Skip to content

Commit d24a22d

Browse files
fix: remove client-side credential validation from Gateway Mode (#24)
Gateway Mode methods (getPolicyApprovedContext, auditLLMCall) now work without credentials in community/self-hosted deployments. The server decides authentication requirements based on DEPLOYMENT_MODE. This matches the TypeScript SDK v1.11.1 behavior where we made the same fix to let the server decide auth requirements rather than validating client-side. Fixes: Community mode Gateway Mode not working without credentials
1 parent 57b687a commit d24a22d

3 files changed

Lines changed: 16 additions & 7 deletions

File tree

CHANGELOG.md

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,17 @@ All notable changes to the AxonFlow Java SDK will be documented in this file.
55
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
66
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
77

8+
## [1.9.0] - 2025-12-31
9+
10+
### Fixed
11+
12+
- **Gateway Mode Community Fix**: Removed client-side credential validation from Gateway Mode methods
13+
- `getPolicyApprovedContext()` and `auditLLMCall()` now work without credentials in community/self-hosted deployments
14+
- Server decides auth requirements based on `DEPLOYMENT_MODE`
15+
- Matches TypeScript SDK v1.11.1 behavior
16+
17+
---
18+
819
## [1.8.0] - 2025-12-30
920

1021
### Changed
@@ -18,14 +29,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
1829

1930
- `hasCredentials()` method in `AxonFlowConfig` to check if credentials are configured
2031
- `requireCredentials()` helper for enterprise feature validation
21-
- Enterprise features (`getPolicyApprovedContext`, `auditLLMCall`) now validate credentials at call time
2232

2333
### Fixed
2434

2535
- Fixed `PolicyOverride` JSON field mappings (`action_override`, `override_reason`)
2636
- Fixed `listPolicyOverrides()` endpoint path and response parsing
2737
- Fixed `getStaticPolicyVersions()` response parsing
28-
- Gateway Mode methods now throw `AuthenticationException` when called without credentials
2938

3039
---
3140

pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66

77
<groupId>com.getaxonflow</groupId>
88
<artifactId>axonflow-sdk</artifactId>
9-
<version>1.8.0</version>
9+
<version>1.9.0</version>
1010
<packaging>jar</packaging>
1111

1212
<name>AxonFlow Java SDK</name>

src/main/java/com/getaxonflow/sdk/AxonFlow.java

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -226,8 +226,8 @@ public CompletableFuture<HealthStatus> healthCheckAsync() {
226226
public PolicyApprovalResult getPolicyApprovedContext(PolicyApprovalRequest request) {
227227
Objects.requireNonNull(request, "request cannot be null");
228228

229-
// Gateway Mode requires credentials (enterprise feature)
230-
requireCredentials("Gateway Mode (getPolicyApprovedContext)");
229+
// Gateway Mode: Let server decide if credentials are required based on DEPLOYMENT_MODE
230+
// Community/self-hosted deployments work without credentials
231231

232232
return retryExecutor.execute(() -> {
233233
Request httpRequest = buildRequest("POST", "/api/policy/pre-check", request);
@@ -280,8 +280,8 @@ public CompletableFuture<PolicyApprovalResult> getPolicyApprovedContextAsync(Pol
280280
public AuditResult auditLLMCall(AuditOptions options) {
281281
Objects.requireNonNull(options, "options cannot be null");
282282

283-
// Gateway Mode requires credentials (enterprise feature)
284-
requireCredentials("Gateway Mode (auditLLMCall)");
283+
// Gateway Mode: Let server decide if credentials are required based on DEPLOYMENT_MODE
284+
// Community/self-hosted deployments work without credentials
285285

286286
return retryExecutor.execute(() -> {
287287
Request httpRequest = buildRequest("POST", "/api/audit/llm-call", options);

0 commit comments

Comments
 (0)