Add application authentication script update REST API

[ashanthamara]

Purpose

$subject

• This API introduces new fine grained access control for updating the authentication script of an application with internal_application_script_update scope.
• With that improvement, script update with the internal_application_mgt_update scope will be blocked.
• Simultaneously, we have supported backward compatiblity for the script update via application update when both scopes are present (internal_application_mgt_update and internal_application_script_update)

Related issue

• Introduce a Authentication Script update REST API for applications product-is#26011

[wso2-engineering]

AI Agent Log Improvement Checklist

⚠️ Warning: AI-Generated Review Comments

• The log-related comments and suggestions in this review were generated by an AI tool to assist with identifying potential improvements. Purpose of reviewing the code for log improvements is to improve the troubleshooting capabilities of our products.
• Please make sure to manually review and validate all suggestions before applying any changes. Not every code suggestion would make sense or add value to our purpose. Therefore, you have the freedom to decide which of the suggestions are helpful.

✅ Before merging this pull request:

• Review all AI-generated comments for accuracy and relevance.
• Complete and verify the table below. We need your feedback to measure the accuracy of these suggestions and the value they add. If you are rejecting a certain code suggestion, please mention the reason briefly in the suggestion for us to capture it.

Comment	Accepted (Y/N)	Reason
#### Log Improvement Suggestion No: 1
#### Log Improvement Suggestion No: 2
#### Log Improvement Suggestion No: 3

[Copilot]

Pull Request Overview

This PR adds a new REST API endpoint to update the authentication script of applications. The implementation includes proper authorization checks using the internal_application_script_update scope to ensure only authorized users can modify application authentication scripts.

• Adds a new PUT endpoint /applications/{applicationId}/authenticationSequence/script for updating authentication scripts
• Implements authorization validation using internal_application_script_update scope for script-related operations
• Provides dedicated error handling and validation for script update operations

Reviewed Changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
applications.yaml	Adds OpenAPI specification for the new script update endpoint and ScriptUpdateModel schema
ApplicationsApiServiceImpl.java	Implements the REST endpoint handler that delegates to the service layer
ServerApplicationManagementService.java	Contains the core business logic for script updates with authorization validation
ApplicationManagementEndpointConstants.java	Defines the scope name constant for script update operations
ScriptUpdateModel.java	Generated model class for the script update request body
ApplicationsApiService.java	Interface definition for the new endpoint
ApplicationsApi.java	JAX-RS endpoint definition with proper annotations
ApplicationManagementConstants.java	Adds error constant for forbidden script update operations

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}