Jersey2/3: Fixes a bug in OAuth token renewal, where the previous HTTP 401 code is reused even after the retry succeeds (#22134)

jheyens · web-flow · commit ce1e9e08660f · 2025-10-16T16:32:05.000+08:00
* Jersey2/3: Fix a bug where, when using OAuth, the HTTP 401 status code persisted even if the second request after renewing the Bearer access token succeeded

* Jersey2/3: Regenerate samples
diff --git a/modules/openapi-generator/src/main/resources/Java/libraries/jersey2/ApiClient.mustache b/modules/openapi-generator/src/main/resources/Java/libraries/jersey2/ApiClient.mustache
@@ -1299,11 +1299,9 @@ public class ApiClient{{#jsr310}} extends JavaTimeFormatter{{/jsr310}} {
     try {
       response = sendRequest(method, invocationBuilder, entity);
 
-      final int statusCode = response.getStatusInfo().getStatusCode();
-
       {{#hasOAuthMethods}}
       // If OAuth is used and a status 401 is received, renew the access token and retry the request
-      if (authNames != null && statusCode == Status.UNAUTHORIZED.getStatusCode()) {
+      if (authNames != null && response.getStatusInfo().getStatusCode() == Status.UNAUTHORIZED.getStatusCode()) {
         for (String authName : authNames) {
           Authentication authentication = authentications.get(authName);
           if (authentication instanceof OAuth) {
@@ -1317,8 +1315,10 @@ public class ApiClient{{#jsr310}} extends JavaTimeFormatter{{/jsr310}} {
           }
         }
       }
-
+      
       {{/hasOAuthMethods}}
+      final int statusCode = response.getStatusInfo().getStatusCode();
+
       Map<String, List<String>> responseHeaders = buildResponseHeaders(response);
 
       if (statusCode == Status.NO_CONTENT.getStatusCode()) {
diff --git a/modules/openapi-generator/src/main/resources/Java/libraries/jersey3/ApiClient.mustache b/modules/openapi-generator/src/main/resources/Java/libraries/jersey3/ApiClient.mustache
@@ -1299,11 +1299,9 @@ public class ApiClient{{#jsr310}} extends JavaTimeFormatter{{/jsr310}} {
     try {
       response = sendRequest(method, invocationBuilder, entity);
 
-      final int statusCode = response.getStatusInfo().getStatusCode();
-
       {{#hasOAuthMethods}}
       // If OAuth is used and a status 401 is received, renew the access token and retry the request
-      if (authNames != null && statusCode == Status.UNAUTHORIZED.getStatusCode()) {
+      if (authNames != null && response.getStatusInfo().getStatusCode() == Status.UNAUTHORIZED.getStatusCode()) {
         for (String authName : authNames) {
           Authentication authentication = authentications.get(authName);
           if (authentication instanceof OAuth) {
@@ -1319,6 +1317,8 @@ public class ApiClient{{#jsr310}} extends JavaTimeFormatter{{/jsr310}} {
       }
 
       {{/hasOAuthMethods}}
+      final int statusCode = response.getStatusInfo().getStatusCode();
+
       Map<String, List<String>> responseHeaders = buildResponseHeaders(response);
 
       if (statusCode == Status.NO_CONTENT.getStatusCode()) {
diff --git a/samples/client/petstore/java/jersey2-java8-localdatetime/src/main/java/org/openapitools/client/ApiClient.java b/samples/client/petstore/java/jersey2-java8-localdatetime/src/main/java/org/openapitools/client/ApiClient.java
@@ -1213,10 +1213,8 @@ public <T> ApiResponse<T> invokeAPI(
     try {
       response = sendRequest(method, invocationBuilder, entity);
 
-      final int statusCode = response.getStatusInfo().getStatusCode();
-
       // If OAuth is used and a status 401 is received, renew the access token and retry the request
-      if (authNames != null && statusCode == Status.UNAUTHORIZED.getStatusCode()) {
+      if (authNames != null && response.getStatusInfo().getStatusCode() == Status.UNAUTHORIZED.getStatusCode()) {
         for (String authName : authNames) {
           Authentication authentication = authentications.get(authName);
           if (authentication instanceof OAuth) {
@@ -1230,6 +1228,8 @@ public <T> ApiResponse<T> invokeAPI(
           }
         }
       }
+      
+      final int statusCode = response.getStatusInfo().getStatusCode();
 
       Map<String, List<String>> responseHeaders = buildResponseHeaders(response);
 
diff --git a/samples/client/petstore/java/jersey2-java8/src/main/java/org/openapitools/client/ApiClient.java b/samples/client/petstore/java/jersey2-java8/src/main/java/org/openapitools/client/ApiClient.java
@@ -1213,10 +1213,8 @@ public <T> ApiResponse<T> invokeAPI(
     try {
       response = sendRequest(method, invocationBuilder, entity);
 
-      final int statusCode = response.getStatusInfo().getStatusCode();
-
       // If OAuth is used and a status 401 is received, renew the access token and retry the request
-      if (authNames != null && statusCode == Status.UNAUTHORIZED.getStatusCode()) {
+      if (authNames != null && response.getStatusInfo().getStatusCode() == Status.UNAUTHORIZED.getStatusCode()) {
         for (String authName : authNames) {
           Authentication authentication = authentications.get(authName);
           if (authentication instanceof OAuth) {
@@ -1230,6 +1228,8 @@ public <T> ApiResponse<T> invokeAPI(
           }
         }
       }
+      
+      final int statusCode = response.getStatusInfo().getStatusCode();
 
       Map<String, List<String>> responseHeaders = buildResponseHeaders(response);
 
diff --git a/samples/client/petstore/java/jersey3/src/main/java/org/openapitools/client/ApiClient.java b/samples/client/petstore/java/jersey3/src/main/java/org/openapitools/client/ApiClient.java
@@ -1295,10 +1295,8 @@ public <T> ApiResponse<T> invokeAPI(
     try {
       response = sendRequest(method, invocationBuilder, entity);
 
-      final int statusCode = response.getStatusInfo().getStatusCode();
-
       // If OAuth is used and a status 401 is received, renew the access token and retry the request
-      if (authNames != null && statusCode == Status.UNAUTHORIZED.getStatusCode()) {
+      if (authNames != null && response.getStatusInfo().getStatusCode() == Status.UNAUTHORIZED.getStatusCode()) {
         for (String authName : authNames) {
           Authentication authentication = authentications.get(authName);
           if (authentication instanceof OAuth) {
@@ -1313,6 +1311,8 @@ public <T> ApiResponse<T> invokeAPI(
         }
       }
 
+      final int statusCode = response.getStatusInfo().getStatusCode();
+
       Map<String, List<String>> responseHeaders = buildResponseHeaders(response);
 
       if (statusCode == Status.NO_CONTENT.getStatusCode()) {
diff --git a/samples/openapi3/client/petstore/java/jersey2-java8-swagger1/src/main/java/org/openapitools/client/ApiClient.java b/samples/openapi3/client/petstore/java/jersey2-java8-swagger1/src/main/java/org/openapitools/client/ApiClient.java
@@ -1197,10 +1197,8 @@ public <T> ApiResponse<T> invokeAPI(
     try {
       response = sendRequest(method, invocationBuilder, entity);
 
-      final int statusCode = response.getStatusInfo().getStatusCode();
-
       // If OAuth is used and a status 401 is received, renew the access token and retry the request
-      if (authNames != null && statusCode == Status.UNAUTHORIZED.getStatusCode()) {
+      if (authNames != null && response.getStatusInfo().getStatusCode() == Status.UNAUTHORIZED.getStatusCode()) {
         for (String authName : authNames) {
           Authentication authentication = authentications.get(authName);
           if (authentication instanceof OAuth) {
@@ -1214,6 +1212,8 @@ public <T> ApiResponse<T> invokeAPI(
           }
         }
       }
+      
+      final int statusCode = response.getStatusInfo().getStatusCode();
 
       Map<String, List<String>> responseHeaders = buildResponseHeaders(response);
 
diff --git a/samples/openapi3/client/petstore/java/jersey2-java8-swagger2/src/main/java/org/openapitools/client/ApiClient.java b/samples/openapi3/client/petstore/java/jersey2-java8-swagger2/src/main/java/org/openapitools/client/ApiClient.java
@@ -1197,10 +1197,8 @@ public <T> ApiResponse<T> invokeAPI(
     try {
       response = sendRequest(method, invocationBuilder, entity);
 
-      final int statusCode = response.getStatusInfo().getStatusCode();
-
       // If OAuth is used and a status 401 is received, renew the access token and retry the request
-      if (authNames != null && statusCode == Status.UNAUTHORIZED.getStatusCode()) {
+      if (authNames != null && response.getStatusInfo().getStatusCode() == Status.UNAUTHORIZED.getStatusCode()) {
         for (String authName : authNames) {
           Authentication authentication = authentications.get(authName);
           if (authentication instanceof OAuth) {
@@ -1214,6 +1212,8 @@ public <T> ApiResponse<T> invokeAPI(
           }
         }
       }
+      
+      final int statusCode = response.getStatusInfo().getStatusCode();
 
       Map<String, List<String>> responseHeaders = buildResponseHeaders(response);
 
diff --git a/samples/openapi3/client/petstore/java/jersey2-java8/src/main/java/org/openapitools/client/ApiClient.java b/samples/openapi3/client/petstore/java/jersey2-java8/src/main/java/org/openapitools/client/ApiClient.java
@@ -1295,10 +1295,8 @@ public <T> ApiResponse<T> invokeAPI(
     try {
       response = sendRequest(method, invocationBuilder, entity);
 
-      final int statusCode = response.getStatusInfo().getStatusCode();
-
       // If OAuth is used and a status 401 is received, renew the access token and retry the request
-      if (authNames != null && statusCode == Status.UNAUTHORIZED.getStatusCode()) {
+      if (authNames != null && response.getStatusInfo().getStatusCode() == Status.UNAUTHORIZED.getStatusCode()) {
         for (String authName : authNames) {
           Authentication authentication = authentications.get(authName);
           if (authentication instanceof OAuth) {
@@ -1312,6 +1310,8 @@ public <T> ApiResponse<T> invokeAPI(
           }
         }
       }
+      
+      final int statusCode = response.getStatusInfo().getStatusCode();
 
       Map<String, List<String>> responseHeaders = buildResponseHeaders(response);
 

Original file line number	Diff line number	Diff line change
`@@ -1213,10 +1213,8 @@ public <T> ApiResponse<T> invokeAPI(`
`1213`	`1213`	`try {`
`1214`	`1214`	`response = sendRequest(method, invocationBuilder, entity);`
`1215`	`1215`
`1216`		`- final int statusCode = response.getStatusInfo().getStatusCode();`
`1217`		`-`
`1218`	`1216`	`// If OAuth is used and a status 401 is received, renew the access token and retry the request`
`1219`		`- if (authNames != null && statusCode == Status.UNAUTHORIZED.getStatusCode()) {`
	`1217`	`+ if (authNames != null && response.getStatusInfo().getStatusCode() == Status.UNAUTHORIZED.getStatusCode()) {`
`1220`	`1218`	`for (String authName : authNames) {`
`1221`	`1219`	`Authentication authentication = authentications.get(authName);`
`1222`	`1220`	`if (authentication instanceof OAuth) {`
`@@ -1230,6 +1228,8 @@ public <T> ApiResponse<T> invokeAPI(`
`1230`	`1228`	`}`
`1231`	`1229`	`}`
`1232`	`1230`	`}`
	`1231`	`+`
	`1232`	`+ final int statusCode = response.getStatusInfo().getStatusCode();`
`1233`	`1233`
`1234`	`1234`	`Map<String, List<String>> responseHeaders = buildResponseHeaders(response);`
`1235`	`1235`
Original file line number	Diff line number	Diff line change
`@@ -1197,10 +1197,8 @@ public <T> ApiResponse<T> invokeAPI(`
`1197`	`1197`	`try {`
`1198`	`1198`	`response = sendRequest(method, invocationBuilder, entity);`
`1199`	`1199`
`1200`		`- final int statusCode = response.getStatusInfo().getStatusCode();`
`1201`		`-`
`1202`	`1200`	`// If OAuth is used and a status 401 is received, renew the access token and retry the request`
`1203`		`- if (authNames != null && statusCode == Status.UNAUTHORIZED.getStatusCode()) {`
	`1201`	`+ if (authNames != null && response.getStatusInfo().getStatusCode() == Status.UNAUTHORIZED.getStatusCode()) {`
`1204`	`1202`	`for (String authName : authNames) {`
`1205`	`1203`	`Authentication authentication = authentications.get(authName);`
`1206`	`1204`	`if (authentication instanceof OAuth) {`
`@@ -1214,6 +1212,8 @@ public <T> ApiResponse<T> invokeAPI(`
`1214`	`1212`	`}`
`1215`	`1213`	`}`
`1216`	`1214`	`}`
	`1215`	`+`
	`1216`	`+ final int statusCode = response.getStatusInfo().getStatusCode();`
`1217`	`1217`
`1218`	`1218`	`Map<String, List<String>> responseHeaders = buildResponseHeaders(response);`
`1219`	`1219`
Original file line number	Diff line number	Diff line change
`@@ -1295,10 +1295,8 @@ public <T> ApiResponse<T> invokeAPI(`
`1295`	`1295`	`try {`
`1296`	`1296`	`response = sendRequest(method, invocationBuilder, entity);`
`1297`	`1297`
`1298`		`- final int statusCode = response.getStatusInfo().getStatusCode();`
`1299`		`-`
`1300`	`1298`	`// If OAuth is used and a status 401 is received, renew the access token and retry the request`
`1301`		`- if (authNames != null && statusCode == Status.UNAUTHORIZED.getStatusCode()) {`
	`1299`	`+ if (authNames != null && response.getStatusInfo().getStatusCode() == Status.UNAUTHORIZED.getStatusCode()) {`
`1302`	`1300`	`for (String authName : authNames) {`
`1303`	`1301`	`Authentication authentication = authentications.get(authName);`
`1304`	`1302`	`if (authentication instanceof OAuth) {`
`@@ -1312,6 +1310,8 @@ public <T> ApiResponse<T> invokeAPI(`
`1312`	`1310`	`}`
`1313`	`1311`	`}`
`1314`	`1312`	`}`
	`1313`	`+`
	`1314`	`+ final int statusCode = response.getStatusInfo().getStatusCode();`
`1315`	`1315`
`1316`	`1316`	`Map<String, List<String>> responseHeaders = buildResponseHeaders(response);`
`1317`	`1317`