OctopusClient and SPNEGO

[gfody]

OctopusClient.SignIn throws if no password or api token is provided. As a workaround I can do this:

var client = new OctopusClient(new OctopusServerEndpoint(my_server_that_uses_negotiate_auth_scheme));
var state = JsonConvert.SerializeObject(new { RedirectAfterLoginTo = "/app#", UsingSecureConnection = true });
//client.SignIn(new LoginCommand()); <-- error: missing username & password
client.GetContent($"integrated-challenge?state={Uri.EscapeDataString(state)}");

Readonly stuff then works but any writes throw:
OctopusSecurityException: A required anti-forgery token was not supplied or was invalid.

As a workaround, I hacked the SignIn method (see below) but is there a supported way to do this already?

index aa33e29b..3e94820c 100644
--- a/source/Octopus.Server.Client/OctopusClient.cs
+++ b/source/Octopus.Server.Client/OctopusClient.cs
@@ -108,7 +108,11 @@ public void SignIn(LoginCommand loginCommand)
             {
                 loginCommand.State = new LoginState { UsingSecureConnection = IsUsingSecureConnection };
             }
-            Post(Repository.LoadRootDocument().Links["SignIn"], loginCommand);
+
+            if (loginCommand.Password == null)
+                GetContent($"integrated-challenge?state={Uri.EscapeDataString(JsonConvert.SerializeObject(new { RedirectAfterLoginTo = "/app#", UsingSecureConnection = true }))}");
+            else
+                Post(Repository.LoadRootDocument().Links["SignIn"], loginCommand);

             antiforgeryCookieName = cookieContainer.GetCookies(cookieOriginUri)
                 .Cast<Cookie>()