#coding=utf-8

require 'base64'
require 'json'
require 'openssl'

## 单点登录 <=> 北斗
class SsoController < ApplicationController

  skip_before_filter :check_if_login_required

  def index
    options = parse(params[:auth])

    logger.debug options

    ## 认证
    login(options[:id])

    ## 选择性跳转

    redirect_to Organization.find(82)

  end

  private
  def base64_safe(content)
    content = content.gsub('-', '+')
    content.gsub('_', '/')
  end

  def parse(auth)
    crypted_str = Base64.decode64(base64_safe(auth))
    pkey = OpenSSL::PKey::RSA.new(File.new(File.join(Rails.root,"config/private.key")))
    content = pkey.private_decrypt(crypted_str,OpenSSL::PKey::RSA::PKCS1_PADDING)
    # content = pkey.private_decrypt(crypted_str)
    ActiveSupport::JSON.decode(content)
  end

  def login(id)
    sso = Sso.find(id)
    start_user_session(sso.user)
  end

end