acsi-core 0.9.20 → 0.9.22

package/dist/components/MSALRedirectHandler/index.d.ts

@@ -0,0 +1,14 @@
+/**
+ * MSALRedirectHandler component
+ *
+ * This component handles MSAL redirect authentication flows by processing
+ * the hash fragment in the URL before any router code can clear it.
+ *
+ * Uses useLayoutEffect to run synchronously before browser paint,
+ * ensuring it processes the redirect before React Router initializes.
+ *
+ * This component uses the singleton MSAL instance to avoid conflicts
+ * and ensure consistent state management.
+ */
+declare const MSALRedirectHandler: () => null;
+export default MSALRedirectHandler;

package/dist/components/UpdateNotifier.d.ts

@@ -0,0 +1,3 @@
+import React from 'react';
+declare const UpdateNotifier: React.FC;
+export default UpdateNotifier;

package/dist/components/index.d.ts

@@ -13,3 +13,4 @@ export { default as CoreInputCompact } from "./CoreInputCompact";
 export { default as CoreTitleInput } from "./CoreTitleInput";
 export { default as CoreTooltip } from "./CoreTooltip";
 export { default as MarkdownLatexRender } from "./MarkdownLatexRender";
+export { default as MSALRedirectHandler } from "./MSALRedirectHandler";

package/dist/configs/api.d.ts

@@ -0,0 +1,3 @@
+import { AxiosInstance } from "axios";
+export declare const api: AxiosInstance;
+export declare const apiUpload: AxiosInstance;

package/dist/configs/api_removed.d.ts

@@ -0,0 +1,3 @@
+import { AxiosInstance } from "axios";
+export declare const api: AxiosInstance;
+export declare const apiUpload: AxiosInstance;

package/dist/containers/Login/configs/constants.d.ts

@@ -22,6 +22,7 @@ export declare const msalConfig: (clientId: string, redirectUri: string) => {
         clientId: string;
         authority: string;
         redirectUri: string;
+        navigateToLoginRequestUrl: boolean;
     };
     cache: {
         cacheLocation: string;

package/dist/index.d.ts

@@ -20,7 +20,7 @@ import useAmplitude from "./utils/hooks/useAmplitude";
 import { AmplitudeEvent } from "./utils/types/amplitude";
 import initializeAmplitude from "./configs/amplitude";
 import { initSentry } from "./configs/sentry";
-import { CoreButton, CoreInput, CoreSelect, CoreCheckbox, CoreRadio, CoreError, CoreModal, CoreRange, CoreTextArea, CoreSearch, CoreSelectCompact, CoreInputCompact, CoreTitleInput, CoreTooltip, MarkdownLatexRender } from "./components";
+import { CoreButton, CoreInput, CoreSelect, CoreCheckbox, CoreRadio, CoreError, CoreModal, CoreRange, CoreTextArea, CoreSearch, CoreSelectCompact, CoreInputCompact, CoreTitleInput, CoreTooltip, MarkdownLatexRender, MSALRedirectHandler } from "./components";
 import { getErrorMessage } from "./utils/getErrorMessage";
 import { GoogleOAuthProvider } from '@react-oauth/google';
 import CustomSelect from "./components/Selects/CustomSelect";
@@ -29,4 +29,5 @@ import CustomCreatable from "./components/Selects/CustomCreatable";
 import CustomSelectOption from "./components/Selects/CustomSelectOption";
 import utcToLocalTime from "./utils/utcToLocalTime";
 import Cookies from "js-cookie";
-export { setLoading, setLoadingPage, BASE_URL, OPENSALT_BASE_URL, ACCESS_TOKEN, DATE_TIME_MIN_VALUE, ORGANIZATION_TEAM, ORGANIZATION_TENANT, firstCheckToken, getImageUrl, Login, utcToLocalTime, getAccessToken, store, historyCore, setAlert, setUser, setTenant, setAddTenant, setTeam, setMenuCollapse, setIsRefetchSidebar, Loading, NotFound, LayoutContext, api, apiUpload, ConfirmDialog, CommonDialog, ToastContainer, toast, Role, Cookies, CustomPagination, useGoogleSignOut, CoreButton, CoreInput, CoreSelect, CoreCheckbox, CoreRadio, CoreError, CoreModal, CoreRange, CoreTextArea, CoreSearch, CoreSelectCompact, CoreInputCompact, CoreTitleInput, CoreTooltip, getErrorMessage, MarkdownLatexRender, CustomSelect, CustomAsyncSelect, CustomCreatable, CustomSelectOption, GoogleOAuthProvider, useAmplitude, AmplitudeEvent, initializeAmplitude, initSentry };
+import { getMSALInstance, initializeMSAL, handleMSALRedirect, isMSALRedirect, getAllAccounts, getActiveAccount } from "./utils/msalInstance";
+export { setLoading, setLoadingPage, BASE_URL, OPENSALT_BASE_URL, ACCESS_TOKEN, DATE_TIME_MIN_VALUE, ORGANIZATION_TEAM, ORGANIZATION_TENANT, firstCheckToken, getImageUrl, Login, utcToLocalTime, getAccessToken, store, historyCore, setAlert, setUser, setTenant, setAddTenant, setTeam, setMenuCollapse, setIsRefetchSidebar, Loading, NotFound, LayoutContext, api, apiUpload, ConfirmDialog, CommonDialog, ToastContainer, toast, Role, Cookies, CustomPagination, useGoogleSignOut, CoreButton, CoreInput, CoreSelect, CoreCheckbox, CoreRadio, CoreError, CoreModal, CoreRange, CoreTextArea, CoreSearch, CoreSelectCompact, CoreInputCompact, CoreTitleInput, CoreTooltip, getErrorMessage, MarkdownLatexRender, MSALRedirectHandler, CustomSelect, CustomAsyncSelect, CustomCreatable, CustomSelectOption, GoogleOAuthProvider, useAmplitude, AmplitudeEvent, initializeAmplitude, initSentry, getMSALInstance, initializeMSAL, handleMSALRedirect, isMSALRedirect, getAllAccounts, getActiveAccount };

package/dist/index.js

@@ -17,9 +17,9 @@ var rehypeKatex = _interopDefault(require('rehype-katex'));
 var remarkRehype = _interopDefault(require('remark-rehype'));
 var rehypeRaw = _interopDefault(require('rehype-raw'));
 require('katex/dist/katex.min.css');
+var msalBrowser = require('@azure/msal-browser');
 var Cookies = _interopDefault(require('js-cookie'));
 var moment = _interopDefault(require('moment'));
-var msalBrowser = require('@azure/msal-browser');
 var reactToastify = require('react-toastify');
 var reactGoogleLogin = require('@leecheuk/react-google-login');
 var material = require('@mui/material');
@@ -672,6 +672,25 @@ var ORGANIZATION_TEAM = "ORGANIZATION_TEAM";
 
 var styleGlobal = {"signup_wrap":"_1KLz9","box-signin":"_2Jo1o","signin_title":"_3egBO","signup_link":"_1DoIT","google_button":"_34hK_","microsoft_button":"_19ESb","box-field":"_2e9xO","box-input":"_3zXRp","box-text":"_8NJga","box-button-email":"_21FPk","box-signin-container":"_1QERu","box-signin-text":"_2-znH","box-signin-logo":"_1aB2m","box-right":"_3qndF","image-slideshow":"_1aM7m","active":"_Vx1zf","box-right-body":"_JzdCr","box-right-footer":"_19aCA","pr-30":"_2HB5r","width-400":"_4ehXP"};
 
+// A type of promise-like that resolves synchronously and supports only one observer
+
+const _iteratorSymbol = /*#__PURE__*/ typeof Symbol !== "undefined" ? (Symbol.iterator || (Symbol.iterator = Symbol("Symbol.iterator"))) : "@@iterator";
+
+const _asyncIteratorSymbol = /*#__PURE__*/ typeof Symbol !== "undefined" ? (Symbol.asyncIterator || (Symbol.asyncIterator = Symbol("Symbol.asyncIterator"))) : "@@asyncIterator";
+
+// Asynchronously call a function and send errors to recovery continuation
+function _catch(body, recover) {
+	try {
+		var result = body();
+	} catch(e) {
+		return recover(e);
+	}
+	if (result && result.then) {
+		return result.then(void 0, recover);
+	}
+	return result;
+}
+
 function _arrayLikeToArray(r, a) {
   (null == a || a > r.length) && (a = r.length);
   for (var e = 0, n = Array(a); e < a; e++) n[e] = r[e];
@@ -720,25 +739,6 @@ function _unsupportedIterableToArray(r, a) {
   }
 }
 
-// A type of promise-like that resolves synchronously and supports only one observer
-
-const _iteratorSymbol = /*#__PURE__*/ typeof Symbol !== "undefined" ? (Symbol.iterator || (Symbol.iterator = Symbol("Symbol.iterator"))) : "@@iterator";
-
-const _asyncIteratorSymbol = /*#__PURE__*/ typeof Symbol !== "undefined" ? (Symbol.asyncIterator || (Symbol.asyncIterator = Symbol("Symbol.asyncIterator"))) : "@@asyncIterator";
-
-// Asynchronously call a function and send errors to recovery continuation
-function _catch(body, recover) {
-	try {
-		var result = body();
-	} catch(e) {
-		return recover(e);
-	}
-	if (result && result.then) {
-		return result.then(void 0, recover);
-	}
-	return result;
-}
-
 var styles = {"core-button":"_xvNBN","primary":"_U9Qyp","secondary":"_1VzMy","text":"_pZNuj","danger":"_2uYm1","light":"_wxH5S"};
 
 var _excluded = ["type", "children", "onClick", "icon", "disabled", "htmlType"];
@@ -2170,6 +2170,214 @@ function formatContent(content) {
   return result.join("\n");
 }
 
+var AuthenticationMessage;
+(function (AuthenticationMessage) {
+  AuthenticationMessage["NotAllowedToRegister"] = "NotAllowedToRegister";
+  AuthenticationMessage["InvalidGoogleToken"] = "InvalidGoogleToken";
+})(AuthenticationMessage || (AuthenticationMessage = {}));
+(function (Role) {
+  Role["Student"] = "Student";
+  Role["Teacher"] = "Teacher";
+  Role["Admin"] = "Admin";
+})(exports.Role || (exports.Role = {}));
+var msalConfig = function msalConfig(clientId, redirectUri) {
+  return {
+    auth: {
+      clientId: clientId,
+      authority: "https://login.microsoftonline.com/common",
+      redirectUri: redirectUri,
+      navigateToLoginRequestUrl: false
+    },
+    cache: {
+      cacheLocation: "sessionStorage",
+      storeAuthStateInCookie: false
+    },
+    system: {
+      loggerOptions: {
+        loggerCallback: function loggerCallback(level, message, containsPii) {
+          if (containsPii) {
+            return;
+          }
+          var prefix = '[MSAL]';
+          switch (level) {
+            case msalBrowser.LogLevel.Error:
+              console.error(prefix + " " + message);
+              return;
+            case msalBrowser.LogLevel.Info:
+              console.info(prefix + " " + message);
+              return;
+            case msalBrowser.LogLevel.Verbose:
+              console.debug(prefix + " " + message);
+              return;
+            case msalBrowser.LogLevel.Warning:
+              console.warn(prefix + " " + message);
+              return;
+            default:
+              return;
+          }
+        }
+      }
+    }
+  };
+};
+
+var msalInstance = null;
+var isInitializing = false;
+var initPromise = null;
+var getMSALInstance = function getMSALInstance(clientId, redirectUri) {
+  var finalClientId = clientId || MICROSOFT_CLIENT_ID;
+  var finalRedirectUri = redirectUri || MICROSOFT_URL_DIRECT || window.location.origin;
+  if (!finalClientId) {
+    console.warn('[MSAL] Client ID not configured');
+    return null;
+  }
+  if (!msalInstance) {
+    msalInstance = new msalBrowser.PublicClientApplication(msalConfig(finalClientId, finalRedirectUri));
+  }
+  return msalInstance;
+};
+var initializeMSAL = function initializeMSAL(clientId, redirectUri) {
+  try {
+    var instance = getMSALInstance(clientId, redirectUri);
+    if (!instance) {
+      return Promise.resolve(null);
+    }
+    if (isInitializing && initPromise) {
+      return Promise.resolve(initPromise.then(function () {
+        return instance;
+      }));
+    }
+    if (isInitializing) {
+      return Promise.resolve(instance);
+    }
+    isInitializing = true;
+    initPromise = instance.initialize().then(function () {
+      isInitializing = false;
+      return instance;
+    })["catch"](function (error) {
+      isInitializing = false;
+      console.error('[MSAL] Initialization error:', error);
+      throw error;
+    });
+    return Promise.resolve(initPromise);
+  } catch (e) {
+    return Promise.reject(e);
+  }
+};
+var handleMSALRedirect = function handleMSALRedirect(clientId, redirectUri) {
+  try {
+    if (!window.location.hash) {
+      return Promise.resolve(null);
+    }
+    var hashParams = new URLSearchParams(window.location.hash.substring(1));
+    var hasMSALParams = hashParams.has('access_token') || hashParams.has('id_token') || hashParams.has('error') || hashParams.has('code');
+    if (!hasMSALParams) {
+      return Promise.resolve(null);
+    }
+    return Promise.resolve(_catch(function () {
+      return Promise.resolve(initializeMSAL(clientId, redirectUri)).then(function (instance) {
+        return instance ? Promise.resolve(instance.handleRedirectPromise()) : null;
+      });
+    }, function (error) {
+      console.error('[MSAL] Redirect handling error:', error);
+      return null;
+    }));
+  } catch (e) {
+    return Promise.reject(e);
+  }
+};
+var isMSALRedirect = function isMSALRedirect() {
+  if (!window.location.hash) {
+    return false;
+  }
+  var hashParams = new URLSearchParams(window.location.hash.substring(1));
+  return hashParams.has('access_token') || hashParams.has('id_token') || hashParams.has('error') || hashParams.has('code');
+};
+var getAllAccounts = function getAllAccounts() {
+  var instance = getMSALInstance();
+  if (!instance) {
+    return [];
+  }
+  return instance.getAllAccounts();
+};
+var getActiveAccount = function getActiveAccount() {
+  var instance = getMSALInstance();
+  if (!instance) {
+    return null;
+  }
+  return instance.getActiveAccount();
+};
+
+var MSALRedirectHandler = function MSALRedirectHandler() {
+  React.useLayoutEffect(function () {
+    var handleRedirect = function handleRedirect() {
+      try {
+        if (!isMSALRedirect()) {
+          return Promise.resolve();
+        }
+        console.log('[MSAL] Redirect detected, processing...');
+        console.log('[MSAL] Hash:', window.location.hash);
+        console.log('[MSAL] Full URL:', window.location.href);
+        var _temp = _catch(function () {
+          return Promise.resolve(handleMSALRedirect()).then(function (response) {
+            if (response && response.account) {
+              console.log('[MSAL] Redirect handled successfully', {
+                account: response.account.username,
+                scopes: response.scopes
+              });
+              if (window.history.replaceState) {
+                window.history.replaceState(null, '', window.location.pathname + window.location.search);
+              }
+              localStorage.setItem('MSAL_ACCOUNT', JSON.stringify(response.account));
+              localStorage.setItem('MSAL_ACCESS_TOKEN', response.accessToken || '');
+              localStorage.setItem('MSAL_LOGIN_PENDING', 'true');
+              window.dispatchEvent(new CustomEvent('msal-login-success', {
+                detail: {
+                  account: response.account,
+                  accessToken: response.accessToken,
+                  idToken: response.idToken
+                }
+              }));
+              if (window.location.pathname.includes('/login')) {
+                window.location.reload();
+              } else {
+                window.location.href = '/dashboard';
+              }
+            } else {
+              var hashParams = new URLSearchParams(window.location.hash.substring(1));
+              var error = hashParams.get('error');
+              var errorDescription = hashParams.get('error_description');
+              if (error) {
+                console.error('[MSAL] Authentication error:', error, errorDescription);
+                if (error === 'access_denied') {
+                  console.error('[MSAL] User denied access or scopes not configured in Azure AD');
+                }
+              }
+              if (window.history.replaceState) {
+                window.history.replaceState(null, '', window.location.pathname + window.location.search);
+              }
+            }
+          });
+        }, function (error) {
+          var _error$message;
+          console.error('[MSAL] Redirect handling error:', error);
+          if ((error === null || error === void 0 ? void 0 : error.errorCode) === 'hash_empty_error' || error !== null && error !== void 0 && (_error$message = error.message) !== null && _error$message !== void 0 && _error$message.includes('hash_empty')) {
+            console.error('[MSAL] Hash was cleared before MSAL could process it. ' + 'This usually means code is running that clears the URL hash before MSAL handler executes.');
+          }
+          if (window.history.replaceState) {
+            window.history.replaceState(null, '', window.location.pathname + window.location.search);
+          }
+        });
+        return Promise.resolve(_temp && _temp.then ? _temp.then(function () {}) : void 0);
+      } catch (e) {
+        return Promise.reject(e);
+      }
+    };
+    handleRedirect();
+  }, []);
+  return null;
+};
+
 var CookieService = /*#__PURE__*/function () {
   function CookieService() {}
   CookieService.setAuthCookie = function setAuthCookie(data) {
@@ -2322,55 +2530,6 @@ var TypeLogin;
   TypeLogin[TypeLogin["Microsoft"] = 3] = "Microsoft";
 })(TypeLogin || (TypeLogin = {}));
 
-var AuthenticationMessage;
-(function (AuthenticationMessage) {
-  AuthenticationMessage["NotAllowedToRegister"] = "NotAllowedToRegister";
-  AuthenticationMessage["InvalidGoogleToken"] = "InvalidGoogleToken";
-})(AuthenticationMessage || (AuthenticationMessage = {}));
-(function (Role) {
-  Role["Student"] = "Student";
-  Role["Teacher"] = "Teacher";
-  Role["Admin"] = "Admin";
-})(exports.Role || (exports.Role = {}));
-var msalConfig = function msalConfig(clientId, redirectUri) {
-  return {
-    auth: {
-      clientId: clientId,
-      authority: "https://login.microsoftonline.com/common",
-      redirectUri: redirectUri
-    },
-    cache: {
-      cacheLocation: "sessionStorage",
-      storeAuthStateInCookie: false
-    },
-    system: {
-      loggerOptions: {
-        loggerCallback: function loggerCallback(level, message, containsPii) {
-          if (containsPii) {
-            return;
-          }
-          switch (level) {
-            case msalBrowser.LogLevel.Error:
-              console.error(message);
-              return;
-            case msalBrowser.LogLevel.Info:
-              console.info(message);
-              return;
-            case msalBrowser.LogLevel.Verbose:
-              console.debug(message);
-              return;
-            case msalBrowser.LogLevel.Warning:
-              console.warn(message);
-              return;
-            default:
-              return;
-          }
-        }
-      }
-    }
-  };
-};
-
 var BlockLogin = function BlockLogin(_ref) {
   var onNavigate = _ref.onNavigate,
     role = _ref.role,
@@ -2417,11 +2576,120 @@ var BlockLogin = function BlockLogin(_ref) {
       return Promise.reject(e);
     }
   };
+  var processMSALLogin = function processMSALLogin(account, accessToken) {
+    try {
+      return Promise.resolve(_catch(function () {
+        dispatch(setLoading(true));
+        var fullName = (account === null || account === void 0 ? void 0 : account.name) || "";
+        var infoLogin = {
+          firstName: fullName.split(' ').slice(0, -1).join(' '),
+          lastName: fullName.split(' ').slice(-1).join(' '),
+          fullName: fullName,
+          imageUrl: "",
+          email: (account === null || account === void 0 ? void 0 : account.username) || "",
+          token: accessToken || "",
+          googleId: (account === null || account === void 0 ? void 0 : account.homeAccountId) || "",
+          role: role,
+          type: TypeLogin.Microsoft
+        };
+        return Promise.resolve(apiLoginGoogle(infoLogin)).then(function (authResult) {
+          var _authResult$data;
+          if (((_authResult$data = authResult.data) === null || _authResult$data === void 0 ? void 0 : _authResult$data.id) == null) {
+            dispatch(setLoading(false));
+            alert("Please contact admin.");
+            return;
+          }
+          localStorage.clear();
+          var tokenJWT = authResult.data.token;
+          trackEvent === null || trackEvent === void 0 ? void 0 : trackEvent({
+            eventName: exports.AmplitudeEvent.LOGIN,
+            eventProperties: {
+              email: (account === null || account === void 0 ? void 0 : account.username) || email,
+              login_method: 'microsoft',
+              user_role: authResult.data.role,
+              success: true,
+              timestamp: new Date().toISOString()
+            }
+          });
+          if (role === "LandingPage") {
+            CookieService.setAuthCookie({
+              token: tokenJWT,
+              expiresAt: Date.now() + 24 * 60 * 60 * 1000
+            });
+            var getRedirectUrl = function getRedirectUrl(role) {
+              switch (role) {
+                case "Admin":
+                  return ADMIN_ORIGIN;
+                case "Teacher":
+                  return TEACHER_ORIGIN;
+                default:
+                  return role + "." + REQUEST_ORIGIN;
+              }
+            };
+            var redirectUrl = getRedirectUrl(authResult.data.role);
+            window.location.href = redirectUrl + "/dashboard";
+            dispatch(setLoading(false));
+          } else {
+            localStorage.setItem(ACCESS_TOKEN, tokenJWT);
+            onNavigate("/dashboard");
+            dispatch(setLoading(false));
+          }
+        });
+      }, function (error) {
+        console.error("[MSAL] Error processing login:", error);
+        dispatch(setLoading(false));
+        alert("An error occurred while processing your login. Please try again.");
+      }));
+    } catch (e) {
+      return Promise.reject(e);
+    }
+  };
   React.useEffect(function () {
     if (role === "Teacher" || role === "LandingPage") {
       handleGetImage();
     }
   }, []);
+  React.useEffect(function () {
+    var handleMSALLoginSuccess = function handleMSALLoginSuccess(event) {
+      try {
+        var _event$detail = event.detail,
+          account = _event$detail.account,
+          accessToken = _event$detail.accessToken;
+        var _temp2 = function () {
+          if (account && accessToken) {
+            localStorage.removeItem('MSAL_LOGIN_PENDING');
+            return Promise.resolve(processMSALLogin(account, accessToken)).then(function () {});
+          }
+        }();
+        return Promise.resolve(_temp2 && _temp2.then ? _temp2.then(function () {}) : void 0);
+      } catch (e) {
+        return Promise.reject(e);
+      }
+    };
+    var pendingLogin = localStorage.getItem('MSAL_LOGIN_PENDING');
+    if (pendingLogin === 'true') {
+      var accountStr = localStorage.getItem('MSAL_ACCOUNT');
+      var accessToken = localStorage.getItem('MSAL_ACCESS_TOKEN');
+      if (accountStr && accessToken) {
+        try {
+          var account = JSON.parse(accountStr);
+          localStorage.removeItem('MSAL_LOGIN_PENDING');
+          localStorage.removeItem('MSAL_ACCOUNT');
+          localStorage.removeItem('MSAL_ACCESS_TOKEN');
+          processMSALLogin(account, accessToken);
+        } catch (error) {
+          console.error('[MSAL] Error parsing stored account:', error);
+          localStorage.removeItem('MSAL_LOGIN_PENDING');
+          localStorage.removeItem('MSAL_ACCOUNT');
+          localStorage.removeItem('MSAL_ACCESS_TOKEN');
+        }
+      }
+    }
+    window.addEventListener('msal-login-success', handleMSALLoginSuccess);
+    return function () {
+      window.removeEventListener('msal-login-success', handleMSALLoginSuccess);
+    };
+  }, []);
   var googleLogin = google.useGoogleLogin({
     onSuccess: function (tokenResponse) {
       try {
@@ -2453,8 +2721,8 @@ var BlockLogin = function BlockLogin(_ref) {
               };
               dispatch(setLoading(true));
               return Promise.resolve(apiLoginGoogle(infoLogin)).then(function (authResult) {
-                var _authResult$data;
-                if (((_authResult$data = authResult.data) === null || _authResult$data === void 0 ? void 0 : _authResult$data.id) == null) {
+                var _authResult$data2;
+                if (((_authResult$data2 = authResult.data) === null || _authResult$data2 === void 0 ? void 0 : _authResult$data2.id) == null) {
                   dispatch(setLoading(false));
                   alert("Please contact admin.");
                   return;
@@ -2507,84 +2775,27 @@ var BlockLogin = function BlockLogin(_ref) {
   });
   var fnLoginMicrosoft = function fnLoginMicrosoft() {
     try {
-      var msalInstance = new msalBrowser.PublicClientApplication(msalConfig(MICROSOFT_CLIENT_ID, MICROSOFT_URL_DIRECT));
-      if (!msalInstance) {
-        console.error("MSAL instance not initialized");
-        return Promise.resolve();
-      }
       return Promise.resolve(_catch(function () {
-        return Promise.resolve(msalInstance.initialize()).then(function () {
+        var msalInstance = getMSALInstance(MICROSOFT_CLIENT_ID, MICROSOFT_URL_DIRECT);
+        if (!msalInstance) {
+          console.error("[MSAL] Instance not initialized - check client ID configuration");
+          alert("Microsoft login is not configured. Please contact admin.");
+          return;
+        }
+        return Promise.resolve(initializeMSAL(MICROSOFT_CLIENT_ID, MICROSOFT_URL_DIRECT)).then(function () {
           var loginRequest = {
-            scopes: ["openid", "profile", "email"]
-          };
-          var silentRequest = _extends$1({}, loginRequest, {
+            scopes: ["openid", "profile", "User.Read"],
             prompt: "select_account"
-          });
-          return Promise.resolve(msalInstance.loginPopup(silentRequest)).then(function (response) {
-            return function () {
-              if (response && response.account) {
-                var account = response.account;
-                var fullName = (account === null || account === void 0 ? void 0 : account.name) || "";
-                var infoLogin = {
-                  firstName: fullName.split(' ').slice(0, -1).join(' '),
-                  lastName: fullName.split(' ').slice(-1).join(' '),
-                  fullName: fullName,
-                  imageUrl: "",
-                  email: (account === null || account === void 0 ? void 0 : account.username) || "",
-                  token: (response === null || response === void 0 ? void 0 : response.accessToken) || "",
-                  googleId: (account === null || account === void 0 ? void 0 : account.homeAccountId) || "",
-                  role: role,
-                  type: TypeLogin.Microsoft
-                };
-                dispatch(setLoading(true));
-                return Promise.resolve(apiLoginGoogle(infoLogin)).then(function (authResult) {
-                  var _authResult$data2;
-                  if (((_authResult$data2 = authResult.data) === null || _authResult$data2 === void 0 ? void 0 : _authResult$data2.id) == null) {
-                    dispatch(setLoading(false));
-                    alert("Please contact admin.");
-                    return;
-                  }
-                  localStorage.clear();
-                  var tokenJWT = authResult.data.token;
-                  trackEvent === null || trackEvent === void 0 ? void 0 : trackEvent({
-                    eventName: exports.AmplitudeEvent.LOGIN,
-                    eventProperties: {
-                      email: email,
-                      login_method: 'google',
-                      user_role: authResult.data.role,
-                      success: true,
-                      timestamp: new Date().toISOString()
-                    }
-                  });
-                  if (role === "LandingPage") {
-                    CookieService.setAuthCookie({
-                      token: tokenJWT,
-                      expiresAt: Date.now() + 24 * 60 * 60 * 1000
-                    });
-                    var getRedirectUrl = function getRedirectUrl(role) {
-                      switch (role) {
-                        case "Admin":
-                          return ADMIN_ORIGIN;
-                        case "Teacher":
-                          return TEACHER_ORIGIN;
-                        default:
-                          return role + "." + REQUEST_ORIGIN;
-                      }
-                    };
-                    var redirectUrl = getRedirectUrl(authResult.data.role);
-                    window.location.href = redirectUrl + "/dashboard";
-                    dispatch(setLoading(false));
-                  }
-                  localStorage.setItem(ACCESS_TOKEN, tokenJWT);
-                  onNavigate("/dashboard");
-                  dispatch(setLoading(false));
-                });
-              }
-            }();
-          });
+          };
+          return Promise.resolve(msalInstance.loginRedirect(loginRequest)).then(function () {});
         });
       }, function (error) {
-        console.error("Microsoft login error:", error);
+        var _error$message;
+        console.error("[MSAL] Microsoft login error:", error);
+        if ((error === null || error === void 0 ? void 0 : error.errorCode) === 'popup_window_error' || error !== null && error !== void 0 && (_error$message = error.message) !== null && _error$message !== void 0 && _error$message.includes('popup')) {
+          console.error("[MSAL] Popup blocked or COOP error - this should not happen with redirect flow");
+        }
+        alert("An error occurred during Microsoft login. Please try again.");
       }));
     } catch (e) {
       return Promise.reject(e);
@@ -4088,6 +4299,7 @@ exports.DATE_TIME_MIN_VALUE = DATE_TIME_MIN_VALUE;
 exports.LayoutContext = LayoutContext;
 exports.Loading = Loading;
 exports.Login = Login;
+exports.MSALRedirectHandler = MSALRedirectHandler;
 exports.MarkdownLatexRender = MarkdownRenderer;
 exports.NotFound = NotFound;
 exports.OPENSALT_BASE_URL = OPENSALT_BASE_URL;
@@ -4097,11 +4309,17 @@ exports.api = api;
 exports.apiUpload = apiUpload;
 exports.firstCheckToken = firstCheckToken;
 exports.getAccessToken = getAccessToken;
+exports.getActiveAccount = getActiveAccount;
+exports.getAllAccounts = getAllAccounts;
 exports.getErrorMessage = getErrorMessage;
 exports.getImageUrl = getImageUrl;
+exports.getMSALInstance = getMSALInstance;
+exports.handleMSALRedirect = handleMSALRedirect;
 exports.historyCore = historyCore;
 exports.initSentry = initSentry;
 exports.initializeAmplitude = initializeAmplitude;
+exports.initializeMSAL = initializeMSAL;
+exports.isMSALRedirect = isMSALRedirect;
 exports.setAddTenant = setAddTenant;
 exports.setAlert = setAlert;
 exports.setIsRefetchSidebar = setIsRefetchSidebar;