Add encrypted caching support for PoP token flow

[vineeth-thumma]

• Add pkg/internal/pop/cache package which provides unified interface for PoP token caching for all OS

• Add support for PoP token caching using official MSAL cache implementation (for windows, mac) which supports encryption
  https://github.com/AzureAD/microsoft-authentication-extensions-for-go/tree/main/cache

• For linux, to avoid dependency on libsecret, ported the cache implementation from azidentity
  https://github.com/Azure/azure-sdk-for-go/blob/main/sdk/azidentity/cache/linux.go

• Leveraging the secure storage implementation for caching both the pop tokens & pop key

• Support PoP Token in ROPC convert-kubeconfig command

Relevant WI - https://msazure.visualstudio.com/AzureArcPlatform/_workitems/edit/35025798

[codecov-commenter]

Codecov Report

❌ Patch coverage is 37.26170% with 362 lines in your changes missing coverage. Please review.
✅ Project coverage is 52.26%. Comparing base (15edb67) to head (c9acd8c).
⚠️ Report is 54 commits behind head on main.

Files with missing lines	Patch %	Lines
pkg/internal/pop/cache/linux.go	0.00%	126 Missing ⚠️
pkg/internal/pop/msal_public.go	34.90%	61 Missing and 8 partials ⚠️
pkg/internal/pop/cache/internal/jwe/jwe.go	52.63%	24 Missing and 12 partials ⚠️
pkg/internal/pop/cache/cache.go	0.00%	29 Missing ⚠️
pkg/internal/pop/cache/internal/aescbc/aescbc.go	68.65%	14 Missing and 7 partials ⚠️
pkg/internal/pop/poptoken.go	66.66%	11 Missing and 5 partials ⚠️
...ernal/token/interactivebrowsercredentialwithpop.go	42.85%	10 Missing and 2 partials ⚠️
...nternal/token/usernamepasswordcredentialwithpop.go	33.33%	10 Missing and 2 partials ⚠️
pkg/internal/testutils/govcrutils.go	0.00%	11 Missing ⚠️
pkg/internal/pop/msal_confidential.go	60.00%	6 Missing and 2 partials ⚠️
... and 4 more

Additional details and impacted files

@@             Coverage Diff             @@
##             main     #676       +/-   ##
===========================================
- Coverage   63.43%   52.26%   -11.18%     
===========================================
  Files          37       47       +10     
  Lines        2210     2960      +750     
===========================================
+ Hits         1402     1547      +145     
- Misses        733     1270      +537     
- Partials       75      143       +68     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[vineeth-thumma]

@weinong Can you please review this?

[Copilot]

Pull Request Overview

Copilot reviewed 30 out of 38 changed files in this pull request and generated 2 comments.

Comments suppressed due to low confidence (1)

pkg/internal/pop/msal_confidential.go:63

• Unsafe type assertion without checking if Transport is actually an *http.Client. This could panic if Transport is a different type that implements http.RoundTripper.

		confOptions = append(confOptions,
			confidential.WithHTTPClient(msalOptions.Options.Transport.(*http.Client)),
		)

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

Pull Request Overview

Copilot reviewed 30 out of 38 changed files in this pull request and generated 6 comments.

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

Pull Request Overview

Copilot reviewed 32 out of 41 changed files in this pull request and generated 1 comment.

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[weinong]

LGTM