First commit

sso-demo/public/sso_popup.html

@@ -0,0 +1,48 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>SSO Login</title>
+    <style>
+        body { font-family: sans-serif; text-align: center; padding: 20px; }
+        button { padding: 10px 20px; font-size: 16px; cursor: pointer; }
+    </style>
+</head>
+<body>
+    <h2>Simulated SSO Provider</h2>
+    <p>Click the button below to simulate a successful login.</p>
+    <button id="confirm-login-btn">Confirm Login</button>
+
+    <script>
+        document.getElementById('confirm-login-btn').addEventListener('click', () => {
+            // --- Create a dummy JWT for demonstration ---
+            // Header (no changes needed)
+            const header = { alg: 'HS256', typ: 'JWT' };
+            
+            // Payload with a random 'sub' to simulate different users
+            const payload = {
+                sub: `sso-user-${Math.random().toString(36).substring(2, 10)}`,
+                name: 'John Doe',
+                iat: Math.floor(Date.now() / 1000)
+            };
+
+            // In a real JWT, the signature would be generated with a secret key.
+            // For the demo, we only need the header and payload.
+            const dummyToken = [
+                btoa(JSON.stringify(header)),
+                btoa(JSON.stringify(payload)),
+                'dummy-signature'
+            ].join('.');
+            // --- End of dummy JWT creation ---
+
+
+            // Send the token back to the parent window that opened the popup
+            // In a real app, the targetOrigin should be the specific URL of your application
+            window.opener.postMessage({
+                type: 'LOGIN_SUCCESS',
+                token: dummyToken
+            }, '*');
+        });
+    </script>
+</body>
+</html>