ADO Server - Ability to authenticate using agent identity to ADO Artifacts feed

[tdr2378]

I am using ModuleFast in ci/cd to query and download powershell modules from local ADO Artifacts feed.
The feed uses Powershell Gallery as upstream and functions as local cache.

HTTP2/3 prevents the agent to authenticate to the feed using NTLM/Kerberos.
I know that there is the option of using PATs with basic authentication, still for our use case HTTP1.1 with classic authentication makes it easier to manage.
The change only require a flag that affects following 3 lines:

function New-ModuleFastClient {
  param(
    [PSCredential]$Credential,
    [int]$Timeout = 30
  )
  Write-Debug 'Creating new ModuleFast HTTP Client. This should only happen once!'
  $ErrorActionPreference = 'Stop'
  #SocketsHttpHandler is the modern .NET 5+ default handler for HttpClient.

  $httpHandler = [SocketsHttpHandler]@{
    #The max connections are only in case we end up using HTTP/1.1 instead of HTTP/2 for whatever reason. HTTP/2 will only use one connection (but multiple streams) per the spec unless EnableMultipleHttp2Connections is specified
    MaxConnectionsPerServer        = 10
    #Reduce the amount of round trip confirmations by setting window size to 64MB. ModuleFast should primarily be used on reliable fast connections. Dynamic scaling will reduce this if needed.
    InitialHttp2StreamWindowSize   = 16777216
    AutomaticDecompression         = 'All'
ADD>>>>>> Credentials                    = [System.Net.CredentialCache]::DefaultNetworkCredentials 
  }

  $httpClient = [HttpClient]::new($httpHandler)
  $httpClient.BaseAddress = $Source
  #When in parallel some operations may take a significant amount of time to return
  $httpClient.Timeout = [TimeSpan]::FromSeconds($Timeout)

  #If a credential was provided, use it as a basic auth credential
  if ($Credential) {
    $httpClient.DefaultRequestHeaders.Authorization = ConvertTo-AuthenticationHeaderValue $Credential
  }

  #This user agent is important, it indicates to pwsh.gallery that we want dependency-only metadata
  #TODO: Do this with a custom header instead
  $userHeaderAdded = $httpClient.DefaultRequestHeaders.UserAgent.TryParseAdd('ModuleFast (github.com/JustinGrote/ModuleFast)')
  if (-not $userHeaderAdded) {
    throw 'Failed to add User-Agent header to HttpClient. This is a bug'
  }

  #This will multiplex all queries over a single connection, minimizing TLS setup overhead
  #Should also support HTTP/3 on newest PS versions
REMOVE>>>>>>$httpClient.DefaultVersionPolicy = [HttpVersionPolicy]::RequestVersionOrHigher
  #This should enable HTTP/3 on Win11 22H2+ (or linux with http3 library) and PS 7.2+
REMOVE>>>>>>[void][AppContext]::SetSwitch('System.Net.SocketsHttpHandler.Http3Support', $true)
  return $httpClient
}

[JustinGrote]

Thanks for your submission! What we can do is make these options so they are configurable, I do want to keep http3 uplift support for most clients however.

[tdr2378]

Thank you. And of course, I just need a way to make it work without manualy editing the source