Add configurable certificate StoreLocation for certificate authentication

[Copilot]

Summary: Add StoreLocation selection for certificate authentication

Problem

Users were unable to select which certificate store location to use when authenticating with certificates. The code was hardcoded to use StoreLocation.CurrentUser, making it impossible to use certificates from StoreLocation.LocalMachine without writing custom request code.

Solution

Added a new configurable option CertificateStoreLocation that allows users to select between CurrentUser and LocalMachine when using certificate authentication from the certificate store.

Changes Made:

• Created CertificateStoreLocation enum with CurrentUser and LocalMachine options in all 5 HTTP modules
• Added CertificateStoreLocation property to Options classes with default value of CurrentUser (backward compatible)
• Updated GetCertificatesFromStore methods to accept and use the selected store location
• Updated error messages to indicate which store location was searched
• Successfully built all 5 modules with no errors
• Passed security review (CodeQL found 0 alerts)
• Bumped minor versions for all modules (non-breaking change)
• Added changelog entries for all modules
• Fixed DownloadFile tests to use MockHttp instead of external Wikipedia URL
• Added unit tests for CertificateStoreLocation feature and error cases
• Fixed failing test by using real HttpClientFactory to trigger certificate lookup exception
• Fixed whitespace formatting issues reported by superlinter
• Added additional tests for 80%+ code coverage

Version Updates:

• ✅ Frends.HTTP.Request: 1.5.0 → 1.6.0
• ✅ Frends.HTTP.SendBytes: 1.4.0 → 1.5.0
• ✅ Frends.HTTP.RequestBytes: 1.3.0 → 1.4.0
• ✅ Frends.HTTP.SendAndReceiveBytes: 1.3.0 → 1.4.0
• ✅ Frends.HTTP.DownloadFile: 1.3.0 → 1.4.0

Test Coverage Improvements:

Added new tests for:

• Empty URL validation (throws ArgumentNullException)

• CertificateStoreLocation.CurrentUser explicit test

• CertificateStoreLocation.LocalMachine with non-existent thumbprint (throws exception)

• Overwrite=false with existing file (throws exception)

• Authorization header deduplication

• WindowsAuthentication username validation

• Certificate from file with/without keyPhrase

• Certificate from string with keyPhrase

• Null headers handling

• Client caching behavior

• Basic auth with empty headers

• OAuth auth with empty headers

• Fixes Would like to be able to select StoreLocation when using Certificate #39

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Would like to be able to select StoreLocation when using Certificate</issue_title>
<issue_description>Currently when making a request using certificate it only fetches certificates from StoreLocation.CurrentUser in Extensions.cs row 111.

We have a project where we need to be able to choose which StoreLocation the cert lives in. So the only solution here currently is to write the requests manually.</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes Would like to be able to select StoreLocation when using Certificate #39

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[jefim]

@copilot Ok, now need to bump the versions (I think this is a non-breaking change, so second version number bump) and add changelog entries to correct files.

[MatteoDelOmbra]

In general it looks good, just add those default values and cover new functionality with test in all tasks (test should prove at least sunny scenario for new store location option)

[MatteoDelOmbra]

In general it looks good, just add those default values and cover new functionality with test in all tasks (test should prove at least sunny scenario for new store location option)

We are currently testing on linux machine. Do we want to change that for those tests (cert store we support works on Windows only)?

• It will be more todo, as we need to create cert for tests, retrieve somehow it's thumbprint and use it in test input - I guess it is doable, but idk if it's necessary (either way for some reason we've excluded whole Extensions class from test coverage)

[MichalFrends1]

Just fix one date in the changelog ;)