Support for Brave (or any extension blocking third party cookies)

I'm submitting a...


[ ] Regression (a behavior that used to work and stopped working in a new release)
[ ] Bug report 
[ ] Performance issue
[x] Feature request
[ ] Documentation issue or request
[ ] Other... Please describe:

Browser:

[x] Brave

Library Name

[x] adal.js

Library version

Library version: 1.0.17

Current behavior

Expected behavior

No popup required

Minimal reproduction of the problem with instructions

Open any adal-based app in Brave and see if login works correctly.
I'm having a lot of issues at least, and I think it might have to do with third party cookies being blocked. When using implicit flow the hidden iframe won't actually send any cookies, and it is not authorized.
This is solvable with popup, but there are three problems with the popup:

Refresh of token after token expires (1 hour) requires a new popup.
Popup require button for user to press (user interaction) in order to not be blocked by popup blocker.
I actually have to re-login every time inside the popup I need a token refresh.

This probably also includes any third party cookie blockers such as Privacy Badger.

Previously I've had a lot of issues with sporadic X-Frame-Origin: deny, both in nested iframes (Office Add-Ons, DevOps extensions), and implicit flow (which uses hidden iframe), but lately that haven't been a problem - either login.microsoftonline.com have removed the header, or promp=none + login_hint + domain_hint does the trick.

I might be using the library very wrongly, in that case here is a working demo, (source code). It uses graph as an example, but I mostly connect directly to other APIs, such as SharePoint and DevOps.

AzureAD / azure-activedirectory-library-for-js