Bump System.IdentityModel.Tokens.Jwt from 6.22.1 to 6.28.1 in /src/ApiService

[dependabot]

Bumps System.IdentityModel.Tokens.Jwt from 6.22.1 to 6.28.1.

Release notes

Sourced from System.IdentityModel.Tokens.Jwt's releases.

6.28.1

• Bug fix where internal cache was not instantiated AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2045

6.28.0

• Update Wilson logs with aka.ms pointers to known wikis in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2027
• Fix typo in documentation AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2034
• Introduce a LKG configuration cache to store each valid base configuration instead of a single entry of configuration AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2007
• Add encryption keys to base configuration AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2023
• Updated CHANGELOG link AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2026

6.27.0

Servicing release Set maximum depth for Newtonsoft parsing. AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2024 Improve metadata failure message. AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2010 Validate size of symmetric signatures. AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2008 Added property TokenEndpoint to BaseConfiguration. AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#1998

6.26.1

Releasing a Hotfix for Wilson 6.26.0 that reverts async/await changes made in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#1996 to address a performance reduction issue.

• Changes are in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2015

• Root cause analysis and fix will be tracked in AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2017

6.26.0

Servicing release Introducing a new boolean TokenValidationParameter LogTokenId. AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#2002 Update System.Text.Encodings.Web AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#1997 Update ValidateToken call stack fully async AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#1996 JsonWebTokenHandler to return the JsonWebToken on validation failure AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#1989 Update documentation of DefaultTokenLifetimeInMinutes AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#1988

6.25.1

Servicing release .net was throwing when JWT tokens contained claims that used escaped characters. AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#1975 Fixed Typo in comments AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#1971 Added inner exception to help diagnose when reading JWT tokens fails. AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#1968

... (truncated)

Changelog

Sourced from System.IdentityModel.Tokens.Jwt's changelog.

See the releases for details on bug fixes and added features.

6.26.1

Bug Fixes:

Releasing a Hotfix for Wilson 6.26.0 that reverts async/await changes made in #1996 to address a performance reduction issue.

• Changes are in #2015
• Root cause analysis and fix will be tracked in #2017

Commits

• 42d6dbd set default LastKnownGood cache instance.
• 825d07e Update CHANGELOG link (#2026)
• f27016f Add encryption keys to base configuration (#2023)
• 3696bd2 Introdduce a LKG configuration cache to store each valid base configuration
• dfe9ea2 Fix typo in documentation (#2034)
• 4fddab7 Updated Version to 6.27.1
• 11080db Update Wilson logs with aka.ms pointers to known wikis (#2027)
• dc66295 updated fix for controlling depth.
• 6aa3efd Xiao/Enrich metadata failure message during metadata refresh interval (#2010)
• 6217459 Revert changes in https://github.com/AzureAD/azure-activedirectory-identitymo...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #2970 (9946234) into main (f84b9c1) will increase coverage by 0.05%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main    #2970      +/-   ##
==========================================
+ Coverage   29.02%   29.08%   +0.05%     
==========================================
  Files         304      179     -125     
  Lines       36326    22658   -13668     
==========================================
- Hits        10545     6589    -3956     
+ Misses      25781    16069    -9712     

see 125 files with indirect coverage changes

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[dependabot]

Superseded by #3023.