@chemmangat/msal-next 1.2.1 → 2.0.1

package/dist/index.js

@@ -1,43 +1,55 @@
-"use client";
-"use strict";
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+'use strict';
 
-// src/index.ts
-var index_exports = {};
-__export(index_exports, {
-  MicrosoftSignInButton: () => MicrosoftSignInButton,
-  MsalAuthProvider: () => MsalAuthProvider,
-  getMsalInstance: () => getMsalInstance,
-  useAccount: () => import_msal_react3.useAccount,
-  useIsAuthenticated: () => import_msal_react3.useIsAuthenticated,
-  useMsal: () => import_msal_react3.useMsal,
-  useMsalAuth: () => useMsalAuth
-});
-module.exports = __toCommonJS(index_exports);
+var msalReact = require('@azure/msal-react');
+var msalBrowser = require('@azure/msal-browser');
+var react = require('react');
+var jsxRuntime = require('react/jsx-runtime');
+var server = require('next/server');
 
-// src/components/MsalAuthProvider.tsx
-var import_msal_react = require("@azure/msal-react");
-var import_msal_browser2 = require("@azure/msal-browser");
-var import_react = require("react");
+// src/utils/validation.ts
+function safeJsonParse(jsonString, validator) {
+  try {
+    const parsed = JSON.parse(jsonString);
+    if (validator(parsed)) {
+      return parsed;
+    }
+    console.warn("[Validation] JSON validation failed");
+    return null;
+  } catch (error) {
+    console.error("[Validation] JSON parse error:", error);
+    return null;
+  }
+}
+function isValidAccountData(data) {
+  return typeof data === "object" && data !== null && typeof data.homeAccountId === "string" && data.homeAccountId.length > 0 && typeof data.username === "string" && data.username.length > 0 && (data.name === void 0 || typeof data.name === "string");
+}
+function sanitizeError(error) {
+  if (error instanceof Error) {
+    const message = error.message;
+    const sanitized = message.replace(/[A-Za-z0-9_-]{20,}\.[A-Za-z0-9_-]{20,}\.[A-Za-z0-9_-]{20,}/g, "[TOKEN_REDACTED]").replace(/[a-f0-9]{32,}/gi, "[SECRET_REDACTED]").replace(/Bearer\s+[^\s]+/gi, "Bearer [REDACTED]");
+    return sanitized;
+  }
+  return "An unexpected error occurred";
+}
+function isValidRedirectUri(uri, allowedOrigins) {
+  try {
+    const url = new URL(uri);
+    return allowedOrigins.some((allowed) => {
+      const allowedUrl = new URL(allowed);
+      return url.origin === allowedUrl.origin;
+    });
+  } catch {
+    return false;
+  }
+}
+function isValidScope(scope) {
+  return /^[a-zA-Z0-9._-]+$/.test(scope);
+}
+function validateScopes(scopes) {
+  return Array.isArray(scopes) && scopes.every(isValidScope);
+}
 
 // src/utils/createMsalConfig.ts
-var import_msal_browser = require("@azure/msal-browser");
 function createMsalConfig(config) {
   if (config.msalConfig) {
     return config.msalConfig;
@@ -52,7 +64,8 @@ function createMsalConfig(config) {
     storeAuthStateInCookie = false,
     navigateToLoginRequestUrl = true,
     enableLogging = false,
-    loggerCallback
+    loggerCallback,
+    allowedRedirectUris
   } = config;
   if (!clientId) {
     throw new Error("@chemmangat/msal-next: clientId is required");
@@ -68,6 +81,19 @@ function createMsalConfig(config) {
   };
   const defaultRedirectUri = typeof window !== "undefined" ? window.location.origin : "http://localhost:3000";
   const finalRedirectUri = redirectUri || defaultRedirectUri;
+  if (allowedRedirectUris && allowedRedirectUris.length > 0) {
+    if (!isValidRedirectUri(finalRedirectUri, allowedRedirectUris)) {
+      throw new Error(
+        `@chemmangat/msal-next: redirectUri "${finalRedirectUri}" is not in the allowed list`
+      );
+    }
+    const finalPostLogoutUri = postLogoutRedirectUri || finalRedirectUri;
+    if (!isValidRedirectUri(finalPostLogoutUri, allowedRedirectUris)) {
+      throw new Error(
+        `@chemmangat/msal-next: postLogoutRedirectUri "${finalPostLogoutUri}" is not in the allowed list`
+      );
+    }
+  }
   const msalConfig = {
     auth: {
       clientId,
@@ -85,37 +111,34 @@ function createMsalConfig(config) {
         loggerCallback: loggerCallback || ((level, message, containsPii) => {
           if (containsPii || !enableLogging) return;
           switch (level) {
-            case import_msal_browser.LogLevel.Error:
+            case msalBrowser.LogLevel.Error:
               console.error("[MSAL]", message);
               break;
-            case import_msal_browser.LogLevel.Warning:
+            case msalBrowser.LogLevel.Warning:
               console.warn("[MSAL]", message);
               break;
-            case import_msal_browser.LogLevel.Info:
+            case msalBrowser.LogLevel.Info:
               console.info("[MSAL]", message);
               break;
-            case import_msal_browser.LogLevel.Verbose:
+            case msalBrowser.LogLevel.Verbose:
               console.debug("[MSAL]", message);
               break;
           }
         }),
-        logLevel: enableLogging ? import_msal_browser.LogLevel.Verbose : import_msal_browser.LogLevel.Error
+        logLevel: enableLogging ? msalBrowser.LogLevel.Verbose : msalBrowser.LogLevel.Error
       }
     }
   };
   return msalConfig;
 }
-
-// src/components/MsalAuthProvider.tsx
-var import_jsx_runtime = require("react/jsx-runtime");
 var globalMsalInstance = null;
 function getMsalInstance() {
   return globalMsalInstance;
 }
 function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config }) {
-  const [msalInstance, setMsalInstance] = (0, import_react.useState)(null);
-  const instanceRef = (0, import_react.useRef)(null);
-  (0, import_react.useEffect)(() => {
+  const [msalInstance, setMsalInstance] = react.useState(null);
+  const instanceRef = react.useRef(null);
+  react.useEffect(() => {
     if (typeof window === "undefined") {
       return;
     }
@@ -125,7 +148,7 @@ function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config
     const initializeMsal = async () => {
       try {
         const msalConfig = createMsalConfig(config);
-        const instance = new import_msal_browser2.PublicClientApplication(msalConfig);
+        const instance = new msalBrowser.PublicClientApplication(msalConfig);
         await instance.initialize();
         const response = await instance.handleRedirectPromise();
         if (response && config.enableLogging) {
@@ -133,16 +156,16 @@ function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config
         }
         const enableLogging = config.enableLogging || false;
         instance.addEventCallback((event) => {
-          if (event.eventType === import_msal_browser2.EventType.LOGIN_SUCCESS) {
+          if (event.eventType === msalBrowser.EventType.LOGIN_SUCCESS) {
             if (enableLogging) {
               const payload = event.payload;
               console.log("[MSAL] Login successful:", payload.account?.username);
             }
           }
-          if (event.eventType === import_msal_browser2.EventType.LOGIN_FAILURE) {
+          if (event.eventType === msalBrowser.EventType.LOGIN_FAILURE) {
             console.error("[MSAL] Login failed:", event.error);
           }
-          if (event.eventType === import_msal_browser2.EventType.LOGOUT_SUCCESS) {
+          if (event.eventType === msalBrowser.EventType.LOGOUT_SUCCESS) {
             if (enableLogging) {
               console.log("[MSAL] Logout successful");
             }
@@ -162,23 +185,20 @@ function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config
     initializeMsal();
   }, []);
   if (typeof window === "undefined") {
-    return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_jsx_runtime.Fragment, { children: loadingComponent || /* @__PURE__ */ (0, import_jsx_runtime.jsx)("div", { children: "Loading authentication..." }) });
+    return /* @__PURE__ */ jsxRuntime.jsx(jsxRuntime.Fragment, { children: loadingComponent || /* @__PURE__ */ jsxRuntime.jsx("div", { children: "Loading authentication..." }) });
   }
   if (!msalInstance) {
-    return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_jsx_runtime.Fragment, { children: loadingComponent || /* @__PURE__ */ (0, import_jsx_runtime.jsx)("div", { children: "Loading authentication..." }) });
+    return /* @__PURE__ */ jsxRuntime.jsx(jsxRuntime.Fragment, { children: loadingComponent || /* @__PURE__ */ jsxRuntime.jsx("div", { children: "Loading authentication..." }) });
   }
-  return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_msal_react.MsalProvider, { instance: msalInstance, children });
+  return /* @__PURE__ */ jsxRuntime.jsx(msalReact.MsalProvider, { instance: msalInstance, children });
 }
-
-// src/hooks/useMsalAuth.ts
-var import_msal_react2 = require("@azure/msal-react");
-var import_msal_browser3 = require("@azure/msal-browser");
-var import_react2 = require("react");
+var pendingTokenRequests = /* @__PURE__ */ new Map();
 function useMsalAuth(defaultScopes = ["User.Read"]) {
-  const { instance, accounts, inProgress } = (0, import_msal_react2.useMsal)();
-  const account = (0, import_msal_react2.useAccount)(accounts[0] || null);
-  const isAuthenticated = (0, import_react2.useMemo)(() => accounts.length > 0, [accounts]);
-  const loginPopup = (0, import_react2.useCallback)(
+  const { instance, accounts, inProgress } = msalReact.useMsal();
+  const account = msalReact.useAccount(accounts[0] || null);
+  const popupInProgressRef = react.useRef(false);
+  const isAuthenticated = react.useMemo(() => accounts.length > 0, [accounts]);
+  const loginPopup = react.useCallback(
     async (scopes = defaultScopes) => {
       try {
         const request = {
@@ -193,7 +213,7 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     },
     [instance, defaultScopes]
   );
-  const loginRedirect = (0, import_react2.useCallback)(
+  const loginRedirect = react.useCallback(
     async (scopes = defaultScopes) => {
       try {
         const request = {
@@ -208,7 +228,7 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     },
     [instance, defaultScopes]
   );
-  const logoutPopup = (0, import_react2.useCallback)(async () => {
+  const logoutPopup = react.useCallback(async () => {
     try {
       await instance.logoutPopup({
         account: account || void 0
@@ -218,7 +238,7 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
       throw error;
     }
   }, [instance, account]);
-  const logoutRedirect = (0, import_react2.useCallback)(async () => {
+  const logoutRedirect = react.useCallback(async () => {
     try {
       await instance.logoutRedirect({
         account: account || void 0
@@ -228,7 +248,7 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
       throw error;
     }
   }, [instance, account]);
-  const acquireTokenSilent = (0, import_react2.useCallback)(
+  const acquireTokenSilent = react.useCallback(
     async (scopes = defaultScopes) => {
       if (!account) {
         throw new Error("[MSAL] No active account. Please login first.");
@@ -236,7 +256,8 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
       try {
         const request = {
           scopes,
-          account
+          account,
+          forceRefresh: false
         };
         const response = await instance.acquireTokenSilent(request);
         return response.accessToken;
@@ -247,12 +268,16 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     },
     [instance, account, defaultScopes]
   );
-  const acquireTokenPopup = (0, import_react2.useCallback)(
+  const acquireTokenPopup = react.useCallback(
     async (scopes = defaultScopes) => {
       if (!account) {
         throw new Error("[MSAL] No active account. Please login first.");
       }
+      if (popupInProgressRef.current) {
+        throw new Error("[MSAL] Popup already in progress. Please wait.");
+      }
       try {
+        popupInProgressRef.current = true;
         const request = {
           scopes,
           account
@@ -262,11 +287,13 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
       } catch (error) {
         console.error("[MSAL] Token popup acquisition failed:", error);
         throw error;
+      } finally {
+        popupInProgressRef.current = false;
       }
     },
     [instance, account, defaultScopes]
   );
-  const acquireTokenRedirect = (0, import_react2.useCallback)(
+  const acquireTokenRedirect = react.useCallback(
     async (scopes = defaultScopes) => {
       if (!account) {
         throw new Error("[MSAL] No active account. Please login first.");
@@ -284,18 +311,29 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     },
     [instance, account, defaultScopes]
   );
-  const acquireToken = (0, import_react2.useCallback)(
+  const acquireToken = react.useCallback(
     async (scopes = defaultScopes) => {
-      try {
-        return await acquireTokenSilent(scopes);
-      } catch (error) {
-        console.warn("[MSAL] Silent token acquisition failed, falling back to popup");
-        return await acquireTokenPopup(scopes);
+      const requestKey = `${account?.homeAccountId || "anonymous"}-${scopes.sort().join(",")}`;
+      const pendingRequest = pendingTokenRequests.get(requestKey);
+      if (pendingRequest) {
+        return pendingRequest;
       }
+      const tokenRequest = (async () => {
+        try {
+          return await acquireTokenSilent(scopes);
+        } catch (error) {
+          console.warn("[MSAL] Silent token acquisition failed, falling back to popup");
+          return await acquireTokenPopup(scopes);
+        } finally {
+          pendingTokenRequests.delete(requestKey);
+        }
+      })();
+      pendingTokenRequests.set(requestKey, tokenRequest);
+      return tokenRequest;
     },
-    [acquireTokenSilent, acquireTokenPopup, defaultScopes]
+    [acquireTokenSilent, acquireTokenPopup, defaultScopes, account]
   );
-  const clearSession = (0, import_react2.useCallback)(async () => {
+  const clearSession = react.useCallback(async () => {
     instance.setActiveAccount(null);
     await instance.clearCache();
   }, [instance]);
@@ -303,7 +341,7 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     account,
     accounts,
     isAuthenticated,
-    inProgress: inProgress !== import_msal_browser3.InteractionStatus.None,
+    inProgress: inProgress !== msalBrowser.InteractionStatus.None,
     loginPopup,
     loginRedirect,
     logoutPopup,
@@ -315,9 +353,6 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     clearSession
   };
 }
-
-// src/components/MicrosoftSignInButton.tsx
-var import_jsx_runtime2 = require("react/jsx-runtime");
 function MicrosoftSignInButton({
   text = "Sign in with Microsoft",
   variant = "dark",
@@ -386,7 +421,7 @@ function MicrosoftSignInButton({
     ...sizeStyles[size],
     ...style
   };
-  return /* @__PURE__ */ (0, import_jsx_runtime2.jsxs)(
+  return /* @__PURE__ */ jsxRuntime.jsxs(
     "button",
     {
       onClick: handleClick,
@@ -395,31 +430,986 @@ function MicrosoftSignInButton({
       style: baseStyles,
       "aria-label": text,
       children: [
-        /* @__PURE__ */ (0, import_jsx_runtime2.jsx)(MicrosoftLogo, {}),
-        /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("span", { children: text })
+        /* @__PURE__ */ jsxRuntime.jsx(MicrosoftLogo, {}),
+        /* @__PURE__ */ jsxRuntime.jsx("span", { children: text })
       ]
     }
   );
 }
 function MicrosoftLogo() {
-  return /* @__PURE__ */ (0, import_jsx_runtime2.jsxs)("svg", { width: "21", height: "21", viewBox: "0 0 21 21", fill: "none", xmlns: "http://www.w3.org/2000/svg", children: [
-    /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("rect", { width: "10", height: "10", fill: "#F25022" }),
-    /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("rect", { x: "11", width: "10", height: "10", fill: "#7FBA00" }),
-    /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("rect", { y: "11", width: "10", height: "10", fill: "#00A4EF" }),
-    /* @__PURE__ */ (0, import_jsx_runtime2.jsx)("rect", { x: "11", y: "11", width: "10", height: "10", fill: "#FFB900" })
+  return /* @__PURE__ */ jsxRuntime.jsxs("svg", { width: "21", height: "21", viewBox: "0 0 21 21", fill: "none", xmlns: "http://www.w3.org/2000/svg", children: [
+    /* @__PURE__ */ jsxRuntime.jsx("rect", { width: "10", height: "10", fill: "#F25022" }),
+    /* @__PURE__ */ jsxRuntime.jsx("rect", { x: "11", width: "10", height: "10", fill: "#7FBA00" }),
+    /* @__PURE__ */ jsxRuntime.jsx("rect", { y: "11", width: "10", height: "10", fill: "#00A4EF" }),
+    /* @__PURE__ */ jsxRuntime.jsx("rect", { x: "11", y: "11", width: "10", height: "10", fill: "#FFB900" })
   ] });
 }
+function SignOutButton({
+  text = "Sign out",
+  variant = "dark",
+  size = "medium",
+  useRedirect = false,
+  className = "",
+  style,
+  onSuccess,
+  onError
+}) {
+  const { logoutPopup, logoutRedirect, inProgress } = useMsalAuth();
+  const handleClick = async () => {
+    try {
+      if (useRedirect) {
+        await logoutRedirect();
+      } else {
+        await logoutPopup();
+      }
+      onSuccess?.();
+    } catch (error) {
+      onError?.(error);
+    }
+  };
+  const sizeStyles = {
+    small: {
+      padding: "8px 16px",
+      fontSize: "14px",
+      height: "36px"
+    },
+    medium: {
+      padding: "10px 20px",
+      fontSize: "15px",
+      height: "41px"
+    },
+    large: {
+      padding: "12px 24px",
+      fontSize: "16px",
+      height: "48px"
+    }
+  };
+  const variantStyles = {
+    dark: {
+      backgroundColor: "#2F2F2F",
+      color: "#FFFFFF",
+      border: "1px solid #8C8C8C"
+    },
+    light: {
+      backgroundColor: "#FFFFFF",
+      color: "#5E5E5E",
+      border: "1px solid #8C8C8C"
+    }
+  };
+  const baseStyles = {
+    display: "inline-flex",
+    alignItems: "center",
+    justifyContent: "center",
+    gap: "12px",
+    fontFamily: '"Segoe UI", Tahoma, Geneva, Verdana, sans-serif',
+    fontWeight: 600,
+    borderRadius: "2px",
+    cursor: inProgress ? "not-allowed" : "pointer",
+    transition: "all 0.2s ease",
+    opacity: inProgress ? 0.6 : 1,
+    ...variantStyles[variant],
+    ...sizeStyles[size],
+    ...style
+  };
+  return /* @__PURE__ */ jsxRuntime.jsxs(
+    "button",
+    {
+      onClick: handleClick,
+      disabled: inProgress,
+      className,
+      style: baseStyles,
+      "aria-label": text,
+      children: [
+        /* @__PURE__ */ jsxRuntime.jsx(MicrosoftLogo2, {}),
+        /* @__PURE__ */ jsxRuntime.jsx("span", { children: text })
+      ]
+    }
+  );
+}
+function MicrosoftLogo2() {
+  return /* @__PURE__ */ jsxRuntime.jsxs("svg", { width: "21", height: "21", viewBox: "0 0 21 21", fill: "none", xmlns: "http://www.w3.org/2000/svg", children: [
+    /* @__PURE__ */ jsxRuntime.jsx("rect", { width: "10", height: "10", fill: "#F25022" }),
+    /* @__PURE__ */ jsxRuntime.jsx("rect", { x: "11", width: "10", height: "10", fill: "#7FBA00" }),
+    /* @__PURE__ */ jsxRuntime.jsx("rect", { y: "11", width: "10", height: "10", fill: "#00A4EF" }),
+    /* @__PURE__ */ jsxRuntime.jsx("rect", { x: "11", y: "11", width: "10", height: "10", fill: "#FFB900" })
+  ] });
+}
+function useGraphApi() {
+  const { acquireToken } = useMsalAuth();
+  const request = react.useCallback(
+    async (endpoint, options = {}) => {
+      const {
+        scopes = ["User.Read"],
+        version = "v1.0",
+        debug = false,
+        ...fetchOptions
+      } = options;
+      try {
+        const token = await acquireToken(scopes);
+        const baseUrl = `https://graph.microsoft.com/${version}`;
+        const url = endpoint.startsWith("http") ? endpoint : `${baseUrl}${endpoint.startsWith("/") ? endpoint : `/${endpoint}`}`;
+        if (debug) {
+          console.log("[GraphAPI] Request:", { url, method: fetchOptions.method || "GET" });
+        }
+        const response = await fetch(url, {
+          ...fetchOptions,
+          headers: {
+            "Authorization": `Bearer ${token}`,
+            "Content-Type": "application/json",
+            ...fetchOptions.headers
+          }
+        });
+        if (!response.ok) {
+          const errorText = await response.text();
+          const errorMessage = `Graph API error (${response.status}): ${errorText}`;
+          throw new Error(errorMessage);
+        }
+        if (response.status === 204 || response.headers.get("content-length") === "0") {
+          return null;
+        }
+        const data = await response.json();
+        if (debug) {
+          console.log("[GraphAPI] Response:", data);
+        }
+        return data;
+      } catch (error) {
+        const sanitizedMessage = sanitizeError(error);
+        console.error("[GraphAPI] Request failed:", sanitizedMessage);
+        throw new Error(sanitizedMessage);
+      }
+    },
+    [acquireToken]
+  );
+  const get = react.useCallback(
+    (endpoint, options = {}) => {
+      return request(endpoint, { ...options, method: "GET" });
+    },
+    [request]
+  );
+  const post = react.useCallback(
+    (endpoint, body, options = {}) => {
+      return request(endpoint, {
+        ...options,
+        method: "POST",
+        body: body ? JSON.stringify(body) : void 0
+      });
+    },
+    [request]
+  );
+  const put = react.useCallback(
+    (endpoint, body, options = {}) => {
+      return request(endpoint, {
+        ...options,
+        method: "PUT",
+        body: body ? JSON.stringify(body) : void 0
+      });
+    },
+    [request]
+  );
+  const patch = react.useCallback(
+    (endpoint, body, options = {}) => {
+      return request(endpoint, {
+        ...options,
+        method: "PATCH",
+        body: body ? JSON.stringify(body) : void 0
+      });
+    },
+    [request]
+  );
+  const deleteRequest = react.useCallback(
+    (endpoint, options = {}) => {
+      return request(endpoint, { ...options, method: "DELETE" });
+    },
+    [request]
+  );
+  return {
+    get,
+    post,
+    put,
+    patch,
+    delete: deleteRequest,
+    request
+  };
+}
 
-// src/index.ts
-var import_msal_react3 = require("@azure/msal-react");
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  MicrosoftSignInButton,
-  MsalAuthProvider,
-  getMsalInstance,
-  useAccount,
-  useIsAuthenticated,
-  useMsal,
-  useMsalAuth
+// src/hooks/useUserProfile.ts
+var profileCache = /* @__PURE__ */ new Map();
+var CACHE_DURATION = 5 * 60 * 1e3;
+var MAX_CACHE_SIZE = 100;
+function enforceCacheLimit() {
+  if (profileCache.size > MAX_CACHE_SIZE) {
+    const entries = Array.from(profileCache.entries());
+    entries.sort((a, b) => a[1].timestamp - b[1].timestamp);
+    const toRemove = entries.slice(0, profileCache.size - MAX_CACHE_SIZE);
+    toRemove.forEach(([key]) => {
+      const cached = profileCache.get(key);
+      if (cached?.data.photo) {
+        URL.revokeObjectURL(cached.data.photo);
+      }
+      profileCache.delete(key);
+    });
+  }
+}
+function useUserProfile() {
+  const { isAuthenticated, account } = useMsalAuth();
+  const graph = useGraphApi();
+  const [profile, setProfile] = react.useState(null);
+  const [loading, setLoading] = react.useState(false);
+  const [error, setError] = react.useState(null);
+  const fetchProfile = react.useCallback(async () => {
+    if (!isAuthenticated || !account) {
+      setProfile(null);
+      return;
+    }
+    const cacheKey = account.homeAccountId;
+    const cached = profileCache.get(cacheKey);
+    if (cached && Date.now() - cached.timestamp < CACHE_DURATION) {
+      setProfile(cached.data);
+      return;
+    }
+    setLoading(true);
+    setError(null);
+    try {
+      const userData = await graph.get("/me", {
+        scopes: ["User.Read"]
+      });
+      let photoUrl;
+      try {
+        const photoBlob = await graph.get("/me/photo/$value", {
+          scopes: ["User.Read"],
+          headers: {
+            "Content-Type": "image/jpeg"
+          }
+        });
+        if (photoBlob) {
+          photoUrl = URL.createObjectURL(photoBlob);
+        }
+      } catch (photoError) {
+        console.debug("[UserProfile] Photo not available");
+      }
+      const profileData = {
+        id: userData.id,
+        displayName: userData.displayName,
+        givenName: userData.givenName,
+        surname: userData.surname,
+        userPrincipalName: userData.userPrincipalName,
+        mail: userData.mail,
+        jobTitle: userData.jobTitle,
+        officeLocation: userData.officeLocation,
+        mobilePhone: userData.mobilePhone,
+        businessPhones: userData.businessPhones,
+        photo: photoUrl
+      };
+      profileCache.set(cacheKey, {
+        data: profileData,
+        timestamp: Date.now()
+      });
+      enforceCacheLimit();
+      setProfile(profileData);
+    } catch (err) {
+      const error2 = err;
+      const sanitizedMessage = sanitizeError(error2);
+      const sanitizedError = new Error(sanitizedMessage);
+      setError(sanitizedError);
+      console.error("[UserProfile] Failed to fetch profile:", sanitizedMessage);
+    } finally {
+      setLoading(false);
+    }
+  }, [isAuthenticated, account, graph]);
+  const clearCache = react.useCallback(() => {
+    if (account) {
+      const cached = profileCache.get(account.homeAccountId);
+      if (cached?.data.photo) {
+        URL.revokeObjectURL(cached.data.photo);
+      }
+      profileCache.delete(account.homeAccountId);
+    }
+    if (profile?.photo) {
+      URL.revokeObjectURL(profile.photo);
+    }
+    setProfile(null);
+  }, [account, profile]);
+  react.useEffect(() => {
+    fetchProfile();
+    return () => {
+      if (profile?.photo) {
+        URL.revokeObjectURL(profile.photo);
+      }
+    };
+  }, [fetchProfile]);
+  react.useEffect(() => {
+    return () => {
+      if (profile?.photo) {
+        URL.revokeObjectURL(profile.photo);
+      }
+    };
+  }, [profile?.photo]);
+  return {
+    profile,
+    loading,
+    error,
+    refetch: fetchProfile,
+    clearCache
+  };
+}
+function UserAvatar({
+  size = 40,
+  className = "",
+  style,
+  showTooltip = true,
+  fallbackImage
+}) {
+  const { profile, loading } = useUserProfile();
+  const [photoUrl, setPhotoUrl] = react.useState(null);
+  const [photoError, setPhotoError] = react.useState(false);
+  react.useEffect(() => {
+    if (profile?.photo) {
+      setPhotoUrl(profile.photo);
+    }
+  }, [profile?.photo]);
+  const getInitials = () => {
+    if (!profile) return "?";
+    const { givenName, surname, displayName: displayName2 } = profile;
+    if (givenName && surname) {
+      return `${givenName[0]}${surname[0]}`.toUpperCase();
+    }
+    if (displayName2) {
+      const parts = displayName2.split(" ");
+      if (parts.length >= 2) {
+        return `${parts[0][0]}${parts[parts.length - 1][0]}`.toUpperCase();
+      }
+      return displayName2.substring(0, 2).toUpperCase();
+    }
+    return "?";
+  };
+  const baseStyles = {
+    width: `${size}px`,
+    height: `${size}px`,
+    borderRadius: "50%",
+    display: "inline-flex",
+    alignItems: "center",
+    justifyContent: "center",
+    fontSize: `${size * 0.4}px`,
+    fontWeight: 600,
+    fontFamily: '"Segoe UI", Tahoma, Geneva, Verdana, sans-serif',
+    backgroundColor: "#0078D4",
+    color: "#FFFFFF",
+    overflow: "hidden",
+    userSelect: "none",
+    ...style
+  };
+  const displayName = profile?.displayName || "User";
+  if (loading) {
+    return /* @__PURE__ */ jsxRuntime.jsx(
+      "div",
+      {
+        className,
+        style: { ...baseStyles, backgroundColor: "#E1E1E1" },
+        "aria-label": "Loading user avatar",
+        children: /* @__PURE__ */ jsxRuntime.jsx("span", { style: { fontSize: `${size * 0.3}px` }, children: "..." })
+      }
+    );
+  }
+  if (photoUrl && !photoError) {
+    return /* @__PURE__ */ jsxRuntime.jsx(
+      "div",
+      {
+        className,
+        style: baseStyles,
+        title: showTooltip ? displayName : void 0,
+        "aria-label": `${displayName} avatar`,
+        children: /* @__PURE__ */ jsxRuntime.jsx(
+          "img",
+          {
+            src: photoUrl,
+            alt: displayName,
+            style: { width: "100%", height: "100%", objectFit: "cover" },
+            onError: () => {
+              setPhotoError(true);
+              if (fallbackImage) {
+                setPhotoUrl(fallbackImage);
+              }
+            }
+          }
+        )
+      }
+    );
+  }
+  return /* @__PURE__ */ jsxRuntime.jsx(
+    "div",
+    {
+      className,
+      style: baseStyles,
+      title: showTooltip ? displayName : void 0,
+      "aria-label": `${displayName} avatar`,
+      children: getInitials()
+    }
+  );
+}
+function AuthStatus({
+  className = "",
+  style,
+  showDetails = false,
+  renderLoading,
+  renderAuthenticated,
+  renderUnauthenticated
+}) {
+  const { isAuthenticated, inProgress, account } = useMsalAuth();
+  const baseStyles = {
+    display: "inline-flex",
+    alignItems: "center",
+    gap: "8px",
+    padding: "8px 12px",
+    borderRadius: "4px",
+    fontFamily: '"Segoe UI", Tahoma, Geneva, Verdana, sans-serif',
+    fontSize: "14px",
+    fontWeight: 500,
+    ...style
+  };
+  if (inProgress) {
+    if (renderLoading) {
+      return /* @__PURE__ */ jsxRuntime.jsx(jsxRuntime.Fragment, { children: renderLoading() });
+    }
+    return /* @__PURE__ */ jsxRuntime.jsxs(
+      "div",
+      {
+        className,
+        style: { ...baseStyles, backgroundColor: "#FFF4CE", color: "#8A6D3B" },
+        role: "status",
+        "aria-live": "polite",
+        children: [
+          /* @__PURE__ */ jsxRuntime.jsx(StatusIndicator, { color: "#FFA500" }),
+          /* @__PURE__ */ jsxRuntime.jsx("span", { children: "Loading..." })
+        ]
+      }
+    );
+  }
+  if (isAuthenticated) {
+    const username = account?.username || account?.name || "User";
+    if (renderAuthenticated) {
+      return /* @__PURE__ */ jsxRuntime.jsx(jsxRuntime.Fragment, { children: renderAuthenticated(username) });
+    }
+    return /* @__PURE__ */ jsxRuntime.jsxs(
+      "div",
+      {
+        className,
+        style: { ...baseStyles, backgroundColor: "#D4EDDA", color: "#155724" },
+        role: "status",
+        "aria-live": "polite",
+        children: [
+          /* @__PURE__ */ jsxRuntime.jsx(StatusIndicator, { color: "#28A745" }),
+          /* @__PURE__ */ jsxRuntime.jsx("span", { children: showDetails ? `Authenticated as ${username}` : "Authenticated" })
+        ]
+      }
+    );
+  }
+  if (renderUnauthenticated) {
+    return /* @__PURE__ */ jsxRuntime.jsx(jsxRuntime.Fragment, { children: renderUnauthenticated() });
+  }
+  return /* @__PURE__ */ jsxRuntime.jsxs(
+    "div",
+    {
+      className,
+      style: { ...baseStyles, backgroundColor: "#F8D7DA", color: "#721C24" },
+      role: "status",
+      "aria-live": "polite",
+      children: [
+        /* @__PURE__ */ jsxRuntime.jsx(StatusIndicator, { color: "#DC3545" }),
+        /* @__PURE__ */ jsxRuntime.jsx("span", { children: "Not authenticated" })
+      ]
+    }
+  );
+}
+function StatusIndicator({ color }) {
+  return /* @__PURE__ */ jsxRuntime.jsx("svg", { width: "8", height: "8", viewBox: "0 0 8 8", fill: "none", xmlns: "http://www.w3.org/2000/svg", children: /* @__PURE__ */ jsxRuntime.jsx("circle", { cx: "4", cy: "4", r: "4", fill: color }) });
+}
+function AuthGuard({
+  children,
+  loadingComponent,
+  fallbackComponent,
+  useRedirect = true,
+  scopes,
+  onAuthRequired
+}) {
+  const { isAuthenticated, inProgress, loginRedirect, loginPopup } = useMsalAuth();
+  react.useEffect(() => {
+    if (!isAuthenticated && !inProgress) {
+      onAuthRequired?.();
+      const login = async () => {
+        try {
+          if (useRedirect) {
+            await loginRedirect(scopes);
+          } else {
+            await loginPopup(scopes);
+          }
+        } catch (error) {
+          console.error("[AuthGuard] Authentication failed:", error);
+        }
+      };
+      login();
+    }
+  }, [isAuthenticated, inProgress, useRedirect, scopes, loginRedirect, loginPopup, onAuthRequired]);
+  if (inProgress) {
+    return /* @__PURE__ */ jsxRuntime.jsx(jsxRuntime.Fragment, { children: loadingComponent || /* @__PURE__ */ jsxRuntime.jsx("div", { children: "Authenticating..." }) });
+  }
+  if (!isAuthenticated) {
+    return /* @__PURE__ */ jsxRuntime.jsx(jsxRuntime.Fragment, { children: fallbackComponent || /* @__PURE__ */ jsxRuntime.jsx("div", { children: "Redirecting to login..." }) });
+  }
+  return /* @__PURE__ */ jsxRuntime.jsx(jsxRuntime.Fragment, { children });
+}
+var ErrorBoundary = class extends react.Component {
+  constructor(props) {
+    super(props);
+    this.reset = () => {
+      this.setState({
+        hasError: false,
+        error: null
+      });
+    };
+    this.state = {
+      hasError: false,
+      error: null
+    };
+  }
+  static getDerivedStateFromError(error) {
+    return {
+      hasError: true,
+      error
+    };
+  }
+  componentDidCatch(error, errorInfo) {
+    const { onError, debug } = this.props;
+    if (debug) {
+      console.error("[ErrorBoundary] Caught error:", error);
+      console.error("[ErrorBoundary] Error info:", errorInfo);
+    }
+    onError?.(error, errorInfo);
+  }
+  render() {
+    const { hasError, error } = this.state;
+    const { children, fallback } = this.props;
+    if (hasError && error) {
+      if (fallback) {
+        return fallback(error, this.reset);
+      }
+      return /* @__PURE__ */ jsxRuntime.jsxs(
+        "div",
+        {
+          style: {
+            padding: "20px",
+            margin: "20px",
+            border: "1px solid #DC3545",
+            borderRadius: "4px",
+            backgroundColor: "#F8D7DA",
+            color: "#721C24",
+            fontFamily: '"Segoe UI", Tahoma, Geneva, Verdana, sans-serif'
+          },
+          children: [
+            /* @__PURE__ */ jsxRuntime.jsx("h2", { style: { margin: "0 0 10px 0", fontSize: "18px" }, children: "Authentication Error" }),
+            /* @__PURE__ */ jsxRuntime.jsx("p", { style: { margin: "0 0 10px 0" }, children: error.message }),
+            /* @__PURE__ */ jsxRuntime.jsx(
+              "button",
+              {
+                onClick: this.reset,
+                style: {
+                  padding: "8px 16px",
+                  backgroundColor: "#DC3545",
+                  color: "#FFFFFF",
+                  border: "none",
+                  borderRadius: "4px",
+                  cursor: "pointer",
+                  fontSize: "14px",
+                  fontWeight: 600
+                },
+                children: "Try Again"
+              }
+            )
+          ]
+        }
+      );
+    }
+    return children;
+  }
+};
+var rolesCache = /* @__PURE__ */ new Map();
+var CACHE_DURATION2 = 5 * 60 * 1e3;
+var MAX_CACHE_SIZE2 = 100;
+function clearRolesCache(accountId) {
+  if (accountId) {
+    rolesCache.delete(accountId);
+  } else {
+    rolesCache.clear();
+  }
+}
+function enforceCacheLimit2() {
+  if (rolesCache.size > MAX_CACHE_SIZE2) {
+    const entries = Array.from(rolesCache.entries());
+    entries.sort((a, b) => a[1].timestamp - b[1].timestamp);
+    const toRemove = entries.slice(0, rolesCache.size - MAX_CACHE_SIZE2);
+    toRemove.forEach(([key]) => rolesCache.delete(key));
+  }
+}
+function useRoles() {
+  const { isAuthenticated, account } = useMsalAuth();
+  const graph = useGraphApi();
+  const [roles, setRoles] = react.useState([]);
+  const [groups, setGroups] = react.useState([]);
+  const [loading, setLoading] = react.useState(false);
+  const [error, setError] = react.useState(null);
+  const fetchRolesAndGroups = react.useCallback(async () => {
+    if (!isAuthenticated || !account) {
+      setRoles([]);
+      setGroups([]);
+      return;
+    }
+    const cacheKey = account.homeAccountId;
+    const cached = rolesCache.get(cacheKey);
+    if (cached && Date.now() - cached.timestamp < CACHE_DURATION2) {
+      setRoles(cached.roles);
+      setGroups(cached.groups);
+      return;
+    }
+    setLoading(true);
+    setError(null);
+    try {
+      const idTokenClaims = account.idTokenClaims;
+      const tokenRoles = idTokenClaims?.roles || [];
+      const groupsResponse = await graph.get("/me/memberOf", {
+        scopes: ["User.Read", "Directory.Read.All"]
+      });
+      const userGroups = groupsResponse.value.map((group) => group.id);
+      rolesCache.set(cacheKey, {
+        roles: tokenRoles,
+        groups: userGroups,
+        timestamp: Date.now()
+      });
+      enforceCacheLimit2();
+      setRoles(tokenRoles);
+      setGroups(userGroups);
+    } catch (err) {
+      const error2 = err;
+      const sanitizedMessage = sanitizeError(error2);
+      const sanitizedError = new Error(sanitizedMessage);
+      setError(sanitizedError);
+      console.error("[Roles] Failed to fetch roles/groups:", sanitizedMessage);
+      const idTokenClaims = account.idTokenClaims;
+      const tokenRoles = idTokenClaims?.roles || [];
+      setRoles(tokenRoles);
+    } finally {
+      setLoading(false);
+    }
+  }, [isAuthenticated, account, graph]);
+  const hasRole = react.useCallback(
+    (role) => {
+      return roles.includes(role);
+    },
+    [roles]
+  );
+  const hasGroup = react.useCallback(
+    (groupId) => {
+      return groups.includes(groupId);
+    },
+    [groups]
+  );
+  const hasAnyRole = react.useCallback(
+    (checkRoles) => {
+      return checkRoles.some((role) => roles.includes(role));
+    },
+    [roles]
+  );
+  const hasAllRoles = react.useCallback(
+    (checkRoles) => {
+      return checkRoles.every((role) => roles.includes(role));
+    },
+    [roles]
+  );
+  react.useEffect(() => {
+    fetchRolesAndGroups();
+    return () => {
+      if (account) {
+        clearRolesCache(account.homeAccountId);
+      }
+    };
+  }, [fetchRolesAndGroups, account]);
+  return {
+    roles,
+    groups,
+    loading,
+    error,
+    hasRole,
+    hasGroup,
+    hasAnyRole,
+    hasAllRoles,
+    refetch: fetchRolesAndGroups
+  };
+}
+function withAuth(Component2, options = {}) {
+  const { displayName, ...guardProps } = options;
+  const WrappedComponent = (props) => {
+    return /* @__PURE__ */ jsxRuntime.jsx(AuthGuard, { ...guardProps, children: /* @__PURE__ */ jsxRuntime.jsx(Component2, { ...props }) });
+  };
+  WrappedComponent.displayName = displayName || `withAuth(${Component2.displayName || Component2.name || "Component"})`;
+  return WrappedComponent;
+}
+
+// src/utils/tokenRetry.ts
+async function retryWithBackoff(fn, config = {}) {
+  const {
+    maxRetries = 3,
+    initialDelay = 1e3,
+    maxDelay = 1e4,
+    backoffMultiplier = 2,
+    debug = false
+  } = config;
+  let lastError;
+  let delay = initialDelay;
+  for (let attempt = 0; attempt <= maxRetries; attempt++) {
+    try {
+      if (debug && attempt > 0) {
+        console.log(`[TokenRetry] Attempt ${attempt + 1}/${maxRetries + 1}`);
+      }
+      return await fn();
+    } catch (error) {
+      lastError = error;
+      if (attempt === maxRetries) {
+        if (debug) {
+          console.error("[TokenRetry] All retry attempts failed");
+        }
+        break;
+      }
+      if (!isRetryableError(error)) {
+        if (debug) {
+          console.log("[TokenRetry] Non-retryable error, aborting");
+        }
+        throw error;
+      }
+      if (debug) {
+        console.warn(`[TokenRetry] Attempt ${attempt + 1} failed, retrying in ${delay}ms...`);
+      }
+      await sleep(delay);
+      delay = Math.min(delay * backoffMultiplier, maxDelay);
+    }
+  }
+  throw lastError;
+}
+function isRetryableError(error) {
+  const message = error.message.toLowerCase();
+  if (message.includes("network") || message.includes("timeout") || message.includes("fetch") || message.includes("connection")) {
+    return true;
+  }
+  if (message.includes("500") || message.includes("502") || message.includes("503")) {
+    return true;
+  }
+  if (message.includes("429") || message.includes("rate limit")) {
+    return true;
+  }
+  if (message.includes("token") && message.includes("expired")) {
+    return true;
+  }
+  return false;
+}
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function createRetryWrapper(fn, config = {}) {
+  return (...args) => {
+    return retryWithBackoff(() => fn(...args), config);
+  };
+}
+
+// src/utils/debugLogger.ts
+var DebugLogger = class {
+  constructor(config = {}) {
+    this.config = {
+      enabled: config.enabled ?? false,
+      prefix: config.prefix ?? "[MSAL-Next]",
+      showTimestamp: config.showTimestamp ?? true,
+      level: config.level ?? "info"
+    };
+  }
+  shouldLog(level) {
+    if (!this.config.enabled) return false;
+    const levels = ["error", "warn", "info", "debug"];
+    const currentLevelIndex = levels.indexOf(this.config.level);
+    const messageLevelIndex = levels.indexOf(level);
+    return messageLevelIndex <= currentLevelIndex;
+  }
+  formatMessage(level, message, data) {
+    const timestamp = this.config.showTimestamp ? `[${(/* @__PURE__ */ new Date()).toISOString()}]` : "";
+    const prefix = this.config.prefix;
+    const levelStr = `[${level.toUpperCase()}]`;
+    let formatted = `${timestamp} ${prefix} ${levelStr} ${message}`;
+    if (data !== void 0) {
+      formatted += "\n" + JSON.stringify(data, null, 2);
+    }
+    return formatted;
+  }
+  error(message, data) {
+    if (this.shouldLog("error")) {
+      console.error(this.formatMessage("error", message, data));
+    }
+  }
+  warn(message, data) {
+    if (this.shouldLog("warn")) {
+      console.warn(this.formatMessage("warn", message, data));
+    }
+  }
+  info(message, data) {
+    if (this.shouldLog("info")) {
+      console.info(this.formatMessage("info", message, data));
+    }
+  }
+  debug(message, data) {
+    if (this.shouldLog("debug")) {
+      console.debug(this.formatMessage("debug", message, data));
+    }
+  }
+  group(label) {
+    if (this.config.enabled) {
+      console.group(`${this.config.prefix} ${label}`);
+    }
+  }
+  groupEnd() {
+    if (this.config.enabled) {
+      console.groupEnd();
+    }
+  }
+  setEnabled(enabled) {
+    this.config.enabled = enabled;
+  }
+  setLevel(level) {
+    if (level) {
+      this.config.level = level;
+    }
+  }
+};
+var globalLogger = null;
+function getDebugLogger(config) {
+  if (!globalLogger) {
+    globalLogger = new DebugLogger(config);
+  } else if (config) {
+    if (config.enabled !== void 0) {
+      globalLogger.setEnabled(config.enabled);
+    }
+    if (config.level) {
+      globalLogger.setLevel(config.level);
+    }
+  }
+  return globalLogger;
+}
+function createScopedLogger(scope, config) {
+  return new DebugLogger({
+    ...config,
+    prefix: `[MSAL-Next:${scope}]`
+  });
+}
+function createAuthMiddleware(config = {}) {
+  const {
+    protectedRoutes = [],
+    publicOnlyRoutes = [],
+    loginPath = "/login",
+    redirectAfterLogin = "/",
+    sessionCookie = "msal.account",
+    isAuthenticated: customAuthCheck,
+    debug = false
+  } = config;
+  return async function authMiddleware(request) {
+    const { pathname } = request.nextUrl;
+    if (debug) {
+      console.log("[AuthMiddleware] Processing:", pathname);
+    }
+    let authenticated = false;
+    if (customAuthCheck) {
+      authenticated = await customAuthCheck(request);
+    } else {
+      const sessionData = request.cookies.get(sessionCookie);
+      authenticated = !!sessionData?.value;
+    }
+    if (debug) {
+      console.log("[AuthMiddleware] Authenticated:", authenticated);
+    }
+    const isProtectedRoute = protectedRoutes.some(
+      (route) => pathname.startsWith(route)
+    );
+    const isPublicOnlyRoute = publicOnlyRoutes.some(
+      (route) => pathname.startsWith(route)
+    );
+    if (isProtectedRoute && !authenticated) {
+      if (debug) {
+        console.log("[AuthMiddleware] Redirecting to login");
+      }
+      const url = request.nextUrl.clone();
+      url.pathname = loginPath;
+      url.searchParams.set("returnUrl", pathname);
+      return server.NextResponse.redirect(url);
+    }
+    if (isPublicOnlyRoute && authenticated) {
+      if (debug) {
+        console.log("[AuthMiddleware] Redirecting to home");
+      }
+      const returnUrl = request.nextUrl.searchParams.get("returnUrl");
+      const url = request.nextUrl.clone();
+      url.pathname = returnUrl || redirectAfterLogin;
+      url.searchParams.delete("returnUrl");
+      return server.NextResponse.redirect(url);
+    }
+    const response = server.NextResponse.next();
+    if (authenticated) {
+      response.headers.set("x-msal-authenticated", "true");
+      try {
+        const sessionData = request.cookies.get(sessionCookie);
+        if (sessionData?.value) {
+          const account = safeJsonParse(sessionData.value, isValidAccountData);
+          if (account?.username) {
+            response.headers.set("x-msal-username", account.username);
+          }
+        }
+      } catch (error) {
+        if (debug) {
+          console.warn("[AuthMiddleware] Failed to parse session data");
+        }
+      }
+    }
+    return response;
+  };
+}
+
+Object.defineProperty(exports, "useAccount", {
+  enumerable: true,
+  get: function () { return msalReact.useAccount; }
+});
+Object.defineProperty(exports, "useIsAuthenticated", {
+  enumerable: true,
+  get: function () { return msalReact.useIsAuthenticated; }
+});
+Object.defineProperty(exports, "useMsal", {
+  enumerable: true,
+  get: function () { return msalReact.useMsal; }
 });
+exports.AuthGuard = AuthGuard;
+exports.AuthStatus = AuthStatus;
+exports.ErrorBoundary = ErrorBoundary;
+exports.MicrosoftSignInButton = MicrosoftSignInButton;
+exports.MsalAuthProvider = MsalAuthProvider;
+exports.SignOutButton = SignOutButton;
+exports.UserAvatar = UserAvatar;
+exports.createAuthMiddleware = createAuthMiddleware;
+exports.createMsalConfig = createMsalConfig;
+exports.createRetryWrapper = createRetryWrapper;
+exports.createScopedLogger = createScopedLogger;
+exports.getDebugLogger = getDebugLogger;
+exports.getMsalInstance = getMsalInstance;
+exports.isValidAccountData = isValidAccountData;
+exports.isValidRedirectUri = isValidRedirectUri;
+exports.isValidScope = isValidScope;
+exports.retryWithBackoff = retryWithBackoff;
+exports.safeJsonParse = safeJsonParse;
+exports.sanitizeError = sanitizeError;
+exports.useGraphApi = useGraphApi;
+exports.useMsalAuth = useMsalAuth;
+exports.useRoles = useRoles;
+exports.useUserProfile = useUserProfile;
+exports.validateScopes = validateScopes;
+exports.withAuth = withAuth;
+//# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map