This guide implies that you have enable HTTP Basic Auth to protect your repository. If you don't please refer to corresponding guide

Configuring HTTP Basic Auth secured repository is a little bit hard. Just remember the following things:

  • For simplicity we use the same login value for everyone - myMavenRepo.
  • There is difference between repository credentials and service credentials. Don't mess them up.

Help / Android + HTTP Auth protected private maven repository

Intro

You can use any maven compatible repository (including myMavenRepo) to publish / consume your public / private aar files. There are a few different ways to publish your Android library to private maven repository. This article is based on the following script but you are free to use any other technology like android-maven-publish plugin.

Security

Direct usage of password in build.gradle file to your repository is not good a idea. Instead we suggest you to store this information in ~/.gradle/gradle.properties file: 

myMavenRepoReadPassword=${yourHttpAuthReadPassword}
myMavenRepoWritePassword=${yourHttpAuthWritePassword}

Replace ${yourHttpAuthReadPassword}, ${yourHttpAuthWritePassword} with password to your read/write repository.

Get more info: official documentation, stackoverflow question

Consuming artifacts

  1. 1. Add the following code snippet to your /path/to/project/build.gradle file: 
  2. repositories {
    maven {
        url '${myMavenRepoReadUrl}'
        credentials {
            username 'myMavenRepo'
            password myMavenRepoReadPassword
        }
    }
}
  3. 2. Pay attention you are using read URL and correct password to your repository user
  4. 3. Replace ${myMavenRepoReadUrl} with read URL to your repository.

Publishing artifacts

  1. 1. Add the following code snippet to your /path/to/project/build.gradle file: 
  2. apply plugin: 'maven-publish'

publishing {
    repositories {
        maven {
            url '${myMavenRepoWriteUrl}'
            credentials {
                username 'myMavenRepo'
                password myMavenRepoWritePassword
            }
        }
    }

    publications {
        maven(MavenPublication) {
            groupId 'com.my-project'
            artifactId 'custom-artifact'
            version = '0.1-SNAPSHOT'

            artifact bundleReleaseAar
            artifact androidJavadocsJar
            artifact androidSourcesJar

            pom.withXml {
                final dependenciesNode = asNode().appendNode('dependencies')

                ext.addDependency = { Dependency dep, String scope ->
                    if (dep.group == null || dep.version == null || dep.name == null || dep.name == "unspecified")
                        return // ignore invalid dependencies

                    final dependencyNode = dependenciesNode.appendNode('dependency')
                    dependencyNode.appendNode('groupId', dep.group)
                    dependencyNode.appendNode('artifactId', dep.name)
                    dependencyNode.appendNode('version', dep.version)
                    dependencyNode.appendNode('scope', scope)

                    if (!dep.transitive) {
                        // If this dependency is transitive, we should force exclude all its dependencies them from the POM
                        final exclusionNode = dependencyNode.appendNode('exclusions').appendNode('exclusion')
                        exclusionNode.appendNode('groupId', '*')
                        exclusionNode.appendNode('artifactId', '*')
                    } else if (!dep.properties.excludeRules.empty) {
                        // Otherwise add specified exclude rules
                        final exclusionNode = dependencyNode.appendNode('exclusions').appendNode('exclusion')
                        dep.properties.excludeRules.each { ExcludeRule rule ->
                            exclusionNode.appendNode('groupId', rule.group ?: '*')
                            exclusionNode.appendNode('artifactId', rule.module ?: '*')
                        }
                    }
                }

                // List all "compile" dependencies (for old Gradle)
                configurations.compile.getDependencies().each { dep -> addDependency(dep, "compile") }
                // List all "api" dependencies (for new Gradle) as "compile" dependencies
                configurations.api.getDependencies().each { dep -> addDependency(dep, "compile") }
                // List all "implementation" dependencies (for new Gradle) as "runtime" dependencies
                configurations.implementation.getDependencies().each { dep -> addDependency(dep, "runtime") }
            }
        }
    }
}

task androidJavadocs(type: Javadoc) {
    source = android.sourceSets.main.java.srcDirs
    classpath += project.files(android.getBootClasspath().join(File.pathSeparator))
    android.libraryVariants.all { variant ->
        if (variant.name == 'release') {
            owner.classpath += variant.javaCompile.classpath
        }
    }
    exclude '**/R.html', '**/R.*.html', '**/index.html'
}

task androidJavadocsJar(type: Jar, dependsOn: androidJavadocs) {
    classifier = 'javadoc'
    from androidJavadocs.destinationDir
}

task androidSourcesJar(type: Jar) {
    classifier = 'sources'
    from android.sourceSets.main.java.srcDirs
}
  3. 2. Pay attention you are using write URL and correct password to your repository user
  4. 3. Replace ${myMavenRepoWriteUrl} with write URL to your repository
  5. 4. Replace com.my-project, custom-artifact, 0.1-SNAPSHOT with an appropriate data
  6. 5. Use gradle clean publish command to upload artifacts.

Get more info: stackoverflow question