search

OneGet / oneget

PackageManagement (aka OneGet) is a package manager for Windows
MIT License
2.38k stars 189 forks source link

PackageManagement 1.4.1 demands multi-factor auth when providing a PAT #460

Open Launcelot555 opened 5 years ago

Launcelot555 commented 5 years ago

Environment Overview

Hosted VS2017 Azure DevOps Agent

Issue Overview

When providing a PAT and PSCredential object to Register-PSRepository in Azure DevOps using PackageManagement 1.4.1, two-factor authentication is required. This is to register an Azure DevOps Artifact Repository.

Expected Behavior

In previous versions of PackageManagement, providing a PAT did not require multi-factor authentication.

Actual Behavior

image

markekraus commented 5 years ago

Looks like this regression was introduced OneGet/NuGetProvider#56 wherein provided credentials appear to be disregarded.

alerickson commented 5 years ago

Could you share what your -verbose -debug output is?

markekraus commented 5 years ago

What you see is the verbose output.

You can repro this by doing the following:

  1. Create a new Azure DevOps Artifact Feed
  2. Generate a PAT with read access to Packaging
  3. Run the following
$PAT = Read-Host -Prompt PAT -AsSecureString
$AzDoOrg = Read-Host -Prompt 'Azure DevOps Organization'
$FeedName = Read-Host -Prompt 'Azure DevOps Artifact Feed Name'

$Credentials = [pscredential]::new('azdo',$PAT)
$FeedUri = 'https://pkgs.dev.azure.com/{0}/_packaging/{1}/nuget/v2/' -f $AzDoOrg, $FeedName

Register-PSRepository -Name $FeedName -SourceLocation $FeedUri -Credential $Credentials  -InstallationPolicy Trusted -PackageManagementProvider Nuget -PublishLocation $FeedUri -Verbose -Debug

Works fine in PackageManagement 1.4, but in 1.4.1 it prompts like this:

[Minimal] [CredentialProvider]DeviceFlow: https://pkgs.dev.azure.com/*********/_packaging/*****/nuget/v2/
[Minimal] [CredentialProvider]To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code *********** to authenticate.
SydneyhSmith commented 5 years ago

Thanks for all the feedback, and patience--we've released updates to both PackageManagement and PowerShellGet yesterday to fix this and I wanted to see if that had resolved the issues you are facing?

CC: @alerickson

markekraus commented 5 years ago

@SydneyhSmith and @alerickson I have confirmed that the problem persists with PM 1.4.2 and PSGet 2.1.5. The same repro code above still produces the same result.

alerickson commented 5 years ago

Thanks for letting us know! I’ll look into this today. This integration’s been a bit hairy so thanks for bearing with us

alerickson commented 5 years ago

@Launcelot555 @markekraus I just published PowerShellGet and PackageManagement to our int gallery (www.poshtestgallery.com/api/v2). Please feel free to test these out and see if behavior is working appropriately. The credential provider should only be prompted if the -credential parameter is not passed in

SydneyhSmith commented 5 years ago

To get these modules from the int gallery run: Register-PSRepository -Name PoshTestGallery -SourceLocation https://www.poshtestgallery.com/api/v2 Install-Module PowerShellGet, PackageManagement -Repository PoshTestGallery -Force

markekraus commented 5 years ago

@alerickson @SydneyhSmith the problem appears to be resolved in PM 1.4.3 and PSGet 2.2