Pass Nuget warning/error messages to the client

🔥 Problem

When the Nuget package registry hits an error, such as an authentication, duplicates or protected error, it creates an error message and a related status code (like 403 Forbidden).

The problem is that currently, clients (mainly $ nuget) will not read the error message from the response body and simply displays the error status.

Example:

$ dotnet nuget push newtonsoft.json.13.0.3.nupkg --source "http://gdk.test:8000/api/v4/projects/7/packages/nuget/index.json" --api-key "<PAT>"
warn : You are running the 'push' operation with an 'HTTP' source, 'http://gdk.test:8000/api/v4/projects/7/packages/nuget/index.json'. Non-HTTPS access will be removed in a future version. Consider migrating to an 'HTTPS' source.
Pushing newtonsoft.json.13.0.3.nupkg to 'http://gdk.test:8000/api/v4/projects/7/packages/nuget'...
warn : You are running the 'push' operation with an 'HTTP' source, 'http://gdk.test:8000/api/v4/projects/7/packages/nuget/'. Non-HTTPS access will be removed in a future version. Consider migrating to an 'HTTPS' source.
  PUT http://gdk.test:8000/api/v4/projects/7/packages/nuget/
  Forbidden http://gdk.test:8000/api/v4/projects/7/packages/nuget/ 198ms
error: Response status code does not indicate success: 403 (Forbidden).

The above doesn't provide any clarity on what happened. In this case, the uploaded package is protected and the current user is lacking the correct access level.

🚒 Solution

We can improve things by forcing $ nuget client display a warn: <info> message. This would improve the overall UX when debugging errors with the NuGet package registry.

To do so, we need to set a specific http header(X-NuGet-Warning) in the response. The value of that haeder should be the body of the message.