Fix built-in AI provider auth config updates

[Tharsanan1]

Purpose

Allow built-in AI service providers to update only their authentication configuration while preserving the rest of the provider configuration.

Fixes: wso2/api-manager#5009

Changes

• Merge only authenticationConfiguration from update requests for built-in providers.
• Preserve existing model lists when modelProviders/modelList is omitted in update requests.
• Send update notifications for built-in provider updates so runtime components receive the changed auth configuration.
• Add unit coverage for built-in auth-only updates and custom provider replacement behavior.

Testing

• mvn test -Dtest=LLMProviderMappingUtilTest

Replaces: #13851

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR fixes silent configuration discards when updating built-in LLM providers by introducing configuration resolution logic that distinguishes between built-in and custom provider constraints, improving error handling for JSON parsing failures, and ensuring consistent update notifications across all provider modifications.

Changes

LLM Provider Updates and Configuration Resolution

Layer / File(s)	Summary
Configuration resolution utility and tests components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/.../LLMProviderMappingUtil.java, components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/test/java/.../LLMProviderMappingUtilTest.java	New resolveProviderConfigurations method parses and merges JSON configurations, allowing built-in providers to update only authenticationConfiguration while preserving other fields, and three JUnit tests validate behavior for both provider types.
JSON parsing error handling components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/.../AiServiceProvidersApiServiceImpl.java, components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/.../LlmProvidersApiServiceImpl.java	Both service implementations now catch JsonProcessingException when deserializing model lists and return 400 BAD_REQUEST with warning context.
AI Service Provider update logic components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/.../AiServiceProvidersApiServiceImpl.java	llmModel defaults to null when optional modelProviders is omitted, and buildUpdatedLLMProvider now requires both apiDefinition and configurations to be absent before rejecting built-in provider updates; uses resolveProviderConfigurations for configuration updates and preserves existing models when modelList is null.
LLM Provider update logic components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/.../LlmProvidersApiServiceImpl.java	buildUpdatedLLMProvider expands the early-return condition for built-in providers to require both apiDefinition and configurations to be absent, delegates configuration resolution to resolveProviderConfigurations, and preserves the retrieved model list when incoming modelList is null.
Provider update notification components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/.../APIAdminImpl.java	updateLLMProvider removes the isBuiltInSupport() conditional check, ensuring all provider updates trigger LLM_PROVIDER_UPDATE notifications unconditionally.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

• pubudu538
• chamilaadhi
• AnuGayan
• Arshardh
• HeshanSudarshana
• HiranyaKavishani
• senthuran16
• hisanhunais
• PasanT9

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 60.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Fix built-in AI provider auth config updates' clearly and concisely summarizes the main change in the changeset—enabling built-in AI service providers to update their authentication configuration.
Description check	✅ Passed	The description is directly related to the changeset, outlining the purpose, key changes, and testing instructions for the built-in AI provider authentication configuration update fix.
Linked Issues check	✅ Passed	The pull request successfully addresses all core requirements from issue #5009: authentication configuration updates are now persisted for built-in providers [#5009], model lists are preserved when omitted [#5009], notifications are sent for built-in provider updates [#5009], and comprehensive unit tests validate the new behavior.
Out of Scope Changes check	✅ Passed	All code changes are directly scoped to the requirements in issue #5009: updating provider configuration handling, adding the configuration resolution utility, improving error handling with JsonProcessingException, and adding corresponding unit tests.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[wso2-engineering]

AI Agent Log Improvement Checklist

⚠️ Warning: AI-Generated Review Comments

• The log-related comments and suggestions in this review were generated by an AI tool to assist with identifying potential improvements. Purpose of reviewing the code for log improvements is to improve the troubleshooting capabilities of our products.
• Please make sure to manually review and validate all suggestions before applying any changes. Not every code suggestion would make sense or add value to our purpose. Therefore, you have the freedom to decide which of the suggestions are helpful.

✅ Before merging this pull request:

• Review all AI-generated comments for accuracy and relevance.
• Complete and verify the table below. We need your feedback to measure the accuracy of these suggestions and the value they add. If you are rejecting a certain code suggestion, please mention the reason briefly in the suggestion for us to capture it.

Comment	Accepted (Y/N)	Reason
#### Log Improvement Suggestion No: 1
#### Log Improvement Suggestion No: 2
#### Log Improvement Suggestion No: 3
#### Log Improvement Suggestion No: 4
#### Log Improvement Suggestion No: 5
#### Log Improvement Suggestion No: 6
#### Log Improvement Suggestion No: 7
#### Log Improvement Suggestion No: 8
#### Log Improvement Suggestion No: 9

[Copilot]

Pull request overview

This PR adjusts LLM/AI service provider update behavior so built-in providers can update only their authentication configuration (without overwriting other configuration fields), while also preventing accidental model-list clearing when model fields are omitted from update requests. It also ensures update notifications are sent for built-in provider updates so runtime components can pick up auth changes.

Changes:

• Added a configuration-resolution helper to merge only authenticationConfiguration for built-in providers while keeping other stored config fields unchanged.
• Preserved existing model lists when modelProviders / modelList is omitted in update requests.
• Ensured update notifications are sent for built-in provider updates, and added unit tests covering auth-only updates and custom provider replacement.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/test/java/org/wso2/carbon/apimgt/rest/api/admin/v1/utils/mappings/LLMProviderMappingUtilTest.java	Adds unit tests for built-in auth-only merge behavior and custom provider config replacement.
components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/utils/mappings/LLMProviderMappingUtil.java	Introduces resolveProviderConfigurations(...) to enforce built-in auth-only config updates.
components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/impl/LlmProvidersApiServiceImpl.java	Uses the new resolver and preserves model lists when omitted for LLM provider updates.
components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/impl/AiServiceProvidersApiServiceImpl.java	Aligns AI service provider update behavior with auth-only config merge + model list preservation.
components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIAdminImpl.java	Sends update notifications for built-in provider updates as well.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Tharsanan1]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/impl/AiServiceProvidersApiServiceImpl.java`:
- Around line 323-342: For built-in providers (isBuiltIn == true) ensure
apiDefinition and modelList are never taken from the request; always use
retrievedProvider values. In AiServiceProvidersApiServiceImpl change the logic
so provider.setApiDefinition(...) uses retrievedProvider.getApiDefinition() when
isBuiltIn is true (instead of allowing apiDefinition to override), and similarly
force provider.setModelList(...) to use retrievedProvider.getModelList() when
isBuiltIn is true; keep the existing branch for configurations
(LLMProviderMappingUtil.resolveProviderConfigurations) and description handling
so only authentication/configuration changes are applied to built-ins.

In
`@components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/impl/LlmProvidersApiServiceImpl.java`:
- Around line 306-316: The update path allows changing apiDefinition and
modelList for built-in providers; modify LlmProvidersApiServiceImpl so when
isBuiltIn is true it always retains retrievedProvider values for these fields.
Concretely: in the block that calls provider.setApiDefinition(...) and
provider.setModelList(...), guard both assignments by isBuiltIn and use
retrievedProvider.getApiDefinition() and retrievedProvider.getModelList() for
built-ins instead of honoring the incoming apiDefinition or modelList; keep the
existing description handling and
LLMProviderMappingUtil.resolveProviderConfigurations(...) logic as-is.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: ac84b8fc-56a9-465b-92ae-e10a23dc46ae

📥 Commits

Reviewing files that changed from the base of the PR and between cc4c210 and 95d8068.

📒 Files selected for processing (5)

• components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIAdminImpl.java
• components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/impl/AiServiceProvidersApiServiceImpl.java
• components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/impl/LlmProvidersApiServiceImpl.java
• components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/java/org/wso2/carbon/apimgt/rest/api/admin/v1/utils/mappings/LLMProviderMappingUtil.java
• components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/test/java/org/wso2/carbon/apimgt/rest/api/admin/v1/utils/mappings/LLMProviderMappingUtilTest.java