Bump Microsoft.Identity.Web from 1.16.0 to 2.9.0 in /dotnet

[dependabot]

Bumps Microsoft.Identity.Web from 1.16.0 to 2.9.0.

Release notes

Sourced from Microsoft.Identity.Web's releases.

2.9.0

• Update to Wilson 6.29.0 and MSAL.NET 4.53.0

Bug Fix:

• The ASP.NET Core regression between .NET 5 and 6 with Razor Pages, is now addressed with Microsoft.Identity.Web.UI targeting .NET 5 until a more permanent solution is found. See issues #2111, #2095 and #2183 for details.

2.8.0

New features:

• ID Web works with Authority in place of Tenant ID and Domain. See #2160
• ID Web now supports CIAM authorities.
• Abstractions is now updated to version 3.1.0

Bug fixes:

• Fixed a bug causing ClaimsIdentity.RoleClaimType to always be "roles" when using App Service Authentication. See #2166

2.7.0

New Feature:

• MicrosoftIdentityAppCallsWebApiAuthenticationBuilder is now available on netstandard2.0
• Id Web now supports expressing the cache key used for serializing/deserializing. See #2156

Bug Fixes:

• Make GetClientAssertion protected.

2.6.1

• Update to Wilson 6.27.0 and MSAL.NET 4.51.0

New Features:

• GetClientAssertion is now public, which enables inheritance of ClientAssertionProviderBase. See PR for details.
• Id Web now uses TryAdd instead of Add in the InMemory and Distributed caches, this is to not overwrite previously added caches. See issue for details.
• Id Web now supports MsAuth10ATPop. See PR for details.

Bug Fixes:

• Fix a regression from v1.16.x to v2.5.0 with auth code redemption when the ResponseType == "code". See issue #2096 for details.

Fundamentals:

• Address compliance and build issues: #2113, #2116, #2120, #2121, #2122, #2128, #2125, and #2137.

2.5.0

Official GA on NuGet of Microsoft.Identity.Web 2.5.0 brings a variety of new higher-level APIs, including support for .NET Framework (Owin), Daemon scenarios, and the new DownstreamApi.

New Feature

• Make ClientAssertion public, see for details.

2.0.8-preview

• Update Microsoft.Identity.Abstractions 1.0.5-preview, which has breaking changes.

... (truncated)

Changelog

Sourced from Microsoft.Identity.Web's changelog.

2.9.0

• Update to Wilson 6.29.0 and MSAL.NET 4.53.0

Bug Fix:

• The ASP.NET Core regression between .NET 5 and 6 with Razor Pages, is now addressed with Microsoft.Identity.Web.UI targeting .NET 5 until a more permanent solution is found. See issues #2111, #2095 and #2183 for details.

2.8.0

New features:

• ID Web works with Authority in place of Tenant ID and Domain. See #2160
• ID Web now supports CIAM authorities.
• Abstractions is now updated to version 3.1.0

Bug fixes:

• Fixed a bug causing ClaimsIdentity.RoleClaimType to always be "roles" when using App Service Authentication. See #2166

2.7.0

New Feature:

• MicrosoftIdentityAppCallsWebApiAuthenticationBuilder is now available on netstandard2.0
• Id Web now supports expressing the cache key used for serializing/deserializing. See #2156

Bug Fixes:

• Make GetClientAssertion protected.

2.6.1

• Update to Wilson 6.27.0 and MSAL.NET 4.51.0

New Features:

• GetClientAssertion is now public, which enables inheritance of ClientAssertionProviderBase. See PR for details.
• Id Web now uses TryAdd instead of Add in the InMemory and Distributed caches, this is to not overwrite previously added caches. See issue for details.
• Id Web now supports MsAuth10ATPop. See PR for details.

Bug Fixes:

• Fix a regression from v1.16.x to v2.5.0 with auth code redemption when the ResponseType == "code". See issue #2096 for details.

Fundamentals:

• Address compliance and build issues: #2113, #2116, #2120, #2121, #2122, #2128, #2125, and #2137.

2.5.0

• Make ClientAssertion public, see for details.

2.4.0

• Fix for #2035

2.3.0

... (truncated)

Commits

• 7307ef1 changelog 2.9.0 (#2201)
• 87400de Initial commit to use NET 5 for Web.UI due to issue w/razor on NET6/7 (#2200)
• 4f3ef43 MSAL and IdentityModel version updates (#2199)
• 9b5dce9 Update test to use IDownstreamApi (#2198)
• aff223a Update changelog.md (#2196)
• a2638c8 ciam fix, initial commit (#2194)
• 14be044 Enable developpers to support the authority in the configuration inst… (#2191)
• e41a947 update to abstractions 3.0.1 (#2189)
• 92e7dc8 Update dependabot.yml to daily checks (#2186)
• 13c77c3 update IdentityModel version (#2180)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[shawncal]

@adrianwyatt big version jump, but it looks like it builds fine and brings some security fixes. Can you please try this out and approve+merge if it works in copilot chat?

[shawncal]

Still waiting for verification on this. @adrianwyatt can you please try it out, or assign to someone?