fix: 7093 add username/password properties to be able to authenticate for central.content.url and analyzer.central.url again

Author: drijkersbq

cli/src/main/java/org/owasp/dependencycheck/App.java

@@ -604,6 +604,10 @@ protected void populateSettings(CliParser cli) throws InvalidSettingException {
                 cli.hasOption(CliParser.ARGUMENT.ENABLE_NEXUS));
         settings.setStringIfNotEmpty(Settings.KEYS.ANALYZER_CENTRAL_URL,
                 cli.getStringArgument(CliParser.ARGUMENT.CENTRAL_URL));
+        settings.setStringIfNotEmpty(Settings.KEYS.ANALYZER_CENTRAL_USER,
+                cli.getStringArgument(CliParser.ARGUMENT.CENTRAL_USERNAME));
+        settings.setStringIfNotEmpty(Settings.KEYS.ANALYZER_CENTRAL_PASSWORD,
+                cli.getStringArgument(CliParser.ARGUMENT.CENTRAL_PASSWORD));
         settings.setStringIfNotEmpty(Settings.KEYS.ANALYZER_OSSINDEX_URL,
                 cli.getStringArgument(CliParser.ARGUMENT.OSSINDEX_URL));
         settings.setStringIfNotEmpty(Settings.KEYS.ANALYZER_OSSINDEX_USER,

cli/src/main/java/org/owasp/dependencycheck/CliParser.java

@@ -1360,6 +1360,14 @@ public static class ARGUMENT {
          * The alternative URL for Maven Central Search.
          */
         public static final String CENTRAL_URL = "centralUrl";
+        /**
+         * The username for the alternative Maven Central Search.
+         */
+        public static final String CENTRAL_USERNAME = "centralUsername";
+        /**
+         * The password for the alternative Maven Central Search.
+         */
+        public static final String CENTRAL_PASSWORD = "centralPassword";
         /**
          * Disables the Nexus Analyzer.
          */

utils/src/main/java/org/owasp/dependencycheck/utils/Downloader.java

@@ -175,6 +175,8 @@ public void configure(Settings settings) throws InvalidSettingException {
         tryAddHostedSuppressionCredentials(settings, credentialsProvider);
         tryAddKEVCredentials(settings, credentialsProvider);
         tryAddNexusAnalyzerCredentials(settings, credentialsProvider);
+        tryAddCentralAnalyzerCredentials(settings, credentialsProvider);
+        tryAddCentralContentCredentials(settings, credentialsProvider);
         tryAddNVDApiDatafeed(settings, credentialsProvider);
         httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
         httpClientBuilderExplicitNoproxy.setDefaultCredentialsProvider(credentialsProvider);
@@ -220,6 +222,26 @@ private void tryAddNexusAnalyzerCredentials(Settings settings, CredentialsStore
         }
     }
 
+    private void tryAddCentralAnalyzerCredentials(Settings settings, CredentialsStore credentialsStore) throws InvalidSettingException {
+        if (settings.getString(Settings.KEYS.ANALYZER_CENTRAL_PASSWORD) != null) {
+            addUserPasswordCreds(settings, credentialsStore,
+                    Settings.KEYS.ANALYZER_CENTRAL_USER,
+                    Settings.KEYS.ANALYZER_CENTRAL_URL,
+                    Settings.KEYS.ANALYZER_CENTRAL_PASSWORD,
+                    "Central Analyzer");
+        }
+    }
+
+    private void tryAddCentralContentCredentials(Settings settings, CredentialsStore credentialsStore) throws InvalidSettingException {
+        if (settings.getString(Settings.KEYS.CENTRAL_CONTENT_PASSWORD) != null) {
+            addUserPasswordCreds(settings, credentialsStore,
+                    Settings.KEYS.CENTRAL_CONTENT_USER,
+                    Settings.KEYS.CENTRAL_CONTENT_URL,
+                    Settings.KEYS.CENTRAL_CONTENT_PASSWORD,
+                    "Central Content");
+        }
+    }
+
     private void tryAddNVDApiDatafeed(Settings settings, CredentialsStore credentialsStore) throws InvalidSettingException {
         if (settings.getString(Settings.KEYS.NVD_API_DATAFEED_PASSWORD) != null) {
             addUserPasswordCreds(settings, credentialsStore,

utils/src/main/java/org/owasp/dependencycheck/utils/Settings.java

@@ -620,6 +620,14 @@ public static final class KEYS {
          * Key for the URL to obtain content from Maven Central.
          */
         public static final String CENTRAL_CONTENT_URL = "central.content.url";
+        /**
+         * Key for the Username to obtain content from Maven Central.
+         */
+        public static final String CENTRAL_CONTENT_USER = "central.content.username";
+        /**
+         * Key for the Password to obtain content from Maven Central.
+         */
+        public static final String CENTRAL_CONTENT_PASSWORD = "central.content.password";
         /**
          * The properties key for whether the Central analyzer should use
          * parallel processing.
@@ -656,6 +664,14 @@ public static final class KEYS {
          * The properties key for the Central search URL.
          */
         public static final String ANALYZER_CENTRAL_URL = "analyzer.central.url";
+        /**
+         * The properties key for the Central search username.
+         */
+        public static final String ANALYZER_CENTRAL_USER = "analyzer.central.username";
+        /**
+         * The properties key for the Central search password.
+         */
+        public static final String ANALYZER_CENTRAL_PASSWORD = "analyzer.central.password";
         /**
          * The properties key for the Central search query.
          */