Lazy OAuth via interceptor in Swift client, drop sync semaphore

Adds BarcodeAuthInterceptor to the AsposeBarcodeCloudClient template:
the client installs it on its per-instance apiConfiguration so the
URLSession pipeline lazily fetches and injects the bearer token on
first use, deduplicating concurrent token fetches. Drops apply() and
the blocking authorize() throws (DispatchSemaphore) variant; adds an
async authorize() async throws overload for explicit warm-up.

Updates the AsposeBarcodeCloudClient and README mustache templates
and bumps the Swift submodule pointer to the regenerated SDK.

Author: Denis-Averin

codegen/Templates/swift/AsposeBarcodeCloudClient.mustache

@@ -98,24 +98,30 @@ public typealias AsposeBarcodeCloudTokenFetcher = @Sendable (
 public final class AsposeBarcodeCloudClient: @unchecked Sendable {
     public let configuration: AsposeBarcodeCloudConfiguration
     public let apiConfiguration: AsposeBarcodeCloudAPIConfiguration
-    private let tokenFetcher: AsposeBarcodeCloudTokenFetcher
+    private let authInterceptor: BarcodeAuthInterceptor
 
     public init(
         configuration: AsposeBarcodeCloudConfiguration,
         tokenFetcher: AsposeBarcodeCloudTokenFetcher? = nil
     ) {
         self.configuration = configuration
-        self.tokenFetcher = tokenFetcher ?? AsposeBarcodeCloudClient.defaultTokenFetcher
-        self.apiConfiguration = AsposeBarcodeCloudAPIConfiguration(
+        let fetcher = tokenFetcher ?? AsposeBarcodeCloudClient.defaultTokenFetcher
+
+        let apiConfig = AsposeBarcodeCloudAPIConfiguration(
             basePath: configuration.host,
             customHeaders: [
                 "x-aspose-client": configuration.sdkName,
                 "x-aspose-client-version": configuration.sdkVersion,
             ]
         )
-        if let accessToken = configuration.accessToken, !accessToken.isEmpty {
-            apiConfiguration.customHeaders["Authorization"] = "Bearer \(accessToken)"
-        }
+        let interceptor = BarcodeAuthInterceptor(
+            configuration: configuration,
+            tokenFetcher: fetcher
+        )
+        apiConfig.interceptor = interceptor
+
+        self.apiConfiguration = apiConfig
+        self.authInterceptor = interceptor
     }
 
     public convenience init(
@@ -142,58 +148,21 @@ public final class AsposeBarcodeCloudClient: @unchecked Sendable {
         ))
     }
 
-    public func apply() {
-        apiConfiguration.basePath = configuration.host
-        var headers = apiConfiguration.customHeaders
-        headers["x-aspose-client"] = configuration.sdkName
-        headers["x-aspose-client-version"] = configuration.sdkVersion
-
-        if let accessToken = configuration.accessToken, !accessToken.isEmpty {
-            headers["Authorization"] = "Bearer \(accessToken)"
-        } else {
-            headers.removeValue(forKey: "Authorization")
-        }
-        apiConfiguration.customHeaders = headers
-    }
-
     public func authorize(completion: @escaping @Sendable (Result<String, AsposeBarcodeCloudClientError>) -> Void) {
-        if let accessToken = configuration.accessToken, !accessToken.isEmpty {
-            apply()
-            completion(.success(accessToken))
-            return
-        }
-
-        tokenFetcher(configuration) { result in
-            switch result {
-            case let .success(accessToken):
-                self.configuration.accessToken = accessToken
-                self.apply()
-                completion(.success(accessToken))
-            case let .failure(error):
-                completion(.failure(error))
-            }
-        }
+        authInterceptor.ensureToken(completion: completion)
     }
 
     @discardableResult
-    public func authorize() throws -> String {
-        let semaphore = DispatchSemaphore(value: 0)
-        let tokenResult = OpenAPIMutex<Result<String, AsposeBarcodeCloudClientError>?>(nil)
-
-        authorize { result in
-            tokenResult.withValue { $0 = result }
-            semaphore.signal()
-        }
-
-        semaphore.wait()
-
-        switch tokenResult.value {
-        case let .success(accessToken):
-            return accessToken
-        case let .failure(error):
-            throw error
-        case .none:
-            throw AsposeBarcodeCloudClientError.invalidTokenResponse
+    public func authorize() async throws -> String {
+        try await withCheckedThrowingContinuation { continuation in
+            authorize { result in
+                switch result {
+                case let .success(token):
+                    continuation.resume(returning: token)
+                case let .failure(error):
+                    continuation.resume(throwing: error)
+                }
+            }
         }
     }
 
@@ -249,3 +218,114 @@ public final class AsposeBarcodeCloudClient: @unchecked Sendable {
         }.resume()
     }
 }
+
+final class BarcodeAuthInterceptor: OpenAPIInterceptor, @unchecked Sendable {
+    private let configuration: AsposeBarcodeCloudConfiguration
+    private let tokenFetcher: AsposeBarcodeCloudTokenFetcher
+    private let state: OpenAPIMutex<State>
+
+    private struct State {
+        var token: String?
+        var inFlightFetch: Bool
+        var pendingWaiters: [@Sendable (Result<String, AsposeBarcodeCloudClientError>) -> Void]
+    }
+
+    init(
+        configuration: AsposeBarcodeCloudConfiguration,
+        tokenFetcher: @escaping AsposeBarcodeCloudTokenFetcher
+    ) {
+        self.configuration = configuration
+        self.tokenFetcher = tokenFetcher
+        let initialToken = configuration.accessToken.flatMap { $0.isEmpty ? nil : $0 }
+        self.state = OpenAPIMutex(State(
+            token: initialToken,
+            inFlightFetch: false,
+            pendingWaiters: []
+        ))
+    }
+
+    func intercept<T>(
+        urlRequest: URLRequest,
+        urlSession: URLSessionProtocol,
+        requestBuilder: RequestBuilder<T>,
+        completion: @Sendable @escaping (Result<URLRequest, any Error>) -> Void
+    ) {
+        guard requestBuilder.requiresAuthentication else {
+            completion(.success(urlRequest))
+            return
+        }
+
+        ensureToken { result in
+            switch result {
+            case let .success(token):
+                var modified = urlRequest
+                modified.setValue("Bearer \(token)", forHTTPHeaderField: "Authorization")
+                completion(.success(modified))
+            case let .failure(error):
+                completion(.failure(error))
+            }
+        }
+    }
+
+    func retry<T>(
+        urlRequest: URLRequest,
+        urlSession: URLSessionProtocol,
+        requestBuilder: RequestBuilder<T>,
+        data: Data?,
+        response: URLResponse?,
+        error: any Error,
+        completion: @Sendable @escaping (OpenAPIInterceptorRetry) -> Void
+    ) {
+        completion(.dontRetry)
+    }
+
+    func ensureToken(completion: @escaping @Sendable (Result<String, AsposeBarcodeCloudClientError>) -> Void) {
+        enum Action {
+            case immediate(Result<String, AsposeBarcodeCloudClientError>)
+            case wait
+            case startFetch
+        }
+
+        var action: Action = .wait
+        state.withValue { state in
+            if let token = state.token, !token.isEmpty {
+                action = .immediate(.success(token))
+                return
+            }
+            state.pendingWaiters.append(completion)
+            if state.inFlightFetch {
+                action = .wait
+            } else {
+                state.inFlightFetch = true
+                action = .startFetch
+            }
+        }
+
+        switch action {
+        case let .immediate(result):
+            completion(result)
+        case .wait:
+            break
+        case .startFetch:
+            tokenFetcher(configuration) { [weak self] result in
+                self?.deliverToken(result)
+            }
+        }
+    }
+
+    private func deliverToken(_ result: Result<String, AsposeBarcodeCloudClientError>) {
+        var waiters: [@Sendable (Result<String, AsposeBarcodeCloudClientError>) -> Void] = []
+        state.withValue { state in
+            state.inFlightFetch = false
+            if case let .success(token) = result {
+                state.token = token
+                self.configuration.accessToken = token
+            }
+            waiters = state.pendingWaiters
+            state.pendingWaiters.removeAll()
+        }
+        for waiter in waiters {
+            waiter(result)
+        }
+    }
+}

codegen/Templates/swift/README.mustache

@@ -33,8 +33,12 @@ let client = AsposeBarcodeCloudClient(
     clientId: "your-client-id",
     clientSecret: "your-client-secret"
 )
+```
+
+The OAuth access token is fetched lazily on the first API call. To warm it up at app start, await the explicit method:
 
-try client.authorize()
+```swift
+_ = try await client.authorize()
 ```
 
 If you already have an access token, configure the SDK directly:
@@ -43,7 +47,7 @@ If you already have an access token, configure the SDK directly:
 let client = AsposeBarcodeCloudClient(accessToken: "your-access-token")
 ```
 
-`AsposeBarcodeCloudClient` owns a per-instance `apiConfiguration` and sets `Authorization`, `x-aspose-client`, and `x-aspose-client-version` headers on it. Pass `client.apiConfiguration` to each API call so the headers are applied.
+`AsposeBarcodeCloudClient` owns a per-instance `apiConfiguration` and sets `x-aspose-client` and `x-aspose-client-version` headers on it. The bundled `BarcodeAuthInterceptor` injects the `Authorization` header on each authenticated request. Pass `client.apiConfiguration` to each API call so the headers are applied.
 
 ### Generate