Merge pull request #408 from microsoft/release/update/231107060522

Resync to Shipping code base.

src/Build.Shared.props

@@ -1,20 +1,8 @@
 <Project>
-  <PropertyGroup>
-    <MSBuildAllProjects>$(MSBuildAllProjects);$(MSBuildThisFileFullPath)</MSBuildAllProjects>
-  </PropertyGroup>
-
   <!-- msbuild properties shared for dotnetCore and .NET classic projects: -->
   <PropertyGroup>
     <!-- Assembly attributes are set by cake build. We need to disable autogeneration by msbuild -->
-    <GenerateAssemblyCompanyAttribute>false</GenerateAssemblyCompanyAttribute>
-    <GenerateAssemblyConfigurationAttribute>false</GenerateAssemblyConfigurationAttribute>
-    <GenerateAssemblyCopyrightAttribute>false</GenerateAssemblyCopyrightAttribute>
-    <GenerateAssemblyFileVersionAttribute>false</GenerateAssemblyFileVersionAttribute>
-    <GenerateAssemblyInformationalVersionAttribute>false</GenerateAssemblyInformationalVersionAttribute>
-    <GenerateAssemblyProductAttribute>false</GenerateAssemblyProductAttribute>
-    <GenerateAssemblyTitleAttribute>false</GenerateAssemblyTitleAttribute>
-    <GenerateAssemblyVersionAttribute>false</GenerateAssemblyVersionAttribute>
-    <GenerateAssemblyDescriptionAttribute>false</GenerateAssemblyDescriptionAttribute>
+    <DisableAssemblyAttributesSetViaCakeSetVersion>true</DisableAssemblyAttributesSetViaCakeSetVersion>
   </PropertyGroup>
 
   <PropertyGroup>
@@ -52,11 +40,6 @@
     <OutputPath>$(OutDir)</OutputPath>
   </PropertyGroup>
 
-  <PropertyGroup Condition="'$(SignAssembly)' == 'true'">
-    <AssemblyOriginatorKeyFile>$(RepoRoot)\build\crmkey\35MSSharedLib1024.snk</AssemblyOriginatorKeyFile>
-    <DelaySign>true</DelaySign>
-  </PropertyGroup>
-
   <PropertyGroup>
     <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
     <FileAlignment>512</FileAlignment>

src/GeneralTools/DataverseClient/Client/Auth/AuthProcessor.cs

@@ -6,6 +6,7 @@
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
+using System.Globalization;
 using System.Linq;
 using System.Net.Http;
 using System.Security;
@@ -299,7 +300,9 @@ internal async static Task<AuthenticationResult> ObtainAccessTokenAsync(
                     }
                     else
                     {
+#pragma warning disable CS0618 // Type or member is obsolete
                         _authenticationResult = await publicAppClient.AcquireTokenByUsernamePassword(scopes, clientCredentials.UserName.UserName, ServiceClient.MakeSecureString(clientCredentials.UserName.Password)).ExecuteAsync().ConfigureAwait(false);
+#pragma warning restore CS0618 // Type or member is obsolete
                     }
                 }
                 else

src/GeneralTools/DataverseClient/Client/Microsoft.PowerPlatform.Dataverse.Client.csproj

@@ -40,12 +40,10 @@
     <PackageReference Include="System.Security.Cryptography.ProtectedData" Version="4.7.0" />
     <PackageReference Include="System.Security.Permissions" Version="5.0.0" />
     <PackageReference Include="System.ServiceModel.Http" Version="4.10.2" />
-    <PackageReference Include="System.Text.Json" Version="6.0.7" />
-    <PackageReference Include="Microsoft.Identity.Client.Extensions.Msal" Version="2.18.9" />
+    <PackageReference Include="System.Text.Json" Version="$(PackageVersion_SystemTextJson)" />
+    <PackageReference Include="Microsoft.Identity.Client.Extensions.Msal" Version="4.56.0" />
     <PackageReference Include="Microsoft.Extensions.Caching.Memory" Version="$(PackageVersion_Microsoft_Extensions)" />
     <PackageReference Include="System.Drawing.Common" Version="5.0.3" /> <!-- explict add to deal with CVE-2021-24112  --> 
-    <PackageReference Include="System.Security.Cryptography.Xml" Version="6.0.1" /> <!-- explict add to deal with CVE-2022-34716  --> 
-    <PackageReference Include="System.Security.Cryptography.Pkcs" Version="6.0.3" /> <!-- explict add to deal with CVE-2023-29331  --> 
   </ItemGroup>
 
   <ItemGroup Condition="'$(TargetFramework)' == 'net462' or '$(TargetFramework)' == 'net472' or '$(TargetFramework)' == 'net48'">

src/GeneralTools/DataverseClient/UnitTests/CdsClient_Core_Tests/ServiceClientTests.cs

@@ -853,7 +853,7 @@ public void ConnectUsingServiceIdentity_ClientSecret_ConStr()
                 Assert.Null(ex);
             }
             // Check user before we validate connection
-            client._connectionSvc.AuthenticationTypeInUse.Should().BeEquivalentTo(Microsoft.PowerPlatform.Dataverse.Client.AuthenticationType.ClientSecret);
+            client._connectionSvc.AuthenticationTypeInUse.Should().Be(Microsoft.PowerPlatform.Dataverse.Client.AuthenticationType.ClientSecret);
             client._connectionSvc.AuthContext.Scopes.Should().BeEquivalentTo(new string[] { $"{Conn_Url}/.default" });
             client._connectionSvc.AuthContext.Account.Should().BeNull();
             client._connectionSvc.AuthContext.AccessToken.Should().NotBeNull();
@@ -956,7 +956,7 @@ public void ConnectUsingUserIdentity_UIDPW_ConStr()
             Assert.True(client.IsReady, "Failed to Create Connection via Connection string");
 
             // Check user before we validate connection
-            client._connectionSvc.AuthenticationTypeInUse.Should().BeEquivalentTo(Microsoft.PowerPlatform.Dataverse.Client.AuthenticationType.OAuth);
+            client._connectionSvc.AuthenticationTypeInUse.Should().Be(Microsoft.PowerPlatform.Dataverse.Client.AuthenticationType.OAuth);
             client._connectionSvc.AuthContext.Scopes.Should().BeEquivalentTo(new string[] { $"{Conn_Url}//user_impersonation" });
             client._connectionSvc.AuthContext.Account.Should().NotBeNull();
             client._connectionSvc.AuthContext.IdToken.Should().NotBeEmpty();
@@ -999,7 +999,7 @@ public void ConnectUsingUserIdentity_UIDPW_CtorV1_Discovery()
             Assert.True(client.IsReady, "Failed to Create Connection via Constructor - Discovery");
 
             // Check user before we validate connection
-            client._connectionSvc.AuthenticationTypeInUse.Should().BeEquivalentTo(Microsoft.PowerPlatform.Dataverse.Client.AuthenticationType.OAuth);
+            client._connectionSvc.AuthenticationTypeInUse.Should().Be(Microsoft.PowerPlatform.Dataverse.Client.AuthenticationType.OAuth);
             client._connectionSvc.AuthContext.Account.Should().NotBeNull();
             client._connectionSvc.AuthContext.IdToken.Should().NotBeEmpty();
             client._connectionSvc.AuthContext.Account.Username.Should().BeEquivalentTo(Conn_UserName);
@@ -1029,7 +1029,7 @@ public void ConnectUsingUserIdentity_UIDPW_CtorV2()
             Assert.True(client.IsReady, "Failed to Create Connection via Constructor - Direct Connect");
 
             // Check user before we validate connection
-            client._connectionSvc.AuthenticationTypeInUse.Should().BeEquivalentTo(Microsoft.PowerPlatform.Dataverse.Client.AuthenticationType.OAuth);
+            client._connectionSvc.AuthenticationTypeInUse.Should().Be(Microsoft.PowerPlatform.Dataverse.Client.AuthenticationType.OAuth);
             client._connectionSvc.AuthContext.Scopes.Should().BeEquivalentTo(new string[] { $"{Conn_Url}//user_impersonation" });
             client._connectionSvc.AuthContext.Account.Should().NotBeNull();
             client._connectionSvc.AuthContext.IdToken.Should().NotBeEmpty();
@@ -1083,7 +1083,7 @@ public void ConnectUsingUserIdentity_UIDPW_ConSetup()
             ValidateConnection(client);
 
             // Check user before we validate connection
-            client._connectionSvc.AuthenticationTypeInUse.Should().BeEquivalentTo(Microsoft.PowerPlatform.Dataverse.Client.AuthenticationType.OAuth);
+            client._connectionSvc.AuthenticationTypeInUse.Should().Be(Microsoft.PowerPlatform.Dataverse.Client.AuthenticationType.OAuth);
             client._connectionSvc.AuthContext.Scopes.Should().BeEquivalentTo(new string[] { $"{Conn_Url}/user_impersonation" });
             client._connectionSvc.AuthContext.Account.Should().NotBeNull();
             client._connectionSvc.AuthContext.IdToken.Should().NotBeEmpty();