Bump msal from 1.9.0 to 1.11.0

[dependabot]

Bumps msal from 1.9.0 to 1.11.0.

Release notes

Sourced from msal's releases.

MSAL 1.11.0

• Enhancement: ConfidentialClientApplication also supports acquire_token_by_username_password() now. (#294, #344)
• Enhancement: PublicClientApplication's acquire_token_interactive() also supports WSL Ubuntu 18.04 (#332, #333)
• Enhancement: Enable a retry once behavior on connection error. (But this is only available from the default http client. If your app supplies your customized http_client via MSAL constructors, it is your http_client's job to decide whether retry.) (#326)
• Enhancement: MSAL improves the internal telemetry mechanism. (#137, #175, #329, #345)
• Bugfix: Better compatibility on handling SAML token when using acquire_token_by_username_password() with ADFS. (#336)

MSAL Python 1.10.0

• Enhancement: Proactive access token (AT) refreshing. Previously, an AT is either valid or expired. If an AT expires and your network happens to have a glitch, your app wouldn't be able to auth. Now, MSAL Python attempts to refresh some AT (typically long-lived AT) half way towards their expiration, and silently ignores the error and retries next time, so that your app would be more resilient. All these happen automatically, without any code change to your app. (#176, #312, #320)
• Adjustment: MSAL Python will keep RT in token cache even when its usage encounters an "invalid_grant" error, so that the RT would likely still be used by other requests. (#314, #315)

Commits

• 928d4ea Merge pull request #346 from AzureAD/release-1.11.0
• 6320055 Merge branch 'dev' into release-1.11.0
• 1122cb7 Merge branch 'retry-connection-error' into dev
• 87fac90 Doc for the new retry-on-connection-error behavior
• 99f3b07 Bumps version number
• 072ca58 Merge pull request #345 from AzureAD/telemetry-v4
• c291a94 Fix typo
• a8011f6 Merge pull request #344 from AzureAD/confidential-ropc
• c8abd3a Move ROPC from PCA to base
• 093db3b Merge pull request #340 from ShannonCanTech/loyalty-survey-readme
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #29.