Upgrade MSAL and MSAL extesion library dependencies to latest (Azure#20922)

* Upgrade MSAL and MSAL extesion library dependencies to latest

* exclude x-ms-PKeyAuth from record matching

Author: schaabs

eng/Packages.Data.props

@@ -89,8 +89,8 @@
 
     <!-- Other approved packages -->
     <PackageReference Update="Microsoft.Azure.Amqp" Version="2.4.13" />
-    <PackageReference Update="Microsoft.Identity.Client" Version="4.23.0" />
-    <PackageReference Update="Microsoft.Identity.Client.Extensions.Msal" Version="2.16.6" />
+    <PackageReference Update="Microsoft.Identity.Client" Version="4.30.1" />
+    <PackageReference Update="Microsoft.Identity.Client.Extensions.Msal" Version="2.18.4" />
     <!-- TODO: Make sure this package is arch-board approved -->
     <PackageReference Update="System.IdentityModel.Tokens.Jwt" Version="5.4.0" />
 

sdk/identity/Azure.Identity/src/MsalCacheHelperWrapper.cs

@@ -63,14 +63,6 @@ public virtual void UnregisterCache(ITokenCache tokenCache)
             _helper.UnregisterCache(tokenCache);
         }
 
-        /// <summary>
-        /// Clears the token store.
-        /// </summary>
-        public virtual void Clear()
-        {
-            _helper.Clear();
-        }
-
         /// <summary>
         /// Extracts the token cache data from the persistent store
         /// </summary>

sdk/identity/Azure.Identity/src/TokenCache.cs

@@ -24,9 +24,6 @@ internal class TokenCache
         private DateTimeOffset _lastUpdated;
         private ConditionalWeakTable<object, CacheTimestamp> _cacheAccessMap;
         internal Func<IPublicClientApplication> _publicClientApplicationFactory;
-        // we are creating the MsalCacheHelper with a random guid based clientId to work around issue https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/issues/98
-        // This does not impact the functionality of the cacheHelper as the ClientId is only used to iterate accounts in the cache not for authentication purposes.
-        internal static readonly string s_msalCacheClientId = Guid.NewGuid().ToString();
         private readonly bool _allowUnencryptedStorage;
         private readonly string _name;
         private readonly bool _persistToDisk;
@@ -252,7 +249,7 @@ private async Task<MsalCacheHelperWrapper> GetCacheHelperAsync(bool async, Cance
 
         private async Task<MsalCacheHelperWrapper> GetProtectedCacheHelperAsync(bool async, string name)
         {
-            StorageCreationProperties storageProperties = new StorageCreationPropertiesBuilder(name, Constants.DefaultMsalTokenCacheDirectory, s_msalCacheClientId)
+            StorageCreationProperties storageProperties = new StorageCreationPropertiesBuilder(name, Constants.DefaultMsalTokenCacheDirectory)
                 .WithMacKeyChain(Constants.DefaultMsalTokenCacheKeychainService, name)
                 .WithLinuxKeyring(Constants.DefaultMsalTokenCacheKeyringSchema, Constants.DefaultMsalTokenCacheKeyringCollection, name, Constants.DefaultMsaltokenCacheKeyringAttribute1, Constants.DefaultMsaltokenCacheKeyringAttribute2)
                 .Build();
@@ -264,7 +261,7 @@ private async Task<MsalCacheHelperWrapper> GetProtectedCacheHelperAsync(bool asy
 
         private async Task<MsalCacheHelperWrapper> GetFallbackCacheHelperAsync(bool async, string name = Constants.DefaultMsalTokenCacheName)
         {
-            StorageCreationProperties storageProperties = new StorageCreationPropertiesBuilder(name, Constants.DefaultMsalTokenCacheDirectory, s_msalCacheClientId)
+            StorageCreationProperties storageProperties = new StorageCreationPropertiesBuilder(name, Constants.DefaultMsalTokenCacheDirectory)
                 .WithMacKeyChain(Constants.DefaultMsalTokenCacheKeychainService, name)
                 .WithLinuxUnprotectedFile()
                 .Build();

sdk/identity/Azure.Identity/tests/ClientSecretCredentialLiveTests.cs

@@ -48,8 +48,10 @@ public async Task GetToken()
 
             Assert.AreEqual(token.Token, cachedToken.Token);
 
+            var options2 = InstrumentClientOptions(new ClientSecretCredentialOptions());
+
             // ensure new credentials don't share tokens from the cache
-            var credential2 = new ClientSecretCredential(tenantId, clientId, secret, options);
+            var credential2 = new ClientSecretCredential(tenantId, clientId, secret, options2);
 
             AccessToken token2 = await credential2.GetTokenAsync(tokenRequestContext);
 

sdk/identity/Azure.Identity/tests/IdentityRecordedTestBase.cs

@@ -26,6 +26,9 @@ private void InitialzeRecordingSettings()
             Matcher.LegacyExcludedHeaders.Add("x-client-SKU");
             Matcher.LegacyExcludedHeaders.Add("x-client-CPU");
             Matcher.LegacyExcludedHeaders.Add("x-client-Ver");
+            // x-ms-PKeyAuth is only added on MAC and Linux so recordings made on windows will fail on these platforms and vice-versa
+            // ignoring this header as CI must run on all platforms
+            Matcher.LegacyExcludedHeaders.Add("x-ms-PKeyAuth");
             Sanitizer = new IdentityRecordedTestSanitizer();
         }
     }