npm - @nibssplc/cams-sdk-react - Versions diffs - 1.0.0-rc.62 → 1.0.0-rc.64 - Mend

@nibssplc/cams-sdk-react 1.0.0-rc.62 → 1.0.0-rc.64

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/dist/components/ADLoginModal.d.ts +1 -0
package/dist/components/CoreFIDO.d.ts +1 -9
package/dist/components/DefaultLoginPage.d.ts +2 -1
package/dist/context/CAMSContext.d.ts +2 -2
package/dist/hooks/useCAMSMSALAuth.d.ts +3 -4
package/dist/hooks/useOTPHandler.d.ts +7 -8
package/dist/index.cjs.js +152 -303
package/dist/index.cjs.js.map +1 -1
package/dist/index.esm.js +154 -305
package/dist/index.esm.js.map +1 -1
package/package.json +2 -2
package/dist/lib/actions/Axiosinstance.d.ts +0 -1
package/dist/utils/DeviceID.d.ts +0 -4

package/dist/index.esm.js CHANGED Viewed

@@ -1,13 +1,13 @@
 import * as React from 'react';
 import { useState, useRef, useEffect, useCallback, createContext, useContext, useMemo } from 'react';
-import { CAMSSessionManager, isPopupWindow, CAMSMFAAuthenticator, Logger, CAMSError, CAMSErrorType } from '@nibssplc/cams-sdk';
+import { CAMSSessionManager, isPopupWindow, Logger, CAMSError, CAMSErrorType, CAMSMFAAuthenticator } from '@nibssplc/cams-sdk';
 export * from '@nibssplc/cams-sdk';
 import { useMsal, useAccount, MsalProvider } from '@azure/msal-react';
 import { InteractionStatus, PublicClientApplication } from '@azure/msal-browser';
 import { jsx, Fragment, jsxs } from 'react/jsx-runtime';
 import z$1, { z } from 'zod';
 import { OTPInput, OTPInputContext, REGEXP_ONLY_DIGITS } from 'input-otp';
-import { RectangleEllipsis, XIcon, CheckCircle, Mail, Shield, KeyIcon, ShieldCheck, ShieldClose, Loader2 } from 'lucide-react';
+import { RectangleEllipsis, XIcon, CheckCircle, Shield, KeyIcon, ShieldCheck, ShieldClose, Loader2 } from 'lucide-react';
 import { appendErrors, FormProvider, Controller, useFormContext, useFormState, useForm } from 'react-hook-form';
 import { validateFieldsNatively, toNestErrors } from '@hookform/resolvers';
 import { clsx } from 'clsx';
@@ -18,8 +18,6 @@ import { cva } from 'class-variance-authority';
 import * as DialogPrimitive from '@radix-ui/react-dialog';
 import { toast } from 'sonner';
 import { motion } from 'framer-motion';
-import axios from 'axios';
-import https from 'https';
 /******************************************************************************
 Copyright (c) Microsoft Corporation.
@@ -421,8 +419,9 @@ function useCAMSMSALAuth(options) {
     var _c = useState(null), error = _c[0], setError = _c[1];
     var _d = useState(""), idToken = _d[0], setIdToken = _d[1];
     var _e = useState(""), accessToken = _e[0], setAccessToken = _e[1];
-    var _f = useState(null), mfaAuthenticator = _f[0], setMfaAuthenticator = _f[1];
-    var _g = useState(false), requiresMFA = _g[0], setRequiresMFA = _g[1];
+    // const [mfaAuthenticator, setMfaAuthenticator] =
+    //   useState<CAMSMFAAuthenticator | null>(null);
+    var _f = useState(false), requiresMFA = _f[0], setRequiresMFA = _f[1];
     var isLoading = inProgress !== InteractionStatus.None;
     var isAuthenticated = !!account && !!accessToken && !requiresMFA;
     var scopes = optScopes || ["openid", "profile", "email"];
@@ -441,22 +440,17 @@ function useCAMSMSALAuth(options) {
             if (stored) {
                 try {
                     var _a = JSON.parse(stored), accessToken_1 = _a.accessToken, idToken_1 = _a.idToken, storedRequiresMFA = _a.requiresMFA, storedIsAuthenticated = _a.isAuthenticated;
+                    // Restore MFA state
                     if (accessToken_1 && isTokenValid(accessToken_1)) {
                         setAccessToken(accessToken_1);
                         setIdToken(idToken_1);
-                        // Restore MFA state
-                        if (storedRequiresMFA && !storedIsAuthenticated) {
-                            var mfaConfig = {
-                                accessToken: accessToken_1,
-                                idToken: idToken_1,
-                                appCode: appCode,
-                                provider: "MSAL",
-                                apiEndpoint: MFAEndpoint,
-                            };
-                            var authenticator = new CAMSMFAAuthenticator(mfaConfig);
-                            setMfaAuthenticator(authenticator);
-                            setRequiresMFA(true);
-                        }
+                        setRequiresMFA(storedRequiresMFA);
+                        Logger.debug("Restored authentication state from storage", {
+                            accessToken: accessToken_1,
+                            idToken: idToken_1,
+                            requiresMFA: storedRequiresMFA,
+                            isAuthenticated: storedIsAuthenticated,
+                        });
                     }
                     else {
                         localStorage.removeItem(storageKey);
@@ -470,36 +464,8 @@ function useCAMSMSALAuth(options) {
             }
         }
     }, [accessToken, account, instance, options.storageKey]);
-    // useEffect(() => {
-    //   const handleRedirect = async () => {
-    //     try {
-    //       const response = await instance.handleRedirectPromise();
-    //       if (response) {
-    //         const account = response.account;
-    //         instance.setActiveA ccount(account);
-    //         const tokenResponse = await instance.acq uireTokenSilent({
-    //           scopes,
-    //           account,
-    //         });
-    //         setToken(tokenResponse.accessToken);
-    //         setAccessToken(tokenResponse.accessToken);
-    //         setIdToken(tokenResponse.idTo ken);
-    //         options.onAuthSuccess?.(tokenR esponse.accessToken);
-    //         if (
-    //           typeof window !== "undefined" &&
-    //           process.env.NODE_ENV !== "test"
-    //         ) {
-    //           window.location.href = options.mfaUrl!;
-    //         }
-    //       }
-    //     } catch (err) {
-    //       console.error("Redirect handling failed:", err);
-    //     }
-    //   };
-    //   handleRedirect();
-    // }, []);
     var login = useCallback(function () { return __awaiter$1(_this, void 0, void 0, function () {
-        var response, mfaConfig, authenticator, err_1, camsError_1, camsError;
+        var response, mfaConfig, authenticator, userConfig, err_1, camsError_1, camsError;
         var _a;
         return __generator$1(this, function (_b) {
             switch (_b.label) {
@@ -511,7 +477,7 @@ function useCAMSMSALAuth(options) {
                     setError(null);
                     _b.label = 1;
                 case 1:
-                    _b.trys.push([1, 3, , 4]);
+                    _b.trys.push([1, 4, , 5]);
                     return [4 /*yield*/, instance.loginPopup({
                             scopes: scopes,
                             prompt: prompt || "login",
@@ -527,24 +493,27 @@ function useCAMSMSALAuth(options) {
                     mfaConfig = {
                         accessToken: response.accessToken,
                         idToken: response.idToken,
-                        appCode: appCode,
+                        // appCode,
                         provider: "MSAL",
-                        apiEndpoint: MFAEndpoint,
+                        APIAuthEndpoint: MFAEndpoint,
                     };
-                    authenticator = new CAMSMFAAuthenticator(mfaConfig);
-                    setMfaAuthenticator(authenticator);
-                    setRequiresMFA(true);
+                    authenticator = new CAMSMFAAuthenticator();
+                    return [4 /*yield*/, authenticator.GetUserMFAConfig(mfaConfig)];
+                case 3:
+                    userConfig = _b.sent();
+                    Logger.info("MFA Authenticator initialized:", userConfig);
+                    setRequiresMFA(userConfig.userInfo.isMFAEnabled);
                     // Don't persist as authenticated until MFA is complete
                     if (typeof window !== "undefined") {
                         localStorage.setItem(storageKey, JSON.stringify({
                             isAuthenticated: false,
-                            requiresMFA: true,
+                            requiresMFA: userConfig.userInfo.isMFAEnabled,
                             accessToken: response.accessToken,
                             idToken: response.idToken,
                         }));
                     }
-                    return [3 /*break*/, 4];
-                case 3:
+                    return [3 /*break*/, 5];
+                case 4:
                     err_1 = _b.sent();
                     // Handle interaction_in_progress error
                     if (err_1.errorCode === "interaction_in_progress") {
@@ -566,24 +535,13 @@ function useCAMSMSALAuth(options) {
                     }
                     camsError = new CAMSError(CAMSErrorType.API_VALIDATION_ERROR, "Login failed: " + err_1.message || err_1);
                     setError(camsError);
-                    return [3 /*break*/, 4];
-                case 4: return [2 /*return*/];
+                    return [3 /*break*/, 5];
+                case 5: return [2 /*return*/];
             }
         });
-    }); }, [
-        instance,
-        scopes,
-        prompt,
-        appCode,
-        MFAEndpoint,
-        storageKey,
-        inProgress,
-    ]);
+    }); }, [instance, scopes, prompt, appCode, MFAEndpoint, storageKey, inProgress]);
     var completeMFA = useCallback(function (data) { return __awaiter$1(_this, void 0, void 0, function () {
         return __generator$1(this, function (_a) {
-            if (!mfaAuthenticator) {
-                throw new CAMSError(CAMSErrorType.API_VALIDATION_ERROR, "MFA Authenticator not initialized");
-            }
             Logger.info("Completed MFA.. Setting State");
             try {
                 // Update storage with complete authentication BEFORE setting state
@@ -594,7 +552,7 @@ function useCAMSMSALAuth(options) {
                         accessToken: accessToken,
                         idToken: idToken,
                     }));
-                    setCookie("CAMS-MSAL-AUTH-SDK-PROFILE", JSON.stringify({ type: "AUTH_SUCCESS", userProfile: __assign({}, data) }), activeCookiePeriod);
+                    setCookie("CAMS-MSAL-AUTH-SDK-PROFILE", JSON.stringify({ state: "AUTH_SUCCESS", role: data.data.role, profile: __assign({}, data) }), activeCookiePeriod);
                     setRequiresMFA(false);
                     // Set requiresMFA to false after storage update
                     Logger.debug("MFA completed successfully, storage updated", {
@@ -613,19 +571,18 @@ function useCAMSMSALAuth(options) {
             }
             return [2 /*return*/];
         });
-    }); }, [mfaAuthenticator, accessToken, idToken, storageKey, activeCookiePeriod]);
-    var sendEmailOTP = useCallback(function () { return __awaiter$1(_this, void 0, void 0, function () {
+    }); }, [accessToken, idToken, storageKey, activeCookiePeriod]);
+    var LoginADCredentials = useCallback(function (credentials, appCode, CredentialsAuthEndpoint) { return __awaiter$1(_this, void 0, void 0, function () {
+        var authenticator;
         return __generator$1(this, function (_a) {
             switch (_a.label) {
                 case 0:
-                    if (!mfaAuthenticator) {
-                        return [2 /*return*/, false];
-                    }
-                    return [4 /*yield*/, mfaAuthenticator.sendEmailOTP()];
+                    authenticator = new CAMSMFAAuthenticator();
+                    return [4 /*yield*/, authenticator.LoginADCredentials(credentials, CredentialsAuthEndpoint)];
                 case 1: return [2 /*return*/, _a.sent()];
             }
         });
-    }); }, [mfaAuthenticator]);
+    }); }, []);
     var logout = useCallback(function () { return __awaiter$1(_this, void 0, void 0, function () {
         var err_2, camsError;
         return __generator$1(this, function (_a) {
@@ -639,7 +596,6 @@ function useCAMSMSALAuth(options) {
                     setAccessToken("");
                     setIdToken("");
                     setError(null);
-                    setMfaAuthenticator(null);
                     setRequiresMFA(false);
                     if (typeof window !== "undefined") {
                         localStorage.removeItem(storageKey);
@@ -665,10 +621,9 @@ function useCAMSMSALAuth(options) {
         idToken: idToken,
         accessToken: accessToken,
         appCode: appCode,
-        mfaAuthenticator: mfaAuthenticator,
         requiresMFA: requiresMFA,
         completeMFA: completeMFA,
-        sendEmailOTP: sendEmailOTP,
+        LoginADCredentials: LoginADCredentials,
         setRequiresMFA: setRequiresMFA,
         activeCookiePeriod: activeCookiePeriod,
     };
@@ -1049,7 +1004,9 @@ function CAMSProviderCore(props) {
     ]);
     var value = useMemo(function () {
         auth.logout; var authRest = __rest(auth, ["logout"]);
-        return __assign(__assign({}, authRest), { logout: enhancedLogout, userProfile: userProfile, setUserProfile: setUserProfile, authMode: mode, onAuthSuccess: mode === "MSAL" ? props.onAuthSuccess : undefined, onAuthError: mode === "MSAL" ? props.onAuthError : undefined });
+        return __assign(__assign({}, authRest), { logout: enhancedLogout, user: userProfile, setUserProfile: setUserProfile, authMode: mode, onAuthSuccess: mode === "MSAL"
+                ? props.onAuthSuccess
+                : undefined, onAuthError: mode === "MSAL" ? props.onAuthError : undefined });
     }, [auth, userProfile, mode, props]);
     return jsx(CAMSContext.Provider, { value: value, children: children });
 }
@@ -1068,7 +1025,7 @@ function UnifiedCAMSProvider(props) {
         var instance = msalInstance || new PublicClientApplication(msalConfig);
         return (jsx(MsalProvider, { instance: instance, children: jsx(CAMSProviderCore, __assign({}, props)) }));
     }
-    return (jsx(ClientOnly, { fallback: jsx("div", { className: 'h-screen flex items-center justify-center', children: "Loading..." }), children: jsx(CAMSProviderCore, __assign({}, props)) }));
+    return (jsx(ClientOnly, { fallback: jsx("div", { className: "h-screen flex items-center justify-center", children: "Loading..." }), children: jsx(CAMSProviderCore, __assign({}, props)) }));
 }
 // Backward compatibility exports
 var CAMSProvider = function (props) { return (jsx(UnifiedCAMSProvider, __assign({}, props, { mode: "REGULAR" }))); };
@@ -1407,79 +1364,14 @@ var AuthSuccessAnimation = function (_a) {
     return (jsxs(motion.div, { initial: { opacity: 0, scale: 0.8 }, animate: { opacity: 1, scale: 1 }, transition: { duration: 0.5, ease: "easeOut" }, className: "flex flex-col items-center justify-center space-y-6 p-8", onAnimationComplete: onComplete, children: [jsx(motion.div, { initial: { scale: 0 }, animate: { scale: 1 }, transition: { delay: 0.2, duration: 0.6, type: "spring", stiffness: 200 }, children: jsx(CheckCircle, { className: "w-20 h-20 text-green-500" }) }), jsxs(motion.div, { initial: { y: 20, opacity: 0 }, animate: { y: 0, opacity: 1 }, transition: { delay: 0.4, duration: 0.5 }, className: "text-center space-y-2", children: [jsx("h2", { className: "text-2xl font-bold text-green-600", children: "Authentication Successful!" }), jsx("p", { className: "text-gray-600", children: "Redirecting you to the application..." })] }), jsx(motion.div, { initial: { width: 0 }, animate: { width: "100%" }, transition: { delay: 0.8, duration: 2 }, className: "h-1 bg-green-500 rounded-full max-w-xs" })] }));
 };
-// Function to parse userAgent and generate a device ID
-var GenerateDeviceId = function () {
-    var _a;
-    if (typeof window === "undefined" || !window.navigator) {
-        return "unknown-device";
-    }
-    var userAgent = window.navigator.userAgent;
-    var deviceId = "";
-    // Parse browser, version, OS, and device type
-    var browserMatch = Array.from(userAgent.matchAll(/(Chrome|Firefox|Safari|Edge|Opera)\/([\d.]+)/gi));
-    var osMatch = Array.from(userAgent.matchAll(/\(([^)]+)\)/g));
-    var isMobile = /Mobile|Android|iPhone|iPad/i.test(userAgent);
-    // Browser info
-    if (browserMatch.length > 0) {
-        var _b = browserMatch[0], browserName = _b[1], browserVersion = _b[2];
-        var majorVersion = browserVersion.split(".")[0];
-        deviceId += "".concat(browserName, "-").concat(majorVersion);
-    }
-    else {
-        deviceId += "UnknownBrowser";
-    }
-    // OS info
-    if (osMatch.length > 0) {
-        var osInfo = osMatch[0][1]
-            .split(";")[0]
-            .trim()
-            .replace(/[\s/()]/g, "_");
-        deviceId += "_".concat(osInfo);
-    }
-    else {
-        deviceId += "_UnknownOS";
-    }
-    // Device type
-    deviceId += isMobile ? "_Mobile" : "_Desktop";
-    // Add a simple hash of userAgent for uniqueness
-    var hash = btoa(userAgent).slice(0, 8);
-    deviceId += "_".concat(hash);
-    return (_a = deviceId.replace(/[^a-zA-Z0-9-_]/g, "_")) !== null && _a !== void 0 ? _a : "unknown-device";
-};
-var APIHeaders = {
-    "X-DEVICE-ID": GenerateDeviceId(),
-    "X-API-VERSION": "1.0",
-};
-// Creates an Axios instance with a base URL determined by the environment (production or development).
-var axiosInstance = axios.create({
-    httpsAgent: new https.Agent({ rejectUnauthorized: false }),
-    headers: __assign({ "Content-Type": "application/json" }, APIHeaders),
-});
-// Intercepts outgoing requests to add authorization token, version header, and timeout settings.
-axiosInstance.interceptors.request.use(function (config) {
-    var _a;
-    config.timeout = Number((_a = process.env.NEXT_PUBLIC_API_TIMEOUT) !== null && _a !== void 0 ? _a : 605000);
-    config.timeoutErrorMessage = "Operation Timed Out"; // Custom error message for timeouts.
-    return config; // Returns the modified request configuration.
-}, function (axiosError) {
-    var _a, _b;
-    // Handles request errors.
-    return {
-        status: (_a = axiosError.response) === null || _a === void 0 ? void 0 : _a.status, // Extracts HTTP status from the error response.
-        message: axiosError.message, // Extracts the error message.
-        data: (_b = axiosError.response) === null || _b === void 0 ? void 0 : _b.data, // Extracts response data from the error.
-    };
-});
 var MAX_ATTEMPTS = 3;
 var useOTPHandler = function (_a) {
-    var provider = _a.provider, accessToken = _a.accessToken, idToken = _a.idToken, appCode = _a.appCode, authenticationType = _a.authenticationType, MFAEndpoint = _a.MFAEndpoint, onAuthComplete = _a.onAuthComplete;
+    var email = _a.email, appCode = _a.appCode, instCode = _a.instCode, MFAEndpoint = _a.MFAEndpoint, onAuthComplete = _a.onAuthComplete;
     var _b = useState(false), loading = _b[0], setLoading = _b[1];
     var _c = useState(0), attemptCount = _c[0], setAttemptCount = _c[1];
     var _d = useState(false), isMaxAttemptsReached = _d[0], setIsMaxAttemptsReached = _d[1];
     var handleSubmitOTP = useMemo(function () { return function (authenticationValue) { return __awaiter$1(void 0, void 0, void 0, function () {
-        var currentAttempt, response, error_1, currentAttempt;
+        var currentAttempt, authentication, response, error_1, currentAttempt;
         return __generator$1(this, function (_a) {
             switch (_a.label) {
                 case 0:
@@ -1495,18 +1387,15 @@ var useOTPHandler = function (_a) {
                     setLoading(true);
                     currentAttempt = attemptCount + 1;
                     setAttemptCount(currentAttempt);
-                    if (authenticationType === null)
-                        return [2 /*return*/, false];
-                    return [4 /*yield*/, axiosInstance.post(MFAEndpoint || "/api/auth/verify-mfa", {
-                            provider: provider,
-                            accessToken: accessToken,
-                            idToken: idToken,
-                            authenticationType: authenticationType,
-                            MFACode: authenticationValue,
+                    authentication = new CAMSMFAAuthenticator();
+                    return [4 /*yield*/, authentication.VerifyMFAOTP({
                             appCode: appCode,
-                        })];
+                            instCode: instCode,
+                            email: email,
+                            MFACode: authenticationValue,
+                        }, MFAEndpoint || "")];
                 case 2:
-                    response = (_a.sent()).data;
+                    response = _a.sent();
                     if (response) {
                         onAuthComplete(true, response);
                         return [2 /*return*/, true];
@@ -1542,15 +1431,7 @@ var useOTPHandler = function (_a) {
                 case 5: return [2 /*return*/];
             }
         });
-    }); }; }, [
-        accessToken,
-        idToken,
-        authenticationType,
-        onAuthComplete,
-        MFAEndpoint,
-        attemptCount,
-        isMaxAttemptsReached,
-    ]);
+    }); }; }, [onAuthComplete, MFAEndpoint, attemptCount, isMaxAttemptsReached]);
     var resetAttempts = useCallback(function () {
         setAttemptCount(0);
         setIsMaxAttemptsReached(false);
@@ -1570,8 +1451,8 @@ var useCredentialsHandler = function (onAuthComplete) {
     var _b = useState(0), attemptCount = _b[0], setAttemptCount = _b[1];
     var _c = useState(false), isMaxAttemptsReached = _c[0], setIsMaxAttemptsReached = _c[1];
     var handleSubmitCredentials = useMemo(function () {
-        return function (CredAuthEndpoint, credentials, appCode) { return __awaiter$1(void 0, void 0, void 0, function () {
-            var currentAttempt, response, error_2, currentAttempt;
+        return function (CredentialsAuthEndpoint, credentials) { return __awaiter$1(void 0, void 0, void 0, function () {
+            var currentAttempt, authenticator, response, error_2, currentAttempt;
             return __generator$1(this, function (_a) {
                 switch (_a.label) {
                     case 0:
@@ -1579,14 +1460,24 @@ var useCredentialsHandler = function (onAuthComplete) {
                         setLoading(true);
                         currentAttempt = attemptCount + 1;
                         setAttemptCount(currentAttempt);
-                        return [4 /*yield*/, axiosInstance.post(CredAuthEndpoint, {
-                                username: credentials.username,
-                                password: credentials.password,
-                                MFACode: credentials.MFACode,
-                                appCode: appCode,
-                            })];
+                        authenticator = new CAMSMFAAuthenticator();
+                        return [4 /*yield*/, authenticator.LoginADCredentials(credentials, CredentialsAuthEndpoint)];
                     case 1:
-                        response = (_a.sent()).data;
+                        response = _a.sent();
+                        // .then((data) => {
+                        //   context.isAuthenticated = true;
+                        //   (context as any).requiresMFA = false;
+                        //   context.setUserProfile({
+                        //     type: "AUTH_SUCCESS",
+                        //     userProfile: {
+                        //       ...data,
+                        //     },
+                        //   });
+                        // })
+                        // .catch((error) => {
+                        //   console.error("AD Login failed:", error);
+                        //   toast.error("❌ AD Login failed.");
+                        // });
                         if (response) {
                             onAuthComplete(true, response);
                             return [2 /*return*/, true];
@@ -1636,60 +1527,56 @@ var useCredentialsHandler = function (onAuthComplete) {
 };
 var MFAOptions = function (_a) {
+    var _b, _c;
     var onComplete = _a.onComplete, onAuthFailed = _a.onAuthFailed, MFAEndpoints = _a.MFAEndpoints, usePassKey = _a.usePassKey;
-    var _b = useState(""), value = _b[0], setValue = _b[1];
-    var _c = useState(false), otpVisible = _c[0], setOtpVisible = _c[1];
-    var _d = useState(false), showSuccessAnimation = _d[0], setShowSuccessAnimation = _d[1];
-    var _e = useState(null), authType = _e[0], setAuthType = _e[1];
+    var _d = useState(""), value = _d[0], setValue = _d[1];
+    var _e = useState(false), otpVisible = _e[0], setOtpVisible = _e[1];
+    var _f = useState(false), showSuccessAnimation = _f[0], setShowSuccessAnimation = _f[1];
+    var _g = useState(null), authType = _g[0], setAuthType = _g[1];
     var context = useCAMSContext();
-    var _f = context.authMode === "MSAL" && "sendEmailOTP" in context
+    var _h = context.authMode === "MSAL" && "sendEmailOTP" in context
         ? context
         : { sendEmailOTP: null, completeMFA: null, logout: function () { return __awaiter$1(void 0, void 0, void 0, function () { return __generator$1(this, function (_a) {
                 return [2 /*return*/];
-            }); }); } }, sendEmailOTP = _f.sendEmailOTP, completeMFA = _f.completeMFA, logout = _f.logout;
-    var accessToken = context.authMode === "MSAL" ? context.accessToken : "";
-    var idToken = context.authMode === "MSAL" ? context.idToken : "";
+            }); }); } }; _h.sendEmailOTP; var completeMFA = _h.completeMFA, logout = _h.logout;
+    context.authMode === "MSAL" ? context.accessToken : "";
+    context.authMode === "MSAL" ? context.idToken : "";
     var authenticate = useWebAuthn().authenticate;
-    var handleFIDOLogin = function () { return __awaiter$1(void 0, void 0, void 0, function () {
-        var options, assertionResponse, error_1;
-        return __generator$1(this, function (_a) {
-            switch (_a.label) {
-                case 0:
-                    _a.trys.push([0, 4, , 5]);
-                    // 1. Fetch authentication challenge from your server
-                    console.log("Requesting authentication challenge from server...");
-                    return [4 /*yield*/, axiosInstance.post(MFAEndpoints.RetrieveAuthChallenge, {})];
-                case 1:
-                    options = (_a.sent()).data;
-                    console.log("Received challenge:", options);
-                    // 2. Call the SDK to trigger the browser's passkey authentication UI
-                    console.log("Calling SDK authenticate function...");
-                    return [4 /*yield*/, authenticate(__assign(__assign({}, options), { userVerification: "discouraged" }))];
-                case 2:
-                    assertionResponse = _a.sent();
-                    console.log("Authentication assertion received from client:", assertionResponse);
-                    // 3. Send the assertion back to the server for verification
-                    console.log("Sending assertion to server for verification...");
-                    return [4 /*yield*/, axiosInstance.post(MFAEndpoints.AuthChallengeVerify, assertionResponse)];
-                case 3:
-                    _a.sent();
-                    toast.success("🔑 Sign-in successful!");
-                    return [3 /*break*/, 5];
-                case 4:
-                    error_1 = _a.sent();
-                    console.error("Authentication failed:", error_1);
-                    toast.error("❌ Could not sign in.");
-                    return [3 /*break*/, 5];
-                case 5: return [2 /*return*/];
-            }
-        });
-    }); };
-    var _g = useOTPHandler({
-        accessToken: accessToken || "",
-        idToken: idToken || "",
-        provider: "MSAL",
+    var authenticator = new CAMSMFAAuthenticator();
+    // const handleFIDOLogin = async () => {
+    //   try {
+    //     // 1. Fetch authentication challenge from your server
+    //     console.log("Requesting authentication challenge from server...");
+    //     const { data: options } = await axiosInstance.post(
+    //       MFAEndpoints.RetrieveAuthChallenge,
+    //       {}
+    //     );
+    //     console.log("Received challenge:", options);
+    //     // 2. Call the SDK to trigger the browser's passkey authentication UI
+    //     console.log("Calling SDK authenticate function...");
+    //     const assertionResponse = await authenticate({
+    //       ...options,
+    //       userVerification: "discouraged",
+    //     });
+    //     console.log(
+    //       "Authentication assertion received from client:",
+    //       assertionResponse
+    //     );
+    //     // 3. Send the assertion back to the server for verification
+    //     console.log("Sending assertion to server for verification...");
+    //     await axiosInstance.post(
+    //       MFAEndpoints.AuthChallengeVerify,
+    //       assertionResponse
+    //     );
+    //     toast.success("🔑 Sign-in successful!");
+    //   } catch (error) {
+    //     console.error("Authentication failed:", error);
+    //     toast.error("❌ Could not sign in.");
+    //   }
+    // };
+    var _j = useOTPHandler({
+        email: ((_c = (_b = context.user) === null || _b === void 0 ? void 0 : _b.profile) === null || _c === void 0 ? void 0 : _c.email) || "",
         appCode: context.appCode || "",
-        authenticationType: authType,
         MFAEndpoint: MFAEndpoints.ValidateMFA,
         onAuthComplete: function (state, data) {
             console.log("Completed Auth. Handling MFA", state);
@@ -1717,7 +1604,7 @@ var MFAOptions = function (_a) {
                 }
             }
         },
-    }), handleSubmitOTP = _g.handleSubmitOTP, loading = _g.loading, setLoading = _g.setLoading, attemptCount = _g.attemptCount, remainingAttempts = _g.remainingAttempts, isMaxAttemptsReached = _g.isMaxAttemptsReached, resetAttempts = _g.resetAttempts;
+    }), handleSubmitOTP = _j.handleSubmitOTP, loading = _j.loading, attemptCount = _j.attemptCount, remainingAttempts = _j.remainingAttempts, isMaxAttemptsReached = _j.isMaxAttemptsReached, resetAttempts = _j.resetAttempts;
     var handleGoBack = function () {
         setAuthType(null);
         setOtpVisible(false);
@@ -1732,28 +1619,7 @@ var MFAOptions = function (_a) {
     }
     var content = jsx(Fragment, {});
     if (!authType) {
-        content = (jsxs("div", { className: "space-y-4", children: [jsx("p", { className: "text-sm text-gray-600 text-center mb-6", children: "Choose your preferred authentication method:" }), jsxs("div", { className: "flex flex-col gap-3", children: [jsxs(Button, { variant: "outline", className: "w-full flex items-center justify-start gap-3 p-4 h-auto border-2 hover:border-[#506f4a] hover:bg-[#506f4a]/5 transition-all", onClick: function () { return __awaiter$1(void 0, void 0, void 0, function () {
-                                var success;
-                                return __generator$1(this, function (_a) {
-                                    switch (_a.label) {
-                                        case 0:
-                                            // resetAttempts();
-                                            setAuthType("EmailOTP");
-                                            setOtpVisible(true);
-                                            if (!sendEmailOTP) return [3 /*break*/, 2];
-                                            setLoading(true);
-                                            return [4 /*yield*/, sendEmailOTP()];
-                                        case 1:
-                                            success = _a.sent();
-                                            setLoading(false);
-                                            if (success) {
-                                                toast.success(jsxs("div", { className: "flex items-center gap-2 text-sm text-green-600 bg-green-50 p-3 rounded-lg", children: [jsx(ShieldCheck, { className: "w-4 h-4" }), jsx("span", { children: "OTP sent to your email address" })] }));
-                                            }
-                                            _a.label = 2;
-                                        case 2: return [2 /*return*/];
-                                    }
-                                });
-                            }); }, children: [jsx(Mail, { className: "w-5 h-5" }), jsxs("div", { className: "text-left", children: [jsx("div", { className: "font-medium", children: "Email OTP" }), jsx("div", { className: "text-sm text-gray-500", children: "Send code to your email" })] })] }), jsxs(Button, { variant: "outline", className: "w-full flex items-center justify-start gap-3 p-4 h-auto border-2 hover:border-[#506f4a] hover:bg-[#506f4a]/5 transition-all", onClick: function () {
+        content = (jsxs("div", { className: "space-y-4", children: [jsx("p", { className: "text-sm text-gray-600 text-center mb-6", children: "Choose your preferred authentication method:" }), jsxs("div", { className: "flex flex-col gap-3", children: [jsxs(Button, { variant: "outline", className: "w-full flex items-center justify-start gap-3 p-4 h-auto border-2 hover:border-[#506f4a] hover:bg-[#506f4a]/5 transition-all", onClick: function () {
                                 setAuthType("AuthenticatorCode");
                                 setOtpVisible(true);
                             }, children: [jsx("img", { src: MicrosoftAuthenticatorImg, alt: "Authenticator", className: "rounded-full", width: 24, height: 24, onError: function () { return jsx(Shield, {}); } }), jsxs("div", { className: "text-left", children: [jsx("div", { className: "font-medium", children: "Authenticator App" }), jsx("div", { className: "text-sm text-gray-500", children: "Use Authenticator App" })] })] }), usePassKey && (jsxs(Button, { variant: "outline", className: "w-full flex items-center justify-start gap-3 p-4 h-auto border-2 hover:border-[#506f4a] hover:bg-[#506f4a]/5 transition-all",
@@ -1762,7 +1628,9 @@ var MFAOptions = function (_a) {
                             //   setAuthType("AuthenticatorCode");
                             //   setOtpVisible(true);
                             // }}
-                            onClick: handleFIDOLogin, disabled: context.isLoading, children: [jsx(KeyIcon, { className: "text-[#506f4a]", size: 48 }), jsxs("div", { className: "text-left", children: [jsx("div", { className: "font-medium", children: "Continue with Passkey" }), jsx("div", { className: "text-sm text-gray-500", children: "Passkey" })] })] }))] })] }));
+                            onClick: function () {
+                                return authenticator.HandleFIDOLogin(MFAEndpoints.RetrieveAuthChallenge, MFAEndpoints.AuthChallengeVerify, authenticate);
+                            }, disabled: context.isLoading, children: [jsx(KeyIcon, { className: "text-[#506f4a]", size: 48 }), jsxs("div", { className: "text-left", children: [jsx("div", { className: "font-medium", children: "Continue with Passkey" }), jsx("div", { className: "text-sm text-gray-500", children: "Passkey" })] })] }))] })] }));
     }
     else if (authType === "EmailOTP") {
         content = (jsx(Dialog, { open: otpVisible, onOpenChange: function () {
@@ -1825,6 +1693,7 @@ var ADLoginModal = function (_a) {
                             username: credentials.username,
                             password: credentials.password,
                             MFACode: code,
+                            appCode: "",
                         })];
                 case 2:
                     _a.sent();
@@ -1850,17 +1719,17 @@ var ADLoginModal = function (_a) {
         form.reset();
         setMfaCode("");
     };
-    return (jsx(Dialog, { open: open, onOpenChange: handleClose, children: jsxs(DialogContent, { className: "min-w-[50vw] max-w-[70vw]", children: [jsx(DialogHeader, { children: jsxs("div", { className: "flex items-center gap-2", children: [jsx(KeyIcon, { className: "w-8 h-8 text-[#506f4a]" }), jsx(DialogTitle, { className: "text-2xl", children: "Sign in with AD" })] }) }), step === "credentials" ? (jsx(Form, __assign({}, form, { children: jsxs("form", { onSubmit: form.handleSubmit(handleCredentialsSubmit), className: "space-y-4", children: [jsx(FormField, { control: form.control, name: "username", render: function (_a) {
+    return (jsx(Dialog, { open: open, onOpenChange: handleClose, children: jsxs(DialogContent, { className: "min-w-[50vw] max-w-[70vw]", children: [jsx(DialogHeader, { children: jsxs("div", { className: "flex items-center gap-4", children: [jsx(KeyIcon, { className: "w-8 h-8 text-[#506f4a]" }), jsx(DialogTitle, { className: "text-xl", children: "Sign in with AD Credentials" })] }) }), step === "credentials" ? (jsx(Form, __assign({}, form, { children: jsxs("form", { onSubmit: form.handleSubmit(handleCredentialsSubmit), className: "space-y-6", children: [jsx(FormField, { control: form.control, name: "username", render: function (_a) {
                                     var field = _a.field;
                                     return (jsxs(FormItem, { children: [jsx(FormLabel, { children: "Username" }), jsx(FormControl, { children: jsx(Input, __assign({ className: "h-12", placeholder: "Enter your username" }, field)) }), jsx(FormMessage, {})] }));
                                 } }), jsx(FormField, { control: form.control, name: "password", render: function (_a) {
                                     var field = _a.field;
                                     return (jsxs(FormItem, { children: [jsx(FormLabel, { children: "Password" }), jsx(FormControl, { children: jsx(Input, __assign({ className: "h-12", type: "password", placeholder: "Enter your password" }, field)) }), jsx(FormMessage, {})] }));
-                                } }), jsx(Button, { type: "submit", className: "w-full bg-[#506f4a] hover:bg-[#506f4a]/90", children: "Continue" })] }) }))) : (jsxs("div", { className: "space-y-4", children: [jsx(GenericOTPVerifier, { value: mfaCode, setValue: setMfaCode, setLoading: setIsLoading, isDisabled: isLoading, onChangeOTP: handleMFASubmit, fieldName: "AuthenticatorCode" }), isLoading && (jsxs("div", { className: "flex items-center justify-center gap-2 text-sm text-muted-foreground", children: [jsx(Loader2, { className: "w-4 h-4 animate-spin" }), jsx("span", { children: "Verifying..." })] }))] }))] }) }));
+                                } }), jsx(Button, { type: "submit", className: "py-3 w-full bg-[#506f4a] hover:bg-[#506f4a]/90", children: "Continue" })] }) }))) : (jsxs("div", { className: "space-y-4", children: [jsx(GenericOTPVerifier, { value: mfaCode, setValue: setMfaCode, setLoading: setIsLoading, isDisabled: isLoading, onChangeOTP: handleMFASubmit, fieldName: "AuthenticatorCode" }), isLoading && (jsxs("div", { className: "flex items-center justify-center gap-2 text-sm text-muted-foreground", children: [jsx(Loader2, { className: "w-4 h-4 animate-spin" }), jsx("span", { children: "Verifying..." })] }))] }))] }) }));
 };
 var DefaultLoginPage = function (_a) {
-    var usePassKey = _a.usePassKey, useADLogin = _a.useADLogin, MFAEndpoints = _a.MFAEndpoints, CredentialsAuthEndpoint = _a.CredentialsAuthEndpoint, PassKeysRegisterProps = _a.PassKeysRegisterProps;
+    var _b = _a.username, username = _b === void 0 ? "" : _b, usePassKey = _a.usePassKey, useADLogin = _a.useADLogin, MFAEndpoints = _a.MFAEndpoints, CredentialsAuthEndpoint = _a.CredentialsAuthEndpoint, PassKeysRegisterProps = _a.PassKeysRegisterProps;
     var cardVariants = {
         hidden: { opacity: 0, scale: 0.8, y: 50 },
         visible: {
@@ -1873,22 +1742,31 @@ var DefaultLoginPage = function (_a) {
     };
     var context = useCAMSContext();
     var login = context.login, isLoading = context.isLoading, authMode = context.authMode;
-    var _b = useState(false), showADModal = _b[0], setShowADModal = _b[1];
+    var _c = useState(false), showADModal = _c[0], setShowADModal = _c[1];
     var register = useWebAuthn().register;
-    var _c = useCredentialsHandler(function (state, data) { return __awaiter$1(void 0, void 0, void 0, function () {
+    var authentication = new CAMSMFAAuthenticator();
+    var _d = useCredentialsHandler(function (state, data) { return __awaiter$1(void 0, void 0, void 0, function () {
         return __generator$1(this, function (_a) {
             console.log(data);
-            if (state && data) {
+            if (state && data && data.isValid) {
                 context.isAuthenticated = true;
                 context.requiresMFA = false;
                 context.setUserProfile({
-                    type: "AUTH_SUCCESS",
-                    userProfile: __assign({}, data),
+                    state: "AUTH_SUCCESS",
+                    role: data.data.role,
+                    profile: {
+                        id: data.data.id,
+                        name: data.data.name,
+                        email: data.data.email,
+                        isMFAEnabled: data.data.isMFAEnabled,
+                        message: data.message,
+                        tokens: data.tokens,
+                    },
                 });
             }
             return [2 /*return*/];
         });
-    }); }), handleSubmitCredentials = _c.handleSubmitCredentials, isCredAuthLoading = _c.loading, setIsCredAuthLoading = _c.setLoading;
+    }); }), handleSubmitCredentials = _d.handleSubmitCredentials, isCredAuthLoading = _d.loading, setIsCredAuthLoading = _d.setLoading;
     var handleMSALLogin = function () {
         if (typeof window !== "undefined" && !window.crypto) {
             toast.error("Crypto API not available. Please use a modern browser.");
@@ -1902,53 +1780,21 @@ var DefaultLoginPage = function (_a) {
             console.warn("Regular CAMS login requires configuration");
         }
     };
-    var handleRegister = function (data) { return __awaiter$1(void 0, void 0, void 0, function () {
-        var options, attestationResponse, error_1;
-        return __generator$1(this, function (_a) {
-            switch (_a.label) {
-                case 0:
-                    _a.trys.push([0, 4, , 5]);
-                    // 1. Fetch challenge from your server
-                    console.log("Requesting registration challenge from server...");
-                    return [4 /*yield*/, axiosInstance.post(MFAEndpoints.RegisterNewChallenge, __assign({}, data))];
-                case 1:
-                    options = (_a.sent()).data;
-                    console.log("Received challenge:", options);
-                    // 2. Call the SDK to trigger the browser's passkey creation UI
-                    console.log("Calling SDK register function...");
-                    return [4 /*yield*/, register(options)];
-                case 2:
-                    attestationResponse = _a.sent();
-                    console.log("Passkey created on client:", attestationResponse);
-                    // 3. Send the response back to the server for verification
-                    console.log("Sending attestation to server for verification...");
-                    return [4 /*yield*/, axiosInstance.post(MFAEndpoints.RegisterVerify + "?username=".concat(data.username), attestationResponse)];
-                case 3:
-                    _a.sent();
-                    toast.success("✅ Registration successful! Passkey created.");
-                    return [3 /*break*/, 5];
-                case 4:
-                    error_1 = _a.sent();
-                    console.error("Registration failed:", error_1);
-                    toast.error("❌ Could not create passkey.");
-                    return [3 /*break*/, 5];
-                case 5: return [2 /*return*/];
-            }
-        });
-    }); };
-    return (jsxs("main", { className: "cams-sdk min-h-screen bg-gray-50", children: [jsx(motion.div, { initial: { opacity: 0 }, animate: { opacity: 1 }, exit: { opacity: 0 }, transition: { duration: 0.5 }, children: jsx("div", { className: "flex h-screen items-center justify-center", children: jsxs(motion.div, { variants: cardVariants, initial: "hidden", animate: "visible", exit: "exit", className: "w-full max-w-md p-6 space-y-4 rounded-2xl shadow-2xl", children: [jsxs(CardHeader, { className: "text-center space-y-3", children: [jsx("div", { className: "w-full flex items-center justify-center", children: jsx("img", { src: NIBSSLogo, alt: "NIBSS Logo", width: 265, height: 265 }) }), jsx(CardTitle, { className: "text-3xl font-bold", children: "NIBSS CAMS" }), jsx(CardTitle, { className: "text-gray-500 dark:text-gray-400 font-bold text-lg", children: "Centralized Authentication" })] }), jsxs(CardAction, { className: "w-full flex flex-col items-center justify-center text-center text-gray-500 dark:text-gray-400 mb-8", children: [jsx("img", { src: AuthLogo, alt: "Auth Logo", width: 365, height: 365 }), "Use Below Identity Providers To Authenticate"] }), jsxs("div", { className: "space-y-4", children: [jsxs(Button
+    return (jsxs("main", { className: "cams-sdk min-h-screen bg-gray-50", children: [jsx(motion.div, { initial: { opacity: 0 }, animate: { opacity: 1 }, exit: { opacity: 0 }, transition: { duration: 0.5 }, children: jsx("div", { className: "flex h-screen items-center justify-center", children: jsxs(motion.div, { variants: cardVariants, initial: "hidden", animate: "visible", exit: "exit", className: "w-full max-w-md p-6 space-y-4 rounded-2xl shadow-2xl", children: [jsxs(CardHeader, { className: "text-center space-y-3", children: [jsx("div", { className: "w-full flex items-center justify-center", children: jsx("img", { src: NIBSSLogo, alt: "NIBSS Logo", width: 225, height: 225 }) }), jsx(CardTitle, { className: "text-3xl font-bold", children: "NIBSS CAMS" }), jsx(CardTitle, { className: "text-gray-500 dark:text-gray-400 font-bold text-lg", children: "Centralized Authentication" })] }), jsxs(CardAction, { className: "w-full flex flex-col items-center justify-center text-center text-gray-500 dark:text-gray-400 mb-8", children: [jsx("img", { src: AuthLogo, alt: "Auth Logo", width: 365, height: 365 }), "Use Below Identity Providers To Authenticate"] }), jsxs("div", { className: "space-y-4", children: [jsxs(Button
                                     // variant="outline"
                                     , {
                                         // variant="outline"
                                         className: "w-full flex items-center justify-center cursor-pointer bg-[#506f4a] hover:bg-[#506f4a] rounded-lg border border-transparent px-5 py-8 text-base font-medium transition-colors duration-250", onClick: handleMSALLogin, disabled: isLoading, children: [jsx("img", { src: MicrosoftLogo, alt: "Microsoft Logo", width: 35, height: 35 }), jsx("span", { className: "ml-2", children: isLoading ? "Logging in..." : "Sign in with Microsoft" })] }), useADLogin && (jsxs(Button, { className: "w-full flex items-center justify-center cursor-pointer bg-[#506f4a] hover:bg-[#506f4a] rounded-lg border border-transparent px-5 py-8 text-base font-medium transition-colors duration-250", onClick: function () { return setShowADModal(true); }, disabled: isLoading, children: [jsx(KeyIcon, { className: "text-[#506f4a]", size: 64 }), jsx("span", { children: isLoading
                                                     ? "Logging in..."
-                                                    : "Sign in with ActiveDirectory" })] })), usePassKey && (jsxs(Button, { className: "w-full flex items-center justify-center cursor-pointer bg-[#506f4a] hover:bg-[#506f4a] rounded-lg border border-transparent px-5 py-8 text-base font-medium transition-colors duration-250", onClick: function () { return handleRegister(PassKeysRegisterProps); }, disabled: isLoading, children: [jsx(KeyIcon, { className: "text-[#506f4a]", size: 64 }), jsx("span", { children: "Create a Passkey" })] }))] }), jsxs(CardFooter, { className: "flex items-center justify-center mt-6 space-x-2 text-gray-400 text-sm", children: [jsx(ShieldCheck, { className: "w-4 h-4 text-[#506f4a] pulse-glow" }), jsx("span", { children: "Powered By NIBSS" })] })] }) }) }, "landing"), jsx(ADLoginModal, { open: showADModal, onOpenChange: setShowADModal, isLoading: isCredAuthLoading, setIsLoading: setIsCredAuthLoading, onLogin: function (_a) { return __awaiter$1(void 0, [_a], void 0, function (_b) {
+                                                    : "Sign in with ActiveDirectory" })] })), usePassKey && (jsxs(Button, { className: "w-full flex items-center justify-center cursor-pointer bg-[#506f4a] hover:bg-[#506f4a] rounded-lg border border-transparent px-5 py-8 text-base font-medium transition-colors duration-250", onClick: function () {
+                                            return authentication.HandleRegister(MFAEndpoints.RegisterNewChallenge, MFAEndpoints.RegisterVerify +
+                                                "?username=".concat(username), register, PassKeysRegisterProps);
+                                        }, disabled: isLoading, children: [jsx(KeyIcon, { className: "text-[#506f4a]", size: 64 }), jsx("span", { children: "Create a Passkey" })] }))] }), jsxs(CardFooter, { className: "flex items-center justify-center mt-6 space-x-2 text-gray-400 text-sm", children: [jsx(ShieldCheck, { className: "w-4 h-4 text-[#506f4a] pulse-glow" }), jsx("span", { children: "Powered By NIBSS" })] })] }) }) }, "landing"), jsx(ADLoginModal, { open: showADModal, onOpenChange: setShowADModal, isLoading: isCredAuthLoading, setIsLoading: setIsCredAuthLoading, onLogin: function (_a) { return __awaiter$1(void 0, [_a], void 0, function (_b) {
                     var username = _b.username, password = _b.password, MFACode = _b.MFACode;
                     return __generator$1(this, function (_c) {
                         // Implement your AD login logic here
-                        console.log("AD Login:", { username: username, password: password, MFACode: MFACode });
-                        // Example: await adLoginService(username, password, mfaCode);
-                        handleSubmitCredentials(CredentialsAuthEndpoint !== null && CredentialsAuthEndpoint !== void 0 ? CredentialsAuthEndpoint : "/api/auth/validate", { username: username, password: password, MFACode: MFACode }, context.appCode);
+                        console.log("AD Login:", { username: username, MFACode: MFACode });
+                        handleSubmitCredentials(CredentialsAuthEndpoint, { username: username, password: password, MFACode: MFACode, appCode: context.appCode });
                         return [2 /*return*/];
                     });
                 }); } })] }));
@@ -1967,7 +1813,7 @@ var MFAEndpointsSchema = z$1.object({
     AuthChallengeVerify: z$1.url("MFA AuthChallengeVerify must be a valid URL"),
 });
 var MFAGate = function (_a) {
-    var children = _a.children, _b = _a.fallback, fallback = _b === void 0 ? jsx("div", { className: 'h-screen flex items-center justify-center', children: jsx(LoadingSpinner, {}) }) : _b,
+    var children = _a.children, _b = _a.fallback, fallback = _b === void 0 ? (jsx("div", { className: "h-screen flex items-center justify-center", children: jsx(LoadingSpinner, {}) })) : _b,
     // loginComponent: LoginComponent = DefaultLoginPage,
     _c = _a.usePassKey,
     // loginComponent: LoginComponent = DefaultLoginPage,
@@ -1995,7 +1841,7 @@ var MFAGate = function (_a) {
             }
         }
         else if (!success) {
-            Logger.error("MFA authentication failed");
+            Logger.error("MFA authentication failed", { context: context || null });
         }
     }, [context, onAuthSuccess]);
     var handleAuthFailed = useCallback(function () { return __awaiter$1(void 0, void 0, void 0, function () {
@@ -2016,6 +1862,14 @@ var MFAGate = function (_a) {
             }
         });
     }); }, [context, onAuthError]);
+    useEffect(function () {
+        if (requiresMFA === false &&
+            "accessToken" in context &&
+            context.accessToken &&
+            "setRequiresMFA" in context) {
+            context.setRequiresMFA(false);
+        }
+    }, [requiresMFA, context]);
     if (useADLogin && !CredentialsAuthEndpoint)
         return jsx(ErrorFallback, { message: "Invalid AD Login Configuration." });
     if (!validatedMFAEndpoints)
@@ -2027,11 +1881,6 @@ var MFAGate = function (_a) {
     if (!context.isAuthenticated) {
         var shouldRequireMFA = requiresMFA !== null && requiresMFA !== void 0 ? requiresMFA : ("requiresMFA" in context ? context.requiresMFA : false);
         var accessToken = "accessToken" in context ? context.accessToken : "";
-        // If requiresMFA is explicitly set to false, bypass MFA and mark as authenticated
-        if (requiresMFA === false && accessToken && "setRequiresMFA" in context) {
-            context.setRequiresMFA(false);
-            return jsx(Fragment, { children: children });
-        }
         if (shouldRequireMFA && accessToken) {
             return (jsx(MFAOptions, { MFAEndpoints: validatedMFAEndpoints, usePassKey: usePassKey, onComplete: handleComplete, onAuthFailed: handleAuthFailed }));
         }