poetry can't upload but twine works

[jedie]

• I am on the latest Poetry version.
• I have searched the issues of this repo and believe that this is not a duplicate.
• If an exception occurs when executing a command, I executed it again in debug mode (-vvv option).

• Ubuntu 18.04:
• Poetry version 1.0.3:
• Link of a Gist with the contents of your pyproject.toml file: https://github.com/jedie/poetry-publish/blob/master/pyproject.toml

Issue

Poetry gets 403: Invalid or non-existent authentication information
but twine can upload correctly:

Upload to PyPi via poetry:
	Call: 'poetry publish -vvv'


Publishing poetry-publish (0.3.0.rc3) to PyPI
Found an API token for pypi.
 - Uploading poetry-publish-0.3.0rc3.tar.gz 100%

[UploadError]
HTTP Error 403: Invalid or non-existent authentication information.

Traceback (most recent call last):
  File "/home/jens/.poetry/lib/poetry/_vendor/py3.6/clikit/console_application.py", line 131, in run
    status_code = command.handle(parsed_args, io)
  File "/home/jens/.poetry/lib/poetry/_vendor/py3.6/clikit/api/command/command.py", line 120, in handle
    status_code = self._do_handle(args, io)
  File "/home/jens/.poetry/lib/poetry/_vendor/py3.6/clikit/api/command/command.py", line 171, in _do_handle
    return getattr(handler, handler_method)(args, io, self)
  File "/home/jens/.poetry/lib/poetry/_vendor/py3.6/cleo/commands/command.py", line 92, in wrap_handle
    return self.handle()
  File "/home/jens/.poetry/lib/poetry/console/commands/publish.py", line 81, in handle
    client_cert,
  File "/home/jens/.poetry/lib/poetry/masonry/publishing/publisher.py", line 96, in publish
    client_cert=resolved_client_cert,
  File "/home/jens/.poetry/lib/poetry/masonry/publishing/uploader.py", line 110, in upload
    self._upload(session, url)
  File "/home/jens/.poetry/lib/poetry/masonry/publishing/uploader.py", line 205, in _upload
    raise UploadError(e)


Poetry publish error -> fallback and use twine
	Call: 'poetry run twine upload dist/*.*'

Uploading distributions to https://upload.pypi.org/legacy/
Uploading poetry_publish-0.3.0rc3-py3-none-any.whl
100%|████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 34.8k/34.8k [00:02<00:00, 16.2kB/s]
Uploading poetry-publish-0.3.0rc3.tar.gz
100%|████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 35.2k/35.2k [00:01<00:00, 27.9kB/s]

View at:
https://pypi.org/project/poetry-publish/0.3.0rc3/

Another error output with PyPi "File already exists": twine get the 400 and reports the right error: poetry gets 403

	Call: 'poetry publish -vvv'


Publishing poetry-publish (0.3.0.rc2) to PyPI
Found an API token for pypi.
 - Uploading poetry-publish-0.3.0rc2.tar.gz 100%

[UploadError]
HTTP Error 403: Invalid or non-existent authentication information.

Traceback (most recent call last):
  File "/home/jens/.poetry/lib/poetry/_vendor/py3.6/clikit/console_application.py", line 131, in run
    status_code = command.handle(parsed_args, io)
  File "/home/jens/.poetry/lib/poetry/_vendor/py3.6/clikit/api/command/command.py", line 120, in handle
    status_code = self._do_handle(args, io)
  File "/home/jens/.poetry/lib/poetry/_vendor/py3.6/clikit/api/command/command.py", line 171, in _do_handle
    return getattr(handler, handler_method)(args, io, self)
  File "/home/jens/.poetry/lib/poetry/_vendor/py3.6/cleo/commands/command.py", line 92, in wrap_handle
    return self.handle()
  File "/home/jens/.poetry/lib/poetry/console/commands/publish.py", line 81, in handle
    client_cert,
  File "/home/jens/.poetry/lib/poetry/masonry/publishing/publisher.py", line 96, in publish
    client_cert=resolved_client_cert,
  File "/home/jens/.poetry/lib/poetry/masonry/publishing/uploader.py", line 110, in upload
    self._upload(session, url)
  File "/home/jens/.poetry/lib/poetry/masonry/publishing/uploader.py", line 205, in _upload
    raise UploadError(e)


Poetry publish error -> fallback and use twine
	Call: 'poetry run twine upload dist/*.*'

Uploading distributions to https://upload.pypi.org/legacy/
Uploading poetry_publish-0.3.0rc2-py3-none-any.whl
100%|████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 34.8k/34.8k [00:01<00:00, 26.4kB/s]
NOTE: Try --verbose to see response content.
HTTPError: 400 Client Error: File already exists. See https://pypi.org/help/#file-name-reuse for url: https://upload.pypi.org/legacy/

[daleal]

I seem to have the exact same error (at least the 403 error). The problem seems to occur when using stored API tokens or when using the -u and -p flags. I am using Manjaro 19.0.2, Poetry 1.0.5 and this pyptoject.toml.

[timothyjlaurent]

BUMP -- I'm seeing this too. I was getting a 405 error - looks like I need twine as a dev dependency

[DeemanOne]

I just ran into the same issue. My password had a leading ^ in it and after changing my password i could finally publish. Maybe that helps someone :)

[JessicaTegner]

Adding to this, my password had a ! in it.
It seams that it's all passwords with bash like characters in them.
This is not idial, but a workaround until this gets fixed is "poetry publish -u USERNAME -p SPECIAL_PASSWORD"

[zeelot]

any idea what's going on here? This tripped me up for a few days before I noticed everything works fine with twine.

[AD0791]

Just Have the same Issue here!. IT seems that poetry doesn't have a way to build a new release into pypi. poetry publish is basically building the project again. but the name of the project already exist in pypi. the restriction are tight

[JackNelson]

bump. same issue.

Although found an interesting work around...

when configuring an internal pypi source in the .toml as so...

[[tool.poetry.source]]
name = 'mypi'
url = 'mypi_url'

poetry publish -r mypi

returns a 403 Forbidden UploadError

UploadError

  HTTP Error 403: Forbidden

  at ~/.poetry/lib/poetry/publishing/uploader.py:216 in _upload
      212│                     self._register(session, url)
      213│                 except HTTPError as e:
      214│                     raise UploadError(e)
      215│ 
    → 216│             raise UploadError(e)
      217│ 
      218│     def _do_upload(
      219│         self, session, url, dry_run=False

however, if I remove that from the .toml and configure the a repository in the command line

poetry config repositories.mypi mypy_url

poetry publish -r mypi

Successfully publishes. Strange, I will also add my password also contains a special character similar to others that encountered the error. Obviously the preference is to have it configured in the .toml so others can publish without needing to config the repository themselves.

[jacopok]

Same issue here - weirdly, it did not happen with poetry 1.1, and only started with 1.2.
poetry publish used to prompt me for username and password, now instead it directly gives:

HTTP Error 403: Invalid or non-existent authentication information. See https://pypi.org/help/#invalid-auth for more information. | b'<html>\n <head>\n  <title>403 Invalid or non-existent authentication information. See https://pypi.org/help/#invalid-auth for more information.\n \n <body>\n  <h1>403 Invalid or non-existent authentication information. See https://pypi.org/help/#invalid-auth for more information.\n  Access was denied to this resource.<br/><br/>\nInvalid or non-existent authentication information. See https://pypi.org/help/#invalid-auth for more information.\n\n\n \n'

I tried with -u <username> -p <password> like @JessicaTegner suggested, but that did not help.
My password did indeed have weird characters in it, and changing it solved the problem.

[neersighted]

You're getting a 403 as you are trying to publish with empty credentials.

The username/password request code was removed from Cleo and thus dropped by Poetry 1.2 (though I think it's buried in a beta in the changelog). I would suggest instead generating a token and storing it (https://python-poetry.org/docs/repositories/#configuring-credentials) -- typing a username and password every time is fairly fraught and likely to lead to insecure credential handling.

[jacopok]

Thanks! That does seem like a better system.

[neersighted]

Closing as there is no reproduction here and there's a wide variety of issues happening. If you have special characters in your password, you will have to escape them appropriately (this is related to your shell and not Poetry).

The best way to avoid this is to follow the docs and use a token as there will be no special characters. Otherwise, set an environmental variable or edit the Poetry auth.toml directly (or just properly escape the -p flag/poetry config value).

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.