refactor(m365): normalize CA platforms at model level

[HugoPBrito]

Context

Supersedes #10614 and now follows #10615.

Both Conditional Access checks that inspect device platforms duplicated platform normalization logic. This PR moves that normalization to the Entra model layer so checks can consume normalized platform values directly.

Description

• normalize platform values in PlatformConditions at model construction time
• simplify entra_conditional_access_policy_block_unknown_device_platforms
• simplify entra_conditional_access_policy_approved_client_app_required_for_mobile
• keep the refactor stacked on top of feat(m365): add entra_conditional_access_policy_block_unknown_device_platforms security check #10615 without reintroducing the old check lineage from feat(m365): add entra_conditional_access_policy_unknown_device_blocked security check #10235

Steps to review

1. Review prowler/providers/m365/services/entra/entra_service.py
2. Review the two platform-based checks under prowler/providers/m365/services/entra/
3. Run:

   poetry run pytest tests/providers/m365/services/entra/entra_conditional_access_policy_block_unknown_device_platforms/entra_conditional_access_policy_block_unknown_device_platforms_test.py tests/providers/m365/services/entra/entra_conditional_access_policy_approved_client_app_required_for_mobile/entra_conditional_access_policy_approved_client_app_required_for_mobile_test.py -q

Checklist

• Are there new checks included in this PR? No
• Review if the code is being covered by tests.
• Review if backport is needed.
• Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

[github-actions]

✅ All necessary CHANGELOG.md files have been updated.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 87.97%. Comparing base (bc3fd79) to head (b2fbb7d).
⚠️ Report is 9 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #10635      +/-   ##
==========================================
- Coverage   88.07%   87.97%   -0.11%     
==========================================
  Files         125      131       +6     
  Lines        5251     5537     +286     
==========================================
+ Hits         4625     4871     +246     
- Misses        626      666      +40     

Flag	Coverage Δ
prowler-py3.10-m365	87.97% <100.00%> (-0.11%)	⬇️
prowler-py3.11-m365	87.44% <100.00%> (-0.64%)	⬇️
prowler-py3.12-m365	87.97% <100.00%> (-0.11%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
prowler	87.97% <86.44%> (-0.11%)	⬇️
api	∅ <ø> (∅)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

🔒 Container Security Scan

Image: prowler:cbee51c
Last scan: 2026-04-14 13:06:42 UTC

📊 Vulnerability Summary

Severity	Count
🔴 Critical	4
Total	4

4 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

• Review the detailed scan results
• Update affected packages to patched versions
• Consider using a different base image if updates are unavailable

---

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy