feat(maven): Add Maven registry protocol support (storage, auth, routing, interfaces, and exports)

2025-11-21 08:58:29 +00:00
parent 29dea2e0e8
commit 0b31219b7d
16 changed files with 2533 additions and 22 deletions
--- a/ts/core/classes.authmanager.ts
+++ b/ts/core/classes.authmanager.ts
@@ -18,6 +18,39 @@ export class AuthManager {
    // In production, this could be Redis or a database
  }

+  // ========================================================================
+  // UUID TOKEN CREATION (Base method for NPM, Maven, etc.)
+  // ========================================================================
+
+  /**
+   * Create a UUID-based token with custom scopes (base method)
+   * @param userId - User ID
+   * @param protocol - Protocol type
+   * @param scopes - Permission scopes
+   * @param readonly - Whether the token is readonly
+   * @returns UUID token string
+   */
+  private async createUuidToken(
+    userId: string,
+    protocol: TRegistryProtocol,
+    scopes: string[],
+    readonly: boolean = false
+  ): Promise<string> {
+    const token = this.generateUuid();
+    const authToken: IAuthToken = {
+      type: protocol,
+      userId,
+      scopes,
+      readonly,
+      metadata: {
+        created: new Date().toISOString(),
+      },
+    };
+
+    this.tokenStore.set(token, authToken);
+    return token;
+  }
+
  // ========================================================================
  // NPM AUTHENTICATION
  // ========================================================================
@@ -33,19 +66,8 @@ export class AuthManager {
      throw new Error('NPM tokens are not enabled');
    }

-    const token = this.generateUuid();
-    const authToken: IAuthToken = {
-      type: 'npm',
-      userId,
-      scopes: readonly ? ['npm:*:*:read'] : ['npm:*:*:*'],
-      readonly,
-      metadata: {
-        created: new Date().toISOString(),
-      },
-    };
-
-    this.tokenStore.set(token, authToken);
-    return token;
+    const scopes = readonly ? ['npm:*:*:read'] : ['npm:*:*:*'];
+    return this.createUuidToken(userId, 'npm', scopes, readonly);
  }

  /**
@@ -201,8 +223,59 @@ export class AuthManager {
    return null;
  }

+  // ========================================================================
+  // MAVEN AUTHENTICATION
+  // ========================================================================
+
  /**
-   * Validate any token (NPM or OCI)
+   * Create a Maven token
+   * @param userId - User ID
+   * @param readonly - Whether the token is readonly
+   * @returns Maven UUID token
+   */
+  public async createMavenToken(userId: string, readonly: boolean = false): Promise<string> {
+    const scopes = readonly ? ['maven:*:*:read'] : ['maven:*:*:*'];
+    return this.createUuidToken(userId, 'maven', scopes, readonly);
+  }
+
+  /**
+   * Validate a Maven token
+   * @param token - Maven UUID token
+   * @returns Auth token object or null
+   */
+  public async validateMavenToken(token: string): Promise<IAuthToken | null> {
+    if (!this.isValidUuid(token)) {
+      return null;
+    }
+
+    const authToken = this.tokenStore.get(token);
+    if (!authToken || authToken.type !== 'maven') {
+      return null;
+    }
+
+    // Check expiration if set
+    if (authToken.expiresAt && authToken.expiresAt < new Date()) {
+      this.tokenStore.delete(token);
+      return null;
+    }
+
+    return authToken;
+  }
+
+  /**
+   * Revoke a Maven token
+   * @param token - Maven UUID token
+   */
+  public async revokeMavenToken(token: string): Promise<void> {
+    this.tokenStore.delete(token);
+  }
+
+  // ========================================================================
+  // UNIFIED AUTHENTICATION
+  // ========================================================================
+
+  /**
+   * Validate any token (NPM, Maven, or OCI)
   * @param tokenString - Token string (UUID or JWT)
   * @param protocol - Expected protocol type
   * @returns Auth token object or null
@@ -211,12 +284,19 @@ export class AuthManager {
    tokenString: string,
    protocol?: TRegistryProtocol
  ): Promise<IAuthToken | null> {
-    // Try NPM token first (UUID format)
+    // Try UUID-based tokens (NPM, Maven)
    if (this.isValidUuid(tokenString)) {
+      // Try NPM token
      const npmToken = await this.validateNpmToken(tokenString);
      if (npmToken && (!protocol || protocol === 'npm')) {
        return npmToken;
      }
+
+      // Try Maven token
+      const mavenToken = await this.validateMavenToken(tokenString);
+      if (mavenToken && (!protocol || protocol === 'maven')) {
+        return mavenToken;
+      }
    }

    // Try OCI JWT