You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When running "nuget.exe restore solution.sln" command - nuget does not use Visual Studio credentials, and does not prompt to enter login and password.
First provider which gets executed is MsalDeviceCodeFlowBearerTokenProvider.
Text banner looks like this:
**********************************************************************
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code ABCEDFGH to authenticate.
**********************************************************************
There exists two different compilations of credprovider - namely .net core's without user interface, and .net framework (NETFRAMEWORK define macro enabled) with user interface.
By default if you install credential provider using command line like installcredprovider.ps1
it will download .net core credential provider, which is without user interface.
If you however use -AddNetfx parameter at the end - it will download .net framework based credential provider, which in a turn can display login and password prompt to azure and avoid that ugly device based authentication.
I guess for nuget there are two strategies which can be used.
nuget automatically authorizes against azure via login / password by allowing user interface prompt. (Using VstsCredentialProvider class)
(E.g. powershell script like this could be used if necessary: chocolatey/choco#1721 (comment))
nuget restore already have -NonInteractive which can be used to suppress UI prompt if necessary.
nuget uses %localappdata%\MicrosoftCredentialProvider\SessionTokenCache.dat file directly and authorizes against azure if personal access token is not expired.
I by myself would prefer to have 1 implemented and using -NonInteractive it would be possible to suppress login dialog.
Device code bearer token provider authorizes nuget restore for 4 hours - which is quite small amount of time for developer.
(Yesterday it was working - what? - again to log in ?)
If it continues to authorize for 4 hours, then I would prefer to remove it or obsolete it.
In link above I've managed to suppress by setting timeout limit environment variable - but this maybe not good from nuget console output perspective.
The text was updated successfully, but these errors were encountered:
Original post at NuGet/Home#10710 by @tapika
Tested with nuget 5.8.0.6930, and 5.9.0.7134.
When running "nuget.exe restore solution.sln" command - nuget does not use Visual Studio credentials, and does not prompt to enter login and password.
First provider which gets executed is MsalDeviceCodeFlowBearerTokenProvider.
Text banner looks like this:
Brief analysis of https://github.com/microsoft/artifacts-credprovider code and couple of debug sessions revealed to me what was the problem.
There exists two different compilations of credprovider - namely .net core's without user interface, and .net framework (NETFRAMEWORK define macro enabled) with user interface.
By default if you install credential provider using command line like installcredprovider.ps1
it will download .net core credential provider, which is without user interface.
If you however use -AddNetfx parameter at the end - it will download .net framework based credential provider, which in a turn can display login and password prompt to azure and avoid that ugly device based authentication.
I guess for nuget there are two strategies which can be used.
nuget automatically authorizes against azure via login / password by allowing user interface prompt. (Using VstsCredentialProvider class)
(E.g. powershell script like this could be used if necessary: chocolatey/choco#1721 (comment))
nuget restore already have -NonInteractive which can be used to suppress UI prompt if necessary.
nuget uses %localappdata%\MicrosoftCredentialProvider\SessionTokenCache.dat file directly and authorizes against azure if personal access token is not expired.
I by myself would prefer to have 1 implemented and using -NonInteractive it would be possible to suppress login dialog.
Device code bearer token provider authorizes nuget restore for 4 hours - which is quite small amount of time for developer.
(Yesterday it was working - what? - again to log in ?)
If it continues to authorize for 4 hours, then I would prefer to remove it or obsolete it.
In link above I've managed to suppress by setting timeout limit environment variable - but this maybe not good from nuget console output perspective.
The text was updated successfully, but these errors were encountered: