Msal.js. I give it 3/10..

The docs are duplicated, and in various states of out of date. Half the library seems to be undocumented based on how many edge case bugs I've hit, it offers a popup login but you have to have a set specified white list of urls you can launch the popup from which makes a popup login pointless...

Ontop of that my colleagues shat the bed on it and fucked the whole implementation including the azure b2c setup... We do not even have a backend app listed in the azure b2c apps. The redirect also won't work if you don't instantiate an object in a hidden iframe of your own website that fetches a token... This does not make life easy when you use a SPA framework and you have already implemented a whole pipeline abstracting the creation of this object behind layers dependency injection.. Nice.

After sifting through endless shit I finally have a solution. What a week.