401 with custom Nuget Source

Version: 5.22.02

This is a weird issue and I have not pinned down how to reliably reproduce it every time. Essentially, when I open the NuGet Manager and then click 'Settings' I often (nearly always but occasionally not) get an error dialog when I click 'OK' if I have a custom NuGet source (the source requires authentication). This is the error message I receive:
{
"errors" : [ {
"status" : 401,
"message" : "Authentication is required"
} ]
}
The thing is, if I close LinqPad and reopen it and then open NuGet Manager everything works fine and the packages from the custom source show up in the search window. But if I click 'Settings' the whole problem starts again when I close the settings window.

Here is a summary of the sequence HTTP requests (host address has been removed) that I captured with Fiddler when I first open the NuGet Manager (when everything works):
GET {host}/artifactory/api/nuget/nuget
401 Unauthorized (application/json)

GET {host}/artifactory/api/nuget/nuget
401 Unauthorized (application/json)

GET {host}/artifactory/api/nuget/nuget
200 OK (application/xml)

GET {host}/artifactory/api/nuget/nuget/$metadata
401 Unauthorized (application/json)

GET {host}/artifactory/api/nuget/nuget/$metadata
200 OK (application/xml)

GET {host}/artifactory/api/nuget/nuget/Search()?$filter=IsLatestVersion&$top=20&searchTerm=''&targetFramework=''&includePrerelease=false
401 Unauthorized (application/json)

GET {host}/artifactory/api/nuget/nuget/Search()?$filter=IsLatestVersion&$top=20&searchTerm=''&targetFramework=''&includePrerelease=false
200 OK (application/atom+xml)

GET {host}/artifactory/api/nuget/nuget/Packages()?$filter={removedForBrevity}&$select=Id,Version
401 Unauthorized (application/json)

GET {host}/artifactory/api/nuget/nuget/Packages()?$filter={removedForBrevity}&$select=Id,Version
200 OK (application/atom+xml)
You can see that LinqPad initially tries the request without sending an authorization header. After receiving a 401 response LinqPad then retries the request with the authorization header and everything works fine. As an aside why does LinqPad send the request without an authorization header in the first place? If I configured my custom source in LinqPad with credentials it seems like it should assume authentication is required and include the authorization header with the request.

Continuing, this is what I capture if I open and close the 'Settings' window:
GET {host}/artifactory/api/nuget/nuget/Packages()?$filter={removedForBrevity}&$select=Id,Version
401 Unauthorized (application/json)

GET {host}/artifactory/api/nuget/nuget/Search()?$filter=IsLatestVersion&$top=20&searchTerm=''&targetFramework=''&includePrerelease=false
401 Unauthorized (application/json)

GET {host}/artifactory/api/nuget/nuget/Packages()?$filter={removedForBrevity}&$select=Id,Version
200 OK (application/atom+xml)

You can see here that when a 401 is returned from {host}/artifactory/api/nuget/nuget/Search() LinqPad never retries the request with the authorization header as it does above. Instead, it pops up an error dialog and the dialog text is the response body of the 401 response (the same message at the top of this post). If I break on the HTTP response for the search request in Fiddler and change the 401 to 200 on the wire then LinqPad does not show the error dialog. Of course I don't have any search results either when I do this.

Let me know if i can provide any more information.


Comments

  • I have this same issue.

    Workaround of "Close LinqPad and reopen it and then open NuGet Manager" does seem to work.
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!