fix: reject clientSecret without clientId to prevent wrong-tenant data#122
Merged
saurabhjain1592 merged 1 commit intomainfrom Apr 5, 2026
Merged
Conversation
If clientSecret (license key) is set without clientId, the SDK would silently use 'community' as the tenant identity. All data would be stored under the wrong tenant, causing data loss on upgrade when clientId is eventually set correctly.
saurabhjain1592
added a commit
that referenced
this pull request
Apr 17, 2026
Adds Java SDK half of ADR-043 + ADR-042. New: - DecisionExplanation, ExplainPolicy, ExplainRule DTOs in com.getaxonflow.sdk.types. Jackson @JsonIgnoreProperties(ignoreUnknown= true) for ADR-043 forward-compat with future platform fields. - AxonFlow.explainDecision(decisionId) + explainDecisionAsync calling GET /api/v1/decisions/:id/explain. URL-encodes the decision ID. Rejects null/empty with IllegalArgumentException. - AuditSearchRequest builder gains decisionId/policyName/overrideId; new JSON properties serialize only when set via @JsonInclude(NON_NULL). Version: 5.3.0 -> 5.4.0 (pom.xml). Tests (8 new, all passing via WireMock): - explainDecision: null + empty rejection, full payload parse with URL assertion, forward-compat with unknown fields. - searchAuditLogs: new filters serialize when set, absent when unset. - DTO null-safety: DecisionExplanation policyMatches defaults to empty when constructor receives null; ExplainPolicy defaults. Companion to platform v7.1.0 (axonflow-enterprise PR #1605), Go SDK v5.4.0 (PR #122), Python v6.4.0 (PR #141), TS v5.4.0 (PR #175).
saurabhjain1592
added a commit
that referenced
this pull request
Apr 18, 2026
Adds Java SDK half of ADR-043 + ADR-042. New: - DecisionExplanation, ExplainPolicy, ExplainRule DTOs in com.getaxonflow.sdk.types. Jackson @JsonIgnoreProperties(ignoreUnknown= true) for ADR-043 forward-compat with future platform fields. - AxonFlow.explainDecision(decisionId) + explainDecisionAsync calling GET /api/v1/decisions/:id/explain. URL-encodes the decision ID. Rejects null/empty with IllegalArgumentException. - AuditSearchRequest builder gains decisionId/policyName/overrideId; new JSON properties serialize only when set via @JsonInclude(NON_NULL). Version: 5.3.0 -> 5.4.0 (pom.xml). Tests (8 new, all passing via WireMock): - explainDecision: null + empty rejection, full payload parse with URL assertion, forward-compat with unknown fields. - searchAuditLogs: new filters serialize when set, absent when unset. - DTO null-safety: DecisionExplanation policyMatches defaults to empty when constructor receives null; ExplainPolicy defaults. Companion to platform v7.1.0 (axonflow-enterprise PR #1605), Go SDK v5.4.0 (PR #122), Python v6.4.0 (PR #141), TS v5.4.0 (PR #175).
saurabhjain1592
added a commit
that referenced
this pull request
Apr 18, 2026
* feat: explainDecision + audit search filter parity (Plugin Batch 1) Adds Java SDK half of ADR-043 + ADR-042. New: - DecisionExplanation, ExplainPolicy, ExplainRule DTOs in com.getaxonflow.sdk.types. Jackson @JsonIgnoreProperties(ignoreUnknown= true) for ADR-043 forward-compat with future platform fields. - AxonFlow.explainDecision(decisionId) + explainDecisionAsync calling GET /api/v1/decisions/:id/explain. URL-encodes the decision ID. Rejects null/empty with IllegalArgumentException. - AuditSearchRequest builder gains decisionId/policyName/overrideId; new JSON properties serialize only when set via @JsonInclude(NON_NULL). Version: 5.3.0 -> 5.4.0 (pom.xml). Tests (8 new, all passing via WireMock): - explainDecision: null + empty rejection, full payload parse with URL assertion, forward-compat with unknown fields. - searchAuditLogs: new filters serialize when set, absent when unset. - DTO null-safety: DecisionExplanation policyMatches defaults to empty when constructor receives null; ExplainPolicy defaults. Companion to platform v7.1.0 (axonflow-enterprise PR #1605), Go SDK v5.4.0 (PR #122), Python v6.4.0 (PR #141), TS v5.4.0 (PR #175). * fix: use path-segment encoding for explainDecision decision ID URLEncoder.encode() is application/x-www-form-urlencoded — spaces become '+' rather than '%20'. That's wrong for a path segment: the server parses the URL path segment-by-segment and '+' is a literal character there. Go / Python / TypeScript all path-encode; Java was the outlier. Fix by replacing '+' with '%20' in the URLEncoder output. That converts the form-encoded string to a valid percent-encoded path segment, with every other character (including literal '+' in the input -> '%2B') handled correctly. Two regression tests lock in the semantics.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Reject
client_secret/clientSecretwhenclient_id/clientIdis not set. Without this check, the SDK silently usescommunityas the tenant identity, causing all licensed data to be stored under the wrong tenant.Three valid configurations:
clientId=community, no license)clientIdonly → community mode with custom tenantAligns with getaxonflow/axonflow-enterprise#1492 unified identity model.
Test plan
client_secretwithoutclient_idthrows clear errorclient_idwithoutclient_secretworks (community with custom tenant)