Description
NuGet Product(s) Involved
NuGet.exe, Visual Studio Package Management UI, MSBuild.exe, dotnet.exe
The Elevator Pitch
Today, the NuGet tooling relies on a 401 challenge to understand whether a source needs auth.
This adds a roundtrip for a few of the urls hit the client.
It would be nice, if NuGet would just try to acquire credentials for certain feeds as marked by the user.
This would mean no wasted requests and allow for the source to cleanly know the difference between an authenticated and unauthenticated user from the onset and maybe build some experiences of off that.
Additional Context and Details
The behavior today, only as needed works great when a feed is either fully public, no 401 challenges, or fully private, 401 challenge on every url, but it's not really smooth for sources that may for example be only partially public.
When I'm calling the source public/private, I'm only referring to the restore side. Push tends to require authn even on feeds that are public for restore.