feat(sso): 인앱 브라우저 SSO 토큰 릴레이 — 카톡 WebView 쿠키 미공유 해결

카카오톡 인앱 WebView는 서브도메인 간 쿠키를 공유하지 않아
tkds에서 로그인 후 tkfb로 리다이렉트 시 인증이 풀리는 문제.

- sso-relay.js: URL hash의 _sso= 토큰을 로컬 쿠키+localStorage로 설정
- gateway dashboard: 로그인 후 redirect URL에 #_sso=<token> 추가
- 전 서비스 HTML: core JS 직전에 sso-relay.js 로드 (81개 파일)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

system3-nonconformance/web/ai-assistant.html

@@ -277,6 +277,7 @@
     <script src="/static/js/components/common-header.js?v=2026031401"></script>
     <script src="/static/js/core/page-manager.js?v=2026031401"></script>
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
     <script src="/static/js/utils/issue-helpers.js?v=2026031401"></script>
     <script src="/static/js/utils/toast.js?v=2026031401"></script>

system3-nonconformance/web/issue-view.html

@@ -111,6 +111,7 @@
     <script src="/static/js/components/common-header.js?v=2026031401"></script>
     <script src="/static/js/core/page-manager.js?v=2026031401"></script>
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
     <script src="/static/js/utils/issue-helpers.js?v=2026031401"></script>
     <script src="/static/js/utils/photo-modal.js?v=2026031401"></script>

system3-nonconformance/web/issues-archive.html

@@ -201,6 +201,7 @@
     <script src="/static/js/components/common-header.js?v=2026031401"></script>
     <script src="/static/js/core/page-manager.js?v=2026031401"></script>
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
     <script src="/static/js/utils/issue-helpers.js?v=2026031401"></script>
     <script src="/static/js/utils/photo-modal.js?v=2026031401"></script>

system3-nonconformance/web/issues-dashboard.html

@@ -554,6 +554,7 @@
     <script src="/static/js/components/common-header.js?v=2026031401"></script>
     <script src="/static/js/core/page-manager.js?v=2026031401"></script>
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
     <script src="/static/js/utils/issue-helpers.js?v=2026031401"></script>
     <script src="/static/js/utils/photo-modal.js?v=2026031401"></script>

system3-nonconformance/web/issues-inbox.html

@@ -373,6 +373,7 @@
     <script src="/static/js/components/common-header.js?v=2026031401"></script>
     <script src="/static/js/core/page-manager.js?v=2026031401"></script>
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
     <script src="/static/js/components/mobile-calendar.js?v=2026031401"></script>
     <script src="/static/js/utils/issue-helpers.js?v=2026031401"></script>

system3-nonconformance/web/issues-management.html

@@ -343,6 +343,7 @@
     <script src="/static/js/components/common-header.js?v=2026031401"></script>
     <script src="/static/js/core/page-manager.js?v=2026031401"></script>
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
     <script src="/static/js/utils/issue-helpers.js?v=2026031401"></script>
     <script src="/static/js/utils/photo-modal.js?v=2026031401"></script>

system3-nonconformance/web/m/dashboard.html

@@ -186,6 +186,7 @@
 
     <!-- 스크립트 -->
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
     <script src="/static/js/core/permissions.js?v=2026031401"></script>
     <script src="/static/js/utils/issue-helpers.js?v=2026031401"></script>

system3-nonconformance/web/m/inbox.html

@@ -194,6 +194,7 @@
 
     <!-- 스크립트 -->
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
     <script src="/static/js/core/permissions.js?v=2026031401"></script>
     <script src="/static/js/utils/issue-helpers.js?v=2026031401"></script>

system3-nonconformance/web/m/management.html

@@ -174,6 +174,7 @@
 
     <!-- 스크립트 -->
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
     <script src="/static/js/core/permissions.js?v=2026031401"></script>
     <script src="/static/js/utils/issue-helpers.js?v=2026031401"></script>

system3-nonconformance/web/reports-daily.html

@@ -185,6 +185,7 @@
     <script src="/static/js/core/permissions.js?v=2026031401"></script>
     <script src="/static/js/components/common-header.js?v=2026031401"></script>
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
 
     <script>

system3-nonconformance/web/reports-monthly.html

@@ -72,6 +72,7 @@
     <script src="/static/js/core/permissions.js?v=2026031401"></script>
     <script src="/static/js/components/common-header.js?v=2026031401"></script>
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
 
     <script>

system3-nonconformance/web/reports-weekly.html

@@ -71,6 +71,7 @@
     <script src="/static/js/core/permissions.js?v=2026031401"></script>
     <script src="/static/js/components/common-header.js?v=2026031401"></script>
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
 
     <script>

system3-nonconformance/web/reports.html

@@ -173,6 +173,7 @@
     <script src="/static/js/core/permissions.js?v=2026031401"></script>
     <script src="/static/js/components/common-header.js?v=2026031401"></script>
     <script src="/static/js/api.js?v=2026031401"></script>
+    <script src="/static/js/sso-relay.js?v=20260401"></script>
     <script src="/static/js/core/auth-manager.js?v=2026031401"></script>
 
     <script>

system3-nonconformance/web/static/js/sso-relay.js

@@ -0,0 +1,39 @@
+/**
+ * SSO Token Relay — 인앱 브라우저(카카오톡 등) 서브도메인 쿠키 미공유 대응
+ *
+ * Canonical source: shared/frontend/sso-relay.js
+ * 전 서비스 동일 코드 — 수정 시 아래 파일 <20><><EFBFBD>체 갱신 필요:
+ *   system1-factory/web/js/sso-relay.js
+ *   system2-report/web/js/sso-relay.js
+ *   system3-nonconformance/web/static/js/sso-relay.js
+ *   user-management/web/static/js/sso-relay.js
+ *   tkpurchase/web/static/js/sso-relay.js
+ *   tksafety/web/static/js/sso-relay.js
+ *   tksupport/web/static/js/sso-relay.js
+ *
+ * 동작: URL hash에 _sso= 파라미터가 있으면 토큰을 로컬 쿠키+localStorage에 설정하고 hash를 제거.
+ * gateway/dashboard.html에서 로그인 성공 후 redirect URL에 #_sso=<token>을 붙여 전달.
+ */
+(function() {
+  var hash = location.hash;
+  if (!hash || hash.indexOf('_sso=') === -1) return;
+
+  var match = hash.match(/[#&]_sso=([^&]*)/);
+  if (!match) return;
+
+  var token = decodeURIComponent(match[1]);
+  if (!token) return;
+
+  // 로컬(1st-party) 쿠키 설정
+  var cookie = 'sso_token=' + encodeURIComponent(token) + '; path=/; max-age=604800';
+  if (location.hostname.indexOf('technicalkorea.net') !== -1) {
+    cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
+  }
+  document.cookie = cookie;
+
+  // localStorage 폴백
+  try { localStorage.setItem('sso_token', token); } catch (e) {}
+
+  // URL에서 hash 제거
+  history.replaceState(null, '', location.pathname + location.search);
+})();