Bump Microsoft.Identity.Client from 4.19.0 to 4.21.1

[dependabot-preview]

Bumps Microsoft.Identity.Client from 4.19.0 to 4.21.1.

Release notes

Sourced from Microsoft.Identity.Client's releases.

4.21.0

Bug fixes: ** Add new constructors for AuthenticationResult for backwards compatibility purposes **. This fixes an API breaking change introduced in MSAL 4.17 where a new param was added to the AuthenticationResult constructor without a default value and swapping the last two parameters. This fix ensures compatibility both with MSAL 4.16.x and before, and with MSAL 4.17 until 4.20.1

4.20.0

4.20

New Features

MSAL now expose the configured certificate on Confidential Client Application This helps manage multiple instances of Confidential Client Application. Experimental WAM intergration on Windows for .NET classic, .NET core and UWP See https://aka.ms/msal-net-wam

Bug Fixes

Fix AcquireTokenByIntegratedWindowsAuthentication on .NET core Reverted the HTTP client used on .NET core as it was not possible to use default authentication which is needed for WS-trust. See issue #1988 MSAL correctly returns errors when using Android broker - see issue #2062 Fix 2 problems with returning the status codes and exceptions when using Android broker .See issues #2062 and #2078 Throw a better error when some Facebook accounts cause MSAL to throw a state mismatch exception See issue 1872 for details MSAL now migrates the ADAL cache for multi-tenant scenarios See issue #2090

Changelog

Sourced from Microsoft.Identity.Client's changelog.

4.21.1

Bug fixes: Fix the URI for IMDS call to detect the region. This fixes the typo in the URI for local IMDS call which is made to detect the region for regional auth.

4.21.0

Bug fixes: ** Add new constructors for AuthenticationResult for backwards compatibility purposes **. This fixes an API breaking change introduced in MSAL 4.17 where a new param was added to the AuthenticationResult constructor without a default value and swapping the last two parameters. This fix ensures compatibility both with MSAL 4.16.x and before, and with MSAL 4.17 until 4.20.1

4.20.1

Bug Fixes: ** Fixes the incompatibility of MSAL.NET 4.20 with .NET 5.0 by temporarily removing the WAM experimental support (for the moment, please use 4.20 if you are interested in WAM)**. For details see #2095.

4.20

New Features: MSAL now expose the configured certificate on Confidential Client Application This helps manage multiple instances of Confidential Client Application. Experimental WAM intergration on Windows for .NET classic, .NET core and UWP See https://aka.ms/msal-net-wam

Bug Fixes: Fix AcquireTokenByIntegratedWindowsAuthentication on .NET core Reverted the HTTP client used on .NET core as it was not possible to use default authentication which is needed for WS-trust. See issue #1988 MSAL correctly returns errors when using Android broker - see issue #2062 Fix 2 problems with returning the status codes and exceptions when using Android broker .See issues #2062 and #2078 Throw a better error when some Facebook accounts cause MSAL to throw a state mismatch exception See issue 1872 for details MSAL now migrates the ADAL cache for multi-tenant scenarios See issue #2090

4.19

New Features: MSAL now adds telemetry data for the detected region See Issue #2018

Bug Fixes: The creation of HTTPClient is now threadsafe This will prevent threading issues MSAL.NETs HttpClient. See Issue 2034 MSAL will now add missing data from broker communication issues this will allow us to more easily diagnose broker authentication issues on Android. See Issues 2045 MSAL now properly bypasses device auth challenges on mobile This will allow users to bypass challenges when the web client cannot handle client TLS. See Issue

4.18.0

New Features: MsalServiceException now allows for the setting of the headers, the response body and the correlation id. This allows developers to more easily mock the MsalServiceException. See issue #1977 for details. MSAL now supports regionalization to keep traffic inside a geographical area. See issue #1956 for details. MSAL now supports Proof of Possession (POP) on confidential client applications. See issue #1946 for details.

Bug Fixes: When the parsing of a WsTrust error fails, MSAL will now return the entire body. This allows for a better understanding of the error. See issue #1984 for details. When creating an HttpClient we were forcing a ServicePointManager.DefaultConnectionLimit = 30. The fix removes the setting of the connection limit (though the max limit in the config setting is updated to 50 connections it's not set for net desktop and net core. See issue #1992.

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If all status checks pass Dependabot will automatically merge this pull request.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

Superseded by #312.