Bump com.microsoft.azure:msal4j from 1.11.0 to 1.19.0 in /msal-obo-sample

[dependabot[bot]]

trafficstars

Bumps com.microsoft.azure:msal4j from 1.11.0 to 1.19.0.

Release notes

Sourced from com.microsoft.azure:msal4j's releases.

v1.18.0

What's Changed

• Fix Www-Authenticate not being read by @​blancqua in AzureAD/microsoft-authentication-library-for-java#885
• Bump jackson-databind dependency by @​Avery-Dunn in AzureAD/microsoft-authentication-library-for-java#887
• Pass optional tenant override to internal silent call by @​Avery-Dunn in AzureAD/microsoft-authentication-library-for-java#886

New Contributors

• @​blancqua made their first contribution in AzureAD/microsoft-authentication-library-for-java#885

v1.17.3

• Correctly set buffer for expired tokens (#875)
• Bump commons-io dependency from 2.7 to 2.14.0 (#871)

v1.17.2

• Make ManagedIdentityApplication.getManagedIdentitySource static (#864)

v1.17.1

• Fix 'refresh on' value calculation in Managed Identity flows (#858)
• Bump nimbusds-oauth2-oidc-sdk version (#859)

v1.17.0

• Add object ID option for Managed Identity (#854)
• Add support for custom authorities (#851)
• Fix bug where claims did not cause cache to be skipped (#811)

v1.16.2

• Use SHA256 thumbprints in non-ADFS cert flows (#840)
• Reduce logging level of cache miss messages (#844)
• Make ManagedIdentitySourceType enum public (#845)

v1.16.1

• Add missing refreshOn metadata (#838)

v1.16.0

• Fix breaking API changes introduced in v1.15.0 (AzureAD/microsoft-authentication-library-for-java#828)
• Expose refreshOn parameter in AuthenticationResultMetadata (AzureAD/microsoft-authentication-library-for-java#829)

v1.15.1

• Fix to correctly use custom SSLSocketFactory (#821)
• Add public API to determine the Managed Identity environment (#823)

v1.15.0

• GA support for Azure managed identity scenarios
• Support managed identities in Azure Functions, App Service, IMDS (#661)
• Support MI in Cloud Shell (#713)
• Support MI in Service Fabric (#729)
• Support MI in Azure Arc (#730)
• Adjust loopback address binding in interactive flow by @​crimsonvspurple (#797)

v1.14.2

... (truncated)

Changelog

Sourced from com.microsoft.azure:msal4j's changelog.

Version 1.19.0

• Fix potential regression caused by certificate hashing changes (#898)
• Add token refresh reasons AuthenticationResultMetadata (#901)
• Update build plugins for better compatibility with Java 17+ (#900)
• Downgrade json-smart dependency to avoid CVE (#905)

Version 1.18.0

• Fix WWW-Authenticate formatting in MI scenarios (#885)
• Fix tenant override not being used in OBO and credential flows (#886)
• Bump jackson-databind dependency (#887)

Version 1.17.3

• Correctly set buffer for expired tokens (#875)
• Bump commons-io dependency from 2.7 to 2.14.0 (#871)

Version 1.17.2

• Make ManagedIdentityApplication.getManagedIdentitySource static (#864)

Version 1.17.1

• Fix 'refresh on' value calculation in Managed Identity flows (#858)
• Bump nimbusds-oauth2-oidc-sdk version (#859)

Version 1.17.0

• Add object ID option for Managed Identity (#854)
• Add support for custom authorities (#851)
• Fix bug where claims did not cause cache to be skipped (#811)

Version 1.16.2

• Use SHA256 thumbprints in non-ADFS cert flows (#840)
• Reduce logging level of cache miss messages (#844)
• Make ManagedIdentitySourceType enum public (#845)

Version 1.16.1

• Add missing refreshOn metadata (#838)

Version 1.16.0

• Fix breaking API changes introduced in v1.15.0 (#828)
• Expose refreshOn parameter in AuthenticationResultMetadata (#829)

Version 1.15.1

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)