make updates for .NET 8 (#2594)

src/Microsoft.Identity.Web.TokenAcquisition/MergedOptions.cs

@@ -183,7 +183,11 @@ internal static void UpdateMergedOptionsFromMicrosoftIdentityOptions(MicrosoftId
             }
 
             mergedOptions.SaveTokens |= microsoftIdentityOptions.SaveTokens;
+#if NET8_0_OR_GREATER
+            mergedOptions.TokenHandler ??= microsoftIdentityOptions.TokenHandler;
+#else
             mergedOptions.SecurityTokenValidator ??= microsoftIdentityOptions.SecurityTokenValidator;
+#endif
             mergedOptions.SendX5C |= microsoftIdentityOptions.SendX5C;
             mergedOptions.WithSpaAuthCode |= microsoftIdentityOptions.WithSpaAuthCode;
             mergedOptions.SignedOutCallbackPath = microsoftIdentityOptions.SignedOutCallbackPath;
@@ -229,7 +233,7 @@ internal static void UpdateMergedOptionsFromMicrosoftIdentityOptions(MicrosoftId
             mergedOptions.AutomaticRefreshInterval = microsoftIdentityOptions.AutomaticRefreshInterval;
 #endif
 #endif
-            // Non ASP.NET Core specific
+            // Non ASP.NET Core specific
             if (string.IsNullOrEmpty(mergedOptions.Instance) && !string.IsNullOrEmpty(microsoftIdentityOptions.Instance))
             {
                 mergedOptions.Instance = microsoftIdentityOptions.Instance;

src/Microsoft.Identity.Web/WebAppExtensions/MicrosoftIdentityWebAppAuthenticationBuilderExtensions.cs

@@ -488,7 +488,11 @@ internal static void PopulateOpenIdOptionsFromMergedOptions(
             options.SignOutScheme = mergedOptions.SignOutScheme;
             options.StateDataFormat = mergedOptions.StateDataFormat;
             options.StringDataFormat = mergedOptions.StringDataFormat;
-            options.SecurityTokenValidator = mergedOptions.SecurityTokenValidator;
+#if NET8_0_OR_GREATER
+            options.TokenHandler = mergedOptions.TokenHandler;
+#else
+            options.SecurityTokenValidator = mergedOptions.SecurityTokenValidator;
+#endif
             options.TokenValidationParameters = mergedOptions.TokenValidationParameters;
             options.UseTokenLifetime = mergedOptions.UseTokenLifetime;
             options.SkipUnrecognizedRequests = mergedOptions.SkipUnrecognizedRequests;

tests/Microsoft.Identity.Web.Test/CookiePolicyOptionsExtensionsTests.cs

@@ -31,7 +31,7 @@ public CookiePolicyOptionsExtensionsTests()
         [InlineData(SameSiteMode.Strict, SameSiteMode.Strict, "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148")]
         public void HandleSameSiteCookieCompatibility_Default_ExecutesSuccessfully(SameSiteMode initialSameSiteMode, SameSiteMode expectedSameSiteMode, string userAgent)
         {
-            _httpContext.Request.Headers.Add(Constants.UserAgent, userAgent);
+            _httpContext.Request.Headers.Append(Constants.UserAgent, userAgent);
             var appendCookieOptions = new CookieOptions() { SameSite = initialSameSiteMode };
             var deleteCookieOptions = new CookieOptions() { SameSite = initialSameSiteMode };
             var appendCookieContext = new AppendCookieContext(_httpContext, appendCookieOptions, _cookieName, _cookieValue);
@@ -56,7 +56,7 @@ public void HandleSameSiteCookieCompatibility_Default_ExecutesSuccessfully(SameS
         [InlineData(SameSiteMode.Strict, SameSiteMode.Strict, false, "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148")]
         public void HandleSameSiteCookieCompatibility_CustomFilter_ExecutesSuccessfully(SameSiteMode initialSameSiteMode, SameSiteMode expectedSameSiteMode, bool expectedEventCalled, string userAgent)
         {
-            _httpContext.Request.Headers.Add(Constants.UserAgent, userAgent);
+            _httpContext.Request.Headers.Append(Constants.UserAgent, userAgent);
             var appendCookieOptions = new CookieOptions() { SameSite = initialSameSiteMode };
             var deleteCookieOptions = new CookieOptions() { SameSite = initialSameSiteMode };
             var appendCookieContext = new AppendCookieContext(_httpContext, appendCookieOptions, _cookieName, _cookieValue);