I'm trying to set up a private NuGet feed that uses an API key for pushing packages and a simple basic auth IHttpModule to protect reads. The system fails on the build server when the build attempts to do a NuGet restore from the private feed.
The nuget.exe is invoked with the following powershell:
$ScriptDir = Split-Path -parent $MyInvocation.MyCommand.Path
Write-Host "Restoring NuGet packages"
& "$ScriptDir\nuget.exe" restore "$ScriptDir\..\MySolution.sln" -PackagesDirectory "$ScriptDir\..\Packages" -ConfigFile "$ScriptDir\NuGet.config" -NonInteractive -Verbosity detailed
The referenced config file contains the following (with sensitive info removed):
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageRestore>
<add key="enabled" value="True" />
<add key="automatic" value="True" />
</packageRestore>
<activePackageSource>
<add key="All" value="(Aggregate source)" />
</activePackageSource>
<packageSources>
<add key="nuget.org" value="https://www.nuget.org/api/v2/" />
<add key="Custom" value="https://nuget.myserver.com/nuget/" />
</packageSources>
<disabledPackageSources />
<packageSourceCredentials>
<Custom>
<add key="Username" value="[UserName]" />
<add key="ClearTextPassword" value="[Password]" />
</Custom>
</packageSourceCredentials>
</configuration>
The powershell script logs the following for the restore:
Restoring NuGet packages
GET https://www.nuget.org/api/v2/Packages(Id='MySystem.Core',Version='1.0.1')
GET https://www.nuget.org/api/v2/Packages(Id='OtherSystem.Client',Version='2.0.2')
GET https://www.nuget.org/api/v2/Packages(Id='MySystem.Core',Version='1.0.1.0')
GET https://www.nuget.org/api/v2/Packages(Id='OtherSystem.Client',Version='2.0.2.0')
Using credentials from config. UserName: [Username]
GET https://nuget.myserver.com/nuget/Packages(Id='OtherSystem.Client',Version='2.0.2')
GET https://nuget.myserver.com/nuget/Packages(Id='MySystem.Core',Version='1.0.1')
Installing 'MySystem.Core 1.0.1'.
Installing 'OtherSystem.Client 2.0.2'.
GET https://nuget.myserver.com/api/v2/package/mysystem.core/1.0.1
GET https://nuget.myserver.com/api/v2/package/othersystem.client/2.0.2
Please provide credentials for: https://nuget.myserver.com/api/v2/package/othersystem.client/2.0.2
UserName: Please provide credentials for: https://nuget.myserver.com/api/v2/package/mysystem.core/1.0.1
nuget.exe : System.InvalidOperationException: Cannot prompt for input in non-interactive mode.
At C:\Temp\MySystem\Tools\RestorePackages.ps1:5 char:1
+ & "$ScriptDir\nuget.exe" restore "$ScriptDir\..\MySolution.sln" -PackagesDi ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (System.InvalidO...teractive mode.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
at NuGet.Common.Console.EnsureInteractive()
at NuGet.Common.Console.ReadLine()
at NuGet.ConsoleCredentialProvider.GetCredentials(Uri uri, IWebProxy proxy, Creden
tialType credentialType, Boolean retrying)
at NuGet.SettingsCredentialProvider.GetCredentials(Uri uri, IWebProxy proxy, CredentialType credentialType, Boolean retrying)
at NuGet.RequestHelper.SetCredentialsOnAuthorizationError(HttpWebRequest reques
t)
at NuGet.RequestHelper.ConfigureRequest(HttpWebRequest request)
at NuGet.RequestHelper.GetResponse()
at NuGet.HttpClient.GetResponse()
at NuGet.HttpClient.DownloadData(Stream targetStream)
at NuGet.PackageDownloader.DownloadPackage(I
HttpClient downloadClient, IPackageName package, Stream targetStream)
at NuGet.PackageDownloader.DownloadPackage(Uri uri, IPackageMetadata package, Stream targetStream)
at NuGet.DataServicePackage.<EnsurePackage>b__0(Stream stream)
at NuGet.Mac
hineCache.<>c__DisplayClass32.<InvokeOnPackage>b__31()
at NuGet.MachineCache.TryAct(Func`1 action, String path)
at NuGet.MachineCache.InvokeOnPackage(String packageId, SemanticVersion version, Action`1 action)
at NuGet.DataServicePackage.Ensure
Package(IPackageCacheRepository cacheRepository)
at NuGet.DataServicePackage.GetFiles()
at NuGet.PackageManager.ExpandFiles(IPackage package)
at NuGet.PackageManager.OnExpandFiles(PackageOperationEventArgs e)
at NuGet.PackageManager.Execute
Install(IPackage package)
at NuGet.PackageManager.Execute(PackageOperation operation)
at NuGet.PackageManager.Execute(IPackage package, IPackageOperationResolver resolver)
at NuGet.PackageManager.InstallPackage(IPackage package, FrameworkName t
argetFramework, Boolean ignoreDependencies, Boolean allowPrereleaseVersions, Boolean ignoreWalkInfo)
at NuGet.PackageManager.InstallPackage(IPackage package, Boolean ignoreDependencies, Boolean allowPrereleaseVersions, Boolean ignoreWalkInfo)
at Nu
Get.Common.PackageExtractor.<>c__DisplayClass1.<InstallPackage>b__0()
at NuGet.Common.PackageExtractor.ExecuteLocked(String name, Action action)
at NuGet.Common.PackageExtractor.InstallPackage(IPackageManager packageManager, IPackage package)
a
t NuGet.Commands.RestoreCommand.RestorePackage(IFileSystem packagesFolderFileSystem, String packageId, SemanticVersion version, Boolean packageRestoreConsent,
ConcurrentQueue`1 satellitePackages)
at NuGet.Commands.RestoreCommand.<>c__DisplayClass5.<>c_
_DisplayClass7.<ExecuteInParallel>b__2()
at System.Threading.Tasks.Task`1.InnerInvoke()
at System.Threading.Tasks.Task.Execute()
UserName:
I put some rudimentary logging into the HttpModule and it definitely gets the credentials from config to correctly read the package feed and identify the packages. However it looks like it doesn't use these credentials for actually downloading the package.
I even added in cookie support for caching the basic auth credential in the hope that nuget.exe would use the same CookieContainer but it doesn't.
This is the log from the module:
4/19/2015 7:19:07 AM +00:00: https://nuget.myserver.com/nuget/ - Request for https://nuget.myserver.com/nuget/ - GET
4/19/2015 7:19:07 AM +00:00: https://nuget.myserver.com/nuget/ - No authorization header found
4/19/2015 7:19:07 AM +00:00: https://nuget.myserver.com/nuget/ - Request denied for /nuget/
4/19/2015 7:19:07 AM +00:00: https://nuget.myserver.com/nuget/ - Request for https://nuget.myserver.com/nuget/ - GET
4/19/2015 7:19:08 AM +00:00: https://nuget.myserver.com/nuget/ - No authorization header found
4/19/2015 7:19:08 AM +00:00: https://nuget.myserver.com/nuget/ - Request denied for /nuget/
4/19/2015 7:19:09 AM +00:00: https://nuget.myserver.com/nuget/ - Request for https://nuget.myserver.com/nuget/ - GET
4/19/2015 7:19:10 AM +00:00: https://nuget.myserver.com/nuget/ - Password valid - setting the principal
4/19/2015 7:19:10 AM +00:00: https://nuget.myserver.com/nuget/ - Auth cookie set
4/19/2015 7:19:11 AM +00:00: https://nuget.myserver.com/nuget/ - User authenticated, request is allowed
4/19/2015 7:19:13 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='OtherSystem.Client',Version='2.0.2') - Request for https://nuget.myserver.com/nuget/Packages(Id='OtherSystem.Client',Version='2.0.2') - GET
4/19/2015 7:19:13 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='MySystem.Core',Version='1.0.1') - Request for https://nuget.myserver.com/nuget/Packages(Id='MySystem.Core',Version='1.0.1') - GET
4/19/2015 7:19:13 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='MySystem.Core',Version='1.0.1') - No authorization header found
4/19/2015 7:19:13 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='MySystem.Core',Version='1.0.1') - Request denied for /nuget/
4/19/2015 7:19:13 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='OtherSystem.Client',Version='2.0.2') - No authorization header found
4/19/2015 7:19:13 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='MySystem.Core',Version='1.0.1') - Request for https://nuget.myserver.com/nuget/Packages(Id='MySystem.Core',Version='1.0.1') - GET
4/19/2015 7:19:13 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='MySystem.Core',Version='1.0.1') - Password valid - setting the principal
4/19/2015 7:19:13 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='MySystem.Core',Version='1.0.1') - Auth cookie set
4/19/2015 7:19:13 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='MySystem.Core',Version='1.0.1') - User authenticated, request is allowed
4/19/2015 7:19:14 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='OtherSystem.Client',Version='2.0.2') - Request denied for /nuget/
4/19/2015 7:19:14 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='OtherSystem.Client',Version='2.0.2') - Request for https://nuget.myserver.com/nuget/Packages(Id='OtherSystem.Client',Version='2.0.2') - GET
4/19/2015 7:19:14 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='OtherSystem.Client',Version='2.0.2') - Password valid - setting the principal
4/19/2015 7:19:14 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='OtherSystem.Client',Version='2.0.2') - Auth cookie set
4/19/2015 7:19:14 AM +00:00: https://nuget.myserver.com/nuget/Packages(Id='OtherSystem.Client',Version='2.0.2') - User authenticated, request is allowed
4/19/2015 7:19:18 AM +00:00: https://nuget.myserver.com/api/v2/package/othersystem.client/2.0.2 - Request for https://nuget.myserver.com/api/v2/package/othersystem.client/2.0.2 - GET
4/19/2015 7:19:18 AM +00:00: https://nuget.myserver.com/api/v2/package/othersystem.client/2.0.2 - No authorization header found
4/19/2015 7:19:18 AM +00:00: https://nuget.myserver.com/api/v2/package/othersystem.client/2.0.2 - Request denied for /api/
4/19/2015 7:19:19 AM +00:00: https://nuget.myserver.com/api/v2/package/mysystem.core/1.0.1 - Request for https://nuget.myserver.com/api/v2/package/mysystem.core/1.0.1 - GET
4/19/2015 7:19:19 AM +00:00: https://nuget.myserver.com/api/v2/package/mysystem.core/1.0.1 - No authorization header found
4/19/2015 7:19:19 AM +00:00: https://nuget.myserver.com/api/v2/package/mysystem.core/1.0.1 - Request denied for /api/
You can see here that for each set of requests, auth fails and then the auth credentials are read from config and provided, the cookie is set and the repeated requests is successful. This continues all the way until nuget.exe attempts to download the packages. At this point the auth credentials from config are not provided which results in a hard fail with no repeat with credentials.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4