utu.vbingm.privaterepocloner (PrivateRepoCloner 1.2.3-SNAPSHOT API)

package utu.vbingm.privaterepocloner

PrivateRepoCloner: store Git HTTPS access tokens in the OS keyring and clone private repositories.

What this package provides

PrivateRepoCloner — a small facade offering:
- addProfile(name, url, token)
- listProfiles()
- cloneProfileRepo(name, targetDir)
- repoExistsInKeyring(name)
- removeProfile(name)
RepoProfileStore — persists non-sensitive profile metadata (name, repoUrl, lastUsed epochMillis) to ~/.private-repo-cloner/profiles.json. Never stores tokens.
TokenKeyring — stores/retrieves/deletes tokens via the host OS keyring.
Domain exceptions — CouldNotReadProfilesJson, IncorrectTokenForHttpsUrlException, KeyringAccessException.

Tokens are never written to disk or returned by public APIs.
Tokens are placed in the OS-native keyring (Keychain / Credential Manager / Secret Service).
On most platforms, any process running as the same OS user can access that user’s keyring. This library prevents accidental disk/log leakage, but cannot protect against untrusted code executing as the same user.
Do not embed credentials in repository URLs. Such URLs are rejected.
Prefer least-privilege, short-lived tokens; rotate on compromise.

profiles.json stores an array of objects: {name, repoUrl, lastUsed} where lastUsed is epoch millis.
Malformed or non-array JSON is automatically reset to an empty array and a warning is logged.
Store creation enforces owner-only permissions where POSIX attributes are supported.

Profile store operations are guarded by a JVM-local lock to avoid concurrent file corruption.
Keyring access uses short-lived handles (try-with-resources).

IncorrectTokenForHttpsUrlException — URL contains credentials or unsupported protocol.
CouldNotReadProfilesJson — persistent failure to read/repair/write profiles.json.
KeyringAccessException — keyring backend access errors.
IOException — network/clone failures surfaced from JGit.