Authentication for Private PyPi server fails

[tropxy]

• I am on the latest Poetry version.
• I have searched the issues of this repo and believe that this is not a duplicate.
• If an exception occurs when executing a command, I executed it again in debug mode (-vvv option).

• OS version and name: Linux 5.13.0-22-generic -Ubuntu SMP x86_64 GNU/Linux
• Poetry version: 1.1.12
• Link of a Gist with the contents of your pyproject.toml file: Gist Link Here

Issue

Hey everyone, I have an issue that I believe was described on this ticket, but the ticket was closed without a clear solution for the problem: #3216

Basically, under Linux, my dependencies are not installed, as Poetry cant authenticate to my private pypi server. The issue seems related to the keyring lib in Linux. It seems Poetry cant find the credentials, even so that the credentials were configured as specified by the docs:

poetry config http-basic.pypi-switch ${USER} ${PASS}

The error issued was the following:

sing virtualenv: /home/andre/.virtualenvs/switch_slac
Updating dependencies
Resolving dependencies...
[stack_trace_poetry.txt](https://github.com/python-poetry/poetry/files/7727076/stack_trace_poetry.txt)

  RepositoryError

  403 Client Error: Forbidden for url: https://Redacted.com/simple/flake8/

  at ~/.local/lib/python3.9/site-packages/poetry/repositories/legacy_repository.py:393 in _get
      389│             if response.status_code == 404:
      390│                 return
      391│             response.raise_for_status()
      392│         except requests.HTTPError as e:
    → 393│             raise RepositoryError(e)
      394│ 
      395│         if response.status_code in (401, 403):
      396│             self._log(
      397│                 "Authorization error accessing {url}".format(url=response.url),

I have also annexed the stack trace.

The solutions I found were the following:

1. Remove the keyring settings or disable them as specified here: https://blog.frank-mich.com/python-poetry-1-0-0-private-repo-issue-fix/

2. Pass directly the credentials to the pypi server link in the .toml like:

[[tool.poetry.source]]
name = "pypi-switch"
url = "https://username@password:Redacted.com/simple/"
default = false
secondary = true

Also it is worth to mention that I didnt experience this error under MacOS or a Docker python:3.10.0-buster (Debian) container environment.

[cquick01]

2. Pass directly the credentials to the pypi server link in the .toml like:

[[tool.poetry.source]]
name = "pypi-private"
url = "https://username@password:pypi-private.com/simple/"
default = false
secondary = true

I've been unable to get the private repositories working when trying to specify the credentials in the URL with the latest versions(s) of poetry (1.1.12 and 1.2.0a2)...

My pyproject.toml file contains

[[tool.poetry.source]]
name = "package_name"
url = "https://__token__:<TOKEN>@gitlab.domain.tld/api/v4/projects/xxx2/packages/pypi/simple"
default = false
secondary = true

But when trying to install the package, it fails with the following error (output cleaned up a bit)

Command [
    '/home/user/.cache/pypoetry/virtualenvs/package-EaOqPuHb-py3.9/bin/python',
    '/home/user/.pyenv/versions/3.9.9/lib/python3.9/site-packages/virtualenv/seed/wheels/embed/pip-21.0.1-py3-none-any.whl/pip',
    'install',
    '--no-deps',
    '--index-url', 'https://__token__:<DEPLOY_TOKEN>@__token__:<DEPLOY_TOKEN>@gitlab.domain.com/api/v4/projects/xxx2/packages/pypi/simple',
    '--extra-index-url', 'https://pypi.org/simple/',
    'project_name==0.2.1+6d01a3d'
] errored with the following return code 1, and output:

  Looking in indexes: https://__token__:****@gitlab.domain.com/api/v4/projects/xxx2/packages/pypi/simple, https://pypi.org/simple/

  User for gitlab.domain.com: WARNING: 401 Error, Credentials not correct for https://gitlab.domain.com/api/v4/projects/xxx2/packages/pypi/simple/project_name/

  ERROR: Could not find a version that satisfies the requirement project_name==0.2.1+6d01a3d

  ERROR: No matching distribution found for project_name==0.2.1+6d01a3d

Some things I noticed

1. Poetry does initially find the package, as it is able to find the correct version number and dependencies to install.
2. In the Command[] block, it has--index-url with the credentials shown twice at the beginning of the URL
3. It looks in the index with the credentials, but then fails saying the credentials are incorrect for a URL without the credentials.
4. Running curl with the credentials works fine.

This issue, and #4900 and #3802, are completely blocking me from using Poetry to manage dependencies from private repositories.

@python-poetry/triage

[pechersky]

In general, this code path seems wonky:
https://github.com/python-poetry/poetry/blob/1.1.12/poetry/repositories/legacy_repository.py#L387-L396
The check for error code 401 or 403 to be logged won't ever be reached because of the HTTPError that gets raised right before it.

[usmcamp0811]

I'm running into this problem with my companies Nexus repository. I currently have to hard code the username/password in the url inside the pyproject.toml. I am trying this inside a docker container.

NAME="Ubuntu"
VERSION="20.04.4 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.4 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal

and Poetry version 1.1.13

only difference is I get a 401.

I've tried several older versions of Poetry with no luck.

[AdamJel]

SOLVED

I forgot to add /simple to the end of the url. It is correctly mentioned in the official docs, but it is part of https://foo.bar/simple string. And since it starts with "foo", I didn't finish reading the line.

So, the remedy to my problem was finish gitlab's repository url with /simple in the pyproject.toml:

# So this:
[[tool.poetry.source]]
name = "gitlab"
url = "https://gitlab.com/api/v4/projects/<project-id>/packages/pypi"

# must be instead this:
[[tool.poetry.source]]
name = "gitlab"
url = "https://gitlab.com/api/v4/projects/<project-id>/packages/pypi/simple"

---

Hello folks,
I experience similar issue. I configured my gitlab repo with:

poetry config repositories.gitlab https://gitlab.com/api/v4/projects/<my-project-id>/packages/pypi

poetry config http-basic.gitlab <username> <password>

After that, I am able to successfully publish packages to there with:

poetry publish -r gitlab

But I cannot figure out, how to install a package from this private repository. I added this section to project's pyproject.toml:

[[tool.poetry.source]]
name = "gitlab"
url = "https://gitlab.com/api/v4/projects/<my-project-id>/packages/pypi"

I also tried adding secondary = true and default = true, but it just does not work. I always get error:

  ValueError

  Could not find a matching version of package <package>

  at ~/.local/share/pypoetry/venv/lib64/python3.10/site-packages/poetry/console/commands/init.py:367 in _find_best_version_for_package
      363│         )
      364│ 
      365│         if not package:
      366│             # TODO: find similar
    → 367│             raise ValueError(
      368│                 "Could not find a matching version of package {}".format(name)
      369│             )
      370│ 
      371│         return package.pretty_name, selector.find_recommended_require_version(package)

I tried everything in pure install as well (vanilla Fedora installation in virtual machine) - no fancy tools like pyenv, just pure python install and pure poetry install and still the same error.
I also tried providing both - personal access token and deploy token for gitlab. As I already mentioned - I am able to publish packages, so nothing should be wrong with auth.

Also, worth mentioning, I tried these variants for auth setting with poetry http-basic.gitlab <username> <password>:

• & for personal access token
• & for deploy token
• "__token__" & for personal access token
• "__token__" & for deploy token
• "token" & for personal access token }
• "token" & for deploy token } suggested to me by some internet user

All this variants do work for publishing, but none of them works for install it from that repo.

For testing installing from private repo, I don't have any other dependency in the project. I created new dummy project with poetry new <project>, I edited the pyproject.toml and tried to add my private dependency (a minute ago successfully published) and it fails.

Am I doing something wrong? Any advises, please? Thanks

[neersighted]

Closing for now as there's no good reproduction and everything works as expected with private sources on 1.2.1. If you have an issue like this, please reproduce it in a clean environment and provide detailed instructions in your new issue report.

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.