New functionality for managing tokens securely

[AmelBawa-msft]

Summary of Changes

🟢 New URL: https://aka.ms/winget-create-token

This pull request includes multiple changes focused on improving the handling and documentation of GitHub tokens in the Winget-Create CLI. The changes include updates to documentation files and the addition of new functionality for managing tokens securely.

Screenshots

...
-t, --token                GitHub personal access token used for direct submission to the Windows
                           Package Manager repo. If no token is provided, tool will prompt for
                           GitHub login credentials.

                           Warning: Using this argument may result in the token being logged.
                           Consider an alternative approach https://aka.ms/winget-create-token.
...

---

PS c:\> wingetcreate submit -p "Example" 'C:\' --token "Example"
Warning: Using the --token argument may result in the token being logged. Consider an alternative approach https://aka.ms/winget-create-token.
...

Documentation Updates:

• Added warnings to various documentation files (doc/new-locale.md, doc/new.md, doc/show.md, doc/submit.md, doc/token.md, doc/update-locale.md, doc/update.md) about the potential logging of GitHub tokens when using the --token argument, and recommended alternative approaches. [1] [2] [3] [4] [5] [6] [7] [8]

New Functionality:

• Introduced the TokenHelper class to handle token operations using the Windows credentials manager and environment variables, enhancing security and flexibility.

Warning

For local development, it is recommended to go through the OAuth flow by omitting the --token argument.

For CI/CD scenarios, it is recommended to use the 'WINGET_CREATE_GITHUB_TOKEN' environment variable to store the token.

Logging Improvements:

• Added a warning message (in the Program.cs file) to notify users when a token is provided via the command line, highlighting the risk of token logging.

Resource Updates:

• Updated resource files (Resources.Designer.cs, Resources.resx) to include new warning messages related to token usage. [1] [2] [3]

Related links:

• http://task.ms/56098121
• http://task.ms/56098207

These changes collectively enhance the security and user awareness regarding the handling of GitHub tokens within the Winget-Create CLI.

Microsoft Reviewers: Open in CodeFlow

[mdanish-kh]

Since we're concerned about the possibilities of token being logged, should we re-visit the setup for running E2E tests for the project? It requires a user writing their token in src/WingetCreateTests/WingetCreateTests/Test.runsettings, a file that isn't ignored by git by default. The responsibility is on the user to not commit this token to their tree, or worse to open a PR here. We do warn the users in the doc about ways to ignore it from git, but maybe we need to think of a better flow?

[JohnMcPMS]

Since we're concerned about the possibilities of token being logged, should we re-visit the setup for running E2E tests for the project? It requires a user writing their token in src/WingetCreateTests/WingetCreateTests/Test.runsettings, a file that isn't ignored by git by default. The responsibility is on the user to not commit this token to their tree, or worse to open a PR here. We do warn the users in the doc about ways to ignore it from git, but maybe we need to think of a better flow?

We discussed this and I agree that we should:

1. No longer consume the token from a file that might easily end up in a PR
2. Actively promote removal of the token from the runsettings file by flat out failing the tests if it is present

[mdanish-kh]

With the new changes in d62fbcb, we should also update the Running Unit & E2E tests section in the README

[AmelBawa-msft]

With the new changes in d62fbcb, we should also update the Running Unit & E2E tests section in the README

Good catch! Updated 😊