Add extensibility APIs

[neha-bhargava]

Fixes #5568

Changes proposed in this request

• Create the extensibility apis for dynamic cert, retry and observer

Testing

Performance impact

Documentation

• All relevant documentation is updated.

[Copilot]

Pull Request Overview

This PR introduces extensibility APIs for client credential flows, enabling dynamic certificate provisioning, custom retry logic for service failures, and execution observation. The changes support scenarios like certificate rotation from Azure Key Vault and custom telemetry collection.

• Dynamic certificate provider callback that's invoked before each token request
• Retry callback for handling service failures with custom logic
• Execution observer for tracking token acquisition results (success or failure)

Reviewed Changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated 13 comments.

Show a summary per file

File	Description
src/client/Microsoft.Identity.Client/Extensibility/ClientCredentialExtensionParameters.cs	New parameter class providing application context to extensibility callbacks
src/client/Microsoft.Identity.Client/Extensibility/ExecutionResult.cs	New result class containing either successful AuthenticationResult or exception
src/client/Microsoft.Identity.Client/Extensibility/ConfidentialClientApplicationBuilderExtensions.cs	Extension methods for WithCertificate, OnMsalServiceFailure, and OnSuccess
src/client/Microsoft.Identity.Client/AppConfig/ApplicationConfiguration.cs	Adds storage for three new extensibility callback properties
src/client/Microsoft.Identity.Client/Internal/Requests/ClientCredentialRequest.cs	Implements retry loop and callback invocation logic for token acquisition
src/client/Microsoft.Identity.Client/Internal/ClientCredential/CertificateAndClaimsClientCredential.cs	Adds dynamic certificate resolution via provider callback
src/client/Microsoft.Identity.Client/ApiConfig/AbstractConfidentialClientAcquireTokenParameterBuilder.cs	Updates validation to allow dynamic certificate provider
src/client/Microsoft.Identity.Client/MsalError.cs	Adds error constant for invalid client credential configuration
tests/Microsoft.Identity.Test.Unit/PublicApiTests/ConfidentialClientApplicationExtensibilityTests.cs	Comprehensive integration tests for all three extensibility points
tests/Microsoft.Identity.Test.Unit/AppConfigTests/ConfidentialClientApplicationExtensibilityApiTests.cs	Unit tests for builder API and configuration storage
src/client/Microsoft.Identity.Client/PublicApi/*/PublicAPI.Unshipped.txt	Documents new public API surface for all target frameworks
src/client/Microsoft.Identity.Client/Microsoft.Identity.Client.csproj	Adds new extensibility files to project
src/client/Microsoft.Identity.Client/ManagedIdentity/AbstractManagedIdentity.cs	Modifies exception handling pattern (appears unrelated to extensibility)