fix: Ensure proper errors are reported when authentication fails

[fjuma]

I can't reproduce the failures mentioned in #325 so attempting to open the PR again to see if it fails on CI.

Fixes #317

[gemini-code-assist]

Summary of Changes

Hello @fjuma, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on enhancing the client's ability to accurately report authentication and authorization failures. It introduces a new, comprehensive set of tests to cover various transport protocols and communication patterns, standardizes error messages for consistency, and refines the error mapping logic in both HTTP and gRPC client and server components. The PR is currently marked as 'DO NOT MERGE' and is intended for CI testing to reproduce previously observed failures.

Highlights

• Improved Authentication/Authorization Error Reporting: The client now provides more specific and standardized error messages for HTTP 401/403 responses and gRPC UNAUTHENTICATED/PERMISSION_DENIED statuses, ensuring clearer feedback on authentication and authorization failures.
• New Comprehensive Test Suite: A new test class, AuthenticationAuthorizationTest, has been added to thoroughly validate the client's handling of authentication and authorization errors across JSON-RPC, REST, and gRPC transports for both streaming and non-streaming communication patterns.
• Standardized Error Messages: A new utility class, A2AErrorMessages, was introduced to centralize and standardize common error strings for authentication and authorization failures, promoting consistency across the codebase.
• Enhanced gRPC Server-Side Error Handling: The gRPC handler has been updated to catch SecurityExceptions and translate them into appropriate gRPC UNAUTHENTICATED or PERMISSION_DENIED statuses, improving the server's error response for security-related issues.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request effectively addresses the handling of authentication and authorization errors by ensuring they are properly reported across all supported transports (JSON-RPC, REST, gRPC) for both streaming and non-streaming scenarios. The introduction of a comprehensive test suite (AuthenticationAuthorizationTest) is a great addition to validate this critical behavior. The use of a shared A2AErrorMessages class is a good practice for consistency. The changes are well-implemented, but I have a few suggestions to improve maintainability and robustness, particularly in the test structure and the server-side gRPC handler.

[gemini-code-assist]

Similar to the unauthenticated test, this test should assert that an A2AClientException is thrown, not an IOException. The transport layer consistently wraps lower-level IO exceptions into the more specific A2AClientException.

Suggested change

	IOException exception = assertThrows(IOException.class, () -> {
	client.sendMessage(MESSAGE);
	});
	A2AClientException exception = assertThrows(A2AClientException.class, () -> {
	client.sendMessage(MESSAGE);
	});

[kabir]

@fjuma should this be addressed?

[fjuma]

@kabir I made this change yesterday so this should be good now.