Bump Microsoft.Identity.Web, Microsoft.AspNetCore.Authentication.JwtBearer and Microsoft.AspNetCore.Authentication.OpenIdConnect in /src/AdminConsole

[dependabot]

Bumps Microsoft.Identity.Web, Microsoft.AspNetCore.Authentication.JwtBearer and Microsoft.AspNetCore.Authentication.OpenIdConnect. These dependencies needed to be updated together.
Updates Microsoft.Identity.Web from 2.19.0 to 3.0.0

Release notes

Sourced from Microsoft.Identity.Web's releases.

3.0.0

CVE package updates

CVE-2024-30105

• See PR #2929 for details.

• Updated to Microsoft.IdentityModel.* 8.0.0, Microsoft.Identity.Lab API 1.0.2, Microsoft.Identity.Abstractions 6.0.0

• See rel/v2 changelog for full list of added features to 3.0.0.

Fundamentals:

• Update lab cert and lab version. See PR #2923 for details.

2.20.0

• Updated to Microsoft.Identity.Abstractions 6.0.0 which adds one method to IAuthorizationHeaderProvider

New features

• Implements the updated IAuthorizationHeaderProvider interface (the new method CreateAuthorizationHeaderForAppAsync). See issue #2907
• If an IMsalHttpClientFactory is added to the service collection, it's not used by IdWeb token acquisition. See issue #2911 This will be use to enable some IPv6 scenarios.

Bug fixes

• Fix metadata address creation when using AddMicrosoftIdentityWebApp. See issue #2752
• Use MSAL.NET instead of DefaultAzureCredential for Federation identity credentials scenario. See 2894

Fundamentals

• Updating Lab Api to 0.13.3

3.0.0-preview3

• Updated to Microsoft.IdentityModel.* 8.0.0-preview3

3.0.0-preview2

• Updated MSAL .Net to 4.61.3
• Updated Azure.Identity to 1.11.4

New features:

• Change GetSignedAssertion public API. See issue #2853 for details.
• Update to latest .NET 9 preview 4. See issue #2877 for details.

2.19.1

• Updated MSAL .Net to 4.61.3
• Updated Azure.Identity to 1.11.4

Changelog

Sourced from Microsoft.Identity.Web's changelog.

3.0.0

CVE package updates

CVE-2024-30105

• See PR #2929 for details.

• Updated to Microsoft.IdentityModel.* 8.0.0, Microsoft.Identity.Lab API 1.0.2, Microsoft.Identity.Abstractions 6.0.0

• See rel/v2 changelog for full list of added features to 3.0.0.

Fundamentals:

• Update lab cert and lab version. See PR #2923 for details.

3.0.0-preview3

• Updated to Microsoft.IdentityModel.* 8.0.0-preview3

3.0.0-preview2

• Updated MSAL .Net to 4.61.3
• Updated Azure.Identity to 1.11.4

New features:

• Change GetSignedAssertion public API. See issue #2853 for details.
• Update to latest .NET 9 preview 4. See issue #2877 for details.

3.0.0-preview1

Breaking changes

• Remove netcoreapp3.1 support, see issue #2262 for details.
• Remove net5.0 support from Microsoft.Identity.Web.UI, see issue #2711 for details.

New features

• Microsoft.Identity.Web can be conditionally built on .net9.0-preview, see issue #2702 for details.
• Microsoft.Identity.Web nows processes the AcceptHeader and ContentType if provided, see issue #2806 for details.
• Target Microsoft.IdentityModel 7x in OWIN targets, see issue #2785 for details.

========

See rel/v2 changelog for full list of added features to 3.0.0.

========

Commits

• 1e6f70f update build to 9.0.100-preview.6.24328.19 (#2940)
• e6fe2d8 fix blazor test (#2939)
• 9863535 cve fixes (#2938)
• f6c19af fix .net 9 package issue (#2937)
• 5a67761 Lozensky/update deps for CVE (#2936)
• 756e5fb update to M.IM 8 (#2934)
• 8975ae2 3.0.0 changelog (#2932)
• a53065d updated dependency versions for b2c webapp (#2933)
• bf48d7a fix CVEs (#2929)
• f5b443e update lab API to 1.0.2 (#2926)
• Additional commits viewable in compare view

Updates Microsoft.AspNetCore.Authentication.JwtBearer from 8.0.7 to 9.0.0-preview.6.24328.4

Release notes

Sourced from Microsoft.AspNetCore.Authentication.JwtBearer's releases.

.NET 9.0 Preview 6

Release

.NET 9 Preview 5

Release

.NET 9 Preview 4

Release

.NET 9.0 Preview 3

Release

.NET 9.0 Preview 2

[Release[(https://github.com/dotnet/core/releases/tag/v9.0.0-preview.2)

.NET 9 Preview 1

Release

Commits

• f508452 [release/9.0-preview6] Update dependencies from dotnet/efcore, dotnet/runtime...
• 07fefab [release/9.0-preview6] Update dependencies from dotnet/efcore (#56406)
• 68adb02 [release/9.0-preview6] Update dependencies from dotnet/runtime (#56354)
• b6fed08 Update milestones for August (#56350)
• c40405f [main] Update dependencies from dotnet/source-build-externals (#56342)
• de37915 Fix urls in ProjectTemplates/README (#55984)
• 613ac88 Update dependencies from https://github.com/dotnet/winforms build 20240617.1 ...
• 613c1e9 Re-plat on JsonExporter APIs and remove JsonSchemaMapper prototype (#56330)
• 7712869 SE.Redis DC backend / HybridCache : add net8.0 TFM (#56122)
• 79cab58 [main] Update dependencies from dotnet/xdt (#56293)
• Additional commits viewable in compare view

Updates Microsoft.AspNetCore.Authentication.OpenIdConnect from 8.0.7 to 9.0.0-preview.6.24328.4

Release notes

Sourced from Microsoft.AspNetCore.Authentication.OpenIdConnect's releases.

.NET 9.0 Preview 6

Release

.NET 9 Preview 5

Release

.NET 9 Preview 4

Release

.NET 9.0 Preview 3

Release

.NET 9.0 Preview 2

[Release[(https://github.com/dotnet/core/releases/tag/v9.0.0-preview.2)

.NET 9 Preview 1

Release

Commits

• f508452 [release/9.0-preview6] Update dependencies from dotnet/efcore, dotnet/runtime...
• 07fefab [release/9.0-preview6] Update dependencies from dotnet/efcore (#56406)
• 68adb02 [release/9.0-preview6] Update dependencies from dotnet/runtime (#56354)
• b6fed08 Update milestones for August (#56350)
• c40405f [main] Update dependencies from dotnet/source-build-externals (#56342)
• de37915 Fix urls in ProjectTemplates/README (#55984)
• 613ac88 Update dependencies from https://github.com/dotnet/winforms build 20240617.1 ...
• 613c1e9 Re-plat on JsonExporter APIs and remove JsonSchemaMapper prototype (#56330)
• 7712869 SE.Redis DC backend / HybridCache : add net8.0 TFM (#56122)
• 79cab58 [main] Update dependencies from dotnet/xdt (#56293)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)