[Bug] When setting a ClientSecret programmatically, the developer should not need to configure both MicrosoftIdentityOptions and ConfidentialClientApplicationOptions

[jmprieur]

Which version of Microsoft Identity Web are you using?
0.4.0-preview

Where is the issue?

• Web app
  • Sign-in users
  • [ x] Sign-in users and call web APIs
• Web API
  • Protected web APIs (validating tokens)
  • Protected web APIs (validating scopes)
  • [ ]x Protected web APIs call downstream web APIs
• Token cache serialization
  • In-memory caches
  • Session caches
  • Distributed caches
• Other (please describe)

Repro
See https://github.com/AzureAD/microsoft-identity-web/pull/535/files/1785b25251235523daf49c0b35cef2bc784d85d6..95dbcf7d20ccf26ba63921ba635c65f76011dcc7

Expected behavior

• Ideally: Passing the client secret in either MicrosoftIdentityOptions or ConfidentialClientApplicationOptions shoud work
• If not possible : Passing the client secret in ConfidentialClientApplicationOptions should set it in MicrosoftIdentityOptions

Actual behavior
The developer has to set it in both places:

     public void ConfigureServices(IServiceCollection services)
        {
            _keyVault = new KeyVaultSecretsProvider();
            string ccaSecret = _keyVault.GetSecret(TestConstants.OBOClientKeyVaultUri).Value;

            services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                .AddMicrosoftIdentityWebApi(Configuration, subscribeToJwtBearerMiddlewareDiagnosticsEvents: true)
                    .EnableTokenAcquisitionToCallDownstreamApi()
                        .AddInMemoryTokenCaches();

            services.Configure<MicrosoftIdentityOptions>(options =>
            {
                options.ClientSecret = ccaSecret;
            });
            services.Configure<ConfidentialClientApplicationOptions>(options =>
            {
                options.ClientSecret = ccaSecret;
            });