52 lines
1.8 KiB
TypeScript
Executable file
52 lines
1.8 KiB
TypeScript
Executable file
/**
|
|
* MSAL (Microsoft Authentication Library) configuration for Azure AD SSO.
|
|
* Uses PKCE flow by default for SPA security.
|
|
*/
|
|
import { Configuration, LogLevel, PopupRequest } from '@azure/msal-browser';
|
|
|
|
// MSAL configuration - uses PKCE by default for SPAs
|
|
export const msalConfig: Configuration = {
|
|
auth: {
|
|
clientId: import.meta.env.VITE_AZURE_CLIENT_ID || '',
|
|
authority: `https://login.microsoftonline.com/${import.meta.env.VITE_AZURE_TENANT_ID || 'common'}`,
|
|
redirectUri: import.meta.env.VITE_AZURE_REDIRECT_URI || window.location.origin,
|
|
postLogoutRedirectUri: window.location.origin,
|
|
},
|
|
cache: {
|
|
cacheLocation: 'localStorage', // Persists auth state across browser tabs/refresh
|
|
storeAuthStateInCookie: false, // Not needed for modern browsers
|
|
},
|
|
system: {
|
|
loggerOptions: {
|
|
loggerCallback: (level, message, containsPii) => {
|
|
if (containsPii) return;
|
|
switch (level) {
|
|
case LogLevel.Error:
|
|
console.error(message);
|
|
break;
|
|
case LogLevel.Warning:
|
|
console.warn(message);
|
|
break;
|
|
case LogLevel.Info:
|
|
console.info(message);
|
|
break;
|
|
case LogLevel.Verbose:
|
|
console.debug(message);
|
|
break;
|
|
}
|
|
},
|
|
logLevel: LogLevel.Warning,
|
|
},
|
|
},
|
|
};
|
|
|
|
// Scopes for the access token
|
|
// Using basic OpenID scopes for authentication
|
|
export const loginRequest: PopupRequest = {
|
|
scopes: ['openid', 'profile', 'email'],
|
|
};
|
|
|
|
// Scopes for API calls (same as login for this app)
|
|
export const apiTokenRequest = {
|
|
scopes: ['openid', 'profile', 'email'],
|
|
};
|