Bump Microsoft.Identity.Web.UI and Microsoft.Identity.Web

[dependabot]

Bumps Microsoft.Identity.Web.UI and Microsoft.Identity.Web. These dependencies needed to be updated together.
Updates Microsoft.Identity.Web.UI from 2.17.1 to 2.17.4

Release notes

Sourced from Microsoft.Identity.Web.UI's releases.

2.17.4

Bug fix

• Fix assertions being removed from dict before callback is executed in TokenAcquisition. See issue #2734 for details.

2.17.3

• Updated to Microsoft.IdentityModel.* 7.5.0, see release notes.

2.17.2

New features

• Added support for CIAM custom user domains. You can now use an Open ID connect authority in the "Authority" property of the configuration instead of using "Instance" and "Tenant". See issue #2690 for details.

Changelog

Sourced from Microsoft.Identity.Web.UI's changelog.

2.17.4

Bug fix

• Fix assertions being removed from dict before callback is executed in TokenAcquisition. See issue #2734 for details.

2.17.3

• Updated to Microsoft.IdentityModel.* 7.5.0

2.17.2

New features

• Added support for CIAM custom user domains. You can now use an Open ID connect authority in the "Authority" property of the configuration instead of using "Instance" and "Tenant". See issue #2690 for details.

Commits

• 72a4388 changelog 2.17.4 (#2735)
• 9dd40bd fix assertions being removed from dict before callback is executed (#2733)
• a574aa6 Update M.IM 7.5.0 (#2726)
• 31fa8d6 changelog for 2.17.3 (#2727)
• 5b27226 update codeQL (#2724)
• c0facf5 b2c test is flaky (#2722)
• 03f4973 Jmprieur/fix tests in rel v2 (#2718)
• 576d895 Same as AzureAD/microsoft-identity-web#2715, but for ...
• c274062 Fix user assigned MSI in tests (#2709)
• ca6077c update from master to rel/v2 branch (#2704)
• Additional commits viewable in compare view

Updates Microsoft.Identity.Web from 2.16.1 to 2.17.4

Release notes

Sourced from Microsoft.Identity.Web's releases.

2.17.4

Bug fix

• Fix assertions being removed from dict before callback is executed in TokenAcquisition. See issue #2734 for details.

2.17.3

• Updated to Microsoft.IdentityModel.* 7.5.0, see release notes.

2.17.2

New features

• Added support for CIAM custom user domains. You can now use an Open ID connect authority in the "Authority" property of the configuration instead of using "Instance" and "Tenant". See issue #2690 for details.

2.17.1

• Updated to Microsoft.IdentityModel.* 7.4.0

New features

• DownstreamApi now automatically processes claims challenge from web APIs which are CAE enabled, provided you set "ClientCapablities" : ["cp1"] in the configuation. See issue #2550.

Bug fixes

• Fixes the use of ServiceDescriptor for containers which have keyed services present. This can be an issue on .NET 8.0. See issue #2676 for details.

Engineering excellence

• Calls to ConfidentialClientApplicationBuilderExtension.WithClientCredentials are fully async. See issue #2566 for details.

2.17.0

• Updated to Microsoft.IdentityModel.* 7.3.1 and MSAL.NET 4.59.0

New features

• Added support for Microsoft.NET.Sdk.Worker. See Worker calling APIs
• Added support for Managed identity when calling a downstream API on behalf of the app. See Calling APIs with Managed Identity and PR 2650. For details see [PR #2645](AzureAD/microsoft-identity-web#2645)

Bug fixes

• In OWIN applications, GetTokenForUserAsync now respects the ClaimsPrincipal. See issue #2629 for details.
• After setting AddTokenAcquisition(useSingleton:true) to use token acquisition as a singleton, if you use .AddMicrosoftGraph and/or .AddDownstreamApi after this call, the GraphServiceClient and IDownstreamApis are now registered as a singleton service. For details see [PR #2645](AzureAD/microsoft-identity-web#2645)
• Added check Against Injection Attacks. For details see PR 2619

Engineering excellence

• Added a benchmark running on PR merges, available from https://azuread.github.io/microsoft-identity-web/benchmarks on GitHub pages

Changelog

Sourced from Microsoft.Identity.Web's changelog.

2.17.4

Bug fix

• Fix assertions being removed from dict before callback is executed in TokenAcquisition. See issue #2734 for details.

2.17.3

• Updated to Microsoft.IdentityModel.* 7.5.0

2.17.2

New features

• Added support for CIAM custom user domains. You can now use an Open ID connect authority in the "Authority" property of the configuration instead of using "Instance" and "Tenant". See issue #2690 for details.

2.17.1

• Updated to Microsoft.IdentityModel.* 7.4.0

New features

• DownstreamApi now automatically processes claims challenge from web APIs which are CAE enabled, provided you set "ClientCapablities" : ["cp1"] in the configuation. See issue #2550.

Bug fixes

• Fixes the use of ServiceDescriptor for containers which have keyed services present. This can be an issue on .NET 8.0. See issue #2676 for details.

Engineering excellence

• Calls to ConfidentialClientApplicationBuilderExtension.WithClientCredentials are fully async. See issue #2566 for details.

2.17.0

• Updated to Microsoft.IdentityModel.* 7.3.1 and MSAL.NET 4.59.0

New features

• Added support for Microsoft.NET.Sdk.Worker. See Worker calling APIs
• Added support for Managed identity when calling a downstream API on behalf of the app. See Calling APIs with Managed Identity and PR 2650. For details see [PR #2645](AzureAD/microsoft-identity-web#2645)

Bug fixes

• In OWIN applications, GetTokenForUserAsync now respects the ClaimsPrincipal. See issue #2629 for details.
• After setting AddTokenAcquisition(useSingleton:true) to use token acquisition as a singleton, if you use .AddMicrosoftGraph and/or .AddDownstreamApi after this call, the GraphServiceClient and IDownstreamApis are now registered as a singleton service. For details see [PR #2645](AzureAD/microsoft-identity-web#2645)
• Added check Against Injection Attacks. For details see PR 2619

Engineering excellence

• Added a benchmark running on PR merges, available from https://azuread.github.io/microsoft-identity-web/benchmarks on GitHub pages

Commits

• 72a4388 changelog 2.17.4 (#2735)
• 9dd40bd fix assertions being removed from dict before callback is executed (#2733)
• a574aa6 Update M.IM 7.5.0 (#2726)
• 31fa8d6 changelog for 2.17.3 (#2727)
• 5b27226 update codeQL (#2724)
• c0facf5 b2c test is flaky (#2722)
• 03f4973 Jmprieur/fix tests in rel v2 (#2718)
• 576d895 Same as AzureAD/microsoft-identity-web#2715, but for ...
• c274062 Fix user assigned MSI in tests (#2709)
• ca6077c update from master to rel/v2 branch (#2704)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)