Nuget authorization failing

scascarini's Avatar

scascarini

01 Mar, 2022 04:28 PM

One of my builds has just stopped working (https://ci.appveyor.com/project/scascarini/nakedobjectsframework-kvbtu).

It uses the account feed to access packages created by another build.

I access the feed with

nuget sources add -Name MyAccountFeed -Source https://ci.appveyor.com/nuget/scascarini-8kcn559e4pki -UserName %nuget_user% -Password %nuget_password%

This has been working fine but I now get the following error while restoring packages

"Password decryption is not supported on .NET Core for this platform. The following feed uses an encrypted password: 'MyAccountFeed'. You can use a clear text password as a workaround. Windows Data Protection API (DPAPI) is not supported on this platform."

I tried regenerating the account feed API key, that didn't help. I've also tried setting the "Automatically configure NuGet sources during a build" Account feed flag under the Nuget menu.

That gives a different error

"Response status code does not indicate success: 401 (Unauthorized)."

Any help or suggestions would be welcome.

  1. Support Staff 1 Posted by Feodor Fitsner on 01 Mar, 2022 05:02 PM

    Feodor Fitsner's Avatar

    There is a bug in .NET SDK: https://github.com/dotnet/sdk/issues/23498

    Until it's fixed, as a workaround, add the following command into init section of your appveyor.yml:

    init:
    - del "C:\Program Files\dotnet\sdk\6.0.200\System.Security.Cryptography.ProtectedData.dll"
    
  2. 2 Posted by scascarini on 01 Mar, 2022 05:56 PM

    scascarini's Avatar

    Thanks for the help. My build uses the UI rather than yml so I added

    Remove-Item -Path "C:\Program Files\dotnet\sdk\6.0.200\System.Security.Cryptography.ProtectedData.dll"

    to the init script unfortunately that just changed the error from the first decryption one to the second unauthorized one.

    However in the link you kindly provided another workaround was to use the -StorePasswordInClearText option when adding the source. This works - as far as I can see that doesn't make the password generally visible? Is it an acceptable temporary workaround ?

  3. Support Staff 3 Posted by Feodor Fitsner on 01 Mar, 2022 06:23 PM

    Feodor Fitsner's Avatar

    That works too. Just make sure nuget_password environment variable defined on UI is marked as "secure" ("lock" icon next to it is clicked). Secure variables are masked in build console output if accidentially leaked.

  4. scascarini closed this discussion on 02 Mar, 2022 08:34 AM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac