Bump com.microsoft.azure:msal4j from 1.21.0 to 1.23.1 in /plugins/repository-azure

[dependabot]

Bumps com.microsoft.azure:msal4j from 1.21.0 to 1.23.1.

Release notes

Sourced from com.microsoft.azure:msal4j's releases.

1.23.1

• Fix regression and other issues related to client credentials (#986)
  • Fix for regression after latest release where certificate-based assertions were never refreshed (#984)
  • Fix/improve behavior to properly handle callback-based assertions set at the application level (#879, #977)
  • Generally improve internal assertion behavior by making assertions entirely per-request

Full Changelog: AzureAD/microsoft-authentication-library-for-java@v1.23.0...v1.23.1

1.23.0

• Reduced dependency footprint by removing third-party libraries (#909):
  • Replaced org.projectlombok with direct implementations of previously generated code (#946)
  • Replaced com.nimbusds OAuth/OIDC functionality with our own implementation (#926, #927, #928, #941, #945)
  • Replaced com.fasterxml.jackson with com.azure.json for JSON parsing/serialization (#947, #948)
  • Internal behavior and public APIs remain unchanged, except for those noted below
• Minor breaking changes:
  • Removed protected APIs that returned or used com.nimbusds.ClientAuthentication
    • These APIs were not used by any other public MSAL API, and are unlikely to have been used by other libraries
  • Improved JSON error handling to return more informative MsalClientException/MsalServiceException rather than generic JSON exceptions

v1.22.0

What's Changed

• Validate issuer from OIDC endpoint when using the oidcAuthority() API by @​Avery-Dunn (AzureAD/microsoft-authentication-library-for-java#970)
• Suppressed SHA-1 CodeQL flag by @​Avery-Dunn in AzureAD/microsoft-authentication-library-for-java#969
• Bump com.nimbusds.oauth2-oidc-sdk from 11.23 to 11.23.1 by @​Donnerbart in AzureAD/microsoft-authentication-library-for-java#974
• Add/improve javadocs for interface classes by @​Avery-Dunn in AzureAD/microsoft-authentication-library-for-java#973

New Contributors

• @​Donnerbart made their first contribution in AzureAD/microsoft-authentication-library-for-java#974

Full Changelog: AzureAD/microsoft-authentication-library-for-java@v1.21.0...v1.22.0

Changelog

Sourced from com.microsoft.azure:msal4j's changelog.

Version 1.23.1

• Fix regression and other issues related to client credentials (#986)
  • Fix for regression after latest release where certificate-based assertions were never refreshed (#984)
  • Fix/improve behavior to properly handle callback-based assertions set at the application level (#879, #977)
  • Generally improve internal assertion behavior by making assertions entirely per-request

Version 1.23.0

• Reduced dependency footprint by removing third-party libraries (#909):
  • Replaced org.projectlombok with direct implementations of previously generated code (#946)
  • Replaced com.nimbusds OAuth/OIDC functionality with our own implementation (#926, #927, #928, #941, #945)
  • Replaced com.fasterxml.jackson with com.azure.json for JSON parsing/serialization (#947, #948)
  • Internal behavior and public APIs remain unchanged, except for those noted below
• Minor breaking changes:
  • Removed protected APIs that returned or used com.nimbusds.ClientAuthentication
    • These APIs were not used by any other public MSAL API, and are unlikely to have been used by other libraries
  • Improved JSON error handling to return more informative MsalClientException/MsalServiceException rather than generic JSON exceptions

Version 1.22.0

• Validate issuer from OIDC endpoint when using the oidcAuthority() API (#970)
• Bump oauth2-oidc-sdk dependency to avoid CVE-2025-53864 (#975)

Commits

• b8c025b Merge pull request #991 from AzureAD/avdunn/release-1.23.1
• 62645de Version number and changelog update for release 1.23.1
• 9c03bc3 Merge pull request #986 from AzureAD/avdunn/fix-assertion-refresh
• cf22677 Fix issue with overriding tenant in B2C authority
• 305d209 PR feedback
• cabae29 Merge pull request #988 from AzureAD/avdunn/improve-credentials
• dcf0369 Merge remote-tracking branch 'origin/avdunn/improve-credentials' into avdunn/...
• a36c921 Merge branch 'avdunn/fix-assertion-refresh' into avdunn/improve-credentials
• 65dbd6c Update msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/Authority.java
• fb0f51e Add test for mixed and overridden credentials
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

❌ Gradle check result for ba5ffd4: null

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

❌ Gradle check result for ba5ffd4: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

❌ Gradle check result for 76fcc3f: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

❕ Gradle check result for c4815ef: UNSTABLE

Please review all flaky tests that succeeded after retry and create an issue if one does not already exist to track the flaky failure.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73.16%. Comparing base (133e9d9) to head (a09c690).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff              @@
##               main   #19688      +/-   ##
============================================
+ Coverage     73.11%   73.16%   +0.05%     
- Complexity    70838    70873      +35     
============================================
  Files          5732     5732              
  Lines        324191   324246      +55     
  Branches      46922    46923       +1     
============================================
+ Hits         237017   237234     +217     
+ Misses        68068    67889     -179     
- Partials      19106    19123      +17     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

❌ Gradle check result for b82480f: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

[github-actions]

✅ Gradle check result for a09c690: SUCCESS