| <?php | |
| use JWT\Authentication\JWT; | |
| Route::get('/', function() | |
| { | |
| return View::make('root'); | |
| }); | |
| Route::get('/welcome', function() | |
| { | |
| $jwt = Session::get('jwt'); | |
| $jws = Session::get('jws'); | |
| $attributes = $jwt->{'https://www.fedurus.ru/attributes'}; | |
| return View::make('welcome', array('jws' => $jws, 'jwt' => $jwt, 'attributes' => $attributes)); | |
| }); | |
| Route::get('/logout', function() | |
| { | |
| Session::flush(); | |
| return Redirect::to('https://fedurus-echo.gopagoda.com'); | |
| }); | |
| Route::post('/auth/jwt', function() | |
| { | |
| $secret = 'SECRET'; | |
| $jws = Input::get('assertion'); | |
| $jwt = JWT::decode($jws, $secret); | |
| # In a complete app we'd also store and validate the jti value to ensure there is no reply on this unique token ID | |
| $now = strtotime("now"); | |
| if($jwt->aud == 'https://fedurus-echo.gopagoda.com' && strtotime($jwt->exp) < $now && $now > strtotime($jwt->nbf)) { | |
| Session::put('jws', $jws); | |
| Session::put('jwt', $jwt); | |
| return Redirect::to('https://fedurus-echo.gopagoda.com/welcome'); | |
| } else { | |
| App::abort(403,"JWS was invalid"); | |
| } | |
| }); | |
| Route::get('/INSERT_YOUR_RAPID_CONNECT_URL_HERE', function() | |
| { | |
| return View::make('readme'); | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment