x74\x74\162\x69\142\165\164\145\163\40\72\x20", $JM);
        $Eo = $Qq->getDefaultBilling();
        $TO = $Qq->getDefaultShipping();
        $this->idpUtility->log_debug("\142\151\x6c\x6c\x69\x6e\x67\40\x61\x64\144\x72\145\163\x73\x20\x69\144\40\72\x20", $Eo);
        $this->idpUtility->log_debug("\163\150\151\x70\x70\x69\156\x67\40\141\x64\144\162\x65\x73\163\x20\x69\x64\40\x3a\x20", $TO);
        $qC = $this->_addressFactory->create()->load($Eo);
        $y4 = $this->_addressFactory->create()->load($TO);
        if (!isset($qC)) {
            goto PK;
        }
        $kC = $qC->getData();
        PK:
        if (!isset($y4)) {
            goto wh;
        }
        $mY = $y4->getData();
        wh:
        $EF = (object) ["\x4e\141\155\145\111\x64" => $Zf->getEmail()];
        if (!($GV != null)) {
            goto jj;
        }
        $GV = json_decode((string) $GV);
        foreach ($GV as $hO => $TC) {
            if (isset($JM[$TC])) {
                goto Y8;
            }
            if (isset($kC[$TC])) {
                goto Q6;
            }
            if (!isset($mY[$TC])) {
                goto wD;
            }
            $EF->{$hO} = $mY[$TC];
            wD:
            goto JJ;
            Q6:
            $EF->{$hO} = $kC[$TC];
            JJ:
            goto dx;
            Y8:
            $EF->{$hO} = $JM[$TC];
            dx:
            CF:
        }
        Jn:
        jj:
        if (!($rk != NULL)) {
            goto De;
        }
        $rk = json_decode((string) $rk);
        foreach ($rk as $hO => $TC) {
            $EF->{$hO} = $TC;
            BJ:
        }
        E4:
        De:
        $this->idpUtility->log_debug("\125\x73\145\162\x49\x6e\x66\x6f\72\40\x67\145\x6e\145\162\x69\x63\117\142\x6a\x65\x63\164\x20\141\146\164\145\x72\40\141\x64\144\x69\156\x67\x20\141\164\x74\162\151\142\x75\x74\145\x20\x6d\141\160\x70\x69\x6e\x67\x3a\40", $EF);
        $rd = json_encode($EF);
        $this->idpUtility->log_debug("\125\163\145\162\x49\x6e\x66\x6f\72\40\x66\x69\x6e\141\x6c\x20\152\163\157\156\x20\164\157\x20\142\x65\x20\163\145\156\x74\x20\x69\156\40\x72\x65\163\x70\x6f\x6e\163\x65\x3a\40", $rd);
        $this->response->setBody($rd);
        $this->response->setStatusCode(200);
        $this->response->setHeader("\103\157\156\164\145\x6e\164\x2d\x54\x79\x70\x65", "\x61\x70\x70\x6c\x69\x63\x61\x74\x69\x6f\156\57\152\163\x6f\156", true);
        $this->response->setHeader("\103\x6f\x6e\164\x65\x6e\164\55\x4c\x65\156\x67\x74\150", strlen($rd));
        $this->response->send();
        return;
        cC:
    }
    public function createCsrfValidationException(RequestInterface $De) : ?InvalidRequestException
    {
        return null;
    }
    public function validateForCsrf(RequestInterface $De) : ?bool
    {
        return true;
    }
}

Decrypted code:

namespace MiniOrange\IDPSaml\Controller\Actions;

use Magento\Framework\App\Action\Context;
use MiniOrange\IDPSaml\Helper\IDPUtility;
use MiniOrange\IDPSaml\Helper\IDPConstants;
use MiniOrange\IDPSaml\Helper\Data;
use MiniOrange\IDPSaml\Controller\Actions\PasswordGrant;
use Magento\Framework\App\CsrfAwareActionInterface;
use Magento\Framework\App\RequestInterface;
use Magento\Framework\App\Request\InvalidRequestException;
use Magento\Customer\Model\CustomerFactory;
use Magento\Customer\Model\ResourceModel\Customer\CollectionFactory;
use Magento\Framework\App\Bootstrap;
use Magento\Customer\Model\Customer;
use Magento\Framework\App\Response\Http;
use Magento\Customer\Api\CustomerRepositoryInterface;
use Magento\Customer\Model\Session;
use Magento\Framework\Controller\ResultFactory;
use Magento\Customer\Model\AddressFactory;
class Userinfo extends \Magento\Framework\App\Action\Action implements CsrfAwareActionInterface
{
    private $REQUEST;
    private $POST;
    private $passwordGrant;
    protected $resultFactory;
    private $customerSession;
    private $customerFactory;
    private $customerRepository;
    protected $response;
    protected $idpUtility;
    protected $customerCollectionFactory;
    protected $_addressFactory;
    public function __construct(Context $FF, IDPUtility $Ng, ResultFactory $Fb, Session $d9, CustomerFactory $o2, CustomerRepositoryInterface $ql, Http $WG, CollectionFactory $Fn, AddressFactory $uw)
    {
        $this->resultFactory = $Fb;
        $this->customerSession = $d9;
        $this->idpUtility = $Ng;
        $this->customerFactory = $o2;
        $this->customerRepository = $ql;
        $this->response = $WG;
        $this->customerCollectionFactory = $Fn;
        $this->_addressFactory = $uw;
        parent::__construct($FF);
    }
    public function execute()
    {
        $this->idpUtility->log_debug("UserInfo: started");
        foreach (getallheaders() as $uM => $TC) {
            $this->idpUtility->log_debug("UserInfo: attribute name: " . $uM . " attribute value: " . $TC);
            if (!($uM == "Authorization" && !empty($TC))) {
                goto Xy;
            }
            $TC = ltrim(substr($TC, 6));
            $Ii = explode("client", $TC);
            $Wm = $Ii[1];
            $this->idpUtility->log_debug("received client id in userinfo: ", $Wm);
            Xy:
            dB:
        }
        Ge:
        $Kb = $this->idpUtility->getMiniOrangeOAuthClients();
        foreach ($Kb as $av) {
            if (!($av->getData()[IDPConstants::CLIENT_ID] === $Wm)) {
                goto b2;
            }
            $AG = $av->getData();
            b2:
            Hc:
        }
        ER:
        if (isset($AG)) {
            goto NQ;
        }
        foreach ($Kb as $av) {
            $AG = $av->getData();
            goto t6;
            T6:
        }
        t6:
        NQ:
        $this->idpUtility->log_debug("UserInfo: client selected for attribute mapping in userinfo: ", $AG[IDPConstants::CLIENT_NAME]);
        $sg = $AG[IDPConstants::CLIENT_ID];
        $lw = $this->getRequest()->getParams();
        $U0 = [];
        foreach (getallheaders() as $uM => $TC) {
            $U0[$uM] = $TC;
            Kk:
        }
        xj:
        $Lk = $U0["Authorization"];
        $VV = trim(substr($Lk, 6));
        $this->idpUtility->log_debug("UserInfo: access token received: ", $VV);
        $Ug = $this->idpUtility->getUserDataFromToken($VV);
        if (!empty($Ug)) {
            goto C9;
        }
        $rd = json_encode(["error" => "invalid_grant", "error_description" => "Access token not found"]);
        $this->response->setBody($rd);
        $this->response->setStatusCode(200);
        $this->response->setHeader("Content-Type", "application/json", true);
        $this->response->setHeader("Content-Length", strlen($rd));
        $this->response->send();
        return;
        C9:
        $Rd = $Ug["user_id"];
        $oq = $Ug["access_token_expiry_time"];
        $this->idpUtility->log_debug("UserInfo: User Id: ", $Rd);
        if (!empty($Rd)) {
            goto E9;
        }
        $rd = json_encode(["error" => "invalid_grant", "error_description" => "Access Token could not be retreived. Please try again or contact your administrator"]);
        $this->response->setBody($rd);
        $this->response->setStatusCode(200);
        $this->response->setHeader("Content-Type", "application/json", true);
        $this->response->setHeader("Content-Length", strlen($rd));
        $this->response->send();
        return;
        goto U5;
        E9:
        $Es = $this->idpUtility->ValidateAccessToken($oq);
        $this->idpUtility->log_debug("UserInfo: accessTokenValidationResult: ", $Es);
        if (!$Es) {
            goto gZ;
        }
        $rd = json_encode(["error" => "invalid_grant", "error_description" => "Access token has expired"]);
        $this->response->setBody($rd);
        $this->response->setStatusCode(200);
        $this->response->setHeader("Content-Type", "application/json", true);
        $this->response->setHeader("Content-Length", strlen($rd));
        $this->response->send();
        return;
        gZ:
        U5:
        if (!$AG[IDPConstants::IS_BACKEND_SSO_ENABLED]) {
            goto to;
        }
        $Zf = $this->idpUtility->getAdminUserById($Rd);
        $this->idpUtility->log_debug("UserInfo: started email", $Zf->getEmail());
        $this->idpUtility->log_debug("UserInfo: started getUsername", $Zf->getUsername());
        $EF = (object) ["NameId" => $Zf->getEmail(), "firstName" => $Zf->getFirstName(), "lastName" => $Zf->getLastName(), "role_id" => $Zf->getRole()->getId()];
        $this->idpUtility->log_debug("Final userinfo object for backend user: ", $EF);
        $rd = json_encode($EF);
        $this->response->setBody($rd);
        $this->response->setStatusCode(200);
        $this->response->setHeader("Content-Type", "application/json", true);
        $this->response->setHeader("Content-Length", strlen($rd));
        $this->response->send();
        return;
        goto cC;
        to:
        $Zf = $this->customerRepository->getById($Rd);
        $Rd = $Zf->getId();
        $GV = $AG[IDPConstants::ATTRIBUTE_MAPPING];
        $rk = $AG[IDPConstants::CUSTOM_ATTRIBUTE_MAPPING];
        $this->idpUtility->log_debug("UserInfo: mapped_attrs: ", $GV);
        $Qq = $this->customerFactory->create()->load($Rd);
        $JM = $Qq->getData();
        $this->idpUtility->log_debug("customer_entity attributes : ", $JM);
        $Eo = $Qq->getDefaultBilling();
        $TO = $Qq->getDefaultShipping();
        $this->idpUtility->log_debug("billing address id : ", $Eo);
        $this->idpUtility->log_debug("shipping address id : ", $TO);
        $qC = $this->_addressFactory->create()->load($Eo);
        $y4 = $this->_addressFactory->create()->load($TO);
        if (!isset($qC)) {
            goto PK;
        }
        $kC = $qC->getData();
        PK:
        if (!isset($y4)) {
            goto wh;
        }
        $mY = $y4->getData();
        wh:
        $EF = (object) ["NameId" => $Zf->getEmail()];
        if (!($GV != null)) {
            goto jj;
        }
        $GV = json_decode((string) $GV);
        foreach ($GV as $hO => $TC) {
            if (isset($JM[$TC])) {
                goto Y8;
            }
            if (isset($kC[$TC])) {
                goto Q6;
            }
            if (!isset($mY[$TC])) {
                goto wD;
            }
            $EF->{$hO} = $mY[$TC];
            wD:
            goto JJ;
            Q6:
            $EF->{$hO} = $kC[$TC];
            JJ:
            goto dx;
            Y8:
            $EF->{$hO} = $JM[$TC];
            dx:
            CF:
        }
        Jn:
        jj:
        if (!($rk != NULL)) {
            goto De;
        }
        $rk = json_decode((string) $rk);
        foreach ($rk as $hO => $TC) {
            $EF->{$hO} = $TC;
            BJ:
        }
        E4:
        De:
        $this->idpUtility->log_debug("UserInfo: genericObject after adding attribute mapping: ", $EF);
        $rd = json_encode($EF);
        $this->idpUtility->log_debug("UserInfo: final json to be sent in response: ", $rd);
        $this->response->setBody($rd);
        $this->response->setStatusCode(200);
        $this->response->setHeader("Content-Type", "application/json", true);
        $this->response->setHeader("Content-Length", strlen($rd));
        $this->response->send();
        return;
        cC:
    }
    public function createCsrfValidationException(RequestInterface $De) : ?InvalidRequestException
    {
        return null;
    }
    public function validateForCsrf(RequestInterface $De) : ?bool
    {
        return true;
    }
}

Recent submissions: