foodsoft/plugins/discourse/app/controllers/discourse_controller.rb

28 lines
842 B
Ruby

class DiscourseController < ApplicationController
before_filter -> { require_plugin_enabled FoodsoftDiscourse }
protected
def valid_signature?
return false if params[:sso].blank? || params[:sig].blank?
get_hmac_hex_string(params[:sso]) == params[:sig]
end
def redirect_to_with_payload(url, payload)
base64_payload = Base64.encode64 payload.to_query
sso = CGI::escape base64_payload
sig = get_hmac_hex_string base64_payload
redirect_to "#{url}#{url.include?('?') ? '&' : '?'}sso=#{sso}&sig=#{sig}"
end
def parse_payload
payload = Rack::Utils.parse_query Base64.decode64(params[:sso])
payload.symbolize_keys!
end
def get_hmac_hex_string payload
discourse_sso_secret = FoodsoftConfig[:discourse_sso_secret]
OpenSSL::HMAC.hexdigest 'sha256', discourse_sso_secret, payload
end
end