Without this I get a binding error when running

These aren't really necessary but I was running into a test failure because this field didn't exist until I switch the sorting field. Figured I'd leave the fix in though.

Previously if the cluster wasn't authorized for chat completion we'd return a vague error about not being able to stream. With this change we'll allow the request to get sent to EIS and if it isn't authorized, EIS will return a failure.

Could this be a javadoc comment instead, so that the method you're referencing stays correct even if it's modified?

The init() method below also calls mockEISServer.enqueueAuthorizeAllModelsResponse(). Is it equivalent to change the annotation on that method to @Before?

Yeah the original issue for using @BeforeClass is because I ran into some weird issues locally. The original PR that added the @BeforeClass is here: #128640

For some background, when the node for the test starts up it will reach out to EIS and get the auth response. If that fails (there isn't a response queued in the mock server), then the tests will fail. What I was observing is that the base classes static logic would only be executed once regardless of how many subclasses used the base. This resulted in the first test class succeeding but the second test class that leveraged the base would fail. To get around this I added the @BeforeClass and it seemed to fix the issue. The reason we need this in @BeforeClass is because we need a response queued before Elasticsearch is started. Elasticsearch is started only once at the beginning before all the tests run.

getServiceConfigurationsForServices() is a synchronous method and could be written with a return type instead of a listener. I think that would make this code easier to read as you wouldn't need to define the merge listener

}).<List<InferenceServiceConfiguration>>andThen((configurationListener, authorizationModel) -> {

                    var serviceConfigs = getServiceConfigurationsForServices(availableServices);

                    if (authorizationModel.isAuthorized() == false) {
                        delegate.onResponse(serviceConfigs);
                        return;
                    }


                    if (requestedTaskType != null && authorizationModel.getAuthorizedTaskTypes().contains(requestedTaskType) == false) {
                        delegate.onResponse(serviceConfigs);
                        return;
                    }

                    var config = ElasticInferenceService.createConfiguration(authorizationModel.getAuthorizedTaskTypes());
                    serviceConfigs.add(config);
                    serviceConfigs.sort(Comparator.comparing(InferenceServiceConfiguration::getService));
                    delegate.onResponse(serviceConfigs);
                }

🤦‍♂️ thank you, for some reason I thought it needed use a listener.

I was slightly confused about "hideFromConfigurationApi() is not supported" in this comment

Should this the intersection of enabledTaskTypes and the full set?

EnumSet.of(TaskType.SPARSE_EMBEDDING, TaskType.CHAT_COMPLETION, TaskType.RERANK, TaskType.TEXT_EMBEDDING).retainAll(enabledTaskTypes);
``

The list of task types here tells the UI for which task types this field should be configurable. That should stay the same regardless of whether the user is authorized for a specific task type. There's a top level field for task types that indicate which ones are authorized and that's set here:

        return new InferenceServiceConfiguration.Builder().setService(NAME)
            .setName(SERVICE_NAME)
            .setTaskTypes(enabledTaskTypes) <--------
            .setConfigurations(configurationMap)
            .build();