microsoft / artifacts-credprovider Goto Github PK
View Code? Open in Web Editor NEWThe Azure Artifacts Credential Provider enables dotnet, NuGet.exe, and MSBuild to interactively acquire credentials for Azure Artifacts feeds.
License: MIT License
The Azure Artifacts Credential Provider enables dotnet, NuGet.exe, and MSBuild to interactively acquire credentials for Azure Artifacts feeds.
License: MIT License
running on linux (docker) .
using microsoft/dotnet:2.1.403-sdk
and https://github.com/Microsoft/artifacts-credprovider/releases/download/...
VSS_NUGET_EXTERNAL_FEED_ENDPOINTS is set up correctly to authenticated to a tfs 2017 nuget feed.
If I add a nuget.config in the restore directory, something gets broken and I get a 401 ...
If I remove the nuget.config it does work back again .
Note that it does not work even if I put corect credentials (pat token) in the nuget.config
("ems" is an on premise tfs 2017 nuget feed)
Is nuget.config supported somehow in this scenario ? If it is not, it should be ignored altogether.
p.s. : the nuget.config is fine since I was using it nuget.exe for restore (but had to pull mono in the build) container).
Using current version along nuget.exe causes random crashes when nuget -verbosity parameter is defined. This is due to mismatch of possible values of this parameter. You are using LogLevel from https://github.com/NuGet/NuGet.Client/blob/dev/src/NuGet.Core/NuGet.Common/Errors/LogLevel.cs
public enum LogLevel
{
Debug = 0,
Verbose = 1,
Information = 2,
Minimal = 3,
Warning = 4,
Error = 5
}
while you should be using Verbosity from https://github.com/NuGet/NuGet.Client/blob/dev/src/NuGet.Clients/NuGet.CommandLine/Common/Verbosity.cs
public enum Verbosity
{
Normal,
Quiet,
Detailed
}
Due to current implementation, every time that verbosity is set as parameter of nuget executable and something odd happens (like authentication not working) app evaluates verbosity argument and crashes like that:
[CredentialProvider] Could not find ADAL token for https://company.pkgs.visualstudio.com/_packaging/company/nuget/v3/index.json
[CredentialProvider] Failed to acquire bearer token for VSTSSessionTokenClient
WARNING: The plugin credential provider could not acquire credentials. Authentication may require manual action. Consider re-running the command with --interactive for `dotnet`, /p:NuGetInteractive="true" for MSBuild or removing the -NonInteractive switch for `NuGet`
WARNING: The credential plugin model used by 'M:\j_ukcamsjenkins02_CFP_PU_x86_9\Build\NuGet\Client\CredentialProvider.Microsoft.exe' is deprecated. Please contact the provider of the plugin for an alternative. More information about the recommended plugin model can be found at 'https://aka.ms/nuget-cross-platform-authentication-plugin'.
CredentialProvider.Microsoft: Unhandled Exception: PowerArgs.ValidationArgException: detailed is not a valid value for type LogLevel, options are Debug, Verbose, Information, Minimal, Warning, Error
CredentialProvider.Microsoft: at PowerArgs.ArgRevivers.ReviveEnum(Type t, String value, Boolean ignoreCase)
CredentialProvider.Microsoft: at PowerArgs.CommandLineArgument.Revive(String commandLineValue)
CredentialProvider.Microsoft: at PowerArgs.CommandLineArgument.Populate(HookContext context)
CredentialProvider.Microsoft: at PowerArgs.CommandLineArgument.PopulateArguments(List`1 arguments, HookContext context)
CredentialProvider.Microsoft: at PowerArgs.Args.ParseInternal(CommandLineArgumentsDefinition definition, String[] input)
CredentialProvider.Microsoft: at PowerArgs.Args.<>c__DisplayClass13_0.<ParseAction>b__0()
CredentialProvider.Microsoft: at PowerArgs.Args.Execute[T](Func`1 argsProcessingCode)
CredentialProvider.Microsoft: at PowerArgs.Args.ParseAction(CommandLineArgumentsDefinition definition, String[] args)
CredentialProvider.Microsoft: at PowerArgs.Args.ParseAction(Type t, String[] args)
CredentialProvider.Microsoft: at PowerArgs.Args.Parse(Type t, String[] args)
CredentialProvider.Microsoft: at PowerArgs.Args.Parse[T](String[] args)
CredentialProvider.Microsoft: at PowerArgs.Args.<>c__DisplayClass22_0`1.<ParseAsync>b__0()
CredentialProvider.Microsoft: at System.Threading.Tasks.Task`1.InnerInvoke()
CredentialProvider.Microsoft: at System.Threading.Tasks.Task.Execute()
CredentialProvider.Microsoft: --- End of stack trace from previous location where exception was thrown ---
CredentialProvider.Microsoft: at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
CredentialProvider.Microsoft: at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
CredentialProvider.Microsoft: at NuGetCredentialProvider.Program.<Main>d__11.MoveNext() in E:\A\_work\857\s\CredentialProvider.Microsoft\Program.cs:line 63
CredentialProvider.Microsoft: --- End of stack trace from previous location where exception was thrown ---
CredentialProvider.Microsoft: at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
CredentialProvider.Microsoft: at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
CredentialProvider.Microsoft: at NuGetCredentialProvider.Program.<Main>(String[] args)
Unable to load the service index for source https://company.pkgs.visualstudio.com/_packaging/company/nuget/v3/index.json.
Response status code does not indicate success: 401 (Unauthorized).
System.InvalidOperationException: Unable to load the service index for source https://company.pkgs.visualstudio.com/_packaging/company/nuget/v3/index.json.
---> NuGet.Protocol.Core.Types.FatalProtocolException: Unable to load the service index for source https://company.pkgs.visualstudio.com/_packaging/company/nuget/v3/index.json.
---> System.Net.Http.HttpRequestException: Response status code does not indicate success: 401 (Unauthorized).
at System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()
at NuGet.Protocol.HttpSource.<>c__DisplayClass14_0`1.<<GetAsync>b__0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Common.ConcurrencyUtilities.<ExecuteWithFileLockedAsync>d__2`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
...
Install .net sdk 3.0.100.
Set NUGET_PLUGINS_PATH to point to the cred provider location. Use dotnet restore to restore packages. Fails with:
It was not possible to find any compatible framework version
The specified framework 'Microsoft.NETCore.App', version '2.1.0' was not found.
1 source) at System.IO.FileStream.FlushWriteBuffer() at System.IO.FileStream.Dispose(Boolean disposing) at System.IO.Stream.Close() at System.IO.StreamWriter.CloseStreamFromDispose(Boolean disposing) at System.IO.StreamWriter.Dispose(Boolean disposing) at System.IO.TextWriter.Dispose() at NuGet.Protocol.Plugins.Sender.Dispose() at NuGet.Protocol.Plugins.Connection.Dispose() at NuGet.Protocol.Plugins.Plugin.Dispose() at NuGet.Protocol.Plugins.PluginFactory.CreatePluginAsync(String filePath, IEnumerable
1 arguments, IRequestHandlers requestHandlers, ConnectionOptions options, CancellationToken sessionCancellationToken)After that I removed the NUGET_PLUGINS_PATH location and it worked well. So, there is something wrong with nuget talking to plugin for the first time.
Need to revert this commit once resolved.
Hi @satbai I'm using the credprovider from MSBuild, and even though I pass /p:NugetInteractive=true
the CanShowDialog
is still set to false:
IsNonInteractive: False, CanShowDialog: False
It looks like there is no way to thread through the setting to the task from MSBuild?
How are we supposed to configure this if a self-hosted agent is installed on a own server and a build script calls dotnet restore? I have a custom nuget.config that clears and adds:
1 - a Azure DevOps Artifacts feed
2 - NuGet org
Is it supposed to work if I:
Add environment variable: NUGET_PLUGIN_PATHS
pointing to folder with the ZIPs plugins
Add environment variable: VSS_NUGET_EXTERNAL_FEED_ENDPOINTS
with JSON
{"endpointCredentials": [{"endpoint":"https://myfeed.com/index.json", "username":"not-required", "password":"accesstoken"}]}
The access token has full rights to Packages feeds.
I'm trying to install Credential Provider through dockerfile but looks like it is failing for asp.net core sdk 3.0 (mcr.microsoft.com/dotnet/core/sdk:3.0) docker image.
The script InstallCredentialProvider.ps1 is https://github.com/microsoft/artifacts-credprovider/blob/master/helpers/installcredprovider.ps1
Step 12/23 : RUN pwsh InstallCredentialProvider.ps1
---> Running in 7c6e24ab258f
Fetching release https://api.github.com/repos/Microsoft/artifacts-credprovider/releases/latest
Using Microsoft.NetCore2.NuGet.CredentialProvider.zip
Creating temp directory for the Credential Provider zip: C:\Windows\TEMP\CredProviderZip
Directory: C:\Windows\TEMP
Mode LastWriteTime Length Name
---- ------------- ------ ----
d---- 9/5/2019 11:02 AM CredProviderZip
Downloading https://github.com/microsoft/artifacts-credprovider/releases/download/0.1.18/Microsoft.NetCore2.NuGet.CredentialProvider.zip to C:\Windows\TEMP\CredProviderZip\Microsoft.NuGet.CredentialProvider.zip
Extracting zip to the Credential Provider temp directory
Copying Credential Provider to .nuget\plugins
Copy-Item : Cannot find path 'C:\Windows\TEMP\CredProviderZip\plugins\netcore\CredentialProvider.Microsoft' because it does not exist.
At C:\src\InstallCredentialProvider.ps1:128 char:1
+ Copy-Item ([System.IO.Path]::Combine($tempZipLocation, "plugins", $lo ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (C:\Windows\TEMP\Cre…lProvider.Microsoft:String) [Copy-Item], ItemNotFoundException
+ FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.CopyItemCommand
The command 'cmd /S /C pwsh InstallCredentialProvider.ps1' returned a non-zero code: 1
I installed the cred provider to interact with an Azure DevOps packages feed. All was well.
At some point (possibly after a Blue Screen, though I'm not sure), all of my nuget commands started failing with the following error message.
at NuGet.Protocol.Plugins.OutboundRequestContext`1.HandleFault(Message fault)
at NuGet.Protocol.Plugins.MessageDispatcher.OnMessageReceived(Object sender, MessageEventArgs e)
at System.EventHandler`1.Invoke(Object sender, TEventArgs e)
at NuGet.Protocol.Plugins.StandardOutputReceiver.OnLineRead(Object sender, LineReadEventArgs e)
--- End of inner exception stack trace ---
The error didn't go away after re-runs and a reboot.
The errors provided no hint as to what the issue was or how it could be resolved.
After debugging for a while, I was able to trace the error to the following call stack:
credentialprovider.microsoft.exe!NuGetCredentialProvider.Util.EncryptedFile.ReadFileBytes(string, bool) Line 17 C#
credentialprovider.microsoft.exe!NuGetCredentialProvider.Util.SessionTokenCache.ReadFileBytes() Line 85 C#
credentialprovider.microsoft.exe!NuGetCredentialProvider.Util.SessionTokenCache.Cache.get() Line 27 C#
credentialprovider.microsoft.exe!NuGetCredentialProvider.Util.SessionTokenCache.TryGetValue(System.Uri, out string) Line 53 C#
credentialprovider.microsoft.exe!NuGetCredentialProvider.RequestHandlers.GetAuthenticationCredentialsRequestHandler.TryCache(NuGet.Protocol.Plugins.GetAuthenticationCredentialsRequest, out string) Line 149 C#
credentialprovider.microsoft.exe!NuGetCredentialProvider.RequestHandlers.GetAuthenticationCredentialsRequestHandler.HandleRequestAsync(NuGet.Protocol.Plugins.GetAuthenticationCredentialsRequest) Line 63 C#
credentialprovider.microsoft.exe!NuGetCredentialProvider.Program.Main(string[]) Line 155 C#
It looks like my %LocalAppData%\MicrosoftCredentialProvider\SessionTokenCache.dat file was corrupted somehow, leading to these errors.
The tool should ideally detect that the file is corrupted and recreate it. That failing, it should at least log something like 'File X contains invalid data.'
I just have a question about this project.
Can this artifacts credential provider be used to push packages to our internal Azure Dev Ops Artefacts feed.
If not, can you point me in the right direction in how I can achieve this. Limitations are that I cannot use the yaml tasks to push packages, I should be able to do it from a script.
/home/vihofer/corefx/artifacts/installcredprovider.sh: 16: /home/vihofer/corefx/artifacts/installcredprovider.sh: [[: not found
Seems like https://github.com/Microsoft/artifacts-credprovider/blob/master/helpers/installcredprovider.sh#L16 is not supported on all bash variants?
Hey team,
I'm not sure if this is an issue with the dotnet CLI or with the credential provider. I'll try this repository first. I've also reviewed the other open issues and it this doesn't appear to be related.
We are using Azure Artifacts and restoring packages in a docker container:
WORKDIR /nuget_cache_warmer
COPY **/*.csproj ./
RUN for f in ./*.csproj; do dotnet restore $f --source $NUGET_SOURCE --source https://api.nuget.org/v3/index.jsonl; done
This is our base image: FROM microsoft/dotnet:2.1-sdk
Intermittently, I start to see:
Unhandled Exception: [0m [91mSystem.Threading.Tasks.TaskCanceledException: A task was canceled.
NuGet.Protocol.Plugins.MessageDispatcher.DispatchWithNewContextAsync[TOutgoing,TIncoming](IConnection connection, MessageType type, MessageMethod method, TOutgoing payload, CancellationToken cancellationToken) at NuGet.Protocol.Plugins.SymmetricHandshake.HandshakeAsync(CancellationToken cancellationToken) at NuGet.Protocol.Plugins.Connection.ConnectAsync(CancellationToken cancellationToken)
at NuGet.Protocol.Plugins.PluginFactory.CreateFromCurrentProcessAsync(IRequestHandlers requestHandlers, ConnectionOptions options, CancellationToken sessionCancellationToken)
at NuGetCredentialProvider.Program.Main(String[] args)
at NuGetCredentialProvider.Program.<Main>(String[] args)
This happens more than once during the restore processing, but not for every .csproj
file.
What is interesting compared to other issues is the restore process will complete, and I can run the next docker step to build my project successfully.
If it matters, the docker build is running on a Linux TeamCity agent. If I run dotnet restore --disable-parallel
, the exception does not occur, however the restore takes twice as long (as expected).
Since I can still restore successfully this isn't a huge problem, though I thought I'd report it.
When I try to run the powershell script, I get the error:
"installcredprovider.ps1 cannot be loaded. The file C:\Program Files\artifacts-credprovider-master\helpers\installcredprovider.ps1 is not digitally signed. You cannot run this script on the current system. For more information about running scripts and settingexecution policy, see about_Execution_Policies at blah blah."
Digitally signing the script will also help protect the integrity of the file.
Hello,
I'm trying to restore Nuget packages from a private TFS in a docker container using TFS CI/CD. Unfortunately I'm still getting 401 Unauthorized.
FROM microsoft/dotnet:2.2-aspnetcore-runtime AS base
WORKDIR /app
EXPOSE 80
FROM microsoft/dotnet:2.2-sdk AS build
WORKDIR /src
COPY ["Web/Web.csproj", "Web/"]
RUN curl -s -L https://raw.githubusercontent.com/Microsoft/artifacts-credprovider/master/helpers/installcredprovider.sh | bash
COPY nuget.config ./
RUN export VSS_NUGET_EXTERNAL_FEED_ENDPOINTS={"endpointCredentials": [{"endpoint":"http://[redacted]/tfs/SDCC/_packaging/SDCC/nuget/v3/index.json", "username":"[user]", "password":"[PAT]"}]}
ARG token
ENV SYSTEM_ACCESSTOKEN = $token
ENV DOTNET_SYSTEM_NET_HTTP_USESOCKETSHTTPHANDLER=0
RUN dotnet restore "Web/Web.csproj" --configfile nuget.config -nowarn:msb3202,nu1503 --verbosity diag
COPY . .
WORKDIR "/src/Web"
RUN dotnet build "Web.csproj" -c Release -o /app
FROM build AS publish
RUN dotnet publish "Web.csproj" -c Release -o /app
FROM base AS final
WORKDIR /app
COPY --from=publish /app .
ENTRYPOINT ["dotnet", "Web.dll"]
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<!--To inherit the global NuGet package sources remove the <clear/> line below -->
<clear />
<add key="nuget" value="https://api.nuget.org/v3/index.json" />
<add key="SDCC" value="https://[Redacted]/tfs/SDCC/_packaging/SDCC/nuget/v3/index.json" />
</packageSources>
<packageSourceCredentials>
<SDCC>
<add key="Username" value="[UserName]" />
<add key="ClearTextPassword" value="[PAT]" />
</SDCC>
</packageSourceCredentials>
</configuration>
If I install CredProvider I receive that it can't find the nuget package.
If I don't use CredProvider and don't use nuget.config I receive a message, but I guess that's because I don't have included the nuget.config in the docker image
error NU1101: Unable to find package Sdcc.Core. No packages exist with this id in source(s): nuget.org
As response, Either I receive unauhtorized
Response status code does not indicate success: 401 (Unauthorized)
Invaldi status code was supplied
GSSAPI operation failed with error - An invalid status code was supplied (Configuration file does not specify default realm). [/src/Web/Web.csproj]
I'm lost, I have no other idea what to do, as a workaround which works, but breaks the principle of Docker is that In my CI/CD TFS Pipeline, I'm making the restore / build / publish and push everything in Docker container and push the Docker Image.
Thanks
The readme is not very clear on what the prerequisites are for this on Linux -- or, indeed, whether or not this even works with dotnet
on Linux. I have a container based on microsoft/dotnet:2.1-sdk
which contains version 2.1.402
of the SDK according to dotnet, I have run the install script and /root/.nuget/plugins
contains the provider, but:
dotnet restore --interactive project.csproj
likewise fails with a 401 without ever prompting for anything.There's no evidence that the plugin is being run, so I'm guessing my prerequisites are somehow wrong.
IRequestHandler
instances are singletons. The CancellationToken
passed to HandleResponseAsync(...)
is per-request. Because RequestHandlerBase
is changing RequestHandlerBase.CancellationToken
on every request, there's the possibility that multiple inbound requests for the same handler could incorrectly share the same CancellationToken
.
I have been trying to connect to my company's private nuget feed from inside a docker container and struggled to make it work.
In the end I found that there was an bug in the copying of the extracted files: they were copied to the folder where the script was run from instead of the UserProfile folder.
Checking the content of [System.Environment]::GetFolderPath([System.Environment+SpecialFolder]::UserProfile)
in the intermediate container shows that it is empty (while it should be 'C;\Users\ContainerUser').
The base image I used is mcr.microsoft.com/dotnet/core/sdk:3.0
Changing $profilePath=System.Environment]::GetFolderPath([System.Environment+SpecialFolder]::UserProfile)
to $profilePath="C:\Users\ContainerUser\"
made it work in my case.
Passing in the $(System.AccessToken)
and using a custom NuGet.config, I'm seeing this error in the build:
Error
/usr/share/dotnet/sdk/2.2.104/NuGet.targets(114,5): warning : The plugin credential provider could not acquire credentials. Authentication may require manual action. Consider re-running the command with --interactive for `dotnet`, /p:NuGetInteractive="true" for MSBuild or removing the -NonInteractive switch for `NuGet` [/src/Solution/Project.csproj]
/usr/share/dotnet/sdk/2.2.104/NuGet.targets(114,5): error : Unable to load the service index for source https://pkgs.dev.azure.com/1234567890/_packaging/0987654321/nuget/v3/index.json. [/src/Solution/Project.csproj]
/usr/share/dotnet/sdk/2.2.104/NuGet.targets(114,5): error : Response status code does not indicate success: 401 (Unauthorized). [/src/Solution/Project.csproj]
Build YAML
variables:
PAT: $(System.AccessToken)
...
- task: DockerCompose@0
displayName: Container build
inputs:
action: Build services
containerregistrytype: Azure Container Registry
azureSubscriptionEndpoint: $(azureSubscriptionEndpoint)
azureContainerRegistry: $(azureContainerRegistry)
dockerComposeFile: $(projectRootPath)/docker-compose.yml
additionalDockerComposeFiles: docker-compose.az-build.yml
env:
DOCKER_REGISTRY: $(azureContainerRegistry)/
PAT: $(PAT)
Dockerfile
FROM microsoft/dotnet:2.2-sdk AS sdk-base
ARG FEED_URL
ARG PAT
FROM microsoft/dotnet:2.2-aspnetcore-runtime-alpine AS runtime-base
FROM sdk-base AS build
ARG FEED_URL
ARG PAT
# Install the Credential Provider to configure the access
RUN wget -qO- https://raw.githubusercontent.com/Microsoft/artifacts-credprovider/master/helpers/installcredprovider.sh | bash
# Configure the environment variables
ENV NUGET_CREDENTIALPROVIDER_SESSIONTOKENCACHE_ENABLED true
ENV VSS_NUGET_EXTERNAL_FEED_ENDPOINTS "{\"endpointCredentials\": [{\"endpoint\":\"${FEED_URL}\", \"password\":\"${PAT}\"}]}"
WORKDIR /src
COPY ["Solution/Project.csproj", "Solution/"]
COPY ["NuGet.config", "."]
RUN dotnet restore "Solution/Project.csproj" --configfile ./NuGet.config -v quiet
NuGet.config
<configuration>
<packageSources>
<clear />
<add key="0987654321" value="https://pkgs.dev.azure.com/1234567890/_packaging/0987654321/nuget/v3/index.json." protocolVersion="3" />
<add key="nuget.org" value="https://api.nuget.org/v3/index.json" protocolVersion="3" />
</packageSources>
<activePackageSource>
<add key="All" value="(Aggregate source)" />
</activePackageSource>
</configuration>
Hi,
I am trying to use the CredentialProvider to authenticate with a feed in Azure Artifacts, but I can't get it to work with nuget.exe restore.
I have the CredentialProvider in a custom folder and set the NUGET_CREDENTIALPROVIDERS_PATH env var to that same place.
However, when I attemp to run NuGet restore, it keeps failing with 401 (Unauthorized).
I tried to pass the switch -verbosity detailed to nuget.exe, and I get the followin stack trace:
Restoring NuGet package Node.js.x86.0.10.36. WARNING: The credential plugin model used by 'C:\svn\trunkrepo\ServiceStudio\..\Commons\ThirdParty\AzureCredentialsProvider\plugins\netfx\CredentialProvider.Microsoft\CredentialProvider.Microsoft.exe' is deprecated. Please contact the provider of the plugin for an alternative. More information about the recommended plugin model can be found at 'https://aka.ms/nuget-cross-platform-authentication-plugin'. CredentialProvider.Microsoft: Unhandled Exception: PowerArgs.ValidationArgException: detailed is not a valid value for type LogLevel, options are Debug, Verbose, Information, Minimal, Warning, Error CredentialProvider.Microsoft: at PowerArgs.ArgRevivers.ReviveEnum(Type t, String value, Boolean ignoreCase) CredentialProvider.Microsoft: at PowerArgs.CommandLineArgument.Revive(String commandLineValue) CredentialProvider.Microsoft: at PowerArgs.CommandLineArgument.Populate(HookContext context) CredentialProvider.Microsoft: at PowerArgs.CommandLineArgument.PopulateArguments(List
1 arguments, HookContext context)
CredentialProvider.Microsoft: at PowerArgs.Args.ParseInternal(CommandLineArgumentsDefinition definition, String[] input)
CredentialProvider.Microsoft: at PowerArgs.Args.<>c__DisplayClass13_0.b__0()
CredentialProvider.Microsoft: at PowerArgs.Args.Execute[T](Func1 argsProcessingCode) CredentialProvider.Microsoft: at PowerArgs.Args.ParseAction(CommandLineArgumentsDefinition definition, String[] args) CredentialProvider.Microsoft: at PowerArgs.Args.ParseAction(Type t, String[] args) CredentialProvider.Microsoft: at PowerArgs.Args.Parse(Type t, String[] args) CredentialProvider.Microsoft: at PowerArgs.Args.Parse[T](String[] args) CredentialProvider.Microsoft: at PowerArgs.Args.<>c__DisplayClass22_0
1.b__0()
CredentialProvider.Microsoft: at System.Threading.Tasks.Task1.InnerInvoke() CredentialProvider.Microsoft: at System.Threading.Tasks.Task.Execute() CredentialProvider.Microsoft: --- End of stack trace from previous location where exception was thrown --- CredentialProvider.Microsoft: at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() CredentialProvider.Microsoft: at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) CredentialProvider.Microsoft: at NuGetCredentialProvider.Program.<Main>d__11.MoveNext() in E:\A\_work\857\s\CredentialProvider.Microsoft\Program.cs:line 63 CredentialProvider.Microsoft: --- End of stack trace from previous location where exception was thrown --- CredentialProvider.Microsoft: at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() CredentialProvider.Microsoft: at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) CredentialProvider.Microsoft: at NuGetCredentialProvider.Program.<Main>(String[] args)
Can I get some help to understand what's going on? It looks like when I build using MSBuild (without calling nuget.exe directly) it works, but I can't get it to work with nuget.exe.
Best Regards,
Diogo Oliveira
ADAL currently uses PromptBehavior.Always:
https://github.com/microsoft/artifacts-credprovider/blob/master/CredentialProvider.Microsoft/CredentialProviders/Vsts/AdalTokenProvider.cs#L85
Instead, it should use PromptBehavior.SelectAccount, which enables the user to select workplace joined/AAD joined accounts and remove the need to enter in a password again.
ERROR: Unable to find url in JSON response. Response: {
"url": "https://api.github.com/repos/Microsoft/artifacts-credprovider/releases/16072424",
"assets_url": "https://api.github.com/repos/Microsoft/artifacts-credprovider/releases/16072424/assets",
"upload_url": "https://uploads.github.com/repos/Microsoft/artifacts-credprovider/releases/16072424/assets{?name,label}",
"html_url": "https://github.com/Microsoft/artifacts-credprovider/releases/tag/0.1.15",
"id": 16072424,
"node_id": "MDc6UmVsZWFzZTE2MDcyNDI0",
"tag_name": "0.1.15",
"target_commitish": "master",
"name": "0.1.15",
"draft": false,
"author": {
"login": "satbai",
"id": 24945574,
"node_id": "MDQ6VXNlcjI0OTQ1NTc0",
"avatar_url": "https://avatars0.githubusercontent.com/u/24945574?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/satbai",
"html_url": "https://github.com/satbai",
"followers_url": "https://api.github.com/users/satbai/followers",
"following_url": "https://api.github.com/users/satbai/following{/other_user}",
"gists_url": "https://api.github.com/users/satbai/gists{/gist_id}",
"starred_url": "https://api.github.com/users/satbai/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/satbai/subscriptions",
"organizations_url": "https://api.github.com/users/satbai/orgs",
"repos_url": "https://api.github.com/users/satbai/repos",
"events_url": "https://api.github.com/users/satbai/events{/privacy}",
"received_events_url": "https://api.github.com/users/satbai/received_events",
"type": "User",
"site_admin": false
},
"prerelease": false,
"created_at": "2019-03-12T20:54:18Z",
"published_at": "2019-03-12T21:18:31Z",
"assets": [
{
"url": "https://api.github.com/repos/Microsoft/artifacts-credprovider/releases/assets/11496508",
"id": 11496508,
"node_id": "MDEyOlJlbGVhc2VBc3NldDExNDk2NTA4",
"name": "Microsoft.NetCore2.NuGet.CredentialProvider.tar.gz",
"label": null,
"uploader": {
"login": "satbai",
"id": 24945574,
"node_id": "MDQ6VXNlcjI0OTQ1NTc0",
"avatar_url": "https://avatars0.githubusercontent.com/u/24945574?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/satbai",
"html_url": "https://github.com/satbai",
"followers_url": "https://api.github.com/users/satbai/followers",
"following_url": "https://api.github.com/users/satbai/following{/other_user}",
"gists_url": "https://api.github.com/users/satbai/gists{/gist_id}",
"starred_url": "https://api.github.com/users/satbai/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/satbai/subscriptions",
"organizations_url": "https://api.github.com/users/satbai/orgs",
"repos_url": "https://api.github.com/users/satbai/repos",
"events_url": "https://api.github.com/users/satbai/events{/privacy}",
"received_events_url": "https://api.github.com/users/satbai/received_events",
"type": "User",
"site_admin": false
},
"content_type": "application/x-gzip",
"state": "uploaded",
"size": 1248422,
"download_count": 71,
"created_at": "2019-03-12T21:18:17Z",
"updated_at": "2019-03-12T21:18:18Z",
"browser_download_url": "https://github.com/Microsoft/artifacts-credprovider/releases/download/0.1.15/Microsoft.NetCore2.NuGet.CredentialProvider.tar.gz"
},
{
"url": "https://api.github.com/repos/Microsoft/artifacts-credprovider/releases/assets/11496507",
"id": 11496507,
"node_id": "MDEyOlJlbGVhc2VBc3NldDExNDk2NTA3",
"name": "Microsoft.NetCore2.NuGet.CredentialProvider.zip",
"label": null,
"uploader": {
"login": "satbai",
"id": 24945574,
"node_id": "MDQ6VXNlcjI0OTQ1NTc0",
"avatar_url": "https://avatars0.githubusercontent.com/u/24945574?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/satbai",
"html_url": "https://github.com/satbai",
"followers_url": "https://api.github.com/users/satbai/followers",
"following_url": "https://api.github.com/users/satbai/following{/other_user}",
"gists_url": "https://api.github.com/users/satbai/gists{/gist_id}",
"starred_url": "https://api.github.com/users/satbai/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/satbai/subscriptions",
"organizations_url": "https://api.github.com/users/satbai/orgs",
"repos_url": "https://api.github.com/users/satbai/repos",
"events_url": "https://api.github.com/users/satbai/events{/privacy}",
"received_events_url": "https://api.github.com/users/satbai/received_events",
"type": "User",
"site_admin": false
},
"content_type": "application/x-zip-compressed",
"state": "uploaded",
"size": 1262044,
"download_count": 3767,
"created_at": "2019-03-12T21:18:13Z",
"updated_at": "2019-03-12T21:18:13Z",
"browser_download_url": "https://github.com/Microsoft/artifacts-credprovider/releases/download/0.1.15/Microsoft.NetCore2.NuGet.CredentialProvider.zip"
},
{
"url": "https://api.github.com/repos/Microsoft/artifacts-credprovider/releases/assets/11496506",
"id": 11496506,
"node_id": "MDEyOlJlbGVhc2VBc3NldDExNDk2NTA2",
"name": "Microsoft.NuGet.CredentialProvider.tar.gz",
"label": null,
"uploader": {
"login": "satbai",
"id": 24945574,
"node_id": "MDQ6VXNlcjI0OTQ1NTc0",
"avatar_url": "https://avatars0.githubusercontent.com/u/24945574?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/satbai",
"html_url": "https://github.com/satbai",
"followers_url": "https://api.github.com/users/satbai/followers",
"following_url": "https://api.github.com/users/satbai/following{/other_user}",
"gists_url": "https://api.github.com/users/satbai/gists{/gist_id}",
"starred_url": "https://api.github.com/users/satbai/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/satbai/subscriptions",
"organizations_url": "https://api.github.com/users/satbai/orgs",
"repos_url": "https://api.github.com/users/satbai/repos",
"events_url": "https://api.github.com/users/satbai/events{/privacy}",
"received_events_url": "https://api.github.com/users/satbai/received_events",
"type": "User",
"site_admin": false
},
"content_type": "application/x-gzip",
"state": "uploaded",
"size": 3157816,
"download_count": 2124,
"created_at": "2019-03-12T21:18:06Z",
"updated_at": "2019-03-12T21:18:07Z",
"browser_download_url": "https://github.com/Microsoft/artifacts-credprovider/releases/download/0.1.15/Microsoft.NuGet.CredentialProvider.tar.gz"
},
{
"url": "https://api.github.com/repos/Microsoft/artifacts-credprovider/releases/assets/11496505",
"id": 11496505,
"node_id": "MDEyOlJlbGVhc2VBc3NldDExNDk2NTA1",
"name": "Microsoft.NuGet.CredentialProvider.zip",
"label": null,
"uploader": {
"login": "satbai",
"id": 24945574,
"node_id": "MDQ6VXNlcjI0OTQ1NTc0",
"avatar_url": "https://avatars0.githubusercontent.com/u/24945574?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/satbai",
"html_url": "https://github.com/satbai",
"followers_url": "https://api.github.com/users/satbai/followers",
"following_url": "https://api.github.com/users/satbai/following{/other_user}",
"gists_url": "https://api.github.com/users/satbai/gists{/gist_id}",
"starred_url": "https://api.github.com/users/satbai/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/satbai/subscriptions",
"organizations_url": "https://api.github.com/users/satbai/orgs",
"repos_url": "https://api.github.com/users/satbai/repos",
"events_url": "https://api.github.com/users/satbai/events{/privacy}",
"received_events_url": "https://api.github.com/users/satbai/received_events",
"type": "User",
"site_admin": false
},
"content_type": "application/x-zip-compressed",
"state": "uploaded",
"size": 3949510,
"download_count": 15441,
"created_at": "2019-03-12T21:18:02Z",
"updated_at": "2019-03-12T21:18:03Z",
"browser_download_url": "https://github.com/Microsoft/artifacts-credprovider/releases/download/0.1.15/Microsoft.NuGet.CredentialProvider.zip"
}
],
"tarball_url": "https://api.github.com/repos/Microsoft/artifacts-credprovider/tarball/0.1.15",
"zipball_url": "https://api.github.com/repos/Microsoft/artifacts-credprovider/zipball/0.1.15",
"body": "- Fixing 'task is canceled' issue\r\n- Adding mutex handling to SessionTokenCache\r\n- Adding more verbose logs"
}
Is this tool supposed to work if my account has 2 factor authentication turned on? I'm getting prompted for my username and password but am receiving a Response status code does not indicate success: 401 (Unauthorized)
. I've double checked my credentials so I was wondering if MFA might be giving me issues? I've tried giving it a PAT also with no luck
On my Mac development machine, everything is working for commands like dotnet restore
or dotnet add package {private package}
.
However checking outdated items with dotnet list package --outdated
I get the following error:
Ginsberg-2:TS.XXXX.Api user$ dotnet list package --outdated
The following sources were used:
https://api.nuget.org/v3/index.json
https://XXXX.pkgs.visualstudio.com/_packaging/XXXX/nuget/v3/index.json
error: Unable to load the service index for source
https://XXXX.pkgs.visualstudio.com/_packaging/XXXX/nuget/v3/index.json.
error: Response status code does not indicate success: 401 (Unauthorized).
The dotnet list package --outdated
doesn't support the --interactive
flag.
Ginsberg-2:TS.XXXX.Api user$ dotnet --info
.NET Core SDK (reflecting any global.json):
Version: 2.2.104
Commit: 73f036d4ac
Runtime Environment:
OS Name: Mac OS X
OS Version: 10.14
OS Platform: Darwin
RID: osx.10.14-x64
Base Path: /usr/local/share/dotnet/sdk/2.2.104/
Host (useful for support):
Version: 2.2.2
Commit: a4fd7b2c84
.NET Core SDKs installed:
2.1.4 [/usr/local/share/dotnet/sdk]
2.1.503 [/usr/local/share/dotnet/sdk]
2.2.104 [/usr/local/share/dotnet/sdk]
.NET Core runtimes installed:
Microsoft.AspNetCore.All 2.1.7 [/usr/local/share/dotnet/shared/Microsoft.AspNetCore.All]
Microsoft.AspNetCore.All 2.2.2 [/usr/local/share/dotnet/shared/Microsoft.AspNetCore.All]
Microsoft.AspNetCore.App 2.1.7 [/usr/local/share/dotnet/shared/Microsoft.AspNetCore.App]
Microsoft.AspNetCore.App 2.2.2 [/usr/local/share/dotnet/shared/Microsoft.AspNetCore.App]
Microsoft.NETCore.App 2.0.5 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App]
Microsoft.NETCore.App 2.1.7 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App] .
Microsoft.NETCore.App 2.2.2 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App]
To install additional .NET Core runtimes or SDKs:
https://aka.ms/dotnet-download
The credential provider fails to properly authenticate with an Azure DevOps feed about 50% of the time as shown below:
A Fiddler trace shows that the "Authorization" header contains invalid credentials for the times that it fails:
GET https://REDACTED/_packaging/REDACTED/nuget/v3/flat2/REDACTED/index.json HTTP/1.1
X-NuGet-Session-Id: REDACTED
User-Agent: NuGet .NET Core MSBuild Task/4.9.0 (Microsoft Windows 10.0.17134 )
X-NuGet-Client-Version: 4.9.0
Accept-Language: en-US
Accept-Encoding: gzip, deflate
Authorization: Basic Og==
Host: REDACTED
Decoding "Og==" in Base64 results in ":"
I start my multistage docker builds with FROM mcr.microsoft.com/dotnet/core/sdk:3.0
as I'm evaluating .NET Core 3.0.0-preview5. The code I build has dependencies in a private NuGet feed so I use the following along with ARG VSS_NUGET_EXTERNAL_FEED_ENDPOINTS
to supply the required auth info:
FROM mcr.microsoft.com/dotnet/core/sdk:3.0
ARG VSS_NUGET_EXTERNAL_FEED_ENDPOINTS
# support private nuget feeds using the env VSS_NUGET_EXTERNAL_FEED_ENDPOINTS
RUN wget https://raw.githubusercontent.com/Microsoft/artifacts-credprovider/master/helpers/installcredprovider.sh \
&& chmod +x installcredprovider.sh \
&& ./installcredprovider.sh
Feed authorization has worked in the past when the base image is a sdk:2.2 or similar tag. The problem with using the sdk:3.0 tag is that the credentials provider is dependent on .NET Core 2.1 which is unavailable in the base docker image.
Is there a version of the credential provider built for .NET Core 3.0.0 previews, preferably the latest?
I'm trying to set VSS_NUGET_EXTERNAL_FEED_ENDPOINTS
environment variable but it looks like no effect.
Here are the steps to reproduce my problem.
Machine A:
Install NuGet.exe
and CredentialProvider.VSS.exe
choco install nuget.commandline nuget-credentialprovider-vss -y
Create new nuget.config
file
dotnet new nuget
Add my Azure Artifacts NuGet feed
nuget sources add -Name {YourOrg} -Source https://{YourOrg}.pkgs.visualstudio.com/_packaging/{YourProject}/nuget/v3/index.json
Try pass the authenticate
nuget list
Generate PAT by the following command. Copy the "Password" property's value as PAT.
CredentialProvider.VSS.exe -U https://{YourOrg}.pkgs.visualstudio.com/_packaging/{YourProject}/nuget/v3/index.json
Machine B:
Install NuGet.exe
and CredentialProvider.VSS.exe
choco install nuget.commandline nuget-credentialprovider-vss -y
Create new nuget.config
file
dotnet new nuget
Add my Azure Artifacts NuGet feed
nuget sources add -Name {YourOrg} -Source https://{YourOrg}.pkgs.visualstudio.com/_packaging/{YourProject}/nuget/v3/index.json
Setup VSS_NUGET_EXTERNAL_FEED_ENDPOINTS
environment variable. The [PAT] is what I generated at Machine A.
set VSS_NUGET_EXTERNAL_FEED_ENDPOINTS={"endpointCredentials": [{"endpoint":"https://{YourOrg}.pkgs.visualstudio.com/_packaging/{YourProject}/nuget/v3/index.json", "username":"VssSessionToken", "password":"[PAT]"}]}
Try pass the authenticate but this doesn't read VSS_NUGET_EXTERNAL_FEED_ENDPOINTS
environment variable!
nuget list
I expected the pass authentication because I already set correct VSS_NUGET_EXTERNAL_FEED_ENDPOINTS
environment variable! Am I do something wrong?
Hi there,
I'm attempting to set up our on-premise build agents to use the Credential Provider when restoring packages from our private Azure Artifacts feed. However it's not entirely clear from the documentation how you install the Credential Provider NuGet plugin in a way that the Network Service which runs the VSTS / Azure DevOps Agent service can use it.
Would much appreciate if you can update the docs with this info, as the Credential Provider seems like the perfect solution for this kind of environment.
I've been wrestling to get this working with the Alpine builds of the donet core SDK.
Is there an example of this anywhere?
Hi Guys-
I'm running WSL (Pengwin) on Win10. I've installed the credprovider. (Though the plugin dir ended up being ~/.nuget/NuGet/plugins). When I run dotnet restore --interactive
, I get:
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : [CredentialProvider]Failed to acquire session token: System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. ---> System.TypeInitializationException: The type initializer for 'SslMethods' threw an exception. ---> System.TypeInitializationException: The type initializer for 'Ssl' threw an exception. ---> System.TypeInitializationException: The type initializer for 'SslInitializer' threw an exception. ---> Interop+Crypto+OpenSslCryptographicException: error:0E076071:configuration file routines:MODULE_RUN:unknown module name [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at Interop.SslInitializer..cctor() [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : --- End of inner exception stack trace --- [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at Interop.Ssl..cctor() [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : --- End of inner exception stack trace --- [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at Interop.Ssl.SslV2_3Method() [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at Interop.Ssl.SslMethods..cctor() [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : --- End of inner exception stack trace --- [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at Interop.OpenSsl.AllocateSslContext(SslProtocols protocols, SafeX509Handle certHandle, SafeEvpPKeyHandle certKeyHandle, EncryptionPolicy policy, SslAuthenticationOptions sslAuthenticationOptions) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Security.SafeDeleteSslContext..ctor(SafeFreeSslCredentials credential, SslAuthenticationOptions sslAuthenticationOptions) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, SslAuthenticationOptions sslAuthenticationOptions) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : --- End of inner exception stack trace --- [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Security.SslStream.BeginAuthenticateAsClient(SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken, AsyncCallback asyncCallback, Object asyncState) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Security.SslStream.<>c.<AuthenticateAsClientAsync>b__47_0(SslClientAuthenticationOptions arg1, CancellationToken arg2, AsyncCallback callback, Object state) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Threading.Tasks.TaskFactory`1.FromAsyncImpl[TArg1,TArg2](Func`5 beginMethod, Func`2 endFunction, Action`1 endAction, TArg1 arg1, TArg2 arg2, Object state, TaskCreationOptions creationOptions) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Threading.Tasks.TaskFactory.FromAsync[TArg1,TArg2](Func`5 beginMethod, Action`1 endMethod, TArg1 arg1, TArg2 arg2, Object state, TaskCreationOptions creationOptions) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Threading.Tasks.TaskFactory.FromAsync[TArg1,TArg2](Func`5 beginMethod, Action`1 endMethod, TArg1 arg1, TArg2 arg2, Object state) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Security.SslStream.AuthenticateAsClientAsync(SslClientAuthenticationOptions sslClientAuthenticationOptions, CancellationToken cancellationToken) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : --- End of inner exception stack trace --- [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Threading.Tasks.ValueTask`1.get_Result() [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Threading.Tasks.ValueTask`1.get_Result() [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask`1 creationTask) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Threading.Tasks.ValueTask`1.get_Result() [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at NuGetCredentialProvider.CredentialProviders.Vsts.AuthUtil.GetResponseHeadersAsync(Uri uri, CancellationToken cancellationToken) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at NuGetCredentialProvider.CredentialProviders.Vsts.AuthUtil.GetAadAuthorityUriAsync(Uri uri, CancellationToken cancellationToken) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at NuGetCredentialProvider.CredentialProviders.Vsts.VstsCredentialProvider.HandleRequestAsync(GetAuthenticationCredentialsRequest request, CancellationToken cancellationToken) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : at NuGetCredentialProvider.RequestHandlers.GetAuthenticationCredentialsRequestHandler.HandleRequestAsync(GetAuthenticationCredentialsRequest request) [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : Unable to load the service index for source https://mscatapult.pkgs.visualstudio.com/_packaging/FpgaTools/nuget/v3/index.json. [/mnt/c/code/HWBuild/hwbuild.sln]
/usr/share/dotnet/sdk/2.2.300/NuGet.targets(121,5): error : Response status code does not indicate success: 401 (Unauthorized). [/mnt/c/code/HWBuild/hwbuild.sln]
I'm not sure where to go from here. Is the credprovider not compatible with WSL or am I missing a package...? Is this even a credprovider issue or should I submit this to the .net core team?
If VSS_NUGET_EXTERNAL_FEED_ENDPOINTS is set as an environment variable like:
{"endpointCredentials": [{"endpoint":"https://accountname.pkgs.visualstudio.com/_packaging/feed-name/nuget/v3/index.json", "username":"username", "password":"$(VstsToken)"}]}
where $(VstsToken)
is a secret variable (which it would be , of course), then the credential provider does not work as it does not have access to the variable.
Passing in a version explictly instead of relying on latest is important for deterministic builds.
Hello
I'm not sure if this belongs to this repository.
I set up an Azure DevOps Pipeline and tried to get nugets from telerik feed with auth, but this doesn't work with credential provider (as described here https://docs.microsoft.com/en-us/azure/devops/artifacts/nuget/dotnet-exe)
My Pipeline:
steps:
- task: NuGetToolInstaller@0
displayName: 'Use NuGet 4.8.1'
inputs:
versionSpec: 4.8.1
checkLatest: true
- task: NuGetCommand@2
displayName: 'NuGet restore'
inputs:
restoreSolution: '$(Parameters.solution)'
feedsToUse: config
nugetConfigPath: src/SomeObscureWeb/NuGet.Config
I tried specifying json in VSS_NUGET_EXTERNAL_FEED_ENDPOINTS as Pipeline Variable but it doesn't seem that credential provider in pipline is using this value.
My VSS_NUGET_EXTERNAL_FEED_ENDPOINTS looks like this
{"endpointCredentials": [{
"endpoint":"https://nuget.telerik.com/nuget",
"username":"[email protected]",
"password":"xxx"}]}
How should I setup VSS_NUGET_EXTERNAL_FEED_ENDPOINTS for Azure Pipline to add new feed with credentials?
Thank you
Peter
Hello,
I have the credential provider installed at %userprofile%/.nuget/plugins
. It works fine for the dotnet
CLI. I have used the --interactive
switch once and it has saved my credentials and reuses the cached creds on subsequent dotnet
operations.
I'm now trying to have nuget.exe
cache my credentials. However, on each nuget restore
run, it prompts me for my credentials when trying to authenticate against Azure Artifacts.
Tool versions:
MSBuild: 15.9.21.664
nuget.exe: 4.9.4.5839
I noticed when running nuget restore
, the tool outputs this:
MSBuild auto-detection: using msbuild version '15.9.21.664' from 'C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\MSBuild\15.0\bin'.
Is it likely I need to use interactive mode with msbuild
first before I can use nuget.exe
without providing credentials?
I'm running msbuild /t:restore /p:nugetInteractive=true
but it doesn't seem to be restoring any of my packages. I'll keep trying and in the meantime, I'm hoping to hear back from one of the contributors here.
Thanks for your help and thanks for developing this great tool :)
I just installed the credential provider via the helper script on macOS. I'm now trying to install a global tool from a private azure feed, but it's coming up with a package not found error. I suspect this is because I haven't yet acquired a token. The README says to run dotnet restore --interactive, but I don't have a project against which I can restore (since I'm trying to install a global tool). Is there another way to force it to acquire a token?
The version of the cred provider that is in current Visual Studio 2019 previews is 0.1.5 from September 2018. There have been a lot of improvements around Windows auth since then but I'm having to tell people to manually install the latest version. Will you be updating the version that ships with Visual Studio soon?
All our users are not able to authenticate with our DevOps Artifacts feed.
[Verbose] [CredentialProvider]GET https://XXX
[Verbose] [CredentialProvider]Could not find AAD authority from headers, using default: https://login.microsoftonline.com
[Verbose] [CredentialProvider]Using AAD authority: https://login.microsoftonline.com/common
[Verbose] [CredentialProvider]Failed to acquire token from cache
[Verbose] [CredentialProvider]VstsCredentialProvider - Exception trying to generate VSTS/TFS token: https://XXX, message: password_required_for_managed_user: Password is required for managed user, stack: at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenNonInteractiveHandler.PreTokenRequestAsync()
at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.RunAsync()
at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.AcquireTokenCommonAsync(String resource, String clientId, UserCredential userCredential)
at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions.AcquireTokenAsync(AuthenticationContext ctx, String resource, String clientId, UserCredential userCredential)
at NuGetCredentialProvider.CredentialProviders.Vsts.AdalTokenProvider.AcquireTokenWithWindowsIntegratedAuth(CancellationToken cancellationToken) in E:\A\_work\203\s\CredentialProvider.Microsoft\CredentialProviders\Vsts\AdalTokenProvider.cs:line 98
at NuGetCredentialProvider.CredentialProviders.Vsts.BearerTokenProvider.GetAsync(Uri uri, Boolean isRetry, Boolean isNonInteractive, Boolean canShowDialog, CancellationToken cancellationToken) in E:\A\_work\203\s\CredentialProvider.Microsoft\CredentialProviders\Vsts\BearerTokenProvider.cs:line 65
at NuGetCredentialProvider.CredentialProviders.Vsts.VstsCredentialProvider.HandleRequestAsync(GetAuthenticationCredentialsRequest request, CancellationToken cancellationToken) in E:\A\_work\203\s\CredentialProvider.Microsoft\CredentialProviders\Vsts\VstsCredentialProvider.cs:line 70
[Verbose] [CredentialProvider]VstsCredentialProvider - Could not find credentials for https://XXX
[Information] [CredentialProvider]Username:
[Information] [CredentialProvider]Password:
If not published as a self-contained app, a NuGet launch of the plugin could fail if the plugin's runtime dependencies are not satisfied.
.NET Core ran into this failure because their build uses .NET Core 3.0 with multilevel lookup (DOTNET_MULTILEVEL_LOOKUP
) disabled.
I've installed the credential provider using the one-shot script and verified the locations of the tooling as provided in the description. I assume the correct behavior for the credential provider is to prompt once and terminate. When I run dotnet restore --interactive
in either an Ubuntu terminal or in VS Code terminal it results in a continuous loop of browser authentications with generated tokens (i.e. repeated requests for authentication with different tokens as shown in the screenshot below). The command never completes unless I leave it running and don't respond within 90 seconds. For each cycle of authentication, I do receive an email confirmation from Azure DevOps for each new token. Any help on this would be appreciated as it's becoming a blocking issue.
OS: Ubuntu 19.04
VS Code: 1.37.1
.NET Core 2.2
I have run https://raw.githubusercontent.com/microsoft/artifacts-credprovider/master/helpers/installcredprovider.ps1 on my machine and 0.1.18.0 of the credential provider is installed.
Yet when I try to use nuget install
I just get a username/password prompt:
tools\5.0.2\nuget.exe install -source https://devdiv.pkgs.visualstudio.com/DefaultCollection/_packaging/MicroBuildToolset/nuget/v3/index.json A
Feeds used:
https://devdiv.pkgs.visualstudio.com/DefaultCollection/_packaging/MicroBuildToolset/nuget/v3/index.json
Installing package 'A' to 'D:\git\lib.template'.
MSBuild auto-detection: using msbuild version '16.300.19.37701' from 'C:\Program Files (x86)\Microsoft Visual Studio\2019\Int.Preview\MSBuild\Current\Bin'.
Please provide credentials for: https://devdiv.pkgs.visualstudio.com/DefaultCollection/_packaging/MicroBuildToolset/nuget/v3/index.json
UserName: Password:
The Credential Provider accepts a set of environment variables. These are the only two that we recommend setting in non-triage situations.
What is a "non-triage situation"?
See: https://github.com/microsoft/artifacts-credprovider#environment-variables
Do you possible mean "non-interactive"?
If SessionTokenCache.dat is not present & up-to-date, spawning multiple Nuget/CredentialProvider processes at once will lead to failures.
There are two specific problems here:
[Error] [CredentialProvider]Failed to acquire session token: System.IO.IOException: The process cannot access the file '%userprofile%\AppData\Local\MicrosoftCredentialProvider\SessionTokenCache.dat' because it is being used by another process.
Note that this does NOT seem to cause SessionTokenCache.dat to become corrupted. Subsequent runs seem to work just fine.
The following C# snippet will consistently produce a few failures.
const int numProcesesToSpawn = 20;
string credentialProviderExe = Environment.ExpandEnvironmentVariables(@"%userprofile%\.nuget\plugins\netfx\CredentialProvider.Microsoft\CredentialProvider.Microsoft.exe");
string datFilePath = Environment.ExpandEnvironmentVariables(@"%LocalAppData%\MicrosoftCredentialProvider\SessionTokenCache.dat");
string feedUrl = "<my AzDev nuget feed url>";
if (File.Exists(datFilePath)) File.Delete(datFilePath);
Parallel.For(0, numProcesesToSpawn, (i) =>
{
ProcessStartInfo startInfo = new ProcessStartInfo(credentialProviderExe, $"-N -U {feedUrl}");
startInfo.UseShellExecute = false;
startInfo.RedirectStandardOutput = true;
Process process = Process.Start(startInfo);
process.WaitForExit();
string stdOut = process.StandardOutput.ReadToEnd();
if (stdOut.Contains("The process cannot access the file"))
{
Console.WriteLine($"Encountered failure. Exit code is {process.ExitCode}. Stdout = '{stdOut}'");
}
});
Console.WriteLine("Done");
[Information] [CredentialProvider]VstsCredentialProvider - Acquired bearer token using 'ADAL Windows Integrated Authentication'
[Information] [CredentialProvider]VstsCredentialProvider - Attempting to exchange the bearer token for an Azure DevOps session token.
[Error] [CredentialProvider]Failed to acquire session token: System.IO.IOException: The process cannot access the file 'C:\Users\bberger\AppData\Local\MicrosoftCredentialProvider\SessionTokenCache.dat' because it is being used by another process.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.File.InternalWriteAllBytes(String path, Byte[] bytes, Boolean checkHost)
at NuGetCredentialProvider.Util.EncryptedFile.WriteFileBytes(String filePath, Byte[] bytes, Boolean writeUnencrypted) in E:\A\_work\467\s\CredentialProvider.Microsoft\Util\EncryptedFile.cs:line 36
at NuGetCredentialProvider.Util.SessionTokenCache.set_Item(Uri key, String value) in E:\A\_work\467\s\CredentialProvider.Microsoft\Util\SessionTokenCache.cs:line 40
at NuGetCredentialProvider.RequestHandlers.GetAuthenticationCredentialsRequestHandler.<HandleRequestAsync>d__5.MoveNext() in E:\A\_work\467\s\CredentialProvider.Microsoft\RequestHandlers\GetAuthenticationCredentialsRequestHandler.cs:line 91
[Information] [CredentialProvider]Username:
[Information] [CredentialProvider]Password:
Restoring NuGet package NETStandard.Library.2.0.3.
MSBuild auto-detection: using msbuild version '15.9.21.664' from 'C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\MSBuild\15.0\bin'.
[CredentialProvider]VstsCredentialProvider - Attempting to exchange the bearer token for an Azure DevOps session token.
[CredentialProvider]VstsCredentialProvider - Acquired bearer token using 'ADAL Windows Integrated Authentication'
WARNING: Unable to find version '2.0.3' of package 'NETStandard.Library'.
D:\nugetcache\.pkgref: Package 'NETStandard.Library.2.0.3' is not found on source 'D:\nugetcache\.pkgref'.
<my AzDev feed>: Unable to load the service index for source <my AzDev feed>.
Response status code does not indicate success: 401 (Unauthorized).
WARNING: Unable to find version '2.0.3' of package 'NETStandard.Library'.
D:\nugetcache\.pkgref: Package 'NETStandard.Library.2.0.3' is not found on source 'D:\nugetcache\.pkgref'.
<my AzDev feed>: Unable to load the service index for source <my AzDev feed>.
Response status code does not indicate success: 401 (Unauthorized).
NuGet Config files used:
D:\o1\dev\NuGet.Config
%AppData%\Roaming\NuGet\NuGet.Config
C:\Program Files (x86)\NuGet\Config\Microsoft.VisualStudio.Offline.config
Feeds used:
D:\nugetcache\.pkgref
<my AzDev feed>
[CredentialProvider]Failed to acquire session token: System.IO.IOException: The process cannot access the file '%LocalAppData%\MicrosoftCredentialProvider\SessionTokenCache.dat' because it is being used by another process.
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean
useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.File.InternalWriteAllBytes(String path, Byte[] bytes, Boolean checkHost)
at NuGetCredentialProvider.Util.EncryptedFile.WriteFileBytes(String filePath, Byte[] bytes, Boolean writeUnencrypted) in E:\A\_work\467\s\CredentialProvider.Microsoft\Util\EncryptedFile.cs:line 36
at NuGetCredentialProvider.Util.SessionTokenCache.set_Item(Uri key, String value) in E:\A\_work\467\s\CredentialProvider.Microsoft\Util\SessionTokenCache.cs:line 40
at NuGetCredentialProvider.RequestHandlers.GetAuthenticationCredentialsRequestHandler.d__5.MoveNext() in E:\A\_work\467\s\CredentialProvider.Microsoft\RequestHandlers\GetAuthenticationCredentialsRequestHandler.cs:line
91
Errors in packages.config projects
Unable to find version '2.0.3' of package 'NETStandard.Library'.
D:\nugetcache\.pkgref: Package 'NETStandard.Library.2.0.3' is not found on source 'D:\nugetcache\.pkgref'.
<my AzDev feed>: Unable to load the service index for source <my AzDev feed>.
Response status code does not indicate success: 401 (Unauthorized).
Installed Cred Provider with automated PowerShell script.
NUGET_PLUGIN_PATHS
env var, so the convention based lookup is broken.Then I set the env var:
$env:NUGET_PLUGIN_PATHS="C:\Users\OSKAR207adm\.nuget\plugins\netcore\CredentialProvider.Microso
ft\CredentialProvider.Microsoft.dll"
PS C:\Users\OSKAR207adm> & "C:\BuildAgent\tools\NuGet.CommandLine.4.9.2\tools\NuGet.exe" push "<package>"
vsts -Source <feed_url> -Verbosity detailed
NuGet Version: 4.9.2.5706
Using C:\Users\OSKAR207adm\.nuget\plugins\netcore\CredentialProvider.Microsoft\CredentialProvider.Microsoft.dll as a cre
dential provider plugin.
Unhandled Exception: System.IO.FileNotFoundException: Could not load file or assembly 'System.Runtime, Version=4.2.1.0,
Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. The system cannot find the file specified.
Unable to load the service index for source <feed_url>.
A task was canceled.
NuGet.Protocol.Core.Types.FatalProtocolException: Unable to load the service index for source <feed_url>.
---> System.Threading.Tasks.TaskCanceledException: A tas
k was canceled.
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.TimeoutUtility.<StartWithTimeout>d__0`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.HttpRetryHandler.<SendAsync>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.HttpSource.<GetThrottledResponse>d__20.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.HttpSource.<>c__DisplayClass14_0`1.<<GetAsync>b__0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Common.ConcurrencyUtilities.<ExecuteWithFileLockedAsync>d__2`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.HttpSource.<GetAsync>d__14`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.ServiceIndexResourceV3Provider.<GetServiceIndexResourceV3>d__9.MoveNext()
--- End of inner exception stack trace ---
at NuGet.Protocol.ServiceIndexResourceV3Provider.<GetServiceIndexResourceV3>d__9.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.ServiceIndexResourceV3Provider.<TryCreate>d__8.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.Core.Types.SourceRepository.<GetResourceAsync>d__16`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.PackageUpdateResourceV3Provider.<TryCreate>d__1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.Core.Types.SourceRepository.<GetResourceAsync>d__16`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.Core.Types.SourceRepository.<GetResourceAsync>d__15`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Commands.CommandRunnerUtility.<GetPackageUpdateResource>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Commands.PushRunner.<Run>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.CommandLine.PushCommand.<ExecuteCommandAsync>d__32.MoveNext()
.NET Core SDK version: 2.2.103
Environment
$HOME\.nuget\plugins
Issues
dotnet restore --interactive
does not promptdotnet restore
with nuget.config file containing PAT token throws exception/usr/share/dotnet/sdk/2.1.500/NuGet.targets(114,5): error : Unable to load the service index for source https://[REDACTED]/nuget/v3/index.json. [REDACTED]
/usr/share/dotnet/sdk/2.1.500/NuGet.targets(114,5): error : GSSAPI operation failed with error - An invalid status code was supplied (Invalid value in argument). [REDACTED]
dotnet restore
without specifying PAT token in nuget.config throws exception/usr/share/dotnet/sdk/2.1.500/NuGet.targets(114,5): error : Unable to load the service index for source https://REDACTED/nuget/v3/index.json. [REDACTED]
/usr/share/dotnet/sdk/2.1.500/NuGet.targets(114,5): error : GSSAPI operation failed with error - An invalid status code was supplied (SPNEGO cannot find mechanisms to negotiate). [REDACTED]
Please advise on any know issues / workaround to get a dotnet restore
working against a TFS private package feed.
When I download git for Windows, then it has built-in support for 2FA for different providers like GitHub or VSTS.
Wouldn't it make sense to include this credential provider directly in the main nuget distribution? This would save projects from including installation instructions in their README files on how to get started with private Azure NuGet feeds. I consider this a problem, especially since this is only required when using the command line or VS Code. Opening a project in Visual Studio works out of the box as it has built-in integration with private Azure NuGet feeds and doesn't require any extra steps.
When running CredentialProvider for the first time, it will pop up a Microsoft log-in window (presumably via the "Trying authentication provider Browser-based federated authentication..." option. When using my correct Azure DevOps account with Artifacts option enabled, all works well.
Somehow, I had to supply my login id/password again in that microsoft login window, but I mistakenly used the wrong account (which does not have Artifacts option). I now continuously get 402 error from Nuget (Payment Required: user does not have license). This is all correct up to this point.
My issue now, is how do I revoke that credential / log-in and reset CredentialProvider to ask me for login username/password again? If I run Visual Studio under a different name as such: "runas
/netonly /user:anotherUserName devenv.exe", it will then ask me to re-log in via Microsoft pop up window once CredentialProvider is run.
Any way to work around this via options?
I'm looking to migrate from Microsoft.VisualStudio.Services.NuGet.CredentialProvider, but I'm a bit unclear as to what UI I should get when running in interactive mode.
Should I see a pop-up dialog (like I would get with the old provider), or is it just a console-based prompt?
Or does it vary depending on whether I run dotnet restore
or nuget restore
?
There is a case sensitive comparison on line 111 in VstsBuildTaskServiceEndpointCredentialProvider.cs that leads to unbeing able to authorization for a certain endpoint if something is in the wrong case. This comparison should be made case insensitive.
Hello,
Maybe you could help me with authentication with private NuGet feed, I already spend a day for different solutions and notice this repo, but I'm still struggling to make it done.
I'm using below Dockerfile with different variations, but I'm getting Unauthorized each time
FROM microsoft/dotnet:2.2-sdk AS build
ARG VSS_NUGET_EXTERNAL_FEED_ENDPOINTS
WORKDIR /api
#ENV VSS_NUGET_EXTERNAL_FEED_ENDPOINTS={"endpointCredentials":[{"endpoint":"https://name.pkgs.visualstudio.com/_packaging/Feed/nuget/v3/index.json","username":"PAT","password":"PAT"}]}
# Auth with private feed
RUN wget https://raw.githubusercontent.com/Microsoft/artifacts-credprovider/master/helpers/installcredprovider.sh \
&& chmod +x installcredprovider.sh \
&& ./installcredprovider.sh
# Copy csproj and restore as distinct layers
COPY ["App.csproj", "./"]
RUN dotnet restore
# Copy everything else and build
COPY . ./
RUN dotnet publish -c Release -o out
FROM microsoft/dotnet:2.2-aspnetcore-runtime AS runtime
WORKDIR /api
COPY --from=build /api/out ./
EXPOSE 4444
ENTRYPOINT ["dotnet", "App.dll"]
I tried with ARGs and ENVs to set the VSS_NUGET_EXTERNAL_FEED_ENDPOINTS, but each time I'm getting this error:
error NU1101: Unable to find package Package.Name. No packages exist with this id in source(s): nuget.org
Currently we don't have dedicated NuGet.Config in the project, maybe it's the case of this issue?
That I need to create it and add this private repo to it?
Thank you.
Our AzureDevOps build pipeline continues to see "System.Threading.Tasks.TaskCanceledException: A task was canceled." exceptions during NuGet restore, similar to #77, but we have version 0.1.15 that contains the fix for that issue.
We are using NuGet.exe v4.9.4 on AzureDevOps, installed using the NuGetToolInstaller@0 and performing a Restore using NuGetCommand@2, v2.150.0.
From the build logs, here's the NuGet.exe invocation:
Detected NuGet version 4.9.4.5839 / 4.9.4+ed6e2dca9391d13b431f4eff58c5194f0ebcee13
SYSTEMVSSCONNECTION exists true
[command]C:\BA\_tool\NuGet\4.9.4\x64\nuget.exe restore "C:\BA\8139\s\SpatialServices\SpatialServices API - Windows.sln" -Verbosity Detailed -NonInteractive -ConfigFile C:\BA\8139\s\SpatialServices\nuget.config
NuGet Version: 4.9.4.5839
MSBuild auto-detection: using msbuild version '15.9.21.664' from 'C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\MSBuild\15.0\bin'. Use option -MSBuildVersion to force nuget to use a specific version of MSBuild.
Here's the output from the CredentialProvider.Microsoft.exe
showing version information:
Using C:\BA\_tasks\NuGetCommand_333b11bd-d341-40d9-afcf-b32d5ce6f23b\2.150.0\CredentialProviderV2\plugins\netfx\CredentialProvider.Microsoft\CredentialProvider.Microsoft.exe as a credential provider plugin.
[CredentialProvider.175929]Time elapsed in milliseconds after sending response 'Request' 'GetOperationClaims': 28
[CredentialProvider.175929]Running in plug-in mode
[CredentialProvider.175929]Handling 'Request' 'Initialize'. Time elapsed in ms: 7 - Payload: {"ClientVersion":"4.9.4","Culture":"en-US","RequestTimeout":"00:00:05"}
[CredentialProvider.175929]Time elapsed in milliseconds after sending response 'Request' 'Initialize': 10
[CredentialProvider.175929]Sending response: 'Request' 'Initialize'. Time elapsed in ms: 9
[CredentialProvider.175929]Command-line v0.1.15: "C:\BA\_tasks\NuGetCommand_333b11bd-d341-40d9-afcf-b32d5ce6f23b\2.150.0\CredentialProviderV2\plugins\netfx\CredentialProvider.Microsoft\CredentialProvider.Microsoft.exe" -Plugin
[CredentialProvider.175929]Handling 'Request' 'GetOperationClaims'. Time elapsed in ms: 1 - Payload: {}
[CredentialProvider.175929]Sending response: 'Request' 'GetOperationClaims'. Time elapsed in ms: 12
[CredentialProvider.175929]Handling 'Request' 'SetLogLevel'. Time elapsed in ms: 1 - Payload: {"LogLevel":"Debug"}
[CredentialProvider]Sending response: 'Request' 'SetLogLevel'. Time elapsed in ms: 3
[CredentialProvider]Time elapsed in milliseconds after sending response 'Request' 'SetLogLevel': 6
And the unhandled exception that fails builds:
Unhandled Exception: System.Threading.Tasks.TaskCanceledException: A task was canceled.
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.Plugins.MessageDispatcher.<DispatchWithNewContextAsync>d__26`2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.Plugins.SymmetricHandshake.<HandshakeAsync>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.Plugins.Connection.<ConnectAsync>d__25.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGet.Protocol.Plugins.PluginFactory.<CreateFromCurrentProcessAsync>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGetCredentialProvider.Program.<Main>d__11.MoveNext() in E:\A\_work\616\s\CredentialProvider.Microsoft\Program.cs:line 133
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at NuGetCredentialProvider.Program.<Main>(String[] args)
== Repro ==
(get-item -Path "$Env:userprofile\.nuget\plugins\netfx\CredentialProvider.Microsoft\CredentialProvi der.Microsoft.exe").VersionInfo | Format-List -Force
The version will still be the old version instead of whatever the current version is (currently 0.1.15.0)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.