forked from ausaccessfed/rapidconnect-sample-ruby
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathweb.rb
More file actions
49 lines (41 loc) · 1015 Bytes
/
web.rb
File metadata and controls
49 lines (41 loc) · 1015 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
require 'sinatra'
require 'json'
require 'json/jwt'
use Rack::Session::Pool, :expire_after => 3600
get '/' do
erb :index
end
get '/welcome' do
if session[:attributes]
@attributes = session[:attributes]
@jwt = session[:jwt]
erb :welcome
else
redirect '/'
end
end
get '/logout' do
session.clear
redirect '/'
end
post '/auth/jwt' do
jws = params[:assertion]
secret = 'abcdABCDabcdABCDabcdABCD'
if jws
jwt = JSON::JWT.decode(jws.to_s, secret)
# Ensure this app was the intended audience for the token and timings are valid
if jwt['aud'] == 'http://localhost:8080' && Time.now > Time.at(jwt['nbf']) && Time.now < Time.at(jwt['exp'])
attributes = jwt['https://aaf.edu.au/attributes']
session[:attributes] = attributes
session[:jwt] = jwt
redirect '/welcome'
else
halt 500, "Audience or timings are invalid"
end
else
halt 500, "Signature was invalid"
end
end
get '/INSERT_YOUR_RAPID_CONNECT_URL_HERE' do
erb :readme
end