I have one application which supports SSO login by SAML only. I want to create Chrome extension for that and want to give users option to login to that application using SSO from extension in order to use some of the APIs of the application. Currently flow of API calls is as follow if you access application from normal web page:
1. Once you click login with SSO it calls application_host/ssologin endpoint which redirects to SSO provider's page.
2. User can login to IDP(SSO provider) and then it will send the SAML response which contains the application's redirection URL which in our case is application_host/acs, which will be called by the SSO provider's front-end(inside the browser).
3. ACS endpoint now redirects to application_host/login?saml_token=TOKEN and it logs in the user.
Now, I would like to provide the same login with SSO button in my extension. I will take the application_host from user(this is most likely going to be internally hosted application) and my aim is to receive the saml_token as from there I can call another API of the application using that to get the API token.
Current challenge is that chrome.identity.launchWebAuthFlow will only give me redirect URL if it is matching https://<app-id>.chromiumapp.org/*`, which won't be case in my application as it will redirect finally to application_host/login?saml_token=TOKEN`.
Can someone provide some insight on what approach can I take that I can actually provide this feature?
Thanks!
