Adding WithExtraClientAssertionClaims api

[trwalke]

This pull request introduces a new extensibility API that allows higher-level libraries to specify extra claims for client assertions when acquiring tokens for clients. It also marks the older claims API as obsolete and updates the internal handling of client assertion claims to support both dictionary and JSON string formats. Tests and public API files are updated accordingly.

New extensibility for client assertion claims:

• Added WithExtraClientAssertionClaims(string claimsToSign) method to AcquireTokenForClientParameterBuilder, allowing extra claims (as a JSON string) to be included in the client assertion. This method also ensures cache keys are unique per claims set and is intended for use by higher-level APIs, not direct application use. [1] [2] [3] [4]
• Updated internal parameter classes (AcquireTokenCommonParameters, AuthenticationRequestParameters) to store and expose the extra client assertion claims. [1] [2]

Client assertion generation logic:

• Enhanced JsonWebToken to accept claims as either a dictionary or a JSON string, and updated the payload generation logic to merge these claims appropriately. [1] [2] [3] [4]
• Modified CertificateAndClaimsClientCredential to use the new claims property when generating the JWT for client assertions.

API deprecation:

• Marked the older WithClientClaims methods on ConfidentialClientApplicationBuilder as obsolete, directing users to the new WithExtraClientAssertionClaims method. [1] [2]

Test updates:

• Updated unit and integration tests to suppress obsolete warnings when using the now-deprecated WithClientClaims method. [1] [2] [3] [4] [5] [6]Fixes #

Changes proposed in this request

Testing

Performance impact

Documentation

• All relevant documentation is updated.