[10.0.101] `dnx`/`dotnet tool exec` not Authenticating on Private NuGet feed

[dgrantpete]

Describe the bug

On .NET 10, ad-hoc tool execution (dotnet tool exec and dnx) fails with 401 Unauthorized against a private NuGet feed (GitHub Packages), even though:

• dotnet tool install of the same tool from the same feed succeeds on the same machine/config, and
• credentials are available via both NuGet.config and the NuGetPackageSourceCredentials_{name} environment variable.

Logs show a successful GET (while getting the feed index) followed by an Unauthorized GET (while downloading the tool itself).

I'm assuming that the authentication behavior between dotnet tool install and dnx/dotnet tool exec should be functionally equivalent.

To Reproduce

I can't provide exact URLs and names for my org, but have provided an anonymized version of it that is otherwise identical.

Prerequisites

• Any private NuGet v3 feed (e.g., GitHub Packages) with a published .NET tool, e.g. <package-id> at <version>.
• A valid credential configured for that feed (e.g., GitHub PAT with read:packages).
• Feed name = MyFeed (matches credentials), feed URL = https://nuget.pkg.github.com/<org>/index.json.

Minimal NuGet.config

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <packageSources>
    <add key="MyFeed" value="https://nuget.pkg.github.com/<org>/index.json" />
  </packageSources>
  <packageSourceCredentials>
    <MyFeed>
      <add key="Username" value="<username>" />
      <add key="ClearTextPassword" value="<pat-with-read:packages>" />
    </MyFeed>
  </packageSourceCredentials>
</configuration>

Clear Cached Tool Downloads

dotnet nuget locals all --clear

Attempt using tool via dnx

PS C:\Users\myuser> dnx <package-id> -v=Diagnostic -y --no-http-cache
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/index.json
[NuGet Manager] [Info]   OK https://nuget.pkg.github.com/<org>/index.json 254ms
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/index.json
[NuGet Manager] [Warning] Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured.
[NuGet Manager] [Info]   Unauthorized https://nuget.pkg.github.com/<org>/index.json 395ms
Unhandled exception: Response status code does not indicate success: 401 (Unauthorized).

Notice that the initial GET request is successful, meaning the authentication worked for at least the first request.

Attempt installing tool globally via dotnet tool install

PS C:\Users\myuser> dotnet tool install <package-id> -g -v=Diagnostic --no-http-cache
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/index.json
[NuGet Manager] [Info]   OK https://nuget.pkg.github.com/<org>/index.json 604ms
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/index.json
[NuGet Manager] [Info]   OK https://nuget.pkg.github.com/<org>/index.json 389ms
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/download/<package-id>/index.json
[NuGet Manager] [Info]   OK https://nuget.pkg.github.com/<org>/download/<package-id>/index.json 268ms
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/download/<package-id>/<version>/<package-id>.<version>.nupkg
[NuGet Manager] [Info]   OK https://nuget.pkg.github.com/<org>/download/<package-id>/<version>/<package-id>.<version>.nupkg 863ms
Skipping signature verification for NuGet package "<package-id>.<version>" because it comes from a source that does not require signature validation.
Extracting package <package-id>@<version> to C:\Users\myuser\.dotnet\tools\.store\.stage\lb0reknn.nuw\<package-id>\<version>\<package-id>.<version>.nupkg
Locating package <package-id>@<version> in package store C:\Users\myuser\.dotnet\tools\.store\.stage\lb0reknn.nuw
The package has DotnetTool,0.0 package types
No RID-specific package declared for <package-id> <version>.
You can invoke the tool using the following command: <tool-command>
Tool '<package-id>' (version '<version>') was successfully installed.

The tool is able to be successfully downloaded with the exact same configuration and properly forwards the authentication.

Further technical details

dotnet --info
.NET SDK:
 Version:           10.0.100-rc.2.25502.107
 Commit:            89c8f6a112
 Workload version:  10.0.100-manifests.8798a653
 MSBuild version:   18.0.0-preview-25502-107+89c8f6a11

Runtime Environment:
 OS Name:     Windows
 OS Version:  10.0.26200
 OS Platform: Windows
 RID:         win-x64

If there is any other info I can provide to help make this easier, please let me know!

[baronfel]

Thanks for reporting! Can you try calling the dnx command with the --interactive flag added? I have a suspicion about the interaction between the dnx invocation script and our interactive NuGet authentication detection.

[dgrantpete]

@baronfel Absolutely! Here's the result:

PS C:\Users\myuser> dnx <package-id> -v=Diagnostic --interactive
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/<package-id>/index.json
[NuGet Manager] [Info]   OK https://nuget.pkg.github.com/<org>/<package-id>/index.json 605ms
Tool package <package-id>@<version> will be downloaded from source https://nuget.pkg.github.com/<org>/index.json.
Proceed? [y/n] (y): y
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/<package-id>/index.json
[NuGet Manager] [Warning] Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured.
[NuGet Manager] [Info]   Unauthorized https://nuget.pkg.github.com/<org>/<package-id>/index.json 349ms
Unhandled exception: Response status code does not indicate success: 401 (Unauthorized).

[drieseng]

@baronfel, I have the exact same problem here. I'm authenticating against Azure Artifacts (using a PAT) using the SDK v10.0.100:

.NET SDK:
 Version:           10.0.100
 Commit:            b0f34d51fc
 Workload version:  10.0.100-manifests.355811b7
 MSBuild version:   18.0.2+b0f34d51f

Runtime Environment:
 OS Name:     Windows
 OS Version:  10.0.22631
 OS Platform: Windows
 RID:         win-x64
 Base Path:   C:\Program Files\dotnet\sdk\10.0.100\

[milang]

@baronfel @dsplaisted the exact same problem for us as well, accessing private TeamCity NuGet feed using .NET SDK 10.0.100.

[drieseng]

@dgrantpete Please confirm that you're also seeing this with the latest SDK and update the title accordingly. I hope this gets someone's attention :(

[dgrantpete]

I've gone ahead and reran this set of commands to confirm that this issue is still present, and it looks like it is (I'm running the latest version at this time, 10.0.101). Here is the result of me calling this series of commands again (first trying to install via dnx unsuccessfully, then trying to install via dotnet tool install successfully, and finally including my dotnet installation info):

PS C:\Users\myuser> dnx <package-id> -v=Diagnostic -y --no-http-cache
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/<package-id>/index.json
[NuGet Manager] [Info]   OK https://nuget.pkg.github.com/<org>/<package-id>/index.json 545ms
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/<package-id>/index.json
[NuGet Manager] [Warning] Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured.
[NuGet Manager] [Info]   Unauthorized https://nuget.pkg.github.com/<org>/<package-id>/index.json 281ms
Unhandled exception: Response status code does not indicate success: 401 (Unauthorized).
PS C:\Users\myuser> dotnet tool install <package-id> -g -v=Diagnostic --no-http-cache
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/<package-id>/index.json
[NuGet Manager] [Info]   OK https://nuget.pkg.github.com/<org>/<package-id>/index.json 522ms
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/<package-id>/index.json
[NuGet Manager] [Info]   OK https://nuget.pkg.github.com/<org>/<package-id>/index.json 194ms
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/download/<package-id>/index.json
[NuGet Manager] [Info]   OK https://nuget.pkg.github.com/<org>/download/<package-id>/index.json 174ms
[NuGet Manager] [Info]   GET https://nuget.pkg.github.com/<org>/download/<package-id>/<package-version>/<package-id>.<package-version>.nupkg
[NuGet Manager] [Info]   OK https://nuget.pkg.github.com/<org>/download/<package-id>/<package-version>/<package-id>.<package-version>.nupkg 694ms
Skipping signature verification for NuGet package "<package-id>.<package-version>" because it comes from a source that does not require signature validation.
Extracting package <package-id>@<package-version> to C:\Users\myuser\.dotnet\tools\.store\.stage\vb5pklll.zf0\<package-id>\<package-version>\<package-id>.<package-version>.nupkg
Locating package <package-id>@<package-version> in package store C:\Users\myuser\.dotnet\tools\.store\.stage\vb5pklll.zf0
The package has DotnetTool,0.0,McpServer,0.0 package types
No RID-specific package declared for <package-id> <package-version>.
You can invoke the tool using the following command: <tool-command>
Tool '<package-id>' (version '<package-version>') was successfully installed.
PS C:\Users\myuser> dotnet --info
.NET SDK:
 Version:           10.0.101
 Commit:            fad253f51b
 Workload version:  10.0.100-manifests.76934787
 MSBuild version:   18.0.6+fad253f51

Runtime Environment:
 OS Name:     Windows
 OS Version:  10.0.26200
 OS Platform: Windows
 RID:         win-x64
 Base Path:   C:\Users\myuser\.dotnet\sdk\10.0.101\

I will modify the issue title accordingly to include the latest version.

[frivard-coveo]

I have the same issue, with JFrog private feed.
I am on

> dotnet --version
10.0.103

The package I am trying to obtain is a custom-made MCP server, following the template of dotnet new mcpserver. This ultimately create a package which is nearly empty, but with many RID-specific packages.
Looking at the source code of the dotnet sdk, I noticed this comment:

This does mean that we won't work with feeds that have a primary package but where the RID-specific packages are on other feeds, but this is probably OK.

Could this be related? This is oddly specific to how MCP server are packaged using the default template.

For completeness, here are some (anonymised) logs.
the dotnet tool exec command:

> dotnet tool exec <company-tool-package> --verbosity diag --yes

[NuGet Manager] [Info]   GET https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/index.json
[NuGet Manager] [Info]   OK https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/index.json 426ms
[NuGet Manager] [Info]   GET https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/page/1.0.2/1.0.2.json
[NuGet Manager] [Info]   OK https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/page/1.0.2/1.0.2.json 147ms
[NuGet Manager] [Info]   GET https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/index.json
[NuGet Manager] [Info]   Unauthorized https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/index.json 573ms
Unhandled exception: Response status code does not indicate success: 401.

the dotnet tool install command:

❯ dotnet tool install --global <company-tool-package> --verbosity diag

[NuGet Manager] [Info]   GET https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/index.json
[NuGet Manager] [Info]   OK https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/index.json 369ms
[NuGet Manager] [Info]   GET https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/page/1.0.2/1.0.2.json
[NuGet Manager] [Info]   OK https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/page/1.0.2/1.0.2.json 125ms
[NuGet Manager] [Info]   GET https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/index.json
[NuGet Manager] [Info]   OK https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/index.json 61ms
[NuGet Manager] [Info]   GET https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/page/1.0.2/1.0.2.json
[NuGet Manager] [Info]   OK https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/page/1.0.2/1.0.2.json 58ms
[NuGet Manager] [Info]   GET https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/index.json
[NuGet Manager] [Info]   OK https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/index.json 57ms
[NuGet Manager] [Info]   GET https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/page/1.0.2/1.0.2.json
[NuGet Manager] [Info]   OK https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/<company-tool-package>/page/1.0.2/1.0.2.json 59ms
[NuGet Manager] [Info]   GET https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/Download/<company-tool-package>/1.0.2
[NuGet Manager] [Info]   OK https://<company>.jfrog.io/artifactory/api/nuget/v3/<subunit-feed>/registration-semver2/Download/<company-tool-package>/1.0.2 196ms
Skipping signature verification for NuGet package "<company-tool-package>.1.0.2" because it comes from a source that does not require signature validation.
Extracting package <company-tool-package>@1.0.2 to [user profile]\.dotnet\tools\.store\.stage\aazbctlq.d1d\<company-tool-package>\1.0.2\<company-tool-package>.1.0.2.nupkg
Locating package <company-tool-package>@1.0.2 in package store [userprofile]\.dotnet\tools\.store\.stage\aazbctlq.d1d
The package has DotnetTool,0.0,McpServer,0.0 package types
Resolving RID-specific package for <company-tool-package> 1.0.2
Target RID: win-x64
Available RID-specific packages: win-x64, win-arm64, osx-arm64, linux-x64, linux-arm64, linux-musl-x64
Best matching RID: win-x64

The rest of my setup is pretty much identical to the original issue author.

[robertcoltheart]

Having the same issue, latest version as above. Dotnet tool install works, dnx doesn't.

dnx dotnetsay "hello" returns 403 for my authenticated feed under GitHub actions on self hosted runner on Linux.

I've also tried this with dotnet 11 preview with the same result. Same result locally under Windows.

Using actions\setup-dotnet with source-url and NUGET_AUTH_TOKEN variable.

[robertcoltheart]

The problem is here: https://github.com/dotnet/sdk/blob/main/src/Cli/dotnet/Commands/Tool/Execute/ToolExecuteCommand.cs#L136 After loading the 'best' version of the Nuget package from the feed, the raw feed URL is passed as a source feed override to the downloader, however it strips off the credentials. When the feed is used again to download the package, it doesn't reload / check the NuGet.config and just tries to the use the source feed override, without credentials.

The fix here would be to use the NuGet.config settings and lookup the source feed override in the original settings, using any credentials that might be there. The fix should be to LoadOverrideSources here: https://github.com/dotnet/sdk/blob/main/src/Cli/dotnet/NugetPackageDownloader/NuGetPackageDownloader.cs#L351

I'm happy to contribute a PR.

[Frulfump]

The problem is here: https://github.com/dotnet/sdk/blob/main/src/Cli/dotnet/Commands/Tool/Execute/ToolExecuteCommand.cs#L136 After loading the 'best' version of the Nuget package from the feed, the raw feed URL is passed as a source feed override to the downloader, however it strips off the credentials. When the feed is used again to download the package, it doesn't reload / check the NuGet.config and just tries to the use the source feed override, without credentials.

The fix here would be to use the NuGet.config settings and lookup the source feed override in the original settings, using any credentials that might be there. The fix should be to LoadOverrideSources here: https://github.com/dotnet/sdk/blob/main/src/Cli/dotnet/NugetPackageDownloader/NuGetPackageDownloader.cs#L351

I'm happy to contribute a PR.

Cool, yeah probably a good idea to open a PR and see if that gets any attention since the SDK team hasn't interacted with this issue in ~4 months...