In addition to the hashing, which might still be concerning since kno…

…wing your sponsors' emails and sponsored accounts might still allow reconstructing the hash, adding a random, per-install GUID completely removes this possibility.

The new Session handles these environment variables so we don't even incur any I/O down the road from the analyzer:

* SPONSORLINK_INSTALLATION: a GUID created if not already present (can be cleared by the user at any time to completely change all future hashes as needed), used for salting all hashes.
* SPONSORLINK_TOKEN: an access token used to invoke the SponsorLink API to sign the manifest hashes. This is done only to allow integrity verification at analyzer/check time.
* SPONSORLINK_MANIFEST: last sync'ed manifest JWT to check for sponsorships.

Since the hashes are now effectively opaque by the server, all the server would do is sign the JWT received in the `/sign` endpoint with the corresponding private key, but otherwise, the JWT remains intact (only the expiration date is set from the server-side too when signing).

Related to devlooped/SponsorLink#31

src/Commands/Commands.csproj

@@ -11,10 +11,15 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.32.1" />
+    <PackageReference Include="Auth0.AuthenticationApi" Version="7.22.2" />
     <PackageReference Include="Spectre.Console.Analyzer" Version="0.47.0" PrivateAssets="all" />
     <PackageReference Include="Spectre.Console.Cli" Version="0.47.0" />
     <PackageReference Include="Spectre.Console.Json" Version="0.47.0" />
+    <PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="6.32.1" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <InternalsVisibleTo Include="Tests"/>
   </ItemGroup>
 
 </Project>

src/Commands/GitHub.cs

@@ -1,9 +1,12 @@
-using System.Text.Json;
-using System.Text.Json.Serialization;
+
+using System.Text.Json;
 
 namespace Devlooped.SponsorLink;
 
-public record Account([property: JsonPropertyName("node_id")] string Id, string Login);
+public record Account(int Id, string Login)
+{
+    public string[] Emails { get; init; } = Array.Empty<string>();
+}
 
 public static class GitHub
 {
@@ -21,12 +24,17 @@ public static bool TryApi(string endpoint, string jq, out string? json)
         return Process.TryExecute("gh", args, out json);
     }
 
-    public static bool TryQuery(string query, string jq, out string? json)
+    public static bool TryQuery(string query, string jq, out string? json, params (string name, string value)[] fields)
     {
         var args = $"api graphql -f query=\"{query}\"";
         if (!string.IsNullOrEmpty(jq))
             args += $" --jq \"{jq}\"";
 
+        foreach (var field in fields)
+        {
+            args += $" -f {field.name}={field.value}";
+        }
+
         return Process.TryExecute("gh", args, out json);
     }
 
@@ -41,6 +49,16 @@ public static bool TryQuery(string query, string jq, out string? json)
         if (!Process.TryExecute("gh", "api user", out output))
             return default;
 
-        return JsonSerializer.Deserialize<Account>(output, JsonOptions.Default);
+        if (JsonSerializer.Deserialize<Account>(output, JsonOptions.Default) is not { } account)
+            return default;
+
+        if (!TryApi("user/emails", "[.[] | select(.verified == true) | .email]", out output) ||
+            string.IsNullOrEmpty(output))
+            return account;
+
+        return account with
+        {
+            Emails = JsonSerializer.Deserialize<string[]>(output, JsonOptions.Default) ?? Array.Empty<string>()
+        };
     }
 }