Bump System.IdentityModel.Tokens.Jwt from 6.17.0 to 7.2.0

[dependabot[bot]]

Bumps System.IdentityModel.Tokens.Jwt from 6.17.0 to 7.2.0.

Release notes

Sourced from System.IdentityModel.Tokens.Jwt's releases.

7.2.0

Performance Improvements:

Reduce allocations and transformations when creating a token #2395. Update Esrp Code Signing version to speed up release build #2429.

Engineering Excellence:

Improve benchmark consistency #2428. Adding P50, P90 and P100 percentiles to benchmarks #2411. Decouple benchmark tests from test projects #2413. Include pack step in PR builds #2442.

Fundamentals:

Improve logging in Wilson for failed token validation when key not found #2436. Remove conditional Net8.0 compilation #2424.

7.1.2

Security fixes

See https://aka.ms/IdentityModel/Jan2024/zip and https://aka.ms/IdentityModel/Jan2024/jku for details.

7.1.0-preview

Include IdentityModel 6.32.0 release updates, including AAD specific signing key issuer validator and fix perf regression.

7.0.3

Bug Fixes:

• Fix errors like the following reported by multiple customers at dotnet/aspnetcore#51005 when they tried to upgrade their app using AddMicrosoftIdentityWebApp to .NET 8. See PR for details.
• Fix compatibility issue with 6x when claims are a bool. See issue #2354 for details.

7.0.2

Bug Fixes:

• Resolved an issue where JsonWebToken properties would throw exceptions when the input string was 'null'. See PR#2335 for details.

7.0.1

Bug fixes:

GetPayloadClaim("aud") returns a string when a single audience is specified, aligning with the behavior in 6.x. See PR #2331 for details.

7.0.0

See IdentityModel7x for the updates on this much anticipated release.

7.0.0-preview5

Bug fixes:

• Improve log messages. See PR #2289 for details.
• In AadIssuerValidator return a ValueTask<string> instead of a Task<string>. See Issue #2286 and PR for details.
• Deprecate int? JwtPayload.Exp, .Iat, and .Nbf. See issue #2266 for details, #92, and #1525.

... (truncated)

Changelog

Sourced from System.IdentityModel.Tokens.Jwt's changelog.

7.2.0

Performance Improvements:

Reduce allocations and transformations when creating a token #2395. Update Esrp Code Signing version to speed up release build #2429.

Engineering Excellence:

Improve benchmark consistency #2428. Adding P50, P90 and P100 percentiles to benchmarks #2411. Decouple benchmark tests from test projects #2413. Include pack step in PR builds #2442.

Fundamentals:

Improve logging in Wilson for failed token validation when key not found #2436. Remove conditional Net8.0 compilation #2424.

7.1.2

Security fixes:

See https://aka.ms/IdentityModel/Jan2024/zip and https://aka.ms/IdentityModel/Jan2024/jku for details.

7.0.3

Bug Fixes:

• Fix errors like the following reported by multiple customers at dotnet/aspnetcore#51005 when they tried to upgrade their app using AddMicrosoftIdentityWebApp to .NET 8. See PR for details.
• Fix compatibility issue with 6x when claims are a bool. See issue #2354 for details.

7.0.2

Bug Fixes:

• Resolved an issue where JsonWebToken properties would throw exceptions when the input string was 'null'. See PR#2335 for details.

7.0.1

Bug Fixes:

• GetPayloadClaim("aud") returns a string when a single audience is specified, aligning with the behavior in 6.x. See PR#2331 for details.

7.0.0

See IdentityModel7x for the updates on this much anticipated release.

7.0.0-preview5

Bug fixes:

• Improve log messages. See PR #2289 for details.
• In AadIssuerValidator return a ValueTask<string> instead of a Task<string>. See Issue #2286 and PR [https://redirect.github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/pull/2287] for details.
• Deprecate int? JwtPayload.Exp, .Iat, and .Nbf. See issue #2266 for details, #92, and #1525.
• General clean-up. See PR #2285.

7.0.0-preview4

... (truncated)

Commits

• 54face8 Optmise IDX10503 (#2436)
• c1be3d6 run pack in pr build (#2442)
• ee6bfe7 update dev
• 1a5e9b4 Update comments.
• c3700a5 remove redundant tasks
• 4189db3 reduce signing tasks, esrp v1->4 (#2429)
• f7ccbb4 Remove custom columns and rename derived config
• 5351426 Remove net8.0 conditions
• 8cc08dc Update versions, fixes pack.
• ab18767 address PR comments
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #358.