getSsoUrl method

Future<Uri> getSsoUrl(
  1. PortalServiceCode serviceCode
)

Returns a URL that authenticates the user with a target NTUT service via OAuth2 authorization code.

The returned URL contains an authorization code. Opening it in any HTTP client (including a system browser) will establish a session for that service — no cookies from this app are needed.

This enables "open in browser" functionality: the app performs login and SSO negotiation, then hands off the resulting URL to the system browser.

Requires an active portal session (call login first).

Throws an Exception if the SSO form is not found (user may not be logged in).

Implementation

Future<Uri> getSsoUrl(PortalServiceCode serviceCode) async {
  final apOu = serviceCode.code;
  final (actionUrl, formData) = await _fetchSsoForm(apOu);

  // Clone and strip RedirectInterceptor so we can capture the 302 Location
  // instead of following it.
  final dioWithoutRedirects = _portalDio.clone()
    ..interceptors.removeWhere(
      (interceptor) => interceptor is RedirectInterceptor,
    );

  final response = await dioWithoutRedirects.post(
    actionUrl,
    data: formData,
    options: Options(
      contentType: Headers.formUrlEncodedContentType,
      followRedirects: false,
      validateStatus: (status) => status != null && status < 400,
    ),
  );

  final location = response.headers.value('location');
  if (location == null) {
    throw Exception('SSO redirect not received. Are you logged in?');
  }

  // The portal may return http:// URLs; upgrade to https://
  var uri = Uri.parse(location);
  if (uri.scheme == 'http') {
    uri = uri.replace(scheme: 'https');
  }
  return uri;
}