Bump Microsoft.Identity.Client from 4.41.0 to 4.50.0

[dependabot]

Bumps Microsoft.Identity.Client from 4.41.0 to 4.50.0.

Release notes

Sourced from Microsoft.Identity.Client's releases.

4.50.0

New Features

• Extended managed identity experimental functionality with support for Azure Cloud Shell. See 3832.
• Added support for PII logging for WAM preview. See 3845, 3822.

Bug Fixes

• Fixed JSON serialization issues for apps running on .NET 7. See 3892.
• Improved logging performance to only create logs when a specified log level is enabled. See 3901.
• Fixed Unable to load DLL 'msalruntime' exception for apps that use WAM preview and are packaged as MSIX. See 3740.
• WAM preview now honors the login hint. See 3301 and WAM docs.
• WAM preview now allows to sign in with an account different from the provided login hint. See 3929.
• Fixed an ApiContractViolation exception in WAM preview when signing out. See 3685.
• MSAL now allows passing no scopes when using WAM preview. See 3675.
• When broker is enabled, MSAL will now use the refresh token from the broker instead of a locally cached one. See 3613.
• Added a more descriptive error message when combined flat user and app cache is used. Use a partitioned token cache (for ex. distributed cache like Redis) or separate files for app and user token caches. See 3218.
• Updated logs to clarify that managed identity correlation ID differs from MSAL one. See #3908.
• Fixed an occasional cryptographic exception by removing the RSA public key size check - AAD is better suited to handle this verification. See 3896.
• Fixed JSON parsing errors when receiving an error token response. See 3883.
• Added better error handling when receiving WS-Trust responses. See 3614.
• WithAuthority methods on the request builders are hidden. Use either WithTenantId on the request builders or WithAuthority only on the application builder. See #2929.
• Deprecated IsBrokerAvailable method on mobile platforms. Applications should rely on the library automatically falling back to a browser if the broker is not available. See 3320.
• Deprecated unused extended expiry API. See 1377.

4.49.1

New Features

• Extended managed identity experimental functionality with support for Azure Arc. See 3862

Bug Fixes

• Updated the Broker package to use Microsoft.Identity.Client.NativeInterop 0.13.3 to resolve crash related to garbage collection when using new WAM broker preview. See 3868
• Disabled additional logging in new WAM broker introduced in MSAL 4.49.0. See 3875

4.49.0

New Features

• MSAL will now use <region>.login.microsoft.com when using regional ESTS-R for public cloud. See 3252
• Added support for acquiring Work and School accounts when calling GetAccounts using the new Broker preview. See 3458
• Added the ability to disable Instance Discovery/Authority validation using WithInstanceDiscovery(bool enableInstanceDiscovery). See 3775
• Added new APIs to acquire authentication data from WWW-Authenticate and Authentication-Info request headers. This will provide additional support for Proof-of-Possession. See 3026

Experimental Features

• Managed identities for Azure resources provide Azure services with an automatically managed identity in Azure Active Directory. You can use this identity to authenticate to any service that supports Azure AD authentication, without having credentials in your code. MSAL now supports acquiring token for managed identities for Azure App Services and Azure Virtual Machines. Use WithManagedIdentity() method on the AcquireTokenForClient API to get an MSI token. This is an experimental feature and may change in the future versions of MSAL. See 3754 and 3829

Supportability

• Enabled more logging for new WAM broker. See 3575

Bug Fixes

• Optimized MSAL cache key logic to improve performance. See 3393

4.48.1

Supportability

... (truncated)

Changelog

Sourced from Microsoft.Identity.Client's changelog.

4.50.0

New Features

• Extended managed identity experimental functionality with support for Azure Cloud Shell. See 3832.
• Added support for PII logging for WAM preview. See 3845, 3822.

Bug Fixes

• Fixed JSON serialization issues for apps running on .NET 7. See 3892.
• Improved logging performance to only create logs when a specified log level is enabled. See 3901.
• Fixed Unable to load DLL 'msalruntime' exception for apps that use WAM preview and are packaged as MSIX. See 3740.
• WAM preview now honors the login hint. See 3301 and WAM docs.
• WAM preview now allows to sign in with an account different from the provided login hint. See 3929.
• Fixed an ApiContractViolation exception in WAM preview when signing out. See 3685.
• MSAL now allows passing no scopes when using WAM preview. See 3675.
• When broker is enabled, MSAL will now use the refresh token from the broker instead of a locally cached one. See 3613.
• Added a more descriptive error message when combined flat user and app cache is used. Use a partitioned token cache (for ex. distributed cache like Redis) or separate files for app and user token caches. See 3218.
• Updated logs to clarify that managed identity correlation ID differs from MSAL one. See #3908.
• Fixed an occasional cryptographic exception by removing the RSA public key size check - AAD is better suited to handle this verification. See 3896.
• Fixed JSON parsing errors when receiving an error token response. See 3883.
• Added better error handling when receiving WS-Trust responses. See 3614.
• WithAuthority methods on the request builders are hidden. Use either WithTenantId on the request builders or WithAuthority only on the application builder. See #2929.
• Deprecated IsBrokerAvailable method on mobile platforms. Applications should rely on the library automatically falling back to a browser if the broker is not available. See 3320.
• Deprecated unused extended expiry API. See 1377.

4.49.1

New Features

• Extended managed identity experimental functionality with support for Azure Arc. See 3862

Bug Fixes

• Updated the Broker package to use Microsoft.Identity.Client.NativeInterop 0.13.3 to resolve crash related to garbage collection when using new WAM broker preview. See 3868
• Disabled additional logging in new WAM broker introduced in MSAL 4.49.0. See 3875

4.49.0

New Features

• MSAL will now use <region>.login.microsoft.com when using regional ESTS-R for public cloud. See 3252
• Added support for acquiring Work and School accounts when calling GetAccounts using the new Broker preview. See 3458
• Added the ability to disable Instance Discovery/Authority validation using WithInstanceDiscovery(bool enableInstanceDiscovery). See 3775
• Added new APIs to acquire authentication data from WWW-Authenticate and Authentication-Info request headers. This will provide additional support for Proof-of-Possession. See 3026

Experimental Features

• Managed identities for Azure resources provide Azure services with an automatically managed identity in Azure Active Directory. You can use this identity to authenticate to any service that supports Azure AD authentication, without having credentials in your code. MSAL now supports acquiring token for managed identities for Azure App Services and Azure Virtual Machines. Use WithManagedIdentity() method on the AcquireTokenForClient API to get an MSI token. This is an experimental feature and may change in the future versions of MSAL. See 3754 and 3829

Supportability

• Enabled more logging for new WAM broker. See 3575

Bug Fixes

• Optimized MSAL cache key logic to improve performance. See 3393

... (truncated)

Commits

• e652bad Update README with latest links (#3947)
• c684700 Obsolete IsBrokerAvailable on mobile platforms (#3958)
• c20fb74 Update MSIX packaging test app to use the latest Interop (#3959)
• c5b0106 Update Broker to use Interop 0.13.5 (#3954)
• 7ff046a Handle exception for the scenario. (#3937)
• a07da18 Audit all info and verbose logs and use lambdas to generate strings (#3919)
• 7929bff WAM - Let user perform account switch (#3930)
• 16b744a Add more details to error message. (#3935)
• 4f98cf1 Updated doc for consumers authority (#3946)
• 279432c Roslyn : Do Not Use Plain Password in PKIs (#3955)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)