feat: use subdomain encoded in SDK token (#102)

* feat: enhanced SDK token for encoding customer-specific service gateway subdomains

Author: typotter

src/main/java/cloud/eppo/ApiEndpoints.java

@@ -0,0 +1,68 @@
+package cloud.eppo;
+
+import static cloud.eppo.Constants.DEFAULT_BASE_URL;
+
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
+
+/**
+ * Utility class for constructing Eppo API base URL. Determines the effective base URL considering
+ * baseUrl, subdomain from SDK token, and defaultUrl in that order.
+ */
+public class ApiEndpoints {
+
+  private final SDKKey sdkKey;
+  private final String baseUrl;
+
+  /**
+   * Creates a new ApiEndpoints instance.
+   *
+   * @param sdkKey SDK Key instance for subdomain
+   * @param baseUrl Custom base URL (optional)
+   */
+  public ApiEndpoints(@NotNull SDKKey sdkKey, @Nullable String baseUrl) {
+    this.sdkKey = sdkKey;
+    this.baseUrl = baseUrl;
+  }
+
+  /**
+   * Gets the normalized base URL based on the following priority: 1. If baseUrl is provided and not
+   * equal to DEFAULT_BASE_URL, use it 2. If the SDK Key contains a subdomain, use it with
+   * DEFAULT_BASE_URL 3. Otherwise, fall back to DEFAULT_BASE_URL
+   *
+   * <p>The returned URL will: - Always have a protocol (defaults to https:// if none provided) -
+   * Never end with a trailing slash
+   *
+   * @return The normalized base URL
+   */
+  public String getBaseUrl() {
+    String effectiveUrl;
+
+    if (baseUrl != null && !baseUrl.equals(DEFAULT_BASE_URL)) {
+      // This is to prevent forcing the SDK to send requests to the CDN server without a subdomain
+      // even when encoded in
+      // SDK Key.
+      effectiveUrl = baseUrl;
+    } else if (sdkKey.isValid()) {
+      String subdomain = sdkKey.getSubdomain();
+      if (subdomain != null) {
+        String domainPart = DEFAULT_BASE_URL.replaceAll("^(https?:)?//", "");
+        effectiveUrl = subdomain + "." + domainPart;
+      } else {
+        effectiveUrl = DEFAULT_BASE_URL;
+      }
+    } else {
+      effectiveUrl = DEFAULT_BASE_URL;
+    }
+
+    // Remove any trailing slashes
+    effectiveUrl = effectiveUrl.replaceAll("/+$", "");
+
+    // Add protocol if missing
+    if (!effectiveUrl.matches("^(https?://|//).*")) {
+      effectiveUrl = "https://" + effectiveUrl;
+    }
+
+    return effectiveUrl;
+  }
+}

src/main/java/cloud/eppo/BaseEppoClient.java

@@ -74,21 +74,15 @@ protected BaseEppoClient(
       @Nullable IAssignmentCache assignmentCache,
       @Nullable IAssignmentCache banditAssignmentCache) {
 
-    if (apiKey == null) {
-      throw new IllegalArgumentException("Unable to initialize Eppo SDK due to missing API key");
-    }
-    if (sdkName == null || sdkVersion == null) {
-      throw new IllegalArgumentException(
-          "Unable to initialize Eppo SDK due to missing SDK name or version");
-    }
     if (apiBaseUrl == null) {
       apiBaseUrl = host != null ? Constants.appendApiPathToHost(host) : Constants.DEFAULT_BASE_URL;
     }
 
     this.assignmentCache = assignmentCache;
     this.banditAssignmentCache = banditAssignmentCache;
 
-    EppoHttpClient httpClient = buildHttpClient(apiBaseUrl, apiKey, sdkName, sdkVersion);
+    EppoHttpClient httpClient =
+        buildHttpClient(apiBaseUrl, new SDKKey(apiKey), sdkName, sdkVersion);
     this.configurationStore =
         configurationStore != null ? configurationStore : new ConfigurationStore();
 
@@ -110,10 +104,12 @@ protected BaseEppoClient(
   }
 
   private EppoHttpClient buildHttpClient(
-      String apiBaseUrl, String apiKey, String sdkName, String sdkVersion) {
+      String apiBaseUrl, SDKKey sdkKey, String sdkName, String sdkVersion) {
+    ApiEndpoints endpointHelper = new ApiEndpoints(sdkKey, apiBaseUrl);
+
     return httpClientOverride != null
         ? httpClientOverride
-        : new EppoHttpClient(apiBaseUrl, apiKey, sdkName, sdkVersion);
+        : new EppoHttpClient(endpointHelper.getBaseUrl(), sdkKey.getToken(), sdkName, sdkVersion);
   }
 
   protected void loadConfiguration() {

src/main/java/cloud/eppo/SDKKey.java

@@ -0,0 +1,86 @@
+package cloud.eppo;
+
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Wrapper for an SDK key; built from the SDK Key token string, this class extracts encoded fields,
+ * such as the customer-specific service gateway subdomain
+ */
+public class SDKKey {
+  private static final Logger log = LoggerFactory.getLogger(BaseEppoClient.class);
+
+  private final String sdkTokenString;
+  private final Map<String, String> decodedParams;
+
+  /** @param sdkToken The "SDK Key" string provided by the user. */
+  public SDKKey(String sdkToken) {
+    this.sdkTokenString = sdkToken;
+    this.decodedParams = decodeToken(sdkToken);
+  }
+
+  private Map<String, String> decodeToken(String token) {
+    try {
+      String[] parts = token.split("\\.");
+      if (parts.length < 2) {
+        return Collections.emptyMap();
+      }
+
+      String payload = parts[1];
+      if (payload == null) {
+        return Collections.emptyMap();
+      }
+
+      String decodedString = Utils.base64Decode(payload);
+      final Map<String, String> query_pairs = new HashMap<>();
+      final String[] pairs = decodedString.split("&");
+
+      for (String pair : pairs) {
+        if (pair.isEmpty()) {
+          continue;
+        }
+        final String[] pairParts = pair.split("=");
+        final String key = URLDecoder.decode(pairParts[0], StandardCharsets.UTF_8.name());
+        final String value =
+            pairParts.length > 1
+                ? URLDecoder.decode(pairParts[1], StandardCharsets.UTF_8.name())
+                : null;
+
+        query_pairs.put(key, value);
+      }
+      return query_pairs;
+
+    } catch (Exception e) {
+      log.error("[Eppo SDK] error parsing SDK Key {}", token, e);
+      return Collections.emptyMap();
+    }
+  }
+
+  /**
+   * Gets the subdomain from the decoded token.
+   *
+   * @return The subdomain or null if not present
+   */
+  public String getSubdomain() {
+    return decodedParams.get("cs");
+  }
+
+  /** Gets the full SDK Key token string. */
+  public String getToken() {
+    return sdkTokenString;
+  }
+
+  /**
+   * Checks if the SDK Key had the subdomain encoded.
+   *
+   * @return true if the token is valid and contains required parameters
+   */
+  public boolean isValid() {
+    return !decodedParams.isEmpty();
+  }
+}

src/test/java/cloud/eppo/ApiEndpointsTest.java

@@ -0,0 +1,83 @@
+package cloud.eppo;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+import org.junit.jupiter.api.Test;
+
+public class ApiEndpointsTest {
+  final SDKKey plainKey = new SDKKey("flat token");
+
+  @Test
+  public void testDefaultBaseUrl() {
+    ApiEndpoints endpoints = new ApiEndpoints(plainKey, null);
+    assertEquals("https://fscdn.eppo.cloud/api", endpoints.getBaseUrl());
+  }
+
+  @Test
+  public void testCustomBaseUrl() {
+    ApiEndpoints endpoints = new ApiEndpoints(plainKey, "custom.domain/api");
+    assertEquals("https://custom.domain/api", endpoints.getBaseUrl());
+  }
+
+  @Test
+  public void testCustomBaseUrlWithProtocol() {
+    ApiEndpoints endpoints = new ApiEndpoints(plainKey, "http://custom.domain/api");
+    assertEquals("http://custom.domain/api", endpoints.getBaseUrl());
+  }
+
+  @Test
+  public void testCustomBaseUrlWithPort() {
+    ApiEndpoints endpoints = new ApiEndpoints(plainKey, "http://custom.domain/api:1337");
+    assertEquals("http://custom.domain/api:1337", endpoints.getBaseUrl());
+  }
+
+  @Test
+  public void testCustomBaseUrlWithProtocolRelative() {
+    ApiEndpoints endpoints = new ApiEndpoints(plainKey, "//custom.domain/api");
+    assertEquals("//custom.domain/api", endpoints.getBaseUrl());
+  }
+
+  @Test
+  public void testCustomBaseUrlWithTrailingSlash() {
+    ApiEndpoints endpoints = new ApiEndpoints(plainKey, "custom.domain/api/");
+    assertEquals("https://custom.domain/api", endpoints.getBaseUrl());
+  }
+
+  @Test
+  public void testSubdomainFromToken() {
+    String payload = "cs=test-subdomain";
+    String encodedPayload = Utils.base64Encode(payload);
+    String token = "signature." + encodedPayload;
+
+    SDKKey sdkKey = new SDKKey(token);
+    ApiEndpoints endpoints = new ApiEndpoints(sdkKey, null);
+
+    assertEquals("https://test-subdomain.fscdn.eppo.cloud/api", endpoints.getBaseUrl());
+  }
+
+  @Test
+  public void testCustomBaseUrlTakesPrecedenceOverSubdomain() {
+    String payload = "cs=test-subdomain";
+    String encodedPayload = Utils.base64Encode(payload);
+    String token = "signature." + encodedPayload;
+
+    SDKKey decoder = new SDKKey(token);
+    ApiEndpoints endpoints = new ApiEndpoints(decoder, "custom.domain/api");
+
+    assertEquals("https://custom.domain/api", endpoints.getBaseUrl());
+  }
+
+  @Test
+  public void testMultipleTrailingSlashes() {
+    ApiEndpoints endpoints = new ApiEndpoints(plainKey, "custom.domain/api////");
+    assertEquals("https://custom.domain/api", endpoints.getBaseUrl());
+  }
+
+  @Test
+  public void testInvalidToken() {
+    SDKKey sdkKey = new SDKKey("invalid-token");
+    ApiEndpoints endpoints = new ApiEndpoints(sdkKey, null);
+
+    assertEquals("https://fscdn.eppo.cloud/api", endpoints.getBaseUrl());
+  }
+}

src/test/java/cloud/eppo/BaseEppoClientTest.java

@@ -649,7 +649,7 @@ public void testPolling() {
     // True until the next config is fetched.
     assertTrue(eppoClient.getBooleanAssignment("bool_flag", "subject1", false));
 
-    sleepUninterruptedly(25);
+    sleepUninterruptedly(50);
 
     assertFalse(eppoClient.getBooleanAssignment("bool_flag", "subject1", false));
 

src/test/java/cloud/eppo/SDKKeyTest.java

@@ -0,0 +1,91 @@
+package cloud.eppo;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+import org.junit.jupiter.api.Test;
+
+public class SDKKeyTest {
+
+  @Test
+  public void testValidToken() {
+    // Create a valid token with encoded subdomain
+    String payload = "cs=test-subdomain";
+    String encodedPayload = Utils.base64Encode(payload);
+    String token = "signature." + encodedPayload;
+
+    SDKKey sdkKey = new SDKKey(token);
+
+    assertTrue(sdkKey.isValid());
+    assertEquals("test-subdomain", sdkKey.getSubdomain());
+    assertEquals(token, sdkKey.getToken());
+  }
+
+  @Test
+  public void testInvalidToken() {
+    SDKKey sdkKey = new SDKKey("invalid-token");
+
+    assertFalse(sdkKey.isValid());
+    assertNull(sdkKey.getSubdomain());
+    assertEquals("invalid-token", sdkKey.getToken());
+  }
+
+  @Test
+  public void testEmptyToken() {
+    SDKKey sdkKey = new SDKKey("");
+
+    assertFalse(sdkKey.isValid());
+    assertNull(sdkKey.getSubdomain());
+    assertEquals("", sdkKey.getToken());
+  }
+
+  @Test
+  public void testTokenWithoutSubdomain() {
+    String payload = "other=value";
+    String encodedPayload = Utils.base64Encode(payload);
+    String token = "signature." + encodedPayload;
+
+    SDKKey sdkKey = new SDKKey(token);
+
+    // Key is valid with any encoded data.
+    assertTrue(sdkKey.isValid());
+    assertNull(sdkKey.getSubdomain());
+    assertEquals(token, sdkKey.getToken());
+  }
+
+  @Test
+  public void testTokenWithMultipleParams() {
+    String payload = "cs=test-subdomain&other=value";
+    String encodedPayload = Utils.base64Encode(payload);
+    String token = "signature." + encodedPayload;
+
+    SDKKey sdkKey = new SDKKey(token);
+
+    assertTrue(sdkKey.isValid());
+    assertEquals("test-subdomain", sdkKey.getSubdomain());
+    assertEquals(token, sdkKey.getToken());
+  }
+
+  @Test
+  public void testTokenWithEncodedCharacters() {
+    String payload = "cs=test%20subdomain&other=special%26value";
+    String encodedPayload = Utils.base64Encode(payload);
+    String token = "signature." + encodedPayload;
+
+    SDKKey sdkKey = new SDKKey(token);
+
+    assertTrue(sdkKey.isValid());
+    assertEquals("test subdomain", sdkKey.getSubdomain());
+    assertEquals(token, sdkKey.getToken());
+  }
+
+  @Test
+  public void testTokenWithMalformedBase64() {
+    String token = "signature.not-valid-base64";
+
+    SDKKey sdkKey = new SDKKey(token);
+
+    assertFalse(sdkKey.isValid());
+    assertNull(sdkKey.getSubdomain());
+    assertEquals(token, sdkKey.getToken());
+  }
+}