(function() { const SSO_IFRAME_URL = 'https://sso.erickson.it/account/bc/status.php'; const SSO_ORIGIN = 'https://sso.erickson.it'; const SSO_IS_LOGGED_STORAGE_KEY = "sso_is_logged"; const SSO_STATE_KEY = "sso_state_key"; const SSO_CHECK_URL = 'https://sso.erickson.it/account/bc/check.php'; let statusChangeCallback = null; let loginCallback = null; let logoutCallback = null; window.SSOManager = { initialStatusCheck: 1, init: function() { if (document.readyState === 'loading') { document.addEventListener('DOMContentLoaded', createSsoIframe); } else { createSsoIframe(); } if (this.initialStatusCheck == 2) { checkByRedirect(); } }, onLogin: function(callback) { if (typeof callback === 'function') { loginCallback = callback; } }, onLogout: function(callback) { if (typeof callback === 'function') { logoutCallback = callback; } }, }; function createSsoIframe() { const iframe = document.createElement('iframe'); iframe.style.display = 'none'; const parentOrigin = window.location.origin; iframe.src = `${SSO_IFRAME_URL}?parentOrigin=${encodeURIComponent(parentOrigin)}&initialStatusCheck=${SSOManager.initialStatusCheck}`; iframe.title = 'SSO Status Checker'; document.body.appendChild(iframe); } window.addEventListener('message', function(event) { if (event.origin !== SSO_ORIGIN) { return; // Ignora messaggi da origini sconosciute } if (!event.data){ return; } if (typeof event.data.idLogged !== 'undefined') { if (typeof statusChangeCallback === 'function') { statusChangeCallback(event.data); } const isLogged = event.data.idLogged; sendLocalEvent(isLogged); } else if (typeof event.data.action !== 'undefined') { const action = event.data.action; if (action == "checkByRedirect"){ checkByRedirect(); } } }); function sendLocalEvent(isLogged){ sessionStorage.setItem(SSO_IS_LOGGED_STORAGE_KEY, isLogged); if (isLogged) { if (typeof loginCallback === 'function') { loginCallback(); } } else { if (typeof logoutCallback === 'function') { logoutCallback(); } } } function checkByRedirect() { if (handleRedirectResponse()) { return; } if (isInSessionStorage()) { return; } let state = sessionStorage.getItem(SSO_STATE_KEY); if (typeof state == 'undefined' || state == null) { state = Math.random().toString(36).substring(2, 15); sessionStorage.setItem(SSO_STATE_KEY, state); } else { sessionStorage.removeItem(SSO_STATE_KEY); return; } const currentUrl = window.location.href; const currentUrlWithState = `${currentUrl}${currentUrl.includes('?') ? '&' : '?'}state=${encodeURIComponent(state)}`; let redirectUrl = `${SSO_CHECK_URL}?redirectTo=${encodeURIComponent(currentUrlWithState)}`; window.location.replace(redirectUrl); } function isInSessionStorage() { resetSessionstorage(); const isLogged = sessionStorage.getItem(SSO_IS_LOGGED_STORAGE_KEY); if (typeof isLogged == 'undefined' || isLogged == null) { return false; } sendLocalEvent(isLogged === 'true'); return true; } function resetSessionstorage(){ const referrer = document.referrer; const currentOrigin = window.location.origin; let shouldReset = false; if (!referrer) { shouldReset = true; } else { try { const referrerUrl = new URL(referrer); if (referrerUrl.origin !== currentOrigin) { shouldReset = true; console.log(`Referrer da origine diversa (${referrerUrl.origin}). Resetto.`); } else { console.log(`Referrer dalla stessa origine (${referrerUrl.origin}). Non resetto.`); } } catch (e) { shouldReset = true; // Considera un'entrata esterna in caso di dubbio console.log("Errore nell'analisi del referrer. Presunto accesso esterno. Resetto."); } } if (shouldReset) { sessionStorage.removeItem(SSO_IS_LOGGED_STORAGE_KEY); } } function handleRedirectResponse() { const urlParams = new URLSearchParams(window.location.search); const ssoIsLogged = urlParams.get('SsoIsLogged'); if (ssoIsLogged === null) { return false; } const cleanUrlSearchParams = new URLSearchParams(window.location.search); cleanUrlSearchParams.delete('SsoIsLogged'); const cleanSearch = cleanUrlSearchParams.toString(); const cleanUrl = window.location.pathname + (cleanSearch ? '?' + cleanSearch : '') + window.location.hash; try { window.history.replaceState({}, document.title, cleanUrl); } catch (e) { } sendLocalEvent(ssoIsLogged === "1"); return true; } })(); // Fine IIFE