Integrate upstream PRs: Add TenantID parameter and improve MFA detection

[Copilot]

Description of the change

Integrated three high-value upstream pull requests while avoiding duplication of features already present from the previously merged Entra ID improvements PR.

New capabilities:

• TenantID parameter - Target specific Azure AD tenants (default: "common"). Critical for B2B guest user authentication scenarios where forcing tenant context is required.
• MFA state differentiation - Separates AADSTS50076 (MFA enforced) from AADSTS50079 (MFA available but not enforced). Provides clearer signal on account security posture.
• Output formatting - Adds trailing newline at script completion for clean terminal output.

Already present (from prior merge, not re-implemented):

• Delay, VerboseErrors parameters
• 9 additional AADSTS error codes (50055, 50056, 50072, 50074, 50173, 53003, 700016, 90019, 81018)
• Microsoft Entra ID terminology updates

# Example: Target specific tenant for B2B user spray
Invoke-MSOLSpray -UserList guests.txt -Password Fall2024! -TenantId "contoso-tenant-id"

# Example: Output now distinguishes MFA states
# Before: Both showed "MFA is in use"
# After: 
#   AADSTS50076 → "MFA (Microsoft) is in use"
#   AADSTS50079 → "MFA can be onboarded (password is valid)"

Motivation

Addresses issues and unapproved PRs from upstream dafthack/MSOLSpray repository (dafthack#17, dafthack#13, dafthack#9). The TenantID parameter specifically solves authentication challenges with B2B guest accounts that exist in multiple tenants.

Type of change

Feature request

Checklist

• I have performed a self-review of my code.
• I have added detailed comments to my code where applicable.
• I have verified that my change does not break existing code.
• My PR is based on the latest changes of the main branch (if unsure, please run git pull --rebase upstream main).
• I am familiar with the Google Style Guide for the language I have coded in.
• I have read through the Contributing Guide and signed the Contributor License Agreement.

Original prompt

Fix all the issues from original repository and also add all the pull requests that hasn't been approved yet, but before check if there are bugs in source code.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[Copilot]

Pull Request Overview

This PR adds support for targeting specific Azure AD/Entra ID tenants during password spraying operations and improves MFA status detection by distinguishing between active MFA enforcement and MFA registration eligibility.

• Added a new TenantId parameter (defaults to "common") to enable authentication against specific tenants, useful for B2B scenarios
• Split MFA error code handling to differentiate between active MFA (AADSTS50076) and MFA onboarding availability (AADSTS50079)
• Updated parameter positions to accommodate the new TenantId parameter

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
README.md	Added documentation for the new TenantId parameter in the options list
MSOLSpray.ps1	Added TenantId parameter, integrated it into the OAuth2 URL construction, separated MFA error codes for clearer status reporting, and renumbered subsequent parameters

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.