fix(maven,tests): handle Maven Basic auth and accept deploy-plugin metadata/checksum uploads while stabilizing npm CLI test cleanup

2026-03-27 17:37:24 +00:00
parent 26ddf1a59f
commit 2221eef722
5 changed files with 121 additions and 104 deletions
--- a/ts/maven/classes.mavenregistry.ts
+++ b/ts/maven/classes.mavenregistry.ts
@@ -110,9 +110,17 @@ export class MavenRegistry extends BaseRegistry {
    let token: IAuthToken | null = null;

    if (authHeader) {
-      const tokenString = authHeader.replace(/^(Bearer|Basic)\s+/i, '');
-      // For now, try to validate as Maven token (reuse npm token type)
-      token = await this.authManager.validateToken(tokenString, 'maven');
+      if (/^Basic\s+/i.test(authHeader)) {
+        // Maven sends Basic Auth: base64(username:password) — extract the password as token
+        const base64 = authHeader.replace(/^Basic\s+/i, '');
+        const decoded = Buffer.from(base64, 'base64').toString('utf-8');
+        const colonIndex = decoded.indexOf(':');
+        const password = colonIndex >= 0 ? decoded.substring(colonIndex + 1) : decoded;
+        token = await this.authManager.validateToken(password, 'maven');
+      } else {
+        const tokenString = authHeader.replace(/^Bearer\s+/i, '');
+        token = await this.authManager.validateToken(tokenString, 'maven');
+      }
    }

    // Build actor from context and validated token
@@ -240,9 +248,19 @@ export class MavenRegistry extends BaseRegistry {
      return this.getChecksum(groupId, artifactId, version, coordinate, path);
    }

+    // Accept PUT silently — Maven deploy-plugin uploads checksums alongside artifacts,
+    // but our registry auto-generates them, so we just acknowledge the upload
+    if (method === 'PUT') {
+      return {
+        status: 200,
+        headers: {},
+        body: { status: 'ok' },
+      };
+    }
+
    return {
      status: 405,
-      headers: { 'Allow': 'GET, HEAD' },
+      headers: { 'Allow': 'GET, HEAD, PUT' },
      body: { error: 'METHOD_NOT_ALLOWED', message: 'Checksums are auto-generated' },
    };
  }
@@ -275,9 +293,19 @@ export class MavenRegistry extends BaseRegistry {
      return this.getMetadata(groupId, artifactId, actor);
    }

+    // Accept PUT silently — Maven deploy-plugin uploads maven-metadata.xml,
+    // but our registry auto-generates it, so we just acknowledge the upload
+    if (method === 'PUT') {
+      return {
+        status: 200,
+        headers: {},
+        body: { status: 'ok' },
+      };
+    }
+
    return {
      status: 405,
-      headers: { 'Allow': 'GET' },
+      headers: { 'Allow': 'GET, PUT' },
      body: { error: 'METHOD_NOT_ALLOWED', message: 'Metadata is auto-generated' },
    };
  }