Using SNI cert for Lab Auth

[gladjohn]

Background: As part of the lab team guidance, our teams have been asked to move away from using secrets and pinned certificates. We will be transitioning to use SNI certificates for enhanced security. This change affects all MSAL teams and partner teams currently using the RequestMSIDLAB app for authentication.

Changes Implemented:

SNI Certificate Integration: The RequestMSIDLAB app (App ID: f62c5ae3-bf3a-4af5-afa8-a68b800396e9) will now use SNI certificates for authentication.

Sending the x5c Claim:

To support SNI certificates, the x5c claim must be sent as part of the authentication process in confidential client scenarios. This update ensures that the client certificate chain is included in the token request, allowing proper validation and support for SNI certificates.

Action Required:

Teams need to update their pipelines and authentication flows to include the x5c claim when using the SNI certificate. Ensure that any references to the old LabVaultAccessCert are removed and replaced with the new SNI certificate configuration.

Testing and Validation: Thorough testing has been conducted to ensure compatibility and functionality with the new SNI certificates.

PR MERGE CONDITION:

On Wednesday (7/3), the OneCert will be added to RequestMSIDLAB, and all necessary changes will be implemented by the Lab team. All teams must transition to the new configuration during this window, including updating their code to send the x5c claim.

${{\color{red}\Huge{\textsf{ Important \ Note \ }}}}$Merge this PR when Lab confirms changes are in.