Revert breaking changes introduced in Abstrations 11

Directory.Build.props

@@ -1,7 +1,7 @@
 <Project>
   <PropertyGroup>
     <!-- This should be passed from the VSTS build -->
-    <MicrosoftIdentityAbstractionsVersion Condition="'$(MicrosoftIdentityAbstractionsVersion)' == ''">11.1.1</MicrosoftIdentityAbstractionsVersion>
+    <MicrosoftIdentityAbstractionsVersion Condition="'$(MicrosoftIdentityAbstractionsVersion)' == ''">12.0.0</MicrosoftIdentityAbstractionsVersion>
     <!-- This will generate AssemblyVersion, AssemblyFileVersion and AssemblyInformationVersion -->
     <Version>$(MicrosoftIdentityAbstractionsVersion)</Version>
     <AssemblyOriginatorKeyFile>$(MSBuildThisFileDirectory)\build\35MSSharedLib1024.snk</AssemblyOriginatorKeyFile>
@@ -39,8 +39,6 @@
     <AssemblyOriginatorKeyFile>../../build/MSAL.snk</AssemblyOriginatorKeyFile>
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
     <Nullable>enable</Nullable>
-    <!-- LangVersion set to 14 to enable C# 14 extension properties for .NET 10+ AOT compatibility.
-         Extension properties are required to make CredentialDescription AOT-safe while maintaining source compatibility. -->
     <LangVersion>14</LangVersion>
     <EnablePackageValidation>true</EnablePackageValidation>
     <PackageValidationBaselineVersion>8.0.0</PackageValidationBaselineVersion>

Microsoft.Identity.Abstractions.sln

@@ -27,6 +27,28 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Identity.Abstract
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Microsoft.Identity.Abstractions.AotTests", "test\Microsoft.Identity.Abstractions.AotTests\Microsoft.Identity.Abstractions.AotTests.csproj", "{39865C17-1E90-495D-BCB1-C171FCE7078D}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "build", "build", "{06A44D1E-DF13-47CD-A765-0E329E189715}"
+	ProjectSection(SolutionItems) = preProject
+		build\build.md = build\build.md
+		build\CodeCoverage.runsettings = build\CodeCoverage.runsettings
+		build\pipeline-releasebuild.yaml = build\pipeline-releasebuild.yaml
+		build\policheck_filetypes.xml = build\policheck_filetypes.xml
+		build\template-bootstrap-build.yaml = build\template-bootstrap-build.yaml
+		build\template-install-dotnet-core.yaml = build\template-install-dotnet-core.yaml
+		build\template-install-nuget.yaml = build\template-install-nuget.yaml
+		build\template-nuget-pack.yaml = build\template-nuget-pack.yaml
+		build\template-onebranch-build-and-sign.yaml = build\template-onebranch-build-and-sign.yaml
+		build\template-pack-and-sign-all-nugets.yaml = build\template-pack-and-sign-all-nugets.yaml
+		build\template-pack-and-sign-nuget.yaml = build\template-pack-and-sign-nuget.yaml
+		build\template-postbuild-code-analysis.yaml = build\template-postbuild-code-analysis.yaml
+		build\template-prebuild-code-analysis.yaml = build\template-prebuild-code-analysis.yaml
+		build\template-publish-analysis-and-cleanup.yaml = build\template-publish-analysis-and-cleanup.yaml
+		build\template-publish-packages-and-symbols.yaml = build\template-publish-packages-and-symbols.yaml
+		build\template-restore-build-MSIdentityAbstractions.yaml = build\template-restore-build-MSIdentityAbstractions.yaml
+		build\template-sign-binary.yaml = build\template-sign-binary.yaml
+		build\tsaConfig.json = build\tsaConfig.json
+	EndProjectSection
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU

src/Microsoft.Identity.Abstractions/ApplicationOptions/CredentialDescription.cs

@@ -1,4 +1,4 @@
-// Copyright (c) Microsoft Corporation. All rights reserved.
+// Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
 using System;
@@ -79,7 +79,7 @@ public string Id
             {
                 if (_cachedId == null)
                 {
-                    // Use backing field directly to work in both .NET 10+ and older TFMs
+                    // Use backing field directly for efficiency
                     string certificateThumbprint = _certificate?.Thumbprint ?? "null";
 
                     switch (SourceType)
@@ -531,49 +531,6 @@ public string? SignedAssertionFileDiskPath
         /// <remarks>If you want to use the default authority, don't provide a token exchange authority URL.</remarks>
         public string? TokenExchangeAuthority { get; set; }
 
-#if NET10_0_OR_GREATER
-        // For .NET 10+, use protected internal methods to avoid AOT issues with configuration binders
-        // Extension properties (defined in CredentialDescriptionExtensions.cs) provide property-style access
-        // Methods are protected internal to allow derived classes to access them
-
-        /// <summary>
-        /// Gets the certificate. For .NET 10+, use the Certificate extension property instead.
-        /// This method is protected internal to allow derived classes to access the certificate.
-        /// </summary>
-#pragma warning disable CA1024 // Use properties where appropriate
-        protected internal X509Certificate2? GetCertificateInternal() => _certificate;
-#pragma warning restore CA1024 // Use properties where appropriate
-
-        /// <summary>
-        /// Sets the certificate. For .NET 10+, use the Certificate extension property instead.
-        /// This method is protected internal to allow derived classes to set the certificate.
-        /// </summary>
-        protected internal void SetCertificateInternal(X509Certificate2? value)
-        {
-            _certificate = value;
-            // Cached Id can depend on the certificate thumbprint. Set it to null so that it will be recomputed.
-            _cachedId = null;
-        }
-
-        /// <summary>
-        /// Gets the cached value. For .NET 10+, use the CachedValue extension property instead.
-        /// This method is protected internal to allow derived classes to access the cached value.
-        /// </summary>
-#pragma warning disable CA1024 // Use properties where appropriate
-        protected internal object? GetCachedValueInternal() => _cachedValue;
-#pragma warning restore CA1024 // Use properties where appropriate
-
-        /// <summary>
-        /// Sets the cached value. For .NET 10+, use the CachedValue extension property instead.
-        /// This method is protected internal to allow derived classes to set the cached value.
-        /// </summary>
-        protected internal void SetCachedValueInternal(object? value)
-        {
-            _cachedValue = value;
-            // Cached Id can depend on the cached value. Set it to null so that it will be recomputed.
-            _cachedId = null;
-        }
-#else
         /// <summary>
         /// When <see cref="SourceType"/> is <see cref="CredentialSource.Certificate"/>, you will use this property to provide the certificate yourself.
         /// When <see cref="SourceType"/> is <see cref="CredentialSource.Base64Encoded"/> or <see cref="CredentialSource.KeyVault"/>
@@ -607,7 +564,6 @@ public virtual object? CachedValue
                 _cachedId = null;
             }
         }
-#endif
 
         /// <summary>
         /// Skip this credential description. This is useful when, you specify a list of

src/Microsoft.Identity.Abstractions/CompatibilitySuppressions.xml

@@ -1,30 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!-- https://learn.microsoft.com/dotnet/fundamentals/package-validation/diagnostic-ids -->
 <Suppressions xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
-  <Suppression>
-    <DiagnosticId>CP0002</DiagnosticId>
-    <Target>M:Microsoft.Identity.Abstractions.CredentialDescription.get_CachedValue</Target>
-    <Left>lib/net9.0/Microsoft.Identity.Abstractions.dll</Left>
-    <Right>lib/net10.0/Microsoft.Identity.Abstractions.dll</Right>
-  </Suppression>
-  <Suppression>
-    <DiagnosticId>CP0002</DiagnosticId>
-    <Target>M:Microsoft.Identity.Abstractions.CredentialDescription.get_Certificate</Target>
-    <Left>lib/net9.0/Microsoft.Identity.Abstractions.dll</Left>
-    <Right>lib/net10.0/Microsoft.Identity.Abstractions.dll</Right>
-  </Suppression>
-  <Suppression>
-    <DiagnosticId>CP0002</DiagnosticId>
-    <Target>M:Microsoft.Identity.Abstractions.CredentialDescription.set_CachedValue(System.Object)</Target>
-    <Left>lib/net9.0/Microsoft.Identity.Abstractions.dll</Left>
-    <Right>lib/net10.0/Microsoft.Identity.Abstractions.dll</Right>
-  </Suppression>
-  <Suppression>
-    <DiagnosticId>CP0002</DiagnosticId>
-    <Target>M:Microsoft.Identity.Abstractions.CredentialDescription.set_Certificate(System.Security.Cryptography.X509Certificates.X509Certificate2)</Target>
-    <Left>lib/net9.0/Microsoft.Identity.Abstractions.dll</Left>
-    <Right>lib/net10.0/Microsoft.Identity.Abstractions.dll</Right>
-  </Suppression>
   <Suppression>
     <DiagnosticId>CP0006</DiagnosticId>
     <Target>M:Microsoft.Identity.Abstractions.IDownstreamApi.PatchForAppAsync``1(System.String,``0,System.Action{Microsoft.Identity.Abstractions.DownstreamApiOptionsReadOnlyHttpMethod},System.Threading.CancellationToken)</Target>

src/Microsoft.Identity.Abstractions/PublicAPI/net10.0/PublicAPI.Shipped.txt

@@ -102,6 +102,8 @@ Microsoft.Identity.Abstractions.CredentialDescription.Algorithm.get -> string?
 Microsoft.Identity.Abstractions.CredentialDescription.Algorithm.set -> void
 Microsoft.Identity.Abstractions.CredentialDescription.Base64EncodedValue.get -> string?
 Microsoft.Identity.Abstractions.CredentialDescription.Base64EncodedValue.set -> void
+Microsoft.Identity.Abstractions.CredentialDescription.Certificate.get -> System.Security.Cryptography.X509Certificates.X509Certificate2?
+Microsoft.Identity.Abstractions.CredentialDescription.Certificate.set -> void
 Microsoft.Identity.Abstractions.CredentialDescription.CertificateDiskPath.get -> string?
 Microsoft.Identity.Abstractions.CredentialDescription.CertificateDiskPath.set -> void
 Microsoft.Identity.Abstractions.CredentialDescription.CertificateDistinguishedName.get -> string?
@@ -125,17 +127,13 @@ Microsoft.Identity.Abstractions.CredentialDescription.CustomSignedAssertionProvi
 Microsoft.Identity.Abstractions.CredentialDescription.CustomSignedAssertionProviderName.set -> void
 Microsoft.Identity.Abstractions.CredentialDescription.DecryptKeysAuthenticationOptions.get -> Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions?
 Microsoft.Identity.Abstractions.CredentialDescription.DecryptKeysAuthenticationOptions.set -> void
-Microsoft.Identity.Abstractions.CredentialDescription.GetCachedValueInternal() -> object?
-Microsoft.Identity.Abstractions.CredentialDescription.GetCertificateInternal() -> System.Security.Cryptography.X509Certificates.X509Certificate2?
 Microsoft.Identity.Abstractions.CredentialDescription.Id.get -> string!
 Microsoft.Identity.Abstractions.CredentialDescription.KeyVaultCertificateName.get -> string?
 Microsoft.Identity.Abstractions.CredentialDescription.KeyVaultCertificateName.set -> void
 Microsoft.Identity.Abstractions.CredentialDescription.KeyVaultUrl.get -> string?
 Microsoft.Identity.Abstractions.CredentialDescription.KeyVaultUrl.set -> void
 Microsoft.Identity.Abstractions.CredentialDescription.ManagedIdentityClientId.get -> string?
 Microsoft.Identity.Abstractions.CredentialDescription.ManagedIdentityClientId.set -> void
-Microsoft.Identity.Abstractions.CredentialDescription.SetCachedValueInternal(object? value) -> void
-Microsoft.Identity.Abstractions.CredentialDescription.SetCertificateInternal(System.Security.Cryptography.X509Certificates.X509Certificate2? value) -> void
 Microsoft.Identity.Abstractions.CredentialDescription.SignedAssertionFileDiskPath.get -> string?
 Microsoft.Identity.Abstractions.CredentialDescription.SignedAssertionFileDiskPath.set -> void
 Microsoft.Identity.Abstractions.CredentialDescription.Skip.get -> bool
@@ -146,12 +144,6 @@ Microsoft.Identity.Abstractions.CredentialDescription.TokenExchangeAuthority.get
 Microsoft.Identity.Abstractions.CredentialDescription.TokenExchangeAuthority.set -> void
 Microsoft.Identity.Abstractions.CredentialDescription.TokenExchangeUrl.get -> string?
 Microsoft.Identity.Abstractions.CredentialDescription.TokenExchangeUrl.set -> void
-Microsoft.Identity.Abstractions.CredentialDescriptionExtensions
-Microsoft.Identity.Abstractions.CredentialDescriptionExtensions.extension(Microsoft.Identity.Abstractions.CredentialDescription!)
-Microsoft.Identity.Abstractions.CredentialDescriptionExtensions.extension(Microsoft.Identity.Abstractions.CredentialDescription!).CachedValue.get -> object?
-Microsoft.Identity.Abstractions.CredentialDescriptionExtensions.extension(Microsoft.Identity.Abstractions.CredentialDescription!).CachedValue.set -> void
-Microsoft.Identity.Abstractions.CredentialDescriptionExtensions.extension(Microsoft.Identity.Abstractions.CredentialDescription!).Certificate.get -> System.Security.Cryptography.X509Certificates.X509Certificate2?
-Microsoft.Identity.Abstractions.CredentialDescriptionExtensions.extension(Microsoft.Identity.Abstractions.CredentialDescription!).Certificate.set -> void
 Microsoft.Identity.Abstractions.CredentialDescriptionJsonConverter
 Microsoft.Identity.Abstractions.CredentialDescriptionJsonConverter.CredentialDescriptionJsonConverter() -> void
 Microsoft.Identity.Abstractions.CredentialSource
@@ -358,13 +350,11 @@ static Microsoft.Identity.Abstractions.AcquireTokenOptions.LongRunningWebApiSess
 static Microsoft.Identity.Abstractions.AuthorizationHeaderResult.implicit operator Microsoft.Identity.Abstractions.AuthorizationHeaderResult!(Microsoft.Identity.Abstractions.AuthorizationHeaderError! error) -> Microsoft.Identity.Abstractions.AuthorizationHeaderResult!
 static Microsoft.Identity.Abstractions.AuthorizationHeaderResult.implicit operator Microsoft.Identity.Abstractions.AuthorizationHeaderResult!(Microsoft.Identity.Abstractions.AuthorizationHeaderInformation! info) -> Microsoft.Identity.Abstractions.AuthorizationHeaderResult!
 static Microsoft.Identity.Abstractions.AuthorizationHeaderResult.implicit operator string!(Microsoft.Identity.Abstractions.AuthorizationHeaderResult! result) -> string!
-static Microsoft.Identity.Abstractions.CredentialDescriptionExtensions.get_CachedValue(Microsoft.Identity.Abstractions.CredentialDescription! credential) -> object?
-static Microsoft.Identity.Abstractions.CredentialDescriptionExtensions.get_Certificate(Microsoft.Identity.Abstractions.CredentialDescription! credential) -> System.Security.Cryptography.X509Certificates.X509Certificate2?
-static Microsoft.Identity.Abstractions.CredentialDescriptionExtensions.set_CachedValue(Microsoft.Identity.Abstractions.CredentialDescription! credential, object? value) -> void
-static Microsoft.Identity.Abstractions.CredentialDescriptionExtensions.set_Certificate(Microsoft.Identity.Abstractions.CredentialDescription! credential, System.Security.Cryptography.X509Certificates.X509Certificate2? value) -> void
 static Microsoft.Identity.Abstractions.OperationResult<TResult, TError>.implicit operator Microsoft.Identity.Abstractions.OperationResult<TResult, TError!>(TError! error) -> Microsoft.Identity.Abstractions.OperationResult<TResult, TError!>
 static Microsoft.Identity.Abstractions.OperationResult<TResult, TError>.implicit operator Microsoft.Identity.Abstractions.OperationResult<TResult, TError!>(TResult result) -> Microsoft.Identity.Abstractions.OperationResult<TResult, TError!>
 virtual Microsoft.Identity.Abstractions.AcquireTokenOptions.Clone() -> Microsoft.Identity.Abstractions.AcquireTokenOptions!
 virtual Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions.CloneInternal() -> Microsoft.Identity.Abstractions.AuthorizationHeaderProviderOptions!
+virtual Microsoft.Identity.Abstractions.CredentialDescription.CachedValue.get -> object?
+virtual Microsoft.Identity.Abstractions.CredentialDescription.CachedValue.set -> void
 virtual Microsoft.Identity.Abstractions.IdentityApplicationOptions.Authority.get -> string?
 virtual Microsoft.Identity.Abstractions.IdentityApplicationOptions.Authority.set -> void