Multi-Source Package Downloader

Problem Statement

Build a Python tool that downloads packages from Python package indexes that require authentication. Your tool should support three authentication methods: credentials embedded in URLs, .netrc configuration files, and system keyring services. The tool should automatically use the appropriate authentication method based on what's available.

Requirements

Core Functionality

1. Multi-Index Support: Your tool must be able to download packages from multiple package indexes specified via URLs
2. Authentication Methods: Support for URL-embedded credentials (username:password@host), .netrc file lookups, and system keyring integration
3. Download Capability: Download packages (wheels or source distributions) from authenticated indexes to a local directory
4. Credential Precedence: When multiple authentication methods provide credentials for the same domain, follow this precedence order:
   • URL-embedded credentials (highest priority)
   • .netrc file credentials
   • Keyring credentials (lowest priority)

Implementation Details

• Create a command-line tool that accepts a package name, one or more index URLs, and a destination directory
• The tool should attempt to download from the provided index URLs in order
• For each index, use the appropriate authentication method (URL-embedded, .netrc, or keyring)
• Download the first successfully found package to the specified destination directory
• Handle authentication failures gracefully with appropriate error messages

Expected Behavior

• When accessing an index with URL-embedded credentials, use those credentials directly
• When accessing an index without embedded credentials, check .netrc for matching host entries
• If .netrc doesn't provide credentials, attempt to retrieve them from the system keyring
• Successfully download packages from authenticated sources
• Print status messages indicating which authentication method was used

Dependencies { .dependencies }

pip { .dependency }

Provides Python package installation and download functionality with multi-domain authentication support.

Test Cases

Test Case 1: URL-Embedded Credentials @test

Input:

• Package name: example-package
• Index URL: https://user:pass@private-pypi.example.com/simple/
• Destination: ./downloads/

Expected Behavior:

• Tool extracts credentials from URL
• Authenticates to private-pypi.example.com using extracted credentials
• Downloads the package to ./downloads/ directory
• Reports successful download with authentication method used

Test Case 2: .netrc Authentication @test

Input:

• Package name: example-package
• Index URL: https://private-pypi.example.com/simple/
• .netrc file contains:

  machine private-pypi.example.com
  login netrc-user
  password netrc-pass

• Destination: ./downloads/

Expected Behavior:

• Tool detects no URL-embedded credentials
• Looks up credentials in .netrc file
• Authenticates using netrc credentials
• Downloads package successfully
• Reports authentication method used

Test Case 3: Fallback Chain @test

Input:

• Package name: example-package
• Primary index URL (with embedded creds): https://user1:pass1@index1.example.com/simple/
• Secondary index URL (no embedded creds): https://index2.example.com/simple/
• .netrc contains entry for index2.example.com
• Destination: ./downloads/

Expected Behavior:

• Tool tries first index with URL-embedded credentials
• If package not found, tries second index
• Uses .netrc credentials for second index
• Downloads from whichever index has the package
• Reports which index and authentication method were used

Deliverables

Create the following files:

1. multi_index_downloader.py - Main implementation file
2. test_multi_index_downloader.py - Test file containing the three test cases above

Your implementation should demonstrate proper use of the package's authentication capabilities across multiple domains and credential sources.