Bump Microsoft.Identity.Web from 2.19.1 to 2.20.0 in /webapi (#1032)

Bumps
[Microsoft.Identity.Web](https://github.com/AzureAD/microsoft-identity-web)
from 2.19.1 to 2.20.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/AzureAD/microsoft-identity-web/releases">Microsoft.Identity.Web's
releases</a>.</em></p>
<blockquote>
<h1>2.20.0</h1>
<ul>
<li>Updated to Microsoft.Identity.Abstractions 6.0.0 which adds one
method to <code>IAuthorizationHeaderProvider</code></li>
</ul>
<h3>New features</h3>
<ul>
<li>Implements the updated <code>IAuthorizationHeaderProvider</code>
interface (the new method CreateAuthorizationHeaderForAppAsync). See
issue <a
href="https://redirect.github.com/AzureAD/microsoft-identity-web/issues/2907">#2907</a></li>
<li>If an <code>IMsalHttpClientFactory</code> is added to the service
collection, it's not used by IdWeb token acquisition. See issue <a
href="https://redirect.github.com/AzureAD/microsoft-identity-web/issues/2911">#2911</a>
This will be use to enable some IPv6 scenarios.</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix metadata address creation when using AddMicrosoftIdentityWebApp.
See issue <a
href="https://redirect.github.com/AzureAD/microsoft-identity-web/issues/2752">#2752</a></li>
<li>Use MSAL.NET instead of DefaultAzureCredential for Federation
identity credentials scenario. See <a
href="https://redirect.github.com/AzureAD/microsoft-identity-web/pull/2894">2894</a></li>
</ul>
<h3>Fundamentals</h3>
<ul>
<li>Updating Lab Api to 0.13.3</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/AzureAD/microsoft-identity-web/blob/2.20.0/changelog.md">Microsoft.Identity.Web's
changelog</a>.</em></p>
<blockquote>
<h1>2.20.0</h1>
<ul>
<li>Updated to Microsoft.Identity.Abstractions 6.0.0 which adds one
method to <code>IAuthorizationHeaderProvider</code></li>
</ul>
<h3>New features</h3>
<ul>
<li>Implements the updated <code>IAuthorizationHeaderProvider</code>
interface (the new method CreateAuthorizationHeaderForAppAsync). See
issue <a
href="https://redirect.github.com/AzureAD/microsoft-identity-web/issues/2907">#2907</a></li>
<li>If a IMsalHttpClientFactory is added to the service collection, it's
not used by IdWeb token acquisition. See issue <a
href="https://redirect.github.com/AzureAD/microsoft-identity-web/issues/2911">#2911</a>
This will be use to enable some IPv6 scenarios.</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix metadata address creation when using AddMicrosoftIdentityWebApp.
See issue <a
href="https://redirect.github.com/AzureAD/microsoft-identity-web/issues/2752">#2752</a></li>
<li>Use MSAL.NET instead of DefaultAzureCredential for Federation
identity credentials scenario. See <a
href="https://redirect.github.com/AzureAD/microsoft-identity-web/pull/2894">2894</a></li>
</ul>
<h3>Fundamentals</h3>
<ul>
<li>Updating Lab Api to 0.13.3</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/AzureAD/microsoft-identity-web/commits/2.20.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=Microsoft.Identity.Web&package-manager=nuget&previous-version=2.19.1&new-version=2.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

webapi/CopilotChatWebApi.csproj

@@ -21,7 +21,7 @@
     <PackageReference Include="Azure.Extensions.AspNetCore.Configuration.Secrets" Version="1.3.1" />
     <PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.22.0" />
     <PackageReference Include="Microsoft.Azure.Cosmos" Version="3.41.0" />
-    <PackageReference Include="Microsoft.Identity.Web" Version="2.19.1" />
+    <PackageReference Include="Microsoft.Identity.Web" Version="2.20.0" />
     <PackageReference Include="Microsoft.KernelMemory.Abstractions" Version="0.62.240605.1" />
     <PackageReference Include="Microsoft.SemanticKernel" Version="1.14.1" />
     <PackageReference Include="Microsoft.SemanticKernel.Abstractions" Version="1.14.1" />