Merge branch 'feat/mcd-initials' into feat/mcd-feature

tanya732 · tanya732 · commit 0ce821971da3 · 2026-03-19T17:09:15.000+05:30
diff --git a/auth0-api-java/src/main/java/com/auth0/DisabledDPoPAuthentication.java b/auth0-api-java/src/main/java/com/auth0/DisabledDPoPAuthentication.java
@@ -22,7 +22,6 @@ public DisabledDPoPAuthentication(JWTValidator jwtValidator, TokenExtractor extr
     public AuthenticationContext authenticate(HttpRequestInfo requestInfo)
             throws BaseAuthException {
 
-//        Map<String, String> normalizedHeader = normalize(requestInfo.getHeaders());
         try {
             DecodedJWT jwt = validateBearerToken(requestInfo);
 
diff --git a/auth0-api-java/src/main/java/com/auth0/InMemoryAuthCache.java b/auth0-api-java/src/main/java/com/auth0/InMemoryAuthCache.java
@@ -25,6 +25,12 @@
  * Uses a {@link ReentrantReadWriteLock} so concurrent reads do not block each
  * other,
  * while writes acquire exclusive access.
+ * Protected by a {@link ReentrantReadWriteLock}. Because the underlying
+ * {@link LinkedHashMap} is configured in access-order for LRU eviction,
+ * {@link #get(String)} mutates the map and therefore acquires the write lock.
+ * As a result, cache operations ({@code get}, {@code put}, {@code remove},
+ * {@code clear}) are serialized; only {@link #size()} uses the read lock for
+ * concurrent inspection.
  * </p>
  *
  * @param <V> the type of cached values
diff --git a/auth0-api-java/src/main/java/com/auth0/RequiredDPoPAuthentication.java b/auth0-api-java/src/main/java/com/auth0/RequiredDPoPAuthentication.java
@@ -15,7 +15,7 @@ public RequiredDPoPAuthentication(JWTValidator jwtValidator,
     }
 
     /**
-     * Authenticates the request when DPoP Mode is Allowed (Accepts only DPoP tokens) .
+     * Authenticates the request when DPoP Mode is Required (Accepts only DPoP tokens) .
      * @param requestInfo HTTP request info
      * @return AuthenticationContext with JWT claims
      * @throws BaseAuthException if validation fails
@@ -24,8 +24,6 @@ public RequiredDPoPAuthentication(JWTValidator jwtValidator,
     public AuthenticationContext authenticate(HttpRequestInfo requestInfo)
             throws BaseAuthException {
 
-//        Map<String, String> normalizedHeader = normalize(requestInfo.getHeaders());
-
         try {
             DecodedJWT decodedJWT = validateDpopTokenAndProof(requestInfo);
             return buildContext(decodedJWT);
diff --git a/auth0-api-java/src/main/java/com/auth0/models/HttpRequestInfo.java b/auth0-api-java/src/main/java/com/auth0/models/HttpRequestInfo.java
@@ -15,7 +15,7 @@ public class HttpRequestInfo {
     public HttpRequestInfo(String httpMethod, String httpUrl, Map<String, String> headers) throws InvalidRequestException {
         Asserts.notNull(headers, "Headers map cannot be null");
 
-        this.httpMethod = httpMethod.toUpperCase();
+        this.httpMethod = httpMethod != null ? httpMethod.toUpperCase() : null;
         this.httpUrl = httpUrl;
         this.headers = normalize(headers);
     }

Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@ public class HttpRequestInfo {`
`15`	`15`	`public HttpRequestInfo(String httpMethod, String httpUrl, Map<String, String> headers) throws InvalidRequestException {`
`16`	`16`	`Asserts.notNull(headers, "Headers map cannot be null");`
`17`	`17`
`18`		`- this.httpMethod = httpMethod.toUpperCase();`
	`18`	`+ this.httpMethod = httpMethod != null ? httpMethod.toUpperCase() : null;`
`19`	`19`	`this.httpUrl = httpUrl;`
`20`	`20`	`this.headers = normalize(headers);`
`21`	`21`	`}`