Bump Microsoft.Identity.Web and Microsoft.Identity.Web.UI

[dependabot]

Updated Microsoft.Identity.Web from 4.9.0 to 4.10.0.

Release notes

Sourced from Microsoft.Identity.Web's releases.

4.10.0

New features

• Add WithExtraBodyParameters fluent API for attaching extra body parameters to token acquisition requests. See #​3819.
• Add IConfidentialClientApplicationProvider extensibility interface and CachePartitionKey support for silent token acquisition. See #​3822.

Bug fixes

• Redirect URI sanitization in authorization scenarios; centralize redirect URI validation in a shared helper. See #​3825.
• Reject dSTS-shaped Authority values with a clearer exception, steering users to use Instance + TenantId instead. See #​3805.
• Improve regex handling and adding length/timeout safeguards for SameSite User Agent. See #​3811.

Behavior changes

• B2C OpenID Connect event handler: LRU cache for issuer address. Issuer address lookups in the B2C OIDC event handler are now cached with an LRU cache, improving performance for repeated lookups. See #​3821.

Dependencies updates

• Update MSAL.NET to 4.84.1. See #​3822.
• Pin Microsoft.Kiota.Abstractions to 1.22.0 for GraphServiceClient. See #​3817.
• Bump uuid and @​azure/msal-node in SidecarAdapter TypeScript test app. See #​3826.
• Bump qs in SidecarAdapter TypeScript test app. See #​3829.

Commits viewable in compare view.

Updated Microsoft.Identity.Web.UI from 4.9.0 to 4.10.0.

Release notes

Sourced from Microsoft.Identity.Web.UI's releases.

4.10.0

New features

• Add WithExtraBodyParameters fluent API for attaching extra body parameters to token acquisition requests. See #​3819.
• Add IConfidentialClientApplicationProvider extensibility interface and CachePartitionKey support for silent token acquisition. See #​3822.

Bug fixes

• Redirect URI sanitization in authorization scenarios; centralize redirect URI validation in a shared helper. See #​3825.
• Reject dSTS-shaped Authority values with a clearer exception, steering users to use Instance + TenantId instead. See #​3805.
• Improve regex handling and adding length/timeout safeguards for SameSite User Agent. See #​3811.

Behavior changes

• B2C OpenID Connect event handler: LRU cache for issuer address. Issuer address lookups in the B2C OIDC event handler are now cached with an LRU cache, improving performance for repeated lookups. See #​3821.

Dependencies updates

• Update MSAL.NET to 4.84.1. See #​3822.
• Pin Microsoft.Kiota.Abstractions to 1.22.0 for GraphServiceClient. See #​3817.
• Bump uuid and @​azure/msal-node in SidecarAdapter TypeScript test app. See #​3826.
• Bump qs in SidecarAdapter TypeScript test app. See #​3829.

Commits viewable in compare view.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud