feat: oauth2 scopes for authn

Author: SoulPancake

src/main/java/dev/openfga/sdk/api/configuration/ClientCredentials.java

@@ -22,7 +22,6 @@ public void assertValid() throws FgaInvalidParameterException {
         assertParamExists(clientId, "clientId", "ClientCredentials");
         assertParamExists(clientSecret, "clientSecret", "ClientCredentials");
         assertParamExists(apiTokenIssuer, "apiTokenIssuer", "ClientCredentials");
-        assertParamExists(apiAudience, "apiAudience", "ClientCredentials");
     }
 
     public String getClientId() {

src/test/java/dev/openfga/sdk/api/configuration/ClientCredentialsTest.java

@@ -80,4 +80,29 @@ public void assertValid_invalidApiTokenIssuer() {
                         "Required parameter apiTokenIssuer was invalid when calling ClientCredentials.",
                         exception.getMessage()));
     }
+
+    @Test
+    public void assertValid_withoutApiAudience() throws FgaInvalidParameterException {
+        // audience is optional for standard OAuth2 servers
+        ClientCredentials creds = new ClientCredentials()
+                .clientId(VALID_CLIENT_ID)
+                .clientSecret(VALID_CLIENT_SECRET)
+                .apiTokenIssuer(VALID_API_TOKEN_ISSUER);
+
+        // Should not throw
+        creds.assertValid();
+        assertNull(creds.getApiAudience());
+    }
+
+    @Test
+    public void assertValid_withScopes() throws FgaInvalidParameterException {
+        ClientCredentials creds = new ClientCredentials()
+                .clientId(VALID_CLIENT_ID)
+                .clientSecret(VALID_CLIENT_SECRET)
+                .apiTokenIssuer(VALID_API_TOKEN_ISSUER)
+                .scopes("read write");
+
+        creds.assertValid();
+        assertEquals("read write", creds.getScopes());
+    }
 }