Skip to content

Instantly share code, notes, and snippets.

@bradleybeddoes
Last active December 20, 2015 19:08
Show Gist options
  • Save bradleybeddoes/7051824753235cde90b8 to your computer and use it in GitHub Desktop.
Save bradleybeddoes/7051824753235cde90b8 to your computer and use it in GitHub Desktop.
PHP example of AAF Rapid Connect in Laravel framework
<?php
use JWT\Authentication\JWT;
Route::get('/', function()
{
return View::make('root');
});
Route::get('/welcome', function()
{
$jwt = Session::get('jwt');
$jws = Session::get('jws');
$attributes = $jwt->{'https://aaf.edu.au/attributes'};
return View::make('welcome', array('jws' => $jws, 'jwt' => $jwt, 'attributes' => $attributes));
});
Route::get('/logout', function()
{
Session::flush();
return Redirect::to('https://aaf-echo.gopagoda.com');
});
Route::post('/auth/jwt', function()
{
$jws = Input::get('assertion');
$jwt = JWT::decode($jws, 'SECRET');
# In a complete app we'd also store and validate the jti value to ensure there is no replay attack
$now = strtotime("now");
if( $jwt->iss == 'https://rapid.aaf.edu.au' &&
$jwt->aud == 'https://aaf-echo.gopagoda.com' && $now > $jwt->nbf && $now < $jwt->exp) {
Session::put('jws', $jws);
Session::put('jwt', $jwt);
return Redirect::to('https://aaf-echo.gopagoda.com/welcome');
} else {
App::abort(403,"JWS was invalid");
}
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment