<?php | |
use JWT\Authentication\JWT; | |
Route::get('/', function() | |
{ | |
return View::make('root'); | |
}); | |
Route::get('/welcome', function() | |
{ | |
$jwt = Session::get('jwt'); | |
$jws = Session::get('jws'); | |
$attributes = $jwt->{'https://www.fedurus.ru/attributes'}; | |
return View::make('welcome', array('jws' => $jws, 'jwt' => $jwt, 'attributes' => $attributes)); | |
}); | |
Route::get('/logout', function() | |
{ | |
Session::flush(); | |
return Redirect::to('https://fedurus-echo.gopagoda.com'); | |
}); | |
Route::post('/auth/jwt', function() | |
{ | |
$secret = 'SECRET'; | |
$jws = Input::get('assertion'); | |
$jwt = JWT::decode($jws, $secret); | |
# In a complete app we'd also store and validate the jti value to ensure there is no reply on this unique token ID | |
$now = strtotime("now"); | |
if($jwt->aud == 'https://fedurus-echo.gopagoda.com' && strtotime($jwt->exp) < $now && $now > strtotime($jwt->nbf)) { | |
Session::put('jws', $jws); | |
Session::put('jwt', $jwt); | |
return Redirect::to('https://fedurus-echo.gopagoda.com/welcome'); | |
} else { | |
App::abort(403,"JWS was invalid"); | |
} | |
}); | |
Route::get('/INSERT_YOUR_RAPID_CONNECT_URL_HERE', function() | |
{ | |
return View::make('readme'); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment