feat(sdk): add EntityIdentifier convenience constructors (#346)

marythought · claude · web-flow · commit eeb880598c01 · 2026-04-09T08:22:32.000-07:00
## Summary - Add `EntityIdentifiers` utility class with static helpers mirroring the Go SDK's `ForEmail`, `ForClientID`, `ForUserName`, and `ForToken` constructors - Reduces EntityIdentifier construction from ~10 lines of nested builders to a single call **Before:** ```java GetDecisionRequest request = GetDecisionRequest.newBuilder() .setEntityIdentifier( EntityIdentifier.newBuilder() .setEntityChain( EntityChain.newBuilder() .addEntities( Entity.newBuilder() .setEmailAddress("jen@example.com") .setCategory(Entity.Category.CATEGORY_SUBJECT)))) .setAction(Action.newBuilder().setName("read")) .setResource( Resource.newBuilder() .setAttributeValues( Resource.AttributeValues.newBuilder() .addFqns("https://example.com/attr/department/value/finance"))) .build(); ``` **After:** ```java GetDecisionRequest request = GetDecisionRequest.newBuilder() .setEntityIdentifier(EntityIdentifiers.forEmail("jen@example.com")) .setAction(Action.newBuilder().setName("read")) .setResource( Resource.newBuilder() .setAttributeValues( Resource.AttributeValues.newBuilder() .addFqns("https://example.com/attr/department/value/finance"))) .build(); ``` ## Test plan - [x] `EntityIdentifiersTest` — 8 tests covering all 4 helpers with valid and empty string inputs 🤖 Generated with [Claude Code](https://claude.com/claude-code)  ## Summary by CodeRabbit * **New Features** * Added convenient factory methods to create entity identifiers from email addresses, client IDs, usernames, or JWT tokens, returning ready-to-use identifier objects. * **Tests** * Added comprehensive parameterized tests for these factory methods, covering empty-string inputs and null-argument error handling, and verifying the produced identifier structures and token contents.  --------- Signed-off-by: Mary Dickson <mary.dickson@virtru.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/EntityIdentifiers.java b/sdk/src/main/java/io/opentdf/platform/sdk/EntityIdentifiers.java
@@ -0,0 +1,85 @@
+package io.opentdf.platform.sdk;
+
+import io.opentdf.platform.authorization.v2.EntityIdentifier;
+import io.opentdf.platform.entity.Entity;
+import io.opentdf.platform.entity.EntityChain;
+import io.opentdf.platform.entity.Token;
+
+import java.util.Objects;
+
+/**
+ * Convenience constructors for {@link EntityIdentifier}, mirroring the Go SDK helpers
+ * in {@code authorization/v2.ForEmail}, {@code ForClientID}, etc.
+ *
+ * <p>Each method builds the full {@code EntityIdentifier} proto so callers avoid
+ * deeply nested builder chains.
+ *
+ * <pre>{@code
+ * // Before
+ * EntityIdentifier.newBuilder()
+ *     .setEntityChain(EntityChain.newBuilder()
+ *         .addEntities(Entity.newBuilder()
+ *             .setEmailAddress("jen@example.com")
+ *             .setCategory(Entity.Category.CATEGORY_SUBJECT)))
+ *     .build();
+ *
+ * // After
+ * EntityIdentifiers.forEmail("jen@example.com");
+ * }</pre>
+ */
+public final class EntityIdentifiers {
+
+    private EntityIdentifiers() {}
+
+    /**
+     * Returns an EntityIdentifier for a subject identified by email address.
+     */
+    public static EntityIdentifier forEmail(String email) {
+        Objects.requireNonNull(email, "email must not be null");
+        return fromEntity(Entity.newBuilder()
+                .setEmailAddress(email)
+                .setCategory(Entity.Category.CATEGORY_SUBJECT)
+                .build());
+    }
+
+    /**
+     * Returns an EntityIdentifier for a subject identified by client ID.
+     */
+    public static EntityIdentifier forClientId(String clientId) {
+        Objects.requireNonNull(clientId, "clientId must not be null");
+        return fromEntity(Entity.newBuilder()
+                .setClientId(clientId)
+                .setCategory(Entity.Category.CATEGORY_SUBJECT)
+                .build());
+    }
+
+    /**
+     * Returns an EntityIdentifier for a subject identified by username.
+     */
+    public static EntityIdentifier forUserName(String userName) {
+        Objects.requireNonNull(userName, "userName must not be null");
+        return fromEntity(Entity.newBuilder()
+                .setUserName(userName)
+                .setCategory(Entity.Category.CATEGORY_SUBJECT)
+                .build());
+    }
+
+    /**
+     * Returns an EntityIdentifier that resolves the entity from the given JWT.
+     * The authorization service parses the token to derive the entity chain.
+     */
+    public static EntityIdentifier forToken(String jwt) {
+        Objects.requireNonNull(jwt, "jwt must not be null");
+        return EntityIdentifier.newBuilder()
+                .setToken(Token.newBuilder().setJwt(jwt).build())
+                .build();
+    }
+
+    private static EntityIdentifier fromEntity(Entity entity) {
+        return EntityIdentifier.newBuilder()
+                .setEntityChain(EntityChain.newBuilder()
+                        .addEntities(entity)
+                        .build())
+                .build();
+    }
+}
diff --git a/sdk/src/test/java/io/opentdf/platform/sdk/EntityIdentifiersTest.java b/sdk/src/test/java/io/opentdf/platform/sdk/EntityIdentifiersTest.java
@@ -0,0 +1,78 @@
+package io.opentdf.platform.sdk;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+import io.opentdf.platform.authorization.v2.EntityIdentifier;
+import io.opentdf.platform.entity.Entity;
+import io.opentdf.platform.entity.EntityChain;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
+
+class EntityIdentifiersTest {
+
+    @ParameterizedTest
+    @ValueSource(strings = {"user@example.com", ""})
+    void forEmail(String email) {
+        EntityIdentifier eid = EntityIdentifiers.forEmail(email);
+
+        EntityChain chain = extractEntityChain(eid);
+        assertEquals(1, chain.getEntitiesCount());
+
+        Entity e = chain.getEntities(0);
+        assertEquals(Entity.EntityTypeCase.EMAIL_ADDRESS, e.getEntityTypeCase());
+        assertEquals(email, e.getEmailAddress());
+        assertEquals(Entity.Category.CATEGORY_SUBJECT, e.getCategory());
+    }
+
+    @ParameterizedTest
+    @ValueSource(strings = {"my-client", ""})
+    void forClientId(String clientId) {
+        EntityIdentifier eid = EntityIdentifiers.forClientId(clientId);
+
+        EntityChain chain = extractEntityChain(eid);
+        assertEquals(1, chain.getEntitiesCount());
+
+        Entity e = chain.getEntities(0);
+        assertEquals(Entity.EntityTypeCase.CLIENT_ID, e.getEntityTypeCase());
+        assertEquals(clientId, e.getClientId());
+        assertEquals(Entity.Category.CATEGORY_SUBJECT, e.getCategory());
+    }
+
+    @ParameterizedTest
+    @ValueSource(strings = {"alice", ""})
+    void forUserName(String userName) {
+        EntityIdentifier eid = EntityIdentifiers.forUserName(userName);
+
+        EntityChain chain = extractEntityChain(eid);
+        assertEquals(1, chain.getEntitiesCount());
+
+        Entity e = chain.getEntities(0);
+        assertEquals(Entity.EntityTypeCase.USER_NAME, e.getEntityTypeCase());
+        assertEquals(userName, e.getUserName());
+        assertEquals(Entity.Category.CATEGORY_SUBJECT, e.getCategory());
+    }
+
+    @ParameterizedTest
+    @ValueSource(strings = {"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.test", ""})
+    void forToken(String jwt) {
+        EntityIdentifier eid = EntityIdentifiers.forToken(jwt);
+
+        assertEquals(EntityIdentifier.IdentifierCase.TOKEN, eid.getIdentifierCase());
+        assertEquals(jwt, eid.getToken().getJwt());
+    }
+
+    @Test
+    void nullInputsThrow() {
+        assertThrows(NullPointerException.class, () -> EntityIdentifiers.forEmail(null));
+        assertThrows(NullPointerException.class, () -> EntityIdentifiers.forClientId(null));
+        assertThrows(NullPointerException.class, () -> EntityIdentifiers.forUserName(null));
+        assertThrows(NullPointerException.class, () -> EntityIdentifiers.forToken(null));
+    }
+
+    private static EntityChain extractEntityChain(EntityIdentifier eid) {
+        assertEquals(EntityIdentifier.IdentifierCase.ENTITY_CHAIN, eid.getIdentifierCase(),
+                "expected ENTITY_CHAIN identifier");
+        return eid.getEntityChain();
+    }
+}
