npm - @chemmangat/msal-next - Versions diffs - 3.1.6 → 3.1.7 - Mend

@chemmangat/msal-next 3.1.6 → 3.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -2,57 +2,54 @@
 All notable changes to this project will be documented in this file.
-## [3.1.5] - 2026-03-05
+## [3.1.6] - 2026-03-05
-### 🔄 Breaking Change - Redirect Flow by Default
+### 🔄 Breaking Change - Redirect-Only Flow
-**MicrosoftSignInButton now uses redirect flow by default** instead of popup flow.
+**Removed all popup authentication support** - Package now only supports redirect flow for cleaner, simpler authentication.
 **Why this change?**
-- Popup flow requires additional setup (blank.html page)
-- Popup flow causes the full app to load in popup window
-- Redirect flow is simpler and works out of the box
-- Most users prefer redirect flow for better UX
+- Popup flow had persistent issues (full app loading in popup, logout popups, etc.)
+- Redirect flow is simpler, more reliable, and works out of the box
+- No need for blank.html or special Azure AD configuration
+- Better user experience with full-page redirects
+**What was removed:**
+- `loginPopup()` method
+- `logoutPopup()` method
+- `acquireTokenPopup()` method
+- `useRedirect` prop from MicrosoftSignInButton
+- `useRedirect` prop from SignOutButton
+- `popupRedirectUri` configuration option
+- `getPopupRedirectUri()` utility
+- All popup-related code and configuration
 **Migration:**
-If you were using the default popup behavior:
 ```tsx
-// Before (v3.1.4 and earlier) - used popup by default
-<MicrosoftSignInButton />
-// After (v3.1.5) - uses redirect by default
-<MicrosoftSignInButton />  // Now redirects full page
+// Before (v3.1.4 and earlier)
+const { loginPopup, logoutPopup } = useMsalAuth();
+await loginPopup();
+await logoutPopup();
-// To keep popup behavior:
 <MicrosoftSignInButton useRedirect={false} />
-```
-**New Default Behavior:**
-- Button redirects the entire browser window to Microsoft login
-- After authentication, redirects back to your app
-- No popup windows, no blank.html needed
-- Works with your existing Azure AD redirect URI
+<SignOutButton useRedirect={false} />
-### ✨ Optional Popup Support
+// After (v3.1.5) - redirect only
+const { loginRedirect, logoutRedirect } = useMsalAuth();
+await loginRedirect();
+await logoutRedirect();
-**Added optional `popupRedirectUri` prop** - Only use if you prefer popup flow.
-**For Popup Flow (Optional):**
-1. Create `public/blank.html`
-2. Add `/blank.html` to Azure AD redirect URIs
-3. Use:
-```tsx
-<MSALProvider popupRedirectUri="/blank.html">
-  <MicrosoftSignInButton useRedirect={false} />
-</MSALProvider>
+<MicrosoftSignInButton />
+<SignOutButton />
 ```
 **Benefits:**
-- Simpler default experience (no setup required)
-- Redirect flow works out of the box
-- Popup flow still available for those who need it
-- Backward compatible (just set `useRedirect={false}`)
+- Simpler API - no popup vs redirect decisions
+- No popup-related bugs or issues
+- Works perfectly out of the box
+- Cleaner codebase and smaller bundle size
+- Better user experience
 ## [3.1.4] - 2026-03-05

package/README.md CHANGED Viewed

@@ -5,7 +5,7 @@ Production-grade MSAL authentication library for Next.js App Router with minimal
 [![npm version](https://badge.fury.io/js/@chemmangat%2Fmsal-next.svg)](https://www.npmjs.com/package/@chemmangat/msal-next)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
-> **📦 Current Version: 3.1.5** - Separate popup redirect URI support. [See changelog](./CHANGELOG.md)
+> **📦 Current Version: 3.1.6** - Redirect-only authentication (popup support removed). [See changelog](./CHANGELOG.md)
 > **⚠️ Important:** If you're on v3.0.6 or v3.0.7, please update immediately - those versions have a critical popup authentication bug.
@@ -134,59 +134,7 @@ export default function Home() {
 That's it! 🎉
-The button uses redirect flow by default (full page redirect to Microsoft login, then back to your app). No popups, no blank.html needed.
-## Optional: Fix Popup Window Issue
-**Important:** When using popup authentication, the popup window MUST navigate to your redirect URI to complete the OAuth flow. This is how OAuth works and cannot be avoided.
-By default, this means your full Next.js app will briefly load in the popup before it closes. The package detects this and renders minimal content, but you may still see a flash of your app.
-### Solution: Use a Blank Page (Recommended for Popup Flow)
-For the cleanest popup experience, create a blank HTML page:
-### 1. Create blank.html
-Create `public/blank.html`:
-```html
-<!DOCTYPE html>
-<html>
-<head><title>Auth</title></head>
-<body></body>
-</html>
-```
-### 2. Add to Azure AD
-Add to Azure AD redirect URIs:
-- `http://localhost:3000/blank.html`
-- `https://yourdomain.com/blank.html`
-### 3. Configure MSALProvider
-```tsx
-<MSALProvider
-  clientId={process.env.NEXT_PUBLIC_AZURE_AD_CLIENT_ID!}
-  tenantId={process.env.NEXT_PUBLIC_AZURE_AD_TENANT_ID!}
-  popupRedirectUri="/blank.html"  // Add this line
->
-  {children}
-</MSALProvider>
-```
-This ensures the popup shows only a blank page and closes immediately.
-### Alternative: Use Redirect Flow
-If you don't want to set up blank.html, use redirect flow instead:
-```tsx
-<MicrosoftSignInButton useRedirect={true} />
-```
-Redirect flow navigates the entire browser window (no popup), so there's no "app in popup" issue.
+The button uses redirect flow (full page redirect to Microsoft login, then back to your app). Simple and clean.
 ## Components
@@ -240,18 +188,14 @@ export function MyProviders({ children }) {
 ### MicrosoftSignInButton
-Pre-styled sign-in button with Microsoft branding. Uses redirect flow by default (no popups).
+Pre-styled sign-in button with Microsoft branding. Uses redirect flow (full page redirect to Microsoft login).
 ```tsx
 <MicrosoftSignInButton
   variant="dark" // or "light"
   size="medium" // "small", "medium", "large"
-  useRedirect={true} // Default: true (full page redirect)
   onSuccess={() => console.log('Signed in!')}
 />
-// If you prefer popup (requires blank.html setup):
-<MicrosoftSignInButton useRedirect={false} />
 ```
 ### SignOutButton
@@ -332,21 +276,19 @@ const {
   account,
   isAuthenticated,
   inProgress,
-  loginPopup,
   loginRedirect,
-  logoutPopup,
   logoutRedirect,
   acquireToken,
 } = useMsalAuth();
-// Login
-await loginPopup(['User.Read']);
+// Login (redirects to Microsoft)
+await loginRedirect(['User.Read']);
 // Get token
 const token = await acquireToken(['User.Read']);
-// Logout
-await logoutPopup();
+// Logout (redirects to Microsoft)
+await logoutRedirect();
 ```
 ### useGraphApi

package/dist/index.d.mts CHANGED Viewed

@@ -41,13 +41,6 @@ interface MsalAuthConfig {
      * @default window.location.origin
      */
     redirectUri?: string;
-    /**
-     * Redirect URI for popup authentication (optional)
-     * If not specified, uses the same redirectUri as redirect flow
-     * Only set this if you want a different URI for popup (e.g., /blank.html)
-     * @default redirectUri
-     */
-    popupRedirectUri?: string;
     /**
      * Post logout redirect URI
      * @default redirectUri
@@ -156,11 +149,6 @@ interface MicrosoftSignInButtonProps {
      * @default 'medium'
      */
     size?: 'small' | 'medium' | 'large';
-    /**
-     * Use redirect flow instead of popup
-     * @default true
-     */
-    useRedirect?: boolean;
     /**
      * Scopes to request
      */
@@ -182,7 +170,7 @@ interface MicrosoftSignInButtonProps {
      */
     onError?: (error: Error) => void;
 }
-declare function MicrosoftSignInButton({ text, variant, size, useRedirect, scopes, className, style, onSuccess, onError, }: MicrosoftSignInButtonProps): react_jsx_runtime.JSX.Element;
+declare function MicrosoftSignInButton({ text, variant, size, scopes, className, style, onSuccess, onError, }: MicrosoftSignInButtonProps): react_jsx_runtime.JSX.Element;
 interface SignOutButtonProps {
     /**
@@ -200,11 +188,6 @@ interface SignOutButtonProps {
      * @default 'medium'
      */
     size?: 'small' | 'medium' | 'large';
-    /**
-     * Use redirect flow instead of popup
-     * @default false
-     */
-    useRedirect?: boolean;
     /**
      * Custom className
      */
@@ -224,13 +207,14 @@ interface SignOutButtonProps {
 }
 /**
  * SignOutButton component with Microsoft branding
+ * Uses redirect flow (full page redirect)
  *
  * @example
  * ```tsx
  * <SignOutButton variant="light" />
  * ```
  */
-declare function SignOutButton({ text, variant, size, useRedirect, className, style, onSuccess, onError, }: SignOutButtonProps): react_jsx_runtime.JSX.Element;
+declare function SignOutButton({ text, variant, size, className, style, onSuccess, onError, }: SignOutButtonProps): react_jsx_runtime.JSX.Element;
 interface UserAvatarProps {
     /**
@@ -316,11 +300,6 @@ interface AuthGuardProps {
      * Component to show when not authenticated (before redirect)
      */
     fallbackComponent?: ReactNode;
-    /**
-     * Use redirect flow instead of popup
-     * @default true
-     */
-    useRedirect?: boolean;
     /**
      * Scopes to request during authentication
      */
@@ -340,7 +319,7 @@ interface AuthGuardProps {
  * </AuthGuard>
  * ```
  */
-declare function AuthGuard({ children, loadingComponent, fallbackComponent, useRedirect, scopes, onAuthRequired, }: AuthGuardProps): react_jsx_runtime.JSX.Element;
+declare function AuthGuard({ children, loadingComponent, fallbackComponent, scopes, onAuthRequired, }: AuthGuardProps): react_jsx_runtime.JSX.Element;
 interface ErrorBoundaryProps {
     /**
@@ -402,34 +381,22 @@ interface UseMsalAuthReturn {
      * Whether MSAL is currently performing an interaction
      */
     inProgress: boolean;
-    /**
-     * Login using popup
-     */
-    loginPopup: (scopes?: string[]) => Promise<void>;
     /**
      * Login using redirect
      */
     loginRedirect: (scopes?: string[]) => Promise<void>;
-    /**
-     * Logout using popup
-     */
-    logoutPopup: () => Promise<void>;
     /**
      * Logout using redirect
      */
     logoutRedirect: () => Promise<void>;
     /**
-     * Acquire access token silently (with fallback to popup)
+     * Acquire access token silently
      */
     acquireToken: (scopes: string[]) => Promise<string>;
     /**
      * Acquire access token silently only (no fallback)
      */
     acquireTokenSilent: (scopes: string[]) => Promise<string>;
-    /**
-     * Acquire access token using popup
-     */
-    acquireTokenPopup: (scopes: string[]) => Promise<string>;
     /**
      * Acquire access token using redirect
      */
@@ -591,7 +558,6 @@ interface UseRolesReturn {
  */
 declare function useRoles(): UseRolesReturn;
-declare function getPopupRedirectUri(): string | undefined;
 declare function createMsalConfig(config: MsalAuthConfig): Configuration;
 interface WithAuthOptions extends Omit<AuthGuardProps, 'children'> {
@@ -939,4 +905,4 @@ interface ServerSession {
     accessToken?: string;
 }
-export { AuthGuard, type AuthGuardProps, type AuthMiddlewareConfig, AuthStatus, type AuthStatusProps, type CustomTokenClaims, type DebugLoggerConfig, ErrorBoundary, type ErrorBoundaryProps, type GraphApiOptions, MSALProvider, MicrosoftSignInButton, type MicrosoftSignInButtonProps, type MsalAuthConfig, MsalAuthProvider, type MsalAuthProviderProps, type RetryConfig, type ServerSession, SignOutButton, type SignOutButtonProps, type UseGraphApiReturn, type UseMsalAuthReturn, type UseRolesReturn, type UseUserProfileReturn, UserAvatar, type UserAvatarProps, type UserProfile, type ValidatedAccountData, type WithAuthOptions, createAuthMiddleware, createMsalConfig, createRetryWrapper, createScopedLogger, getDebugLogger, getMsalInstance, getPopupRedirectUri, isValidAccountData, isValidRedirectUri, isValidScope, retryWithBackoff, safeJsonParse, sanitizeError, useGraphApi, useMsalAuth, useRoles, useUserProfile, validateScopes, withAuth };
+export { AuthGuard, type AuthGuardProps, type AuthMiddlewareConfig, AuthStatus, type AuthStatusProps, type CustomTokenClaims, type DebugLoggerConfig, ErrorBoundary, type ErrorBoundaryProps, type GraphApiOptions, MSALProvider, MicrosoftSignInButton, type MicrosoftSignInButtonProps, type MsalAuthConfig, MsalAuthProvider, type MsalAuthProviderProps, type RetryConfig, type ServerSession, SignOutButton, type SignOutButtonProps, type UseGraphApiReturn, type UseMsalAuthReturn, type UseRolesReturn, type UseUserProfileReturn, UserAvatar, type UserAvatarProps, type UserProfile, type ValidatedAccountData, type WithAuthOptions, createAuthMiddleware, createMsalConfig, createRetryWrapper, createScopedLogger, getDebugLogger, getMsalInstance, isValidAccountData, isValidRedirectUri, isValidScope, retryWithBackoff, safeJsonParse, sanitizeError, useGraphApi, useMsalAuth, useRoles, useUserProfile, validateScopes, withAuth };

package/dist/index.d.ts CHANGED Viewed

@@ -41,13 +41,6 @@ interface MsalAuthConfig {
      * @default window.location.origin
      */
     redirectUri?: string;
-    /**
-     * Redirect URI for popup authentication (optional)
-     * If not specified, uses the same redirectUri as redirect flow
-     * Only set this if you want a different URI for popup (e.g., /blank.html)
-     * @default redirectUri
-     */
-    popupRedirectUri?: string;
     /**
      * Post logout redirect URI
      * @default redirectUri
@@ -156,11 +149,6 @@ interface MicrosoftSignInButtonProps {
      * @default 'medium'
      */
     size?: 'small' | 'medium' | 'large';
-    /**
-     * Use redirect flow instead of popup
-     * @default true
-     */
-    useRedirect?: boolean;
     /**
      * Scopes to request
      */
@@ -182,7 +170,7 @@ interface MicrosoftSignInButtonProps {
      */
     onError?: (error: Error) => void;
 }
-declare function MicrosoftSignInButton({ text, variant, size, useRedirect, scopes, className, style, onSuccess, onError, }: MicrosoftSignInButtonProps): react_jsx_runtime.JSX.Element;
+declare function MicrosoftSignInButton({ text, variant, size, scopes, className, style, onSuccess, onError, }: MicrosoftSignInButtonProps): react_jsx_runtime.JSX.Element;
 interface SignOutButtonProps {
     /**
@@ -200,11 +188,6 @@ interface SignOutButtonProps {
      * @default 'medium'
      */
     size?: 'small' | 'medium' | 'large';
-    /**
-     * Use redirect flow instead of popup
-     * @default false
-     */
-    useRedirect?: boolean;
     /**
      * Custom className
      */
@@ -224,13 +207,14 @@ interface SignOutButtonProps {
 }
 /**
  * SignOutButton component with Microsoft branding
+ * Uses redirect flow (full page redirect)
  *
  * @example
  * ```tsx
  * <SignOutButton variant="light" />
  * ```
  */
-declare function SignOutButton({ text, variant, size, useRedirect, className, style, onSuccess, onError, }: SignOutButtonProps): react_jsx_runtime.JSX.Element;
+declare function SignOutButton({ text, variant, size, className, style, onSuccess, onError, }: SignOutButtonProps): react_jsx_runtime.JSX.Element;
 interface UserAvatarProps {
     /**
@@ -316,11 +300,6 @@ interface AuthGuardProps {
      * Component to show when not authenticated (before redirect)
      */
     fallbackComponent?: ReactNode;
-    /**
-     * Use redirect flow instead of popup
-     * @default true
-     */
-    useRedirect?: boolean;
     /**
      * Scopes to request during authentication
      */
@@ -340,7 +319,7 @@ interface AuthGuardProps {
  * </AuthGuard>
  * ```
  */
-declare function AuthGuard({ children, loadingComponent, fallbackComponent, useRedirect, scopes, onAuthRequired, }: AuthGuardProps): react_jsx_runtime.JSX.Element;
+declare function AuthGuard({ children, loadingComponent, fallbackComponent, scopes, onAuthRequired, }: AuthGuardProps): react_jsx_runtime.JSX.Element;
 interface ErrorBoundaryProps {
     /**
@@ -402,34 +381,22 @@ interface UseMsalAuthReturn {
      * Whether MSAL is currently performing an interaction
      */
     inProgress: boolean;
-    /**
-     * Login using popup
-     */
-    loginPopup: (scopes?: string[]) => Promise<void>;
     /**
      * Login using redirect
      */
     loginRedirect: (scopes?: string[]) => Promise<void>;
-    /**
-     * Logout using popup
-     */
-    logoutPopup: () => Promise<void>;
     /**
      * Logout using redirect
      */
     logoutRedirect: () => Promise<void>;
     /**
-     * Acquire access token silently (with fallback to popup)
+     * Acquire access token silently
      */
     acquireToken: (scopes: string[]) => Promise<string>;
     /**
      * Acquire access token silently only (no fallback)
      */
     acquireTokenSilent: (scopes: string[]) => Promise<string>;
-    /**
-     * Acquire access token using popup
-     */
-    acquireTokenPopup: (scopes: string[]) => Promise<string>;
     /**
      * Acquire access token using redirect
      */
@@ -591,7 +558,6 @@ interface UseRolesReturn {
  */
 declare function useRoles(): UseRolesReturn;
-declare function getPopupRedirectUri(): string | undefined;
 declare function createMsalConfig(config: MsalAuthConfig): Configuration;
 interface WithAuthOptions extends Omit<AuthGuardProps, 'children'> {
@@ -939,4 +905,4 @@ interface ServerSession {
     accessToken?: string;
 }
-export { AuthGuard, type AuthGuardProps, type AuthMiddlewareConfig, AuthStatus, type AuthStatusProps, type CustomTokenClaims, type DebugLoggerConfig, ErrorBoundary, type ErrorBoundaryProps, type GraphApiOptions, MSALProvider, MicrosoftSignInButton, type MicrosoftSignInButtonProps, type MsalAuthConfig, MsalAuthProvider, type MsalAuthProviderProps, type RetryConfig, type ServerSession, SignOutButton, type SignOutButtonProps, type UseGraphApiReturn, type UseMsalAuthReturn, type UseRolesReturn, type UseUserProfileReturn, UserAvatar, type UserAvatarProps, type UserProfile, type ValidatedAccountData, type WithAuthOptions, createAuthMiddleware, createMsalConfig, createRetryWrapper, createScopedLogger, getDebugLogger, getMsalInstance, getPopupRedirectUri, isValidAccountData, isValidRedirectUri, isValidScope, retryWithBackoff, safeJsonParse, sanitizeError, useGraphApi, useMsalAuth, useRoles, useUserProfile, validateScopes, withAuth };
+export { AuthGuard, type AuthGuardProps, type AuthMiddlewareConfig, AuthStatus, type AuthStatusProps, type CustomTokenClaims, type DebugLoggerConfig, ErrorBoundary, type ErrorBoundaryProps, type GraphApiOptions, MSALProvider, MicrosoftSignInButton, type MicrosoftSignInButtonProps, type MsalAuthConfig, MsalAuthProvider, type MsalAuthProviderProps, type RetryConfig, type ServerSession, SignOutButton, type SignOutButtonProps, type UseGraphApiReturn, type UseMsalAuthReturn, type UseRolesReturn, type UseUserProfileReturn, UserAvatar, type UserAvatarProps, type UserProfile, type ValidatedAccountData, type WithAuthOptions, createAuthMiddleware, createMsalConfig, createRetryWrapper, createScopedLogger, getDebugLogger, getMsalInstance, isValidAccountData, isValidRedirectUri, isValidScope, retryWithBackoff, safeJsonParse, sanitizeError, useGraphApi, useMsalAuth, useRoles, useUserProfile, validateScopes, withAuth };

package/dist/index.js CHANGED Viewed

@@ -35,7 +35,6 @@ __export(client_exports, {
   createScopedLogger: () => createScopedLogger,
   getDebugLogger: () => getDebugLogger,
   getMsalInstance: () => getMsalInstance,
-  getPopupRedirectUri: () => getPopupRedirectUri,
   isValidAccountData: () => isValidAccountData,
   isValidRedirectUri: () => isValidRedirectUri,
   isValidScope: () => isValidScope,
@@ -106,10 +105,6 @@ function validateScopes(scopes) {
 }
 // src/utils/createMsalConfig.ts
-var storedPopupRedirectUri;
-function getPopupRedirectUri() {
-  return storedPopupRedirectUri;
-}
 function createMsalConfig(config) {
   if (config.msalConfig) {
     return config.msalConfig;
@@ -119,7 +114,6 @@ function createMsalConfig(config) {
     tenantId,
     authorityType = "common",
     redirectUri,
-    popupRedirectUri,
     postLogoutRedirectUri,
     cacheLocation = "sessionStorage",
     storeAuthStateInCookie = false,
@@ -142,8 +136,6 @@ function createMsalConfig(config) {
   };
   const defaultRedirectUri = typeof window !== "undefined" ? window.location.origin : "http://localhost:3000";
   const finalRedirectUri = redirectUri || defaultRedirectUri;
-  const finalPopupRedirectUri = popupRedirectUri || finalRedirectUri;
-  storedPopupRedirectUri = finalPopupRedirectUri;
   if (allowedRedirectUris && allowedRedirectUris.length > 0) {
     if (!isValidRedirectUri(finalRedirectUri, allowedRedirectUris)) {
       throw new Error(
@@ -170,10 +162,6 @@ function createMsalConfig(config) {
       storeAuthStateInCookie
     },
     system: {
-      windowHashTimeout: 6e4,
-      // Increase timeout for popup
-      iframeHashTimeout: 6e3,
-      loadFrameTimeout: 0,
       loggerOptions: {
         loggerCallback: loggerCallback || ((level, message, containsPii) => {
           if (containsPii || !enableLogging) return;
@@ -208,17 +196,10 @@ function getMsalInstance() {
 function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config }) {
   const [msalInstance, setMsalInstance] = (0, import_react.useState)(null);
   const instanceRef = (0, import_react.useRef)(null);
-  const isInPopup = typeof window !== "undefined" && window.opener && window.opener !== window;
   (0, import_react.useEffect)(() => {
     if (typeof window === "undefined") {
       return;
     }
-    if (isInPopup) {
-      if (config.enableLogging) {
-        console.log("[MSAL] Detected popup window - minimal initialization");
-      }
-      return;
-    }
     if (instanceRef.current) {
       return;
     }
@@ -227,17 +208,16 @@ function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config
         const msalConfig = createMsalConfig(config);
         const instance = new import_msal_browser2.PublicClientApplication(msalConfig);
         await instance.initialize();
-        const isInPopup2 = window.opener && window.opener !== window;
         try {
           const response = await instance.handleRedirectPromise();
           if (response) {
             if (config.enableLogging) {
-              console.log("[MSAL] Redirect authentication successful", isInPopup2 ? "(popup)" : "(main)");
+              console.log("[MSAL] Redirect authentication successful");
             }
             if (response.account) {
               instance.setActiveAccount(response.account);
             }
-            if (!isInPopup2 && window.location.hash) {
+            if (window.location.hash) {
               window.history.replaceState(null, "", window.location.pathname + window.location.search);
             }
           }
@@ -253,7 +233,7 @@ function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config
           } else {
             console.error("[MSAL] Redirect handling error:", redirectError);
           }
-          if (!isInPopup2 && window.location.hash && (window.location.hash.includes("code=") || window.location.hash.includes("error="))) {
+          if (window.location.hash && (window.location.hash.includes("code=") || window.location.hash.includes("error="))) {
             window.history.replaceState(null, "", window.location.pathname + window.location.search);
           }
         }
@@ -309,9 +289,6 @@ function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config
   if (typeof window === "undefined") {
     return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_jsx_runtime.Fragment, { children: loadingComponent || /* @__PURE__ */ (0, import_jsx_runtime.jsx)("div", { children: "Loading authentication..." }) });
   }
-  if (isInPopup) {
-    return /* @__PURE__ */ (0, import_jsx_runtime.jsx)("div", { style: { display: "none" }, children: "Completing authentication..." });
-  }
   if (!msalInstance) {
     return /* @__PURE__ */ (0, import_jsx_runtime.jsx)(import_jsx_runtime.Fragment, { children: loadingComponent || /* @__PURE__ */ (0, import_jsx_runtime.jsx)("div", { children: "Loading authentication..." }) });
   }
@@ -332,37 +309,7 @@ var pendingTokenRequests = /* @__PURE__ */ new Map();
 function useMsalAuth(defaultScopes = ["User.Read"]) {
   const { instance, accounts, inProgress } = (0, import_msal_react2.useMsal)();
   const account = (0, import_msal_react2.useAccount)(accounts[0] || null);
-  const popupInProgressRef = (0, import_react2.useRef)(false);
   const isAuthenticated = (0, import_react2.useMemo)(() => accounts.length > 0, [accounts]);
-  const loginPopup = (0, import_react2.useCallback)(
-    async (scopes = defaultScopes) => {
-      if (inProgress !== import_msal_browser3.InteractionStatus.None) {
-        console.warn("[MSAL] Interaction already in progress");
-        return;
-      }
-      try {
-        const popupRedirectUri = getPopupRedirectUri();
-        const request = {
-          scopes,
-          prompt: "select_account",
-          // Use popup-specific redirect URI (defaults to /blank.html)
-          redirectUri: popupRedirectUri
-        };
-        const response = await instance.loginPopup(request);
-        if (response?.account) {
-          instance.setActiveAccount(response.account);
-        }
-      } catch (error) {
-        if (error?.errorCode === "user_cancelled") {
-          console.log("[MSAL] User cancelled login");
-          return;
-        }
-        console.error("[MSAL] Login popup failed:", error);
-        throw error;
-      }
-    },
-    [instance, defaultScopes, inProgress]
-  );
   const loginRedirect = (0, import_react2.useCallback)(
     async (scopes = defaultScopes) => {
       if (inProgress !== import_msal_browser3.InteractionStatus.None) {
@@ -386,16 +333,6 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     },
     [instance, defaultScopes, inProgress]
   );
-  const logoutPopup = (0, import_react2.useCallback)(async () => {
-    try {
-      await instance.logoutPopup({
-        account: account || void 0
-      });
-    } catch (error) {
-      console.error("[MSAL] Logout popup failed:", error);
-      throw error;
-    }
-  }, [instance, account]);
   const logoutRedirect = (0, import_react2.useCallback)(async () => {
     try {
       await instance.logoutRedirect({
@@ -426,31 +363,6 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     },
     [instance, account, defaultScopes]
   );
-  const acquireTokenPopup = (0, import_react2.useCallback)(
-    async (scopes = defaultScopes) => {
-      if (!account) {
-        throw new Error("[MSAL] No active account. Please login first.");
-      }
-      if (popupInProgressRef.current) {
-        throw new Error("[MSAL] Popup already in progress. Please wait.");
-      }
-      try {
-        popupInProgressRef.current = true;
-        const request = {
-          scopes,
-          account
-        };
-        const response = await instance.acquireTokenPopup(request);
-        return response.accessToken;
-      } catch (error) {
-        console.error("[MSAL] Token popup acquisition failed:", error);
-        throw error;
-      } finally {
-        popupInProgressRef.current = false;
-      }
-    },
-    [instance, account, defaultScopes]
-  );
   const acquireTokenRedirect = (0, import_react2.useCallback)(
     async (scopes = defaultScopes) => {
       if (!account) {
@@ -480,8 +392,9 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
         try {
           return await acquireTokenSilent(scopes);
         } catch (error) {
-          console.warn("[MSAL] Silent token acquisition failed, falling back to popup");
-          return await acquireTokenPopup(scopes);
+          console.warn("[MSAL] Silent token acquisition failed, falling back to redirect");
+          await acquireTokenRedirect(scopes);
+          throw new Error("[MSAL] Redirecting for token acquisition");
         } finally {
           pendingTokenRequests.delete(requestKey);
         }
@@ -489,7 +402,7 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
       pendingTokenRequests.set(requestKey, tokenRequest);
       return tokenRequest;
     },
-    [acquireTokenSilent, acquireTokenPopup, defaultScopes, account]
+    [acquireTokenSilent, acquireTokenRedirect, defaultScopes, account]
   );
   const clearSession = (0, import_react2.useCallback)(async () => {
     instance.setActiveAccount(null);
@@ -500,13 +413,10 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     accounts,
     isAuthenticated,
     inProgress: inProgress !== import_msal_browser3.InteractionStatus.None,
-    loginPopup,
     loginRedirect,
-    logoutPopup,
     logoutRedirect,
     acquireToken,
     acquireTokenSilent,
-    acquireTokenPopup,
     acquireTokenRedirect,
     clearSession
   };
@@ -519,23 +429,18 @@ function MicrosoftSignInButton({
   text = "Sign in with Microsoft",
   variant = "dark",
   size = "medium",
-  useRedirect = true,
   scopes,
   className = "",
   style,
   onSuccess,
   onError
 }) {
-  const { loginPopup, loginRedirect, inProgress } = useMsalAuth();
+  const { loginRedirect, inProgress } = useMsalAuth();
   const [isLoading, setIsLoading] = (0, import_react3.useState)(false);
   const handleClick = async () => {
     setIsLoading(true);
     try {
-      if (useRedirect) {
-        await loginRedirect(scopes);
-      } else {
-        await loginPopup(scopes);
-      }
+      await loginRedirect(scopes);
       onSuccess?.();
     } catch (error) {
       onError?.(error);
@@ -618,20 +523,15 @@ function SignOutButton({
   text = "Sign out",
   variant = "dark",
   size = "medium",
-  useRedirect = false,
   className = "",
   style,
   onSuccess,
   onError
 }) {
-  const { logoutPopup, logoutRedirect, inProgress } = useMsalAuth();
+  const { logoutRedirect, inProgress } = useMsalAuth();
   const handleClick = async () => {
     try {
-      if (useRedirect) {
-        await logoutRedirect();
-      } else {
-        await logoutPopup();
-      }
+      await logoutRedirect();
       onSuccess?.();
     } catch (error) {
       onError?.(error);
@@ -1116,28 +1016,23 @@ function AuthGuard({
   children,
   loadingComponent,
   fallbackComponent,
-  useRedirect = true,
   scopes,
   onAuthRequired
 }) {
-  const { isAuthenticated, inProgress, loginRedirect, loginPopup } = useMsalAuth();
+  const { isAuthenticated, inProgress, loginRedirect } = useMsalAuth();
   (0, import_react7.useEffect)(() => {
     if (!isAuthenticated && !inProgress) {
       onAuthRequired?.();
       const login = async () => {
         try {
-          if (useRedirect) {
-            await loginRedirect(scopes);
-          } else {
-            await loginPopup(scopes);
-          }
+          await loginRedirect(scopes);
         } catch (error) {
           console.error("[AuthGuard] Authentication failed:", error);
         }
       };
       login();
     }
-  }, [isAuthenticated, inProgress, useRedirect, scopes, loginRedirect, loginPopup, onAuthRequired]);
+  }, [isAuthenticated, inProgress, scopes, loginRedirect, onAuthRequired]);
   if (inProgress) {
     return /* @__PURE__ */ (0, import_jsx_runtime7.jsx)(import_jsx_runtime7.Fragment, { children: loadingComponent || /* @__PURE__ */ (0, import_jsx_runtime7.jsx)("div", { children: "Authenticating..." }) });
   }
@@ -1707,7 +1602,6 @@ var import_msal_react3 = require("@azure/msal-react");
   createScopedLogger,
   getDebugLogger,
   getMsalInstance,
-  getPopupRedirectUri,
   isValidAccountData,
   isValidRedirectUri,
   isValidScope,

package/dist/index.mjs CHANGED Viewed

@@ -52,10 +52,6 @@ function validateScopes(scopes) {
 }
 // src/utils/createMsalConfig.ts
-var storedPopupRedirectUri;
-function getPopupRedirectUri() {
-  return storedPopupRedirectUri;
-}
 function createMsalConfig(config) {
   if (config.msalConfig) {
     return config.msalConfig;
@@ -65,7 +61,6 @@ function createMsalConfig(config) {
     tenantId,
     authorityType = "common",
     redirectUri,
-    popupRedirectUri,
     postLogoutRedirectUri,
     cacheLocation = "sessionStorage",
     storeAuthStateInCookie = false,
@@ -88,8 +83,6 @@ function createMsalConfig(config) {
   };
   const defaultRedirectUri = typeof window !== "undefined" ? window.location.origin : "http://localhost:3000";
   const finalRedirectUri = redirectUri || defaultRedirectUri;
-  const finalPopupRedirectUri = popupRedirectUri || finalRedirectUri;
-  storedPopupRedirectUri = finalPopupRedirectUri;
   if (allowedRedirectUris && allowedRedirectUris.length > 0) {
     if (!isValidRedirectUri(finalRedirectUri, allowedRedirectUris)) {
       throw new Error(
@@ -116,10 +109,6 @@ function createMsalConfig(config) {
       storeAuthStateInCookie
     },
     system: {
-      windowHashTimeout: 6e4,
-      // Increase timeout for popup
-      iframeHashTimeout: 6e3,
-      loadFrameTimeout: 0,
       loggerOptions: {
         loggerCallback: loggerCallback || ((level, message, containsPii) => {
           if (containsPii || !enableLogging) return;
@@ -154,17 +143,10 @@ function getMsalInstance() {
 function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config }) {
   const [msalInstance, setMsalInstance] = useState(null);
   const instanceRef = useRef(null);
-  const isInPopup = typeof window !== "undefined" && window.opener && window.opener !== window;
   useEffect(() => {
     if (typeof window === "undefined") {
       return;
     }
-    if (isInPopup) {
-      if (config.enableLogging) {
-        console.log("[MSAL] Detected popup window - minimal initialization");
-      }
-      return;
-    }
     if (instanceRef.current) {
       return;
     }
@@ -173,17 +155,16 @@ function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config
         const msalConfig = createMsalConfig(config);
         const instance = new PublicClientApplication(msalConfig);
         await instance.initialize();
-        const isInPopup2 = window.opener && window.opener !== window;
         try {
           const response = await instance.handleRedirectPromise();
           if (response) {
             if (config.enableLogging) {
-              console.log("[MSAL] Redirect authentication successful", isInPopup2 ? "(popup)" : "(main)");
+              console.log("[MSAL] Redirect authentication successful");
             }
             if (response.account) {
               instance.setActiveAccount(response.account);
             }
-            if (!isInPopup2 && window.location.hash) {
+            if (window.location.hash) {
               window.history.replaceState(null, "", window.location.pathname + window.location.search);
             }
           }
@@ -199,7 +180,7 @@ function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config
           } else {
             console.error("[MSAL] Redirect handling error:", redirectError);
           }
-          if (!isInPopup2 && window.location.hash && (window.location.hash.includes("code=") || window.location.hash.includes("error="))) {
+          if (window.location.hash && (window.location.hash.includes("code=") || window.location.hash.includes("error="))) {
             window.history.replaceState(null, "", window.location.pathname + window.location.search);
           }
         }
@@ -255,9 +236,6 @@ function MsalAuthProvider({ children, loadingComponent, onInitialized, ...config
   if (typeof window === "undefined") {
     return /* @__PURE__ */ jsx(Fragment, { children: loadingComponent || /* @__PURE__ */ jsx("div", { children: "Loading authentication..." }) });
   }
-  if (isInPopup) {
-    return /* @__PURE__ */ jsx("div", { style: { display: "none" }, children: "Completing authentication..." });
-  }
   if (!msalInstance) {
     return /* @__PURE__ */ jsx(Fragment, { children: loadingComponent || /* @__PURE__ */ jsx("div", { children: "Loading authentication..." }) });
   }
@@ -273,42 +251,12 @@ function MSALProvider({ children, ...props }) {
 // src/hooks/useMsalAuth.ts
 import { useMsal, useAccount } from "@azure/msal-react";
 import { InteractionStatus } from "@azure/msal-browser";
-import { useCallback, useMemo, useRef as useRef2 } from "react";
+import { useCallback, useMemo } from "react";
 var pendingTokenRequests = /* @__PURE__ */ new Map();
 function useMsalAuth(defaultScopes = ["User.Read"]) {
   const { instance, accounts, inProgress } = useMsal();
   const account = useAccount(accounts[0] || null);
-  const popupInProgressRef = useRef2(false);
   const isAuthenticated = useMemo(() => accounts.length > 0, [accounts]);
-  const loginPopup = useCallback(
-    async (scopes = defaultScopes) => {
-      if (inProgress !== InteractionStatus.None) {
-        console.warn("[MSAL] Interaction already in progress");
-        return;
-      }
-      try {
-        const popupRedirectUri = getPopupRedirectUri();
-        const request = {
-          scopes,
-          prompt: "select_account",
-          // Use popup-specific redirect URI (defaults to /blank.html)
-          redirectUri: popupRedirectUri
-        };
-        const response = await instance.loginPopup(request);
-        if (response?.account) {
-          instance.setActiveAccount(response.account);
-        }
-      } catch (error) {
-        if (error?.errorCode === "user_cancelled") {
-          console.log("[MSAL] User cancelled login");
-          return;
-        }
-        console.error("[MSAL] Login popup failed:", error);
-        throw error;
-      }
-    },
-    [instance, defaultScopes, inProgress]
-  );
   const loginRedirect = useCallback(
     async (scopes = defaultScopes) => {
       if (inProgress !== InteractionStatus.None) {
@@ -332,16 +280,6 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     },
     [instance, defaultScopes, inProgress]
   );
-  const logoutPopup = useCallback(async () => {
-    try {
-      await instance.logoutPopup({
-        account: account || void 0
-      });
-    } catch (error) {
-      console.error("[MSAL] Logout popup failed:", error);
-      throw error;
-    }
-  }, [instance, account]);
   const logoutRedirect = useCallback(async () => {
     try {
       await instance.logoutRedirect({
@@ -372,31 +310,6 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     },
     [instance, account, defaultScopes]
   );
-  const acquireTokenPopup = useCallback(
-    async (scopes = defaultScopes) => {
-      if (!account) {
-        throw new Error("[MSAL] No active account. Please login first.");
-      }
-      if (popupInProgressRef.current) {
-        throw new Error("[MSAL] Popup already in progress. Please wait.");
-      }
-      try {
-        popupInProgressRef.current = true;
-        const request = {
-          scopes,
-          account
-        };
-        const response = await instance.acquireTokenPopup(request);
-        return response.accessToken;
-      } catch (error) {
-        console.error("[MSAL] Token popup acquisition failed:", error);
-        throw error;
-      } finally {
-        popupInProgressRef.current = false;
-      }
-    },
-    [instance, account, defaultScopes]
-  );
   const acquireTokenRedirect = useCallback(
     async (scopes = defaultScopes) => {
       if (!account) {
@@ -426,8 +339,9 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
         try {
           return await acquireTokenSilent(scopes);
         } catch (error) {
-          console.warn("[MSAL] Silent token acquisition failed, falling back to popup");
-          return await acquireTokenPopup(scopes);
+          console.warn("[MSAL] Silent token acquisition failed, falling back to redirect");
+          await acquireTokenRedirect(scopes);
+          throw new Error("[MSAL] Redirecting for token acquisition");
         } finally {
           pendingTokenRequests.delete(requestKey);
         }
@@ -435,7 +349,7 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
       pendingTokenRequests.set(requestKey, tokenRequest);
       return tokenRequest;
     },
-    [acquireTokenSilent, acquireTokenPopup, defaultScopes, account]
+    [acquireTokenSilent, acquireTokenRedirect, defaultScopes, account]
   );
   const clearSession = useCallback(async () => {
     instance.setActiveAccount(null);
@@ -446,13 +360,10 @@ function useMsalAuth(defaultScopes = ["User.Read"]) {
     accounts,
     isAuthenticated,
     inProgress: inProgress !== InteractionStatus.None,
-    loginPopup,
     loginRedirect,
-    logoutPopup,
     logoutRedirect,
     acquireToken,
     acquireTokenSilent,
-    acquireTokenPopup,
     acquireTokenRedirect,
     clearSession
   };
@@ -465,23 +376,18 @@ function MicrosoftSignInButton({
   text = "Sign in with Microsoft",
   variant = "dark",
   size = "medium",
-  useRedirect = true,
   scopes,
   className = "",
   style,
   onSuccess,
   onError
 }) {
-  const { loginPopup, loginRedirect, inProgress } = useMsalAuth();
+  const { loginRedirect, inProgress } = useMsalAuth();
   const [isLoading, setIsLoading] = useState2(false);
   const handleClick = async () => {
     setIsLoading(true);
     try {
-      if (useRedirect) {
-        await loginRedirect(scopes);
-      } else {
-        await loginPopup(scopes);
-      }
+      await loginRedirect(scopes);
       onSuccess?.();
     } catch (error) {
       onError?.(error);
@@ -564,20 +470,15 @@ function SignOutButton({
   text = "Sign out",
   variant = "dark",
   size = "medium",
-  useRedirect = false,
   className = "",
   style,
   onSuccess,
   onError
 }) {
-  const { logoutPopup, logoutRedirect, inProgress } = useMsalAuth();
+  const { logoutRedirect, inProgress } = useMsalAuth();
   const handleClick = async () => {
     try {
-      if (useRedirect) {
-        await logoutRedirect();
-      } else {
-        await logoutPopup();
-      }
+      await logoutRedirect();
       onSuccess?.();
     } catch (error) {
       onError?.(error);
@@ -1062,28 +963,23 @@ function AuthGuard({
   children,
   loadingComponent,
   fallbackComponent,
-  useRedirect = true,
   scopes,
   onAuthRequired
 }) {
-  const { isAuthenticated, inProgress, loginRedirect, loginPopup } = useMsalAuth();
+  const { isAuthenticated, inProgress, loginRedirect } = useMsalAuth();
   useEffect4(() => {
     if (!isAuthenticated && !inProgress) {
       onAuthRequired?.();
       const login = async () => {
         try {
-          if (useRedirect) {
-            await loginRedirect(scopes);
-          } else {
-            await loginPopup(scopes);
-          }
+          await loginRedirect(scopes);
         } catch (error) {
           console.error("[AuthGuard] Authentication failed:", error);
         }
       };
       login();
     }
-  }, [isAuthenticated, inProgress, useRedirect, scopes, loginRedirect, loginPopup, onAuthRequired]);
+  }, [isAuthenticated, inProgress, scopes, loginRedirect, onAuthRequired]);
   if (inProgress) {
     return /* @__PURE__ */ jsx7(Fragment3, { children: loadingComponent || /* @__PURE__ */ jsx7("div", { children: "Authenticating..." }) });
   }
@@ -1652,7 +1548,6 @@ export {
   createScopedLogger,
   getDebugLogger,
   getMsalInstance,
-  getPopupRedirectUri,
   isValidAccountData,
   isValidRedirectUri,
   isValidScope,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@chemmangat/msal-next",
-  "version": "3.1.6",
+  "version": "3.1.7",
   "description": "Production-grade MSAL authentication package for Next.js App Router with minimal boilerplate",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",