AzureAD · faix · Jun 6, 2023 · Jun 6, 2023 · Jun 20, 2023 · Jun 20, 2023
diff --git a/packages.config b/packages.config
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <packages>
-  <package id="Microsoft.Identity.Client" version="4.37.0" />
-  <package id="Microsoft.Identity.Client.Desktop" version="4.37.0" />
+  <package id="Microsoft.Identity.Client" version="4.54.1" />
+  <package id="Microsoft.Identity.Client.Desktop" version="4.54.1" />
   <package id="Microsoft.Web.WebView2" version="1.0.864.35" />
   <!-- <package id="System.Security.Cryptography.ProtectedData" version="4.7.0" /> -->
 </packages>
diff --git a/src/Get-MsalToken.ps1 b/src/Get-MsalToken.ps1
@@ -36,6 +36,7 @@ function Get-MsalToken {
         [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClientCertificate', Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
         [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClientCertificate-AuthorizationCode', Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
         [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClientCertificate-OnBehalfOf', Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
+        [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClientCertificate-Regional', Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
         [string] $ClientId,
 
         # Secure secret of the client requesting the token.
@@ -48,13 +49,15 @@ function Get-MsalToken {
         [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClientCertificate', ValueFromPipelineByPropertyName = $true)]
         [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClientCertificate-AuthorizationCode', ValueFromPipelineByPropertyName = $true)]
         [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClientCertificate-OnBehalfOf', ValueFromPipelineByPropertyName = $true)]
+        [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClientCertificate-Regional', ValueFromPipelineByPropertyName = $true)]
         [System.Security.Cryptography.X509Certificates.X509Certificate2] $ClientCertificate,
 
         # Specifies if the x5c claim (public key of the certificate) should be sent to the STS.
         [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClient-InputObject')]
         [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientCertificate')]
         [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientCertificate-AuthorizationCode')]
         [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientCertificate-OnBehalfOf')]
+        [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClientCertificate-Regional')]
         [switch] $SendX5C,
 
         # The authorization code received from service authorization endpoint.
@@ -88,6 +91,7 @@ function Get-MsalToken {
         [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientCertificate', ValueFromPipelineByPropertyName = $true)]
         [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientCertificate-AuthorizationCode', ValueFromPipelineByPropertyName = $true)]
         [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientCertificate-OnBehalfOf', ValueFromPipelineByPropertyName = $true)]
+        [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientCertificate-Regional', ValueFromPipelineByPropertyName = $true)]
         [uri] $RedirectUri,
 
         # Instance of Azure Cloud
@@ -201,7 +205,11 @@ function Get-MsalToken {
 
         # Specifies the timeout threshold for MSAL.net operations.
         [Parameter(Mandatory = $false)]
-        [timespan] $Timeout
+        [timespan] $Timeout,
+
+        # Specifies the Azure region to use for token acquisition.
+        [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClientCertificate-Regional', ValueFromPipelineByPropertyName = $true)]
+        [string] $AzureRegion
     )
 
     begin {

diff --git a/src/MSAL.PS.psd1 b/src/MSAL.PS.psd1
@@ -10,7 +10,7 @@
 RootModule = 'MSAL.PS.psm1'
 
 # Version number of this module.
-ModuleVersion = '4.37.0'
+ModuleVersion = '4.54.1'
 
 # Supported PSEditions
 CompatiblePSEditions = 'Core','Desktop'

diff --git a/src/New-MsalClientApplication.ps1 b/src/New-MsalClientApplication.ps1
@@ -81,7 +81,12 @@ function New-MsalClientApplication {
         [Microsoft.Identity.Client.PublicClientApplicationOptions] $PublicClientOptions,
         # Confidential client application options
         [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClient-InputObject', Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
-        [Microsoft.Identity.Client.ConfidentialClientApplicationOptions] $ConfidentialClientOptions
+        [Microsoft.Identity.Client.ConfidentialClientApplicationOptions] $ConfidentialClientOptions,
+        [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientCertificate', ValueFromPipelineByPropertyName = $true)]
+        [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientClaims', ValueFromPipelineByPropertyName = $true)]
+        [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientAssertion', ValueFromPipelineByPropertyName = $true)]
+        [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClient-InputObject', ValueFromPipelineByPropertyName = $true)]
+        [string] $AzureRegion
     )
 
     switch -Wildcard ($PSCmdlet.ParameterSetName) {
@@ -127,7 +132,7 @@ function New-MsalClientApplication {
             if ($ClientClaims) { [void] $ClientApplicationBuilder.WithClientClaims($ClientCertificate, (ConvertTo-Dictionary $ClientClaims -KeyType ([string]) -ValueType ([string]))) }
             elseif ($ClientCertificate) { [void] $ClientApplicationBuilder.WithCertificate($ClientCertificate) }
             if ($RedirectUri) { [void] $ClientApplicationBuilder.WithRedirectUri($RedirectUri.AbsoluteUri) }
-
+            if ($AzureRegion) { [void] $ClientApplicationBuilder.WithAzureRegion($AzureRegion) }
             $ClientOptions = $ConfidentialClientOptions
         }
         "*" {

diff --git a/src/Select-MsalClientApplication.ps1 b/src/Select-MsalClientApplication.ps1
@@ -49,7 +49,11 @@ function Select-MsalClientApplication {
         [Microsoft.Identity.Client.PublicClientApplicationOptions] $PublicClientOptions,
         # Confidential client application options
         [Parameter(Mandatory = $true, ParameterSetName = 'ConfidentialClient-InputObject', Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
-        [Microsoft.Identity.Client.ConfidentialClientApplicationOptions] $ConfidentialClientOptions
+        [Microsoft.Identity.Client.ConfidentialClientApplicationOptions] $ConfidentialClientOptions,
+        [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientSecret', ValueFromPipelineByPropertyName = $true)]
+        [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClientCertificate', ValueFromPipelineByPropertyName = $true)]
+        [Parameter(Mandatory = $false, ParameterSetName = 'ConfidentialClient-InputObject', ValueFromPipelineByPropertyName = $true)]
+        [string] $AzureRegion = [Microsoft.Identity.Client.ConfidentialClientApplication]::AttemptRegionDiscovery
     )
 
     $paramNewMsalClientApplication = Select-PsBoundParameters $PSBoundParameters -CommandName New-MsalClientApplication -ExcludeParameters ErrorAction