Do not warn http sources in package reference restore when allowInsec…

…ureConnections is set to true (#5390)

src/NuGet.Core/NuGet.Commands/RestoreCommand/RestoreCommand.cs

@@ -239,11 +239,12 @@ public async Task<RestoreResult> ExecuteAsync(CancellationToken token)
                     _success = false;
                 }
 
-                if (_request.Project?.RestoreMetadata != null)
+                if (_request.DependencyProviders.RemoteProviders != null)
                 {
-                    foreach (var source in _request.Project.RestoreMetadata.Sources)
+                    foreach (var remoteProvider in _request.DependencyProviders.RemoteProviders)
                     {
-                        if (source.IsHttp && !source.IsHttps)
+                        var source = remoteProvider.Source;
+                        if (source.IsHttp && !source.IsHttps && !source.AllowInsecureConnections)
                         {
                             await _logger.LogAsync(RestoreLogMessage.CreateWarning(NuGetLogCode.NU1803,
                                 string.Format(CultureInfo.CurrentCulture, Strings.Warning_HttpServerUsage, "restore", source.Source)));

test/NuGet.Core.FuncTests/NuGet.Commands.FuncTest/RestoreCommandTests.cs

@@ -4065,15 +4065,19 @@ await SimpleTestPackageUtility.CreateFolderFeedV3Async(
             }
         }
 
-        [Fact]
-        public async Task Restore_WithHttpSource_Warns()
+        [Theory]
+        [InlineData("true", false)]
+        [InlineData("false", true)]
+        public async Task Restore_WithHttpSource_Warns(string allowInsecureConnections, bool isHttpWarningExpected)
         {
             // Arrange
             using var pathContext = new SimpleTestPathContext();
             var packageA = new SimpleTestPackageContext("a", "1.0.0");
             await SimpleTestPackageUtility.CreateFolderFeedV3Async(pathContext.PackageSource, packageA);
-            pathContext.Settings.AddSource("http-feed", "http://api.source/index.json");
-            pathContext.Settings.AddSource("https-feed", "https://api.source/index.json");
+            string httpSourceUrl = "http://api.source/index.json";
+            string httpsSourceUrl = "https://api.source/index.json";
+            pathContext.Settings.AddSource("http-feed", httpSourceUrl, allowInsecureConnections);
+            pathContext.Settings.AddSource("https-feed", httpsSourceUrl, allowInsecureConnections);
 
             var logger = new TestLogger();
             ISettings settings = Settings.LoadDefaultSettings(pathContext.SolutionRoot);
@@ -4087,10 +4091,20 @@ public async Task Restore_WithHttpSource_Warns()
             // Assert
             result.Success.Should().BeTrue(because: logger.ShowMessages());
             result.LockFile.Libraries.Should().HaveCount(0);
-            result.LockFile.LogMessages.Should().HaveCount(1);
-            IAssetsLogMessage logMessage = result.LockFile.LogMessages[0];
-            logMessage.Code.Should().Be(NuGetLogCode.NU1803);
-            logMessage.Message.Should().Be("You are running the 'restore' operation with an 'HTTP' source, 'http://api.source/index.json'. Non-HTTPS access will be removed in a future version. Consider migrating to an 'HTTPS' source.");
+
+            string expectedWarning = $"You are running the 'restore' operation with an 'HTTP' source, '{httpSourceUrl}'. Non-HTTPS access will be removed in a future version. Consider migrating to an 'HTTPS' source.";
+
+            if (isHttpWarningExpected)
+            {
+                result.LockFile.LogMessages.Should().HaveCount(1);
+                IAssetsLogMessage logMessage = result.LockFile.LogMessages[0];
+                logMessage.Code.Should().Be(NuGetLogCode.NU1803);
+                Assert.Equal(expectedWarning, logMessage.Message);
+            }
+            else
+            {
+                result.LockFile.LogMessages.Should().HaveCount(0);
+            }
         }
 
         [Fact]

test/TestUtilities/Test.Utility/Commands/TestRestoreRequest.cs

@@ -37,7 +37,7 @@ public TestRestoreRequest(
             ILogger log)
             : this(
                   project,
-                  sources.Select(source => Repository.Factory.GetCoreV3(source.Source)),
+                  sources.Select(source => Repository.Factory.GetCoreV3(source)),
                   packagesDirectory,
                   new List<string>(),
                   new TestSourceCacheContext(),
@@ -73,7 +73,7 @@ public TestRestoreRequest(
                 RestoreCommandProviders.Create(
                     packagesDirectory,
                     fallbackPackageFolderPaths: new List<string>(),
-                    sources: sources.Select(source => Repository.Factory.GetCoreV3(source.Source)),
+                    sources: sources.Select(source => Repository.Factory.GetCoreV3(source)),
                     cacheContext: cacheContext,
                     packageFileCache: new LocalPackageFileCache(),
                     log: log),
@@ -110,7 +110,7 @@ public TestRestoreRequest(
             ILogger log)
             : this(
                   project,
-                  sources.Select(source => Repository.Factory.GetCoreV3(source.Source)),
+                  sources.Select(source => Repository.Factory.GetCoreV3(source)),
                   packagesDirectory,
                   fallbackPackageFolders,
                   cacheContext,
@@ -165,7 +165,7 @@ public TestRestoreRequest(
                 RestoreCommandProviders.Create(
                     packagesDirectory,
                     Enumerable.Empty<string>(),
-                    sources: sources.Select(source => Repository.Factory.GetCoreV3(source.Source)),
+                    sources: sources.Select(source => Repository.Factory.GetCoreV3(source)),
                     cacheContext: cacheContext,
                     packageFileCache: new LocalPackageFileCache(),
                     log: log),