6

Closed

Nuget Package Restore doesn't work behind auth

description

I provided credentials to NuGet but nuget.exe doesn't know these and fails, the error message is a bit cryptic :

Warning 1 Cannot read keys when either application does not have a console or when console input has been redirected from a file. Try Console.Read. C:\Users\aldion\documents\visual studio 2010\Projects\WebApplication110\WebApplication110\EXEC WebApplication110
Error 2 Unable to find version '2.1.0' of package 'ClassLibrary59'. WebApplication110
Error 3 The command ""C:\Users\aldion\documents\visual studio 2010\Projects\WebApplication110.nuget\nuget.exe" install "C:\Users\aldion\documents\visual studio 2010\Projects\WebApplication110\WebApplication110\packages.config" -source "" -o "C:\Users\aldion\documents\visual studio 2010\Projects\WebApplication110\packages"" exited with code 1. WebApplication110

Another case: http://nuget.codeplex.com/workitem/1659
Closed Feb 2, 2012 at 10:59 PM by aldion
Verified
  • Adding credentials to nuget.config through "Nuget Sources Add -name -Source -UserName -Password"
  • Updating credentials through "Nuget Source Update"
    • filed #1898 to add some validation
  • "Nuget Sources Remove" removes credentials too
  • credentials are used by nuget.exe and VS
    • credentials are used if source is used by name, url and if the source is disabled
  • local folder nuget.config overrides roaming nuget.config
  • I dit hit #1885 in console/vs for invalid credentials
  • updated #1514 to improve error message when there's errors in nuget.config

comments

Haacked wrote Oct 20, 2011 at 10:48 PM

Alex, can you see if there's a workaround with setting nuget.exe.config next to the nuget.exe within .nuget folder. Configuration API supports encrypted sections so we should verify that works too.

vidarkongsli wrote Oct 24, 2011 at 6:42 AM

I created a "nuget.exe.config" file with the following:

<configuration>
<system.net>
<defaultProxy useDefaultCredentials="true">
  <proxy autoDetect="True" usesystemdefault="True" />
</defaultProxy>
</system.net>
</configuration>

...but it did not do the trick. Maybe I misunderstood your suggestion, @haacked

Haacked wrote Oct 24, 2011 at 9:08 PM

What if we added our own nuget.exe.config settings for proxy authentication. For example:

<nugetProxies>
<proxy url="http://URL-to-proxy">
  <username>Foo</username>
  <password>Secret</password>
</proxy>
</nugetProxies>

we'd only send the credentials when they match the proxy URL. Does this make sense? Ideally, we'd check the Windows credentials store first. I'm not sure why we don't do this or why this doesn't seem to work. :(

Haacked wrote Oct 24, 2011 at 9:10 PM

Also, try to connect the Web PI team and anyone else at MS who really understand networking and the proxy stack. Someone, somewhere, in this giant company of ours should understand this thoroughly. :)

dotnetjunky wrote Nov 1, 2011 at 7:50 PM

What are the repro steps?

aldion wrote Nov 1, 2011 at 8:32 PM

  1. Have a feed requiring auth (i.e. local nuget.server w/ Basic auth)
  2. create a new app and install a package from the feed in 1.
  3. Enable Nuget Package Restore
  4. delete the packages folder and build

tcabanski wrote Dec 18, 2011 at 6:14 PM

I have at least a partial fix in my fork at https://hg01.codeplex.com/forks/tcabanski/nuget. Put your credentials in Nuget.exe.config and put it next to Nuget.exe. The example config is as follows (if you use the exe that includes all the merged dependencies, make sure to change the section definition as noted in the comments):

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<configSections>
<!-- Note that the assembly name needs to be changed to Nuget when using the exe that has all the other assemblies merged (i.e. the distributed version) --> <section name="networkCredentialsConfiguration" type="NuGet.Http.Configuration.NetworkCredentialsSection, Nuget.Core" requirePermission="false"/>
</configSections>
<networkCredentialsConfiguration>
<networkCredentials>
<!-- Configure credentials per url for private Nuget servers using authentication <add url="http://url1" userName="user1" password="password1"/> <add url="http://url2" userName="user2" password="password2" domain="domain2"/> --> </networkCredentials>
</networkCredentialsConfiguration>
</configuration>

pranavkm wrote Jan 31, 2012 at 7:10 PM

@tcabanski, thanks for the pull request. I basically followed your premise, but we already have a config file to store settings. Reading an AppSetting would necessitate copying that around which can get painful

pranavkm wrote Jan 31, 2012 at 7:16 PM

Added support for UserName and Password parameters to the nuget.exe sources command. Added support for updating sources in nuget.exe Sources command.
Both VS and the CommandLine would use this credential for feed authentication.
For proxy authentication, I think we should never have to prompt the user if we pick up the settings correctly the way browsers do.
Opened work item 1885 to add enhancements to the credential settings,

pranavkm wrote Jan 31, 2012 at 7:17 PM

Fixed in changeset 6c156e0dc214