[release/6.0] Update the Microsoft.Identity.Web versions used by project templates

[halter73]

Description

Due to a recent change NuGet restore now shows CVE warnings for transitive packages. This PR updates the Microsoft.Identity.Web version referenced by the ASP.NET Core project templates dependencies to as of now get rid of these warnings.

Customer impact

Fixes warnings on restore/build in ASP.NET Core project templates referencing Microsoft.Identity.Web.

How found

Manual CTI Testing.

Regression

No

Testing

Tested manually.

Risk

Low. These are template-only changes, so the developer can manually change the dependency version if this version breaks their scenario. Manual testing verified the mainline scenario works.

[halter73]

I'm closing this because the helix tests caught a build failure caused by the obsoletion of IDownstreamWebApi.

Pages/Index.cshtml.cs(13,22): error CS0618: 'IDownstreamWebApi' is obsolete: 'Use IDownstreamApi in Microsoft.Identity.Abstractions, implemented in Microsoft.Identity.Web.DownstreamApi.See aka.ms/id-web-downstream-api-v2 for migration details.'

This didn't catch this with my manual testing, because it didn't use the --called-api-url option that brought in IDownstreamWebApi. I don't think this is an option in VS, but it would break some dotnet new commands.

Fully updating the .NET 6 templates would require backporting #47906 and #48863 at a minimum which makes this much higher risk. Fortunately, this doesn't affect the 8.0 variation of this PR (#58229) since we already have those changes in the release/8.0 branch.

Another option would be adding a transitive reference (e.g. <PackageReference Include="Azure.Identity" Version="1.12.1" />) to project templates, but this has downsides and is something we've managed to avoid so far. I don't think it's worth it considering this only affects new projects targeting .NET 6 which is going out of support.