semblance/src/config/msalConfig.ts

import { Configuration, LogLevel } from '@azure/msal-browser';

// MSAL configuration
export const msalConfig: Configuration = {
  auth: {
    clientId: import.meta.env.VITE_MSAL_CLIENT_ID,
    authority: `https://login.microsoftonline.com/${import.meta.env.VITE_MSAL_TENANT_ID}`,
    redirectUri: import.meta.env.VITE_MSAL_REDIRECT_URI,
    postLogoutRedirectUri: import.meta.env.VITE_MSAL_POST_LOGOUT_REDIRECT_URI
  },
  cache: {
    cacheLocation: 'localStorage',
    storeAuthStateInCookie: true,
  },
  system: {
    loggerOptions: {
      loggerCallback: (level, message, containsPii) => {
        if (containsPii) return;
        console.log(message);
      },
      logLevel: LogLevel.Error,
      piiLoggingEnabled: false,
    },
    allowNativeBroker: false,
  },
};

// Login request configuration
export const loginRequest = {
  scopes: ['openid', 'profile', 'email'],
  prompt: 'select_account' as const,
  extraQueryParameters: {
    code_challenge_method: 'S256'
  }
};

// Token request configuration for additional API calls
export const tokenRequest = {
  scopes: ['openid', 'profile', 'email'],
  account: null as any,
};

// Silent request configuration for token refresh
export const silentRequest = {
  scopes: ['openid', 'profile', 'email'],
  account: null as any,
};