Skip to content

chore: reverse sync java sdk#706

Merged
SoulPancake merged 2 commits into
mainfrom
chore/reverse-sync-java-sdk
Jun 3, 2026
Merged

chore: reverse sync java sdk#706
SoulPancake merged 2 commits into
mainfrom
chore/reverse-sync-java-sdk

Conversation

@SoulPancake

@SoulPancake SoulPancake commented Jun 3, 2026

Copy link
Copy Markdown
Member

Description

synchs java sdk back to the generator.
The failing build+test command in CI also passes for java with this.
Generated PR : openfga/java-sdk#348

What problem is being solved?

How is it being solved?

What changes are made to solve it?

References

Review Checklist

  • I have clicked on "allow edits by maintainers".
  • I have added documentation for new/changed functionality in this PR or in a PR to openfga.dev [Provide a link to any relevant PRs in the references section above]
  • The correct base branch is being used, if not main
  • I have added tests to validate that the change in functionality is working as expected

Summary by CodeRabbit

  • New Features

    • OAuth2 Client Credentials support with token caching
    • New API executor feature for calling custom endpoints
  • Bug Fixes

    • Fixed example code errors and typos
  • Documentation

    • Minimum Java version requirement increased to Java 17
    • Enhanced OAuth2 authentication documentation
    • Added API executor usage guide

Copilot AI review requested due to automatic review settings June 3, 2026 08:20
@SoulPancake SoulPancake requested a review from a team as a code owner June 3, 2026 08:20
@coderabbitai

coderabbitai Bot commented Jun 3, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Walkthrough

This PR updates the Java SDK generator configuration and templates with version bump to 0.9.9, centralizes OAuth2 authentication handling, introduces new feature flags, adds ApiExecutor documentation, and updates minimum Java version requirement to Java 17.

Changes

Java SDK OAuth2 Refactoring and Configuration Updates

Layer / File(s) Summary
Version and Configuration Updates
config/clients/java/config.overrides.json, config/common/files/README.mustache
SDK version bumped to 0.9.9; new feature flags supportsCallingOtherEndpoints and hideClientBatchCheckToc added; README TOC conditionally renders batch check entry based on flag setting.
User-Agent and Badge Updates
config/clients/java/template/src/main/constants/FgaConstants.mustache, config/clients/java/template/README_custom_badges.mustache
User-agent constant now derives from SDK_VERSION dynamically; Socket badge URL includes {{packageVersion}} placeholder for version-specific links.
OAuth2 Authentication Centralization in ApiClient
config/clients/java/template/libraries/native/ApiClient.mustache
New public applyAuthHeader() method centralizes authentication logic with lazy-initialized OAuth2 client caching using SHA-256 credential key hashing; Jackson JsonNullableModule registration changed to always-on; default base URI changed to http://localhost; imports updated for OAuth2 and credential types.
BaseStreamingApi Auth Header Integration
config/clients/java/template/libraries/native/BaseStreamingApi.mustache
buildHttpRequest() now calls apiClient.applyAuthHeader() to apply authentication headers before request interceptors.
OpenFgaApi Telemetry Constructor and Auth Delegation
config/clients/java/template/libraries/native/api.mustache
New public constructor overload accepts Telemetry instance with null-check and constructor delegation; HttpRequestAttempt construction includes telemetry; auth header application delegates to apiClient.applyAuthHeader() instead of manual token logic; getAccessToken() helper removed.
Documentation Corrections and Examples
config/clients/java/template/README_calling_api.mustache, config/clients/java/template/README_initializing.mustache, config/clients/java/template/README_installation.mustache
Batch check examples corrected for variable name and correlationId syntax; OAuth2 Client Credentials section expanded with full token endpoint URL guidance and FGA_API_SCOPES environment variable; minimum JDK requirement raised to Java 17 with release-please version markers.
ApiExecutor Documentation and Examples
config/clients/java/template/README_retries.mustache
New "Calling Other Endpoints" section documenting ApiExecutor and StreamingApiExecutor with examples for building custom requests via ApiExecutorRequestBuilder, handling responses (raw JSON and typed), streaming endpoints with callbacks, and references to example code and detailed documentation.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

Suggested labels

codex

Suggested reviewers

  • rhamzeh
  • jimmyjames
  • curfew-marathon
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Title check ❓ Inconclusive The title 'chore: reverse sync java sdk' is vague and generic, failing to clearly summarize the specific changes made to the Java SDK configuration and templates. Revise the title to be more specific about the main change, such as 'chore: add OAuth2 authentication and API executor support to Java SDK' or similar, to clearly communicate the primary objective to reviewers.
✅ Passed checks (4 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch chore/reverse-sync-java-sdk

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the OpenFGA SDK Generator’s templates/config for the Java SDK to reflect recent Java SDK changes, including documentation updates and refactoring how auth headers are applied in generated HTTP requests.

Changes:

  • Update Java client generation config (including a Java package version bump and README templating flags).
  • Refactor Java native client templates to centralize applying auth headers (including streaming requests).
  • Expand Java README content (installation, OAuth2 guidance, retries, and “calling other endpoints”).

Reviewed changes

Copilot reviewed 11 out of 11 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
config/common/files/README.mustache Adds a conditional TOC entry for “Client Batch Check” and conditionally includes “Calling Other Endpoints” in the TOC.
config/clients/java/template/src/main/constants/FgaConstants.mustache Updates Java SDK USER_AGENT constant formatting.
config/clients/java/template/README_retries.mustache Adds “Calling Other Endpoints” documentation and streaming executor example.
config/clients/java/template/README_installation.mustache Updates documented minimum Java version and adds release-please version markers around dependency snippets.
config/clients/java/template/README_initializing.mustache Improves OAuth2 client credentials documentation and clarifies apiTokenIssuer usage.
config/clients/java/template/README_custom_badges.mustache Updates the Socket badge URL to incorporate release-please version templating.
config/clients/java/template/README_calling_api.mustache Fixes typos/errors in the Client Batch Check example snippet.
config/clients/java/template/libraries/native/BaseStreamingApi.mustache Ensures streaming requests apply auth headers via ApiClient.applyAuthHeader.
config/clients/java/template/libraries/native/ApiClient.mustache Introduces centralized applyAuthHeader with OAuth2 client caching; modifies default base URI behavior.
config/clients/java/template/libraries/native/api.mustache Switches generated API calls to use ApiClient.applyAuthHeader and passes telemetry into request attempts.
config/clients/java/config.overrides.json Bumps Java SDK version and enables README templating flags (supportsCallingOtherEndpoints, hideClientBatchCheckToc).

Comment thread config/clients/java/template/libraries/native/ApiClient.mustache
Comment thread config/clients/java/template/README_retries.mustache
Comment thread config/clients/java/template/README_retries.mustache
Comment thread config/clients/java/template/README_installation.mustache

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 5

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
config/clients/java/template/README_calling_api.mustache (1)

451-467: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Fix Java “Batch Check” docs sample to use consistent item type and keep fluent chaining intact

In config/clients/java/template/README_calling_api.mustache (Batch Check example, checks(List.of(...))), the list mixes new ClientBatchCheckItem() with new ClientCheckRequest(), and one entry has a comma immediately after ._object(...), breaking the fluent chain so .correlationId(...) / .contextualTuples(...) are no longer attached to the same request item.

  • Use new ClientBatchCheckItem() for every element in the checks(List.of(...)) list.
  • Move the comma so it terminates the full item expression (after the last chained call), not right after ._object(...).
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@config/clients/java/template/README_calling_api.mustache` around lines 451 -
467, The Batch Check sample uses inconsistent types and breaks fluent chaining:
replace any occurrences of new ClientCheckRequest() inside the
checks(List.of(...)) with new ClientBatchCheckItem() so all list entries are the
same type, and ensure commas come after the full chained expression (e.g., place
the comma after the final .correlationId(...) or .contextualTuples(...) call,
not immediately after ._object(...)) so ._object(...), .correlationId(...), and
.contextualTuples(...) remain chained on the same ClientBatchCheckItem instance.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@config/clients/java/config.overrides.json`:
- Line 6: The Java language override is missing the required FOSSA compliance
notice ID next to the existing "packageVersion": "0.9.9"; add the canonical
notice ID field used by our configs (e.g., "fossaNoticeId" or the
project-standard "noticeId") with the correct FOSSA ID string in that JSON
object for the Java override, ensure the JSON stays valid (commas/quoting) and
commit the change so compliance metadata is restored.

In `@config/clients/java/template/libraries/native/api.mustache`:
- Around line 73-83: The constructors of OpenFgaApi currently only validate
telemetry, letting null configuration or apiClient surface later; update both
constructors to fail fast by validating configuration and apiClient for null
(throw IllegalArgumentException) before creating or assigning telemetry. In the
two-arg constructor (OpenFgaApi(Configuration configuration, ApiClient
apiClient)) check configuration and apiClient for null before calling new
Telemetry(configuration) and then delegate to the three-arg constructor; in the
three-arg constructor (OpenFgaApi(Configuration configuration, ApiClient
apiClient, Telemetry telemetry)) validate all three parameters (configuration,
apiClient, telemetry) up front and assign fields only after validation.

In `@config/clients/java/template/libraries/native/ApiClient.mustache`:
- Around line 361-398: The applyAuthHeader method reads nested auth fields
without validating configuration/credentials and may NPE when
credentials.getApiToken() is null; validate the incoming Configuration and its
Credentials (and for API_TOKEN also ensure credentials.getApiToken() and its
token are non-null and throw the declared FgaInvalidParameterException with a
clear message) before accessing nested getters (reference: applyAuthHeader,
Configuration, Credentials, CredentialsMethod, API_TOKEN,
FgaInvalidParameterException); update the API_TOKEN branch to check for null
apiToken/token and throw FgaInvalidParameterException instead of letting a
NullPointerException surface.
- Around line 186-188: Harden applyAuthHeader by null-checking nested credential
fields before dereferencing: verify configuration != null,
configuration.getCredentials() != null, credentials.getApiToken() != null and
credentials.getApiToken().getToken() != null (and similarly when calling
ensureOAuth2Client that configuration.getCredentials().getClientCredentials() is
present) and throw the documented FgaInvalidParameterException with a clear
message when any required piece is missing instead of letting a
NullPointerException propagate; also audit getDefaultBaseUri/getApiUrl usage:
ensure Configuration.getApiUrl() has a safe non-localhost default or make
getDefaultBaseUri() the single source of truth and use it when building request
URIs (replace direct URI.create(configuration.getApiUrl() + path) with a call
that falls back to getDefaultBaseUri() if configuration.getApiUrl() is
null/empty) so requests never implicitly default to "http://localhost".

In `@config/clients/java/template/README_retries.mustache`:
- Around line 93-95: The example uses an undefined variable storeId when calling
ApiExecutorRequestBuilder.builder; fix by declaring a local String storeId (or
reuse the literal used earlier) before building the request so the snippet is
copy-paste runnable. Locate the ApiExecutorRequestBuilder usage and add a short
declaration (e.g., String storeId = "...";) immediately before the request
construction so .pathParam("store_id", storeId) has a defined value.

---

Outside diff comments:
In `@config/clients/java/template/README_calling_api.mustache`:
- Around line 451-467: The Batch Check sample uses inconsistent types and breaks
fluent chaining: replace any occurrences of new ClientCheckRequest() inside the
checks(List.of(...)) with new ClientBatchCheckItem() so all list entries are the
same type, and ensure commas come after the full chained expression (e.g., place
the comma after the final .correlationId(...) or .contextualTuples(...) call,
not immediately after ._object(...)) so ._object(...), .correlationId(...), and
.contextualTuples(...) remain chained on the same ClientBatchCheckItem instance.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 22b68c7f-50f3-4c72-b473-5bfddd32b6ab

📥 Commits

Reviewing files that changed from the base of the PR and between f9ccfac and 473cb79.

📒 Files selected for processing (11)
  • config/clients/java/config.overrides.json
  • config/clients/java/template/README_calling_api.mustache
  • config/clients/java/template/README_custom_badges.mustache
  • config/clients/java/template/README_initializing.mustache
  • config/clients/java/template/README_installation.mustache
  • config/clients/java/template/README_retries.mustache
  • config/clients/java/template/libraries/native/ApiClient.mustache
  • config/clients/java/template/libraries/native/BaseStreamingApi.mustache
  • config/clients/java/template/libraries/native/api.mustache
  • config/clients/java/template/src/main/constants/FgaConstants.mustache
  • config/common/files/README.mustache

Comment thread config/clients/java/config.overrides.json
Comment thread config/clients/java/template/libraries/native/api.mustache
Comment thread config/clients/java/template/libraries/native/ApiClient.mustache
Comment thread config/clients/java/template/libraries/native/ApiClient.mustache
Comment thread config/clients/java/template/README_retries.mustache
@SoulPancake SoulPancake added this pull request to the merge queue Jun 3, 2026
Merged via the queue into main with commit 2639d35 Jun 3, 2026
13 of 16 checks passed
@SoulPancake SoulPancake deleted the chore/reverse-sync-java-sdk branch June 3, 2026 09:01
@coderabbitai coderabbitai Bot mentioned this pull request Jun 3, 2026
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants