Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nuget command line ignores credentials saved by Visual studio #243

Closed
dominoFire opened this issue Apr 5, 2021 · 1 comment
Closed

nuget command line ignores credentials saved by Visual studio #243

dominoFire opened this issue Apr 5, 2021 · 1 comment
Labels
redirect-to-dev-community

Comments

@dominoFire
Copy link

Original post at NuGet/Home#10710 by @tapika

Tested with nuget 5.8.0.6930, and 5.9.0.7134.

When running "nuget.exe restore solution.sln" command - nuget does not use Visual Studio credentials, and does not prompt to enter login and password.

First provider which gets executed is MsalDeviceCodeFlowBearerTokenProvider.

Text banner looks like this:

**********************************************************************

To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code ABCEDFGH to authenticate.

**********************************************************************

Brief analysis of https://github.com/microsoft/artifacts-credprovider code and couple of debug sessions revealed to me what was the problem.

There exists two different compilations of credprovider - namely .net core's without user interface, and .net framework (NETFRAMEWORK define macro enabled) with user interface.

By default if you install credential provider using command line like installcredprovider.ps1
it will download .net core credential provider, which is without user interface.

If you however use -AddNetfx parameter at the end - it will download .net framework based credential provider, which in a turn can display login and password prompt to azure and avoid that ugly device based authentication.

I guess for nuget there are two strategies which can be used.

nuget automatically authorizes against azure via login / password by allowing user interface prompt. (Using VstsCredentialProvider class)
(E.g. powershell script like this could be used if necessary: chocolatey/choco#1721 (comment))

nuget restore already have -NonInteractive which can be used to suppress UI prompt if necessary.

nuget uses %localappdata%\MicrosoftCredentialProvider\SessionTokenCache.dat file directly and authorizes against azure if personal access token is not expired.
I by myself would prefer to have 1 implemented and using -NonInteractive it would be possible to suppress login dialog.

Device code bearer token provider authorizes nuget restore for 4 hours - which is quite small amount of time for developer.

(Yesterday it was working - what? - again to log in ?)

If it continues to authorize for 4 hours, then I would prefer to remove it or obsolete it.
In link above I've managed to suppress by setting timeout limit environment variable - but this maybe not good from nuget console output perspective.
@github-actions
Copy link

In order to consolidate to fewer feedback channels, we've moved suggestions and issue reporting to Developer Community.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
redirect-to-dev-community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dominoFire