Skip to content

Improve push failure error message for API key package ID scope mismatch #10775

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Copilot wants to merge 2 commits into
base: dev
Choose a base branch
from
+9 −2
Open

Improve push failure error message for API key package ID scope mismatch #10775

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
36ae755
Improve push failure error message for package ID scope mismatch
Copilot Apr 13, 2026
61aa497
Update PackageIdScopeMismatch error message to be more general
chabiss Apr 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion src/NuGetGallery/Controllers/ApiController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1227,7 +1227,11 @@ private HttpStatusCodeWithBodyResult GetHttpResultFromFailedApiScopeEvaluationHe
}

string message;
if (result.PermissionsCheckResult == PermissionsCheckResult.Allowed && !result.IsOwnerConfirmed)
if (!result.ScopesAreValid)
{
message = Strings.ApiKeyNotAuthorized_PackageIdScopeMismatch;
}
else if (result.PermissionsCheckResult == PermissionsCheckResult.Allowed && !result.IsOwnerConfirmed)
{
message = Strings.ApiKeyOwnerUnconfirmed;
}
Expand Down
3 changes: 3 additions & 0 deletions src/NuGetGallery/Strings.resx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,9 @@
<data name="ApiKeyNotAuthorized" xml:space="preserve">
<value>The specified API key is invalid, has expired, or does not have permission to access the specified package.</value>
</data>
<data name="ApiKeyNotAuthorized_PackageIdScopeMismatch" xml:space="preserve">
<value>The specified API key does not have permission to perform this action on this package. The API key may have a package ID scope that does not include this package ID, or it may not allow the requested action.</value>
</data>
<data name="PackageExistsAndCannotBeModified" xml:space="preserve">
<value>A package with ID '{0}' and version '{1}' already exists and cannot be modified.</value>
</data>
Expand Down
2 changes: 1 addition & 1 deletion tests/NuGetGallery.Facts/Controllers/ApiControllerFacts.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,7 +205,7 @@ public static IEnumerable<object[]> InvalidScopes_Data
{
get
{
yield return MemberDataHelper.AsData(new ApiScopeEvaluationResult(null, PermissionsCheckResult.Unknown, scopesAreValid: false), HttpStatusCode.Forbidden, Strings.ApiKeyNotAuthorized);
yield return MemberDataHelper.AsData(new ApiScopeEvaluationResult(null, PermissionsCheckResult.Unknown, scopesAreValid: false), HttpStatusCode.Forbidden, Strings.ApiKeyNotAuthorized_PackageIdScopeMismatch);

foreach (var result in Enum.GetValues(typeof(PermissionsCheckResult)).Cast<PermissionsCheckResult>())
{
Expand Down