Fix additional style/analyzer violations across core library and unit tests

Style rules applied (dotnet format style):
- IDE0044: Make field readonly
- IDE0063: Use simple using statement (pattern)
- IDE0049: Use language keywords (String->string, Int32->int, etc.)
- IDE0003: Remove 'this.' qualification
- IDE2000: Remove extra blank lines
- IDE0059: Remove unnecessary value assignments
- IDE0028/IDE0017: Use collection and object initializers
- IDE0300/IDE0301: Use collection expressions
- IDE0066: Use switch expressions
- IDE0074: Use compound assignments (x += y)
- IDE0071: Simplify string interpolation
- IDE0034: Simplify default expression
- IDE0031: Use null propagation
- IDE0270: Simplify null checks
- IDE0075: Simplify conditional expressions
- IDE0251/IDE0250: Make members/structs readonly
- IDE0016: Use throw expressions

Analyzer rules applied (dotnet format analyzers):
- CA1860: Avoid Enumerable.Any() extension method
- CA1861: Use static readonly fields over constant array arguments

.editorconfig suppressions added (multi-target false positives):
- CA1866: char overloads require .NET 5+ (not available in net462/netstandard2.0)
- CA1510: ThrowIfNull requires .NET 6+
- IDE0057: Range operator requires System.Index (.NET 5+)
- IDE0019: Pattern matching causes duplicate variable issues in #if blocks

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: Robbie-Microsoft

.editorconfig

@@ -863,6 +863,18 @@ dotnet_diagnostic.CA1838.severity = none
 # Not applicable: char overloads require .NET 5+; not available in net462/netstandard2.0 targets
 dotnet_diagnostic.CA1866.severity = none
 
+# Use ArgumentNullException.ThrowIfNull
+# Not applicable: ThrowIfNull requires .NET 6+; not available in net462/netstandard2.0 targets
+dotnet_diagnostic.CA1510.severity = none
+
+# Use range subscript operator (x[^1]) and index-from-end operator
+# Not applicable: System.Index/System.Range require .NET 5+; polyfill not present in this project
+dotnet_diagnostic.IDE0057.severity = none
+
+# Use pattern matching (value is Type x)
+# Disabled: introduces duplicate variable declarations in #if multi-target preprocessor blocks
+dotnet_diagnostic.IDE0019.severity = none
+
 # Dispose objects before losing scope
 dotnet_diagnostic.CA2000.severity = none
 

src/client/Microsoft.Identity.Client/ApiConfig/AcquireTokenByAuthorizationCodeParameterBuilder.cs

@@ -67,7 +67,7 @@ protected override void Validate()
 
             if (Parameters.SendX5C == null)
             {
-                Parameters.SendX5C = this.ServiceBundle.Config.SendX5C;
+                Parameters.SendX5C = ServiceBundle.Config.SendX5C;
             }
         }
 

src/client/Microsoft.Identity.Client/ApiConfig/AcquireTokenByRefreshTokenParameterBuilder.cs

@@ -52,7 +52,7 @@ protected override void Validate()
             base.Validate();
             if (Parameters.SendX5C == null)
             {
-                Parameters.SendX5C = this.ServiceBundle.Config.SendX5C;
+                Parameters.SendX5C = ServiceBundle.Config.SendX5C;
             }
         }
 

src/client/Microsoft.Identity.Client/ApiConfig/AcquireTokenByUsernamePasswordParameterBuilder.cs

@@ -96,10 +96,11 @@ public AcquireTokenByUsernamePasswordParameterBuilder WithProofOfPossession(stri
                 throw new ArgumentNullException(nameof(nonce));
             }
 
-            PoPAuthenticationConfiguration popConfig = new(requestUri);
-
-            popConfig.Nonce = nonce;
-            popConfig.HttpMethod = httpMethod;
+            PoPAuthenticationConfiguration popConfig = new(requestUri)
+            {
+                Nonce = nonce,
+                HttpMethod = httpMethod
+            };
 
             CommonParameters.PopAuthenticationConfiguration = popConfig;
             CommonParameters.AuthenticationOperation = new PopBrokerAuthenticationOperation();

src/client/Microsoft.Identity.Client/ApiConfig/AcquireTokenForClientParameterBuilder.cs

@@ -219,7 +219,7 @@ protected override void Validate()
 
             if (Parameters.SendX5C == null)
             {
-                Parameters.SendX5C = this.ServiceBundle.Config.SendX5C;
+                Parameters.SendX5C = ServiceBundle.Config.SendX5C;
             }
         }
 

src/client/Microsoft.Identity.Client/ApiConfig/AcquireTokenForManagedIdentityParameterBuilder.cs

@@ -111,7 +111,7 @@ private static void ApplyMtlsPopAndAttestation(
             if (acquireTokenCommonParameters.IsMtlsPopRequested)
             {
                 acquireTokenCommonParameters.CacheKeyComponents ??=
-                    new SortedList<string, Func<CancellationToken, Task<string>>>();
+                    [];
 
                 acquireTokenCommonParameters.CacheKeyComponents[MiAttCacheKeyComponent] =
                     _ => acquireTokenCommonParameters.AttestationTokenProvider != null ? s_att1 : s_att0;

src/client/Microsoft.Identity.Client/ApiConfig/AcquireTokenOnBehalfOfParameterBuilder.cs

@@ -174,7 +174,7 @@ protected override void Validate()
             base.Validate();
             if (Parameters.SendX5C == null)
             {
-                Parameters.SendX5C = this.ServiceBundle.Config?.SendX5C ?? false;
+                Parameters.SendX5C = ServiceBundle.Config?.SendX5C ?? false;
             }
         }
         /// <inheritdoc/>

src/client/Microsoft.Identity.Client/ApiConfig/AcquireTokenSilentParameterBuilder.cs

@@ -100,7 +100,7 @@ protected override void Validate()
             base.Validate();
             if (Parameters.SendX5C == null)
             {
-                Parameters.SendX5C = this.ServiceBundle.Config.SendX5C;
+                Parameters.SendX5C = ServiceBundle.Config.SendX5C;
             }
 
             // During AT Silent with no scopes, Unlike AAD, B2C will not issue an access token if no scopes are requested
@@ -228,9 +228,11 @@ public AcquireTokenSilentParameterBuilder WithProofOfPossession(string nonce, Ht
                 }
             }
 
-            PoPAuthenticationConfiguration popConfig = new(requestUri ?? throw new ArgumentNullException(nameof(requestUri)));
-            popConfig.HttpMethod = httpMethod ?? throw new ArgumentNullException(nameof(httpMethod));
-            popConfig.Nonce = nonce;
+            PoPAuthenticationConfiguration popConfig = new(requestUri ?? throw new ArgumentNullException(nameof(requestUri)))
+            {
+                HttpMethod = httpMethod ?? throw new ArgumentNullException(nameof(httpMethod)),
+                Nonce = nonce
+            };
 
             IAuthenticationOperation authenticationScheme;
 

src/client/Microsoft.Identity.Client/ApiConfig/BaseAbstractAcquireTokenParameterBuilder.cs

@@ -122,7 +122,7 @@ public T WithExtraQueryParameters(IDictionary<string, (string Value, bool Includ
 
                 if (kvp.Value.IncludeInCacheKey)
                 {
-                    CommonParameters.CacheKeyComponents = CommonParameters.CacheKeyComponents ?? new SortedList<string, Func<CancellationToken, Task<string>>>();
+                    CommonParameters.CacheKeyComponents = CommonParameters.CacheKeyComponents ?? [];
 
                     // Capture the value in a local to avoid closure issues
                     string valueToCache = kvp.Value.Value;

src/client/Microsoft.Identity.Client/ApiConfig/BrokerOptions.cs

@@ -48,10 +48,12 @@ public enum OperatingSystems
         /// </summary>
         internal static BrokerOptions CreateFromWindowsOptions(WindowsBrokerOptions winOptions)
         {
-            BrokerOptions ret = new(OperatingSystems.Windows);
-            ret.Title = winOptions.HeaderText;
-            ret.MsaPassthrough = winOptions.MsaPassthrough;
-            ret.ListOperatingSystemAccounts = winOptions.ListWindowsWorkAndSchoolAccounts;
+            BrokerOptions ret = new(OperatingSystems.Windows)
+            {
+                Title = winOptions.HeaderText,
+                MsaPassthrough = winOptions.MsaPassthrough,
+                ListOperatingSystemAccounts = winOptions.ListWindowsWorkAndSchoolAccounts
+            };
 
             return ret;
         }