PingOne for Enterprise

Ruby Token Exchange Sample

#Sample rails controller

class TestIntegrationController < ApplicationController

  #
  # The restApiKey value is the REST API Client Secret (the password/secret associated with your REST API Client ID). You will need
  # to uncomment the @restApiKey statement and replace the empty string in the sample below with your REST API Client Secret.
  # For example:  @restApiKey = "mySecretApiPassword"
  #
  # The restAuthUsername value is the REST API Client ID (a GUID) automatically assigned to your account in the PingOne admin portal
  # on the Account > Integration page.
  # You will need to replace the restAuthUsername value in "${restAuthUsername}" in the sample below with your REST API Client ID.
  # For example: @request.basic_auth "5f6ce45e-1a00-488e-8519-7c9946cb6379", restApiKey
  #
  def sso
    @tokenid = params[:tokenid]
    @url = URI.parse "${tokenServiceBaseUrl}/sso/TXS/2.0/1/%s" % @tokenid
    @http = Net::HTTP.new(@url.host, @url.port)
    @http.use_ssl = true
    @request = Net::HTTP::Get.new(@url.path)
    @restApiKey = ""
    @request.basic_auth "${restAuthUsername}", @restApiKey
    @response = @http.request(@request)
    @data = JSON.parse @response.body
    @subject = @data['pingone.subject']
    @idpid = @data['pingone.idp.id']
    # TODO: Verify that @subject belongs to @idpid, and
    # Create a user session
    respond_to do |format|
      format.html # sso.html.erb
    end
  end

end

# sso.html.erb

<p>Welcome, <%= @subject %> </p>