Addressing minor comments

Signed-off-by: ngsupta1 <guptaneha.e@gmail.com>

Author: nsgupta1

data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/main/java/org/opensearch/dataprepper/plugins/source/crowdstrike/CrowdStrikeService.java

@@ -1,7 +1,7 @@
 package org.opensearch.dataprepper.plugins.source.crowdstrike;
 import io.micrometer.core.instrument.Timer;
 import org.opensearch.dataprepper.metrics.PluginMetrics;
-import org.opensearch.dataprepper.plugins.source.crowdstrike.models.CrowdStrikeApiResponse;
+import org.opensearch.dataprepper.plugins.source.crowdstrike.models.CrowdStrikeThreatIntelApiResponse;
 import org.opensearch.dataprepper.plugins.source.crowdstrike.models.CrowdStrikeIndicatorResult;
 import org.opensearch.dataprepper.plugins.source.crowdstrike.rest.CrowdStrikeRestClient;
 import org.opensearch.dataprepper.plugins.source.crowdstrike.utils.CrowdStrikeNextLinkValidator;
@@ -33,6 +33,9 @@ public class CrowdStrikeService {
     private static final String BASE_URL = "https://api.crowdstrike.com/";
     private static final String COMBINED_URL = "https://api.crowdstrike.com/intel/combined/indicators/v1";
     private final Timer searchCallLatencyTimer;
+    private static final String GREATER_THAN_EQUALS = ">=";
+    private static final String LESS_THAN = "<";
+    private static final String ENCODED_PLUS_SIGN = "%2B";
 
 
     public CrowdStrikeService(CrowdStrikeRestClient crowdStrikeRestClient, PluginMetrics pluginMetrics) {
@@ -45,9 +48,9 @@ public CrowdStrikeService(CrowdStrikeRestClient crowdStrikeRestClient, PluginMet
      *   @param startTime       The start timestamp (inclusive) for filtering indicators.
      *   @param endTime         The end timestamp (exclusive) for filtering indicators.
      *   @param paginationLink  An optional pagination URL suffix (used when fetching next pages).
-     *   @return                A {@link CrowdStrikeApiResponse} containing response body and headers.
+     *   @return                A {@link CrowdStrikeThreatIntelApiResponse} containing response body and headers.
      */
-    public CrowdStrikeApiResponse getThreatIndicators(Instant startTime, Instant endTime, Optional<String> paginationLink) {
+    public CrowdStrikeThreatIntelApiResponse getThreatIndicators(Instant startTime, Instant endTime, Optional<String> paginationLink) {
         if (startTime == null || endTime == null) {
             throw new IllegalArgumentException("startTime and endTime must not be null");
         }
@@ -57,7 +60,7 @@ public CrowdStrikeApiResponse getThreatIndicators(Instant startTime, Instant end
             log.debug("Calling CrowdStrike API with URI: {}", uri);
             ResponseEntity<CrowdStrikeIndicatorResult> responseEntity = crowdStrikeRestClient.invokeGetApi(uri, CrowdStrikeIndicatorResult.class);
 
-            return new CrowdStrikeApiResponse(responseEntity.getBody(), responseEntity.getHeaders());
+            return new CrowdStrikeThreatIntelApiResponse(responseEntity.getBody(), responseEntity.getHeaders());
         });
     }
 
@@ -69,9 +72,9 @@ protected URI buildCrowdStrikeUri(Instant startTime, Instant endTime,  Optional<
                 return new URI(urlString);
             } else {
                 // Manually construct and encode the query string
-                String filter1 = URLEncoder.encode(LAST_UPDATED + ":>=" + startTime.getEpochSecond(), StandardCharsets.UTF_8);
-                String filter2 = URLEncoder.encode(LAST_UPDATED + ":<" + endTime.getEpochSecond(), StandardCharsets.UTF_8);
-                String encodedFilter = filter1 + "%2B" + filter2;  // Use literal '+' // ensure literal '+'
+                String startTimeFilter = URLEncoder.encode(LAST_UPDATED + ":" + GREATER_THAN_EQUALS + startTime.getEpochSecond(), StandardCharsets.UTF_8);
+                String endTimeFilter = URLEncoder.encode(LAST_UPDATED + ":" + LESS_THAN + endTime.getEpochSecond(), StandardCharsets.UTF_8);
+                String encodedFilter = startTimeFilter + ENCODED_PLUS_SIGN + endTimeFilter;  // ensure literal '+' is encoded
 
                 UriComponentsBuilder builder = UriComponentsBuilder
                         .fromHttpUrl(COMBINED_URL)

data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/main/java/org/opensearch/dataprepper/plugins/source/crowdstrike/models/CrowdStrikeIndicatorResult.java

@@ -2,16 +2,16 @@
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Data;
 import lombok.Getter;
 import lombok.Setter;
 
 import java.util.List;
 
 /**
- * The result of Falcon query search.
+ * Represents the response from a CrowdStrike Falcon Query Language (FQL) search for threat indicators.
  */
-@Getter
-@Setter
+@Data
 @JsonIgnoreProperties(ignoreUnknown = true)
 public class CrowdStrikeIndicatorResult {
 

…trike/models/CrowdStrikeApiResponse.java …s/CrowdStrikeThreatIntelApiResponse.javadata-prepper-plugins/saas-source-plugins/crowdstrike-source/src/main/java/org/opensearch/dataprepper/plugins/source/crowdstrike/models/CrowdStrikeApiResponse.java renamed to data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/main/java/org/opensearch/dataprepper/plugins/source/crowdstrike/models/CrowdStrikeThreatIntelApiResponse.java data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/main/java/org/opensearch/dataprepper/plugins/source/crowdstrike/models/CrowdStrikeApiResponse.java renamed to data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/main/java/org/opensearch/dataprepper/plugins/source/crowdstrike/models/CrowdStrikeThreatIntelApiResponse.java

@@ -1,7 +1,6 @@
 package org.opensearch.dataprepper.plugins.source.crowdstrike.models;
 
-import lombok.Getter;
-import lombok.Setter;
+import lombok.Data;
 import org.springframework.util.CollectionUtils;
 import java.util.Collections;
 import java.util.List;
@@ -10,13 +9,13 @@
 /**
  * Represents the response returned from a CrowdStrike API call.
  */
-@Getter @Setter
- public class CrowdStrikeApiResponse {
+@Data
+ public class CrowdStrikeThreatIntelApiResponse {
 
     private CrowdStrikeIndicatorResult body;
     private Map<String, List<String>> headers;
 
-    public CrowdStrikeApiResponse(CrowdStrikeIndicatorResult body, Map<String, List<String>> headers) {
+    public CrowdStrikeThreatIntelApiResponse(CrowdStrikeIndicatorResult body, Map<String, List<String>> headers) {
         this.body = body;
         this.headers = headers;
     }

data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/main/java/org/opensearch/dataprepper/plugins/source/crowdstrike/models/ThreatIndicator.java

@@ -2,6 +2,7 @@
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Data;
 import lombok.Getter;
 import lombok.Setter;
 
@@ -10,8 +11,7 @@
  * This class encapsulates information about potential security threats,
  * including indicators of compromise (IoCs) and associated metadata.
  */
-@Setter
-@Getter
+@Data
 @JsonIgnoreProperties(ignoreUnknown = true)
 public class ThreatIndicator {
     /**

data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/main/java/org/opensearch/dataprepper/plugins/source/crowdstrike/rest/CrowdStrikeAuthClient.java

@@ -66,7 +66,7 @@ public void initCredentials() {
      *
      * @throws UnauthorizedException Runtime exception if the token cannot be retrieved.
      */
-    protected void getAuthToken() {
+    private void getAuthToken() {
         synchronized (tokenRenewLock) {
             if (isTokenValid()) {
                 //Someone else must have already renewed it

data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/test/java/org/opensearch/dataprepper/plugins/source/crowdstrike/CrowdStrikeServiceTest.java

@@ -4,7 +4,7 @@
 import org.junit.jupiter.api.Test;
 import org.mockito.Mockito;
 import org.opensearch.dataprepper.metrics.PluginMetrics;
-import org.opensearch.dataprepper.plugins.source.crowdstrike.models.CrowdStrikeApiResponse;
+import org.opensearch.dataprepper.plugins.source.crowdstrike.models.CrowdStrikeThreatIntelApiResponse;
 import org.opensearch.dataprepper.plugins.source.crowdstrike.models.CrowdStrikeIndicatorResult;
 import org.opensearch.dataprepper.plugins.source.crowdstrike.rest.CrowdStrikeRestClient;
 import io.micrometer.core.instrument.Timer;
@@ -21,7 +21,9 @@
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.doThrow;
 import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
@@ -65,7 +67,7 @@ void testGetThreatIndicatorsWithValidTimeRange() {
         when(restClient.invokeGetApi(any(), eq(CrowdStrikeIndicatorResult.class)))
                 .thenReturn(responseEntity);
 
-        CrowdStrikeApiResponse response = service.getThreatIndicators(startTime, endTime, Optional.empty());
+        CrowdStrikeThreatIntelApiResponse response = service.getThreatIndicators(startTime, endTime, Optional.empty());
 
         assertNotNull(response.getBody());
         assertNotNull(response.getHeaders());
@@ -85,7 +87,7 @@ void testGetThreatIndicatorsWithPaginationLink() throws Exception {
         when(restClient.invokeGetApi(eq(sanitizedUri), eq(CrowdStrikeIndicatorResult.class)))
                 .thenReturn(responseEntity);
 
-        CrowdStrikeApiResponse response = service.getThreatIndicators(startTime, endTime, Optional.of(paginationLink));
+        CrowdStrikeThreatIntelApiResponse response = service.getThreatIndicators(startTime, endTime, Optional.of(paginationLink));
         assertNotNull(response.getBody());
         verify(restClient).invokeGetApi(eq(sanitizedUri), eq(CrowdStrikeIndicatorResult.class));
     }
@@ -103,15 +105,14 @@ void testRestClientThrowsException() {
 
     @Test
     void testBuildUriFailsGracefully() {
-        CrowdStrikeService faultyService = new CrowdStrikeService(restClient, pluginMetrics) {
-            @Override
-            protected URI buildCrowdStrikeUri(Instant startTime, Instant endTime, Optional<String> paginationLink) {
-                throw new RuntimeException("URI construction failed");
-            }
-        };
+        CrowdStrikeService service = new CrowdStrikeService(restClient, pluginMetrics);
+
+        CrowdStrikeService spyService = spy(service);
+        doThrow(new RuntimeException("URI construction failed"))
+                .when(spyService).buildCrowdStrikeUri(any(), any(), any());
 
         RuntimeException ex = assertThrows(RuntimeException.class, () ->
-                faultyService.getThreatIndicators(startTime, endTime, Optional.empty()));
+                spyService.getThreatIndicators(startTime, endTime, Optional.empty()));
 
         assertEquals("URI construction failed", ex.getMessage());
     }

…e/models/CrowdStrikeApiResponseTest.java …owdStrikeThreatIntelApiResponseTest.javadata-prepper-plugins/saas-source-plugins/crowdstrike-source/src/test/java/org/opensearch/dataprepper/plugins/source/crowdstrike/models/CrowdStrikeApiResponseTest.java renamed to data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/test/java/org/opensearch/dataprepper/plugins/source/crowdstrike/models/CrowdStrikeThreatIntelApiResponseTest.java data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/test/java/org/opensearch/dataprepper/plugins/source/crowdstrike/models/CrowdStrikeApiResponseTest.java renamed to data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/test/java/org/opensearch/dataprepper/plugins/source/crowdstrike/models/CrowdStrikeThreatIntelApiResponseTest.java

@@ -11,7 +11,7 @@
 import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 
-class CrowdStrikeApiResponseTest {
+class CrowdStrikeThreatIntelApiResponseTest {
     @Mock
     CrowdStrikeIndicatorResult mockResult;
     Map<String, List<String>> headers = Map.of(
@@ -40,7 +40,7 @@ void testSetAndGetBody() {
         result.setResults(List.of(indicator1, indicator2));
 
         // Create response
-        CrowdStrikeApiResponse response = new CrowdStrikeApiResponse(result, headers);
+        CrowdStrikeThreatIntelApiResponse response = new CrowdStrikeThreatIntelApiResponse(result, headers);
         response.setBody(result);
 
         // Verify body content
@@ -52,7 +52,7 @@ void testSetAndGetBody() {
 
     @Test
     void testGetHeader_existingHeader() {
-        CrowdStrikeApiResponse response = new CrowdStrikeApiResponse(mockResult, headers);
+        CrowdStrikeThreatIntelApiResponse response = new CrowdStrikeThreatIntelApiResponse(mockResult, headers);
         response.setHeaders(headers);
 
         List<String> values = response.getHeader("X-Rate-Limit");
@@ -61,7 +61,7 @@ void testGetHeader_existingHeader() {
 
     @Test
     void testGetHeader_nonExistingHeaderReturnsEmptyList() {
-        CrowdStrikeApiResponse response = new CrowdStrikeApiResponse(mockResult, Collections.emptyMap());
+        CrowdStrikeThreatIntelApiResponse response = new CrowdStrikeThreatIntelApiResponse(mockResult, Collections.emptyMap());
         List<String> result = response.getHeader("Missing");
         assertNotNull(result);
         assertTrue(result.isEmpty());
@@ -73,7 +73,7 @@ void testGetFirstHeaderValue_existing() {
                 "Content-Type", List.of("application/json", "charset=utf-8")
         );
 
-        CrowdStrikeApiResponse response = new CrowdStrikeApiResponse(mockResult, headers);
+        CrowdStrikeThreatIntelApiResponse response = new CrowdStrikeThreatIntelApiResponse(mockResult, headers);
         response.setHeaders(headers);
 
         String first = response.getFirstHeaderValue("Content-Type");
@@ -86,7 +86,7 @@ void testGetFirstHeaderValue_emptyList() {
                 "X-Empty", List.of()
         );
 
-        CrowdStrikeApiResponse response = new CrowdStrikeApiResponse(mockResult, headers);
+        CrowdStrikeThreatIntelApiResponse response = new CrowdStrikeThreatIntelApiResponse(mockResult, headers);
         response.setHeaders(headers);
 
         assertNull(response.getFirstHeaderValue("X-Empty"));

data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/test/java/org/opensearch/dataprepper/plugins/source/crowdstrike/rest/CrowdStrikeAuthClientTest.java

@@ -13,19 +13,24 @@
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.client.HttpClientErrorException;
 import org.springframework.web.client.RestTemplate;
+import java.lang.reflect.Field;
 import java.time.Instant;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.Future;
+import static java.util.concurrent.TimeUnit.MILLISECONDS;
+import static java.util.concurrent.TimeUnit.SECONDS;
+import static org.awaitility.Awaitility.await;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.junit.jupiter.api.Assertions.assertTrue;
-import static org.junit.jupiter.api.Assertions.fail;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.anyString;
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.never;
 import static org.mockito.Mockito.spy;
 import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
@@ -97,22 +102,37 @@ void testTooManyRequestsBacksOffAndRetries() {
         assertTrue(authClient.getExpireTime().isAfter(Instant.now()));
     }
 
+
     @Test
-    void testRefreshToken_skipsIfTokenIsValidInitially() {
-        CrowdStrikeAuthClient client = spy(new CrowdStrikeAuthClient(mockSourceConfig) {
-            @Override
-            protected boolean isTokenValid() {
-                return true;
-            }
-
-            @Override
-            protected void getAuthToken() {
-                fail("getAuthToken should not be called when token is already valid.");
-            }
-        });
-
-        client.refreshToken();
-        verify(client, times(1)).isTokenValid();
-        verify(client, never()).getAuthToken();
+    void testConcurrentRefreshToken_onlyOneApiCall() throws Exception {
+        CrowdStrikeAuthClient client = spy(new CrowdStrikeAuthClient(mockSourceConfig));
+        Field restTemplateField = CrowdStrikeAuthClient.class.getDeclaredField("restTemplate");
+        restTemplateField.setAccessible(true);
+        restTemplateField.set(client, restTemplateMock);
+        when(restTemplateMock.postForEntity(anyString(), any(HttpEntity.class), eq(Map.class)))
+                .thenReturn(ResponseEntity.ok(Map.of(
+                        "access_token", "mock_access_token",
+                        "expires_in", 3600
+                )));
+
+        // Launch two parallel refreshToken() calls
+        ExecutorService executor = Executors.newFixedThreadPool(2);
+        Future<?> firstCall = executor.submit(client::refreshToken);
+        Future<?> secondCall = executor.submit(client::refreshToken);
+
+        await()
+                .atMost(10, SECONDS)
+                .pollInterval(10, MILLISECONDS)
+                .until(() -> firstCall.isDone() && secondCall.isDone());
+
+        executor.shutdown();
+
+        // Validate only 1 token request is made
+        assertNotNull(client.getBearerToken());
+        assertEquals("mock_access_token", client.getBearerToken());
+        assertNotNull(client.getExpireTime());
+        assertTrue(client.getExpireTime().isAfter(Instant.now().minusSeconds(3500)));
+
+        verify(restTemplateMock, times(1)).postForEntity(anyString(), any(HttpEntity.class), eq(Map.class));
     }
 }

data-prepper-plugins/saas-source-plugins/crowdstrike-source/src/test/java/org/opensearch/dataprepper/plugins/source/crowdstrike/rest/CrowdStrikeRestClientTest.java

@@ -42,18 +42,10 @@ void setup() throws Exception {
         restTemplate = mock(RestTemplate.class);
         uri = new URI("https://api.crowdstrike.com/intel/combined/indicators/v1");
 
-        restClient = new CrowdStrikeRestClient(pluginMetrics, authClient) {
-            {
-                // inject mock RestTemplate
-                try {
-                    var restTemplateField = CrowdStrikeRestClient.class.getDeclaredField("restTemplate");
-                    restTemplateField.setAccessible(true);
-                    restTemplateField.set(this, restTemplate);
-                } catch (Exception e) {
-                    throw new RuntimeException(e);
-                }
-            }
-        };
+        restClient = new CrowdStrikeRestClient(pluginMetrics, authClient);
+        var restTemplateField = CrowdStrikeRestClient.class.getDeclaredField("restTemplate");
+        restTemplateField.setAccessible(true);
+        restTemplateField.set(restClient, restTemplate);
     }
 
     @Test