We have currently set up 3 IdPs (no default) on our instance.

Currently, people SSO'ing to our instance have to use a special link (SSO ID), causing issues. Hitting base url always redirects to login.do, since there's no default set.
Another option is putting the SSO source on each user entry but that seemed problematic.

So, we are looking for a way where we could bypass any authentication steps (eg. login.do, login_locate_sso) and, if the user's already logged in with his respective IdP, instance would detect it (be via script gs.getSession() and process) and be logged in seamlessly.

If someone could point me to the script that processes sso authentication that would be helpful.

Thanks for the help in advance.