Before service discovery starts, following event handlers must be set: Redirect URL must be set and it must match the one set on CUCM. We do this through LoginController.setSSORedirectURL() method:
function onEmailRequired()
{
var email;
//...
// Prompt user for email here...
//...
cwic.LoginController.setEmail(email);
}
function onSSONavigationRequired(redirectURL)
{
// ...
// Handle event here
// ...
}
// This will be called from our redirection page when we receive SSO token.
// We'll also add this to global window object so redirect page can reference it.
function onSSONavigationComplete(SSOTokenURI)
{
// ...
// Handle event here
// ...
}
window.onSSONavigationComplete = onSSNavigationComplete;
// In this example we'll assume that our application is running on localhost.
// Both our web application and redirection page must have the same origin.
cwic.LoginController.setSSORedirectURL("http://localhost:8000/redirect.html");
cwic.LoginController.addEventHandler("onEmailRequired", onEmailRequired);
cwic.LoginController.addEventHandler("onSSONavigationRequired", onSSONavigationRequired);
cwic.LoginController.startDiscovery();
Once service discovery has started it will be followed with "onServiceDiscovering".
Right after that "onEmailRequired" event will be fired, which will require
from user to enter his email address. If email address is valid then "onSSONavigationRequired"
event will be fired. Redirection must be done in a new browser window or iframe. In following example popup window
will be used for redirection. onSSONavigationRequired() function from previous snippet will be expanded:
function onSSONavigationRequired(redirectURL)
{
window.open(redirectURL, '', 'height=200,width=200,scrollbars=1');
}
Once popup window has been opened and user is navigated to redirection page, he'll be requested by Identity Provider to enter
valid credentials. If credentials are valid he'll be redirected to redirection page (http://localhost:8000/redirect.html)
that was specified through LoginController.setSSORedirectURL method. From there SSO token needs to be passed
to CWIC. In the snippet bellow it is Demonstrated what script on redirection page should do:
var url = document.location.href;
// Here we call callback we have set in the first snippet.
window.opener.onSSONavigationComplete(url);
window.close();
Below it is shown what needs to be done after callback from application has been called (onSSONavigationCompleted()
function will be expanded)
function onSSONavigationComplete(SSOTokenURI)
{
// Here we finally pass SSO token to CWIC.
cwic.LoginController.setSSOTokenUri(SSOTokenURI);
}
After this user will be successfully signed in.
Canceling SSO
During SSO sign in process, which starts when "onSSONavigationRequired" event is fired and lasts until we pass SSO token URI to CWIC library, SSO procedure can be canceled by calling LoginController.cancelSSO()
cwic.LoginController.cancelSSO();