Skip to content

Add endpoint to update push device from mobile#289

Open
VihangaMunasinghe wants to merge 4 commits into
wso2:masterfrom
VihangaMunasinghe:master
Open

Add endpoint to update push device from mobile#289
VihangaMunasinghe wants to merge 4 commits into
wso2:masterfrom
VihangaMunasinghe:master

Conversation

@VihangaMunasinghe

@VihangaMunasinghe VihangaMunasinghe commented Mar 26, 2026

Copy link
Copy Markdown
Contributor

Purpose

Add a REST API endpoint to allow mobile devices to update their registered push device properties (device name and device token). This complements the existing device registration and removal endpoints by enabling in-place updates from the device side.

Related Issue

Related PRs

Goals

  • Expose a new POST /devices/{deviceId}/update endpoint in the push device REST API.
  • Allow mobile devices to send a signed JWT containing updated device properties.
  • Integrate with the DeviceHandlerService.editDeviceMobile() method from the identity-notification-push component.

Approach

  • Defined the new /devices/{deviceId}/update path in the OpenAPI spec (push.yaml) with UpdateRequestDTO schema containing a token field (signed JWT).
  • Added UpdateRequestDTO model class in the generated code layer.
  • Added updateDeviceFromMobile() method to DevicesApiService interface and its implementation in DevicesApiServiceImpl, which extracts the token from the request body and delegates to the core service.
  • Added updateDeviceFromMobile() method in PushDeviceManagementService that calls deviceHandlerService.editDeviceMobile(deviceId, token) and handles exceptions.
  • Updated DevicesApi JAX-RS resource class with the new endpoint annotation and routing.

User stories

As a mobile app user, I want to be able to update my device's push notification token or device name via the REST API so that push notifications continue to work correctly after token rotation or device rename.

Developer Checklist (Mandatory)

  • Complete the Developer Checklist in the related product-is issue to track any behavioral change or migration impact.

Release note

Added a new REST API endpoint POST /devices/{deviceId}/update to allow mobile devices to update their registered push device properties (device token, device name) using a signed JWT.

Documentation

Will update

Training

N/A

Certification

N/A - New API endpoint addition with no impact on existing certification content.

Marketing

N/A

Automation tests

  • Unit tests
    N/A - This layer is a thin REST API delegation to the core identity-notification-push component, which has unit test coverage for the underlying editDeviceMobile logic.
  • Integration tests
    N/A

Security checks

Samples

N/A

Migrations (if applicable)

No migrations required.

Learning

Followed the existing pattern used by the removeDeviceFromMobile endpoint (/devices/{deviceId}/remove) for structuring the new update endpoint, request DTO, and service delegation.

Summary by CodeRabbit

  • New Features
    • Added POST /devices/{deviceId}/update to allow mobile clients to update device info.
    • Request body requires a JSON with a token (JWT carrying device-update data).
    • Successful requests return 204 No Content.
  • Bug Fixes / Behavior
    • Server now handles token-based device updates with proper error mapping for client and server errors.

@coderabbitai

coderabbitai Bot commented Mar 26, 2026

Copy link
Copy Markdown
📝 Walkthrough

Walkthrough

Adds a new POST /devices/{deviceId}/update endpoint, a DTO for a mobile-sent token, an API implementation that extracts the token and returns 204, and a management-service method that delegates to the device handler to perform a mobile-initiated device update.

Changes

Cohort / File(s) Summary
Management Service
components/org.wso2.carbon.identity.api.user.push/.../core/PushDeviceManagementService.java
Added public void updateDeviceFromMobile(String deviceId, String token) which calls deviceHandlerService.editDeviceMobile(deviceId, token) and maps PushDeviceHandlerException via existing error handling.
API Implementation
components/org.wso2.carbon.identity.api.user.push/.../impl/DevicesApiServiceImpl.java
Added public Response updateDeviceFromMobile(String deviceId, UpdateRequestDTO updateRequestDTO) that extracts token from DTO, invokes management service, and returns 204 No Content. Also updated file header year range to 2025-2026.
OpenAPI Spec
components/org.wso2.carbon.identity.api.user.push/.../src/main/resources/push.yaml
Added POST /devices/{deviceId}/update (operationId: updateDeviceFromMobile) with required path param deviceId, request body schema UpdateRequestDTO (required token: string), and responses for 204, 400, 401, 403, 500.

Sequence Diagram(s)

sequenceDiagram
    participant Client as Mobile Client
    participant API as DevicesApiServiceImpl
    participant Service as PushDeviceManagementService
    participant Handler as deviceHandlerService

    Client->>API: POST /devices/{deviceId}/update\nUpdateRequestDTO(token)
    activate API
    API->>API: extract token
    API->>Service: updateDeviceFromMobile(deviceId, token)
    activate Service
    Service->>Handler: editDeviceMobile(deviceId, token)
    activate Handler
    Handler-->>Service: success / PushDeviceHandlerException
    deactivate Handler
    Service-->>API: return / mapped error
    deactivate Service
    API-->>Client: 204 No Content / error response
    deactivate API
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 A tiny token thumped at my door,
I hopped it along to the handler's floor.
From phone to service, a swift little run,
Devices updated — hop, hop — job done! 🥕

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 40.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately and concisely describes the main change: adding a new endpoint for mobile devices to update push device properties.
Description check ✅ Passed The pull request description covers all critical sections including purpose, goals, approach, user stories, security checks, and release notes.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

  • Generate code and open pull requests
  • Plan features and break down work
  • Investigate incidents and troubleshoot customer tickets together
  • Automate recurring tasks and respond to alerts with triggers
  • Summarize progress and report instantly

Built for teams:

  • Shared memory across your entire org—no repeating context
  • Per-thread sandboxes to safely plan and execute work
  • Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Comment on lines +158 to +161
public void updateDeviceFromMobile(String deviceId, String token) {

try {
deviceHandlerService.editDeviceMobile(deviceId, token);

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Log Improvement Suggestion No: 1

Suggested change
public void updateDeviceFromMobile(String deviceId, String token) {
try {
deviceHandlerService.editDeviceMobile(deviceId, token);
public void updateDeviceFromMobile(String deviceId, String token) {
if (log.isDebugEnabled()) {
log.debug("Updating device from mobile for deviceId: " + deviceId);
}
try {
deviceHandlerService.editDeviceMobile(deviceId, token);

Comment on lines +161 to +162
deviceHandlerService.editDeviceMobile(deviceId, token);
} catch (PushDeviceHandlerException e) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Log Improvement Suggestion No: 2

Suggested change
deviceHandlerService.editDeviceMobile(deviceId, token);
} catch (PushDeviceHandlerException e) {
deviceHandlerService.editDeviceMobile(deviceId, token);
log.info("Successfully updated device from mobile for deviceId: " + deviceId);
} catch (PushDeviceHandlerException e) {
log.error("Failed to update device from mobile for deviceId: " + deviceId + ". Error: " + e.getMessage());

Comment on lines +77 to +79
@Override
public Response updateDeviceFromMobile(String deviceId, UpdateRequestDTO updateRequestDTO) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Log Improvement Suggestion No: 3

Suggested change
@Override
public Response updateDeviceFromMobile(String deviceId, UpdateRequestDTO updateRequestDTO) {
public Response updateDeviceFromMobile(String deviceId, UpdateRequestDTO updateRequestDTO) {
log.info("Updating device from mobile. Device ID: " + deviceId);
String token = updateRequestDTO.getToken();

Comment on lines +80 to +81
String token = updateRequestDTO.getToken();
pushDeviceManagementService.updateDeviceFromMobile(deviceId, token);

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Log Improvement Suggestion No: 4

Suggested change
String token = updateRequestDTO.getToken();
pushDeviceManagementService.updateDeviceFromMobile(deviceId, token);
pushDeviceManagementService.updateDeviceFromMobile(deviceId, token);
log.debug("Successfully updated device. Device ID: " + deviceId);
return Response.status(Response.Status.OK).build();

@wso2-engineering wso2-engineering Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AI Agent Log Improvement Checklist

⚠️ Warning: AI-Generated Review Comments

  • The log-related comments and suggestions in this review were generated by an AI tool to assist with identifying potential improvements. Purpose of reviewing the code for log improvements is to improve the troubleshooting capabilities of our products.
  • Please make sure to manually review and validate all suggestions before applying any changes. Not every code suggestion would make sense or add value to our purpose. Therefore, you have the freedom to decide which of the suggestions are helpful.

✅ Before merging this pull request:

  • Review all AI-generated comments for accuracy and relevance.
  • Complete and verify the table below. We need your feedback to measure the accuracy of these suggestions and the value they add. If you are rejecting a certain code suggestion, please mention the reason briefly in the suggestion for us to capture it.
Comment Accepted (Y/N) Reason
#### Log Improvement Suggestion No: 1
#### Log Improvement Suggestion No: 2
#### Log Improvement Suggestion No: 3
#### Log Improvement Suggestion No: 4

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/main/java/org/wso2/carbon/identity/rest/api/user/push/v1/impl/DevicesApiServiceImpl.java (1)

82-82: Minor: Consider using the shorter Response.ok().build() form.

For consistency with other methods in this class (e.g., line 60 uses Response.ok().entity(...)), this could be simplified:

♻️ Suggested simplification
-        return Response.status(Response.Status.OK).build();
+        return Response.ok().build();
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In
`@components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/main/java/org/wso2/carbon/identity/rest/api/user/push/v1/impl/DevicesApiServiceImpl.java`
at line 82, The return statement in DevicesApiServiceImpl that currently uses
Response.status(Response.Status.OK).build() should be simplified to use
Response.ok().build() for consistency with other methods (e.g., the
Response.ok().entity(...) usage); locate the method in DevicesApiServiceImpl
containing that return and replace the long form with Response.ok().build().
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In
`@components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/main/java/org/wso2/carbon/identity/rest/api/user/push/v1/impl/DevicesApiServiceImpl.java`:
- Line 82: The return statement in DevicesApiServiceImpl that currently uses
Response.status(Response.Status.OK).build() should be simplified to use
Response.ok().build() for consistency with other methods (e.g., the
Response.ok().entity(...) usage); locate the method in DevicesApiServiceImpl
containing that return and replace the long form with Response.ok().build().

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 1e3a6185-ea2f-4b60-acfd-9ec6066e4986

📥 Commits

Reviewing files that changed from the base of the PR and between 2881365 and 1748e31.

⛔ Files ignored due to path filters (3)
  • components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/gen/java/org/wso2/carbon/identity/rest/api/user/push/v1/DevicesApi.java is excluded by !**/gen/**
  • components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/gen/java/org/wso2/carbon/identity/rest/api/user/push/v1/DevicesApiService.java is excluded by !**/gen/**
  • components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/gen/java/org/wso2/carbon/identity/rest/api/user/push/v1/model/UpdateRequestDTO.java is excluded by !**/gen/**
📒 Files selected for processing (3)
  • components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/main/java/org/wso2/carbon/identity/rest/api/user/push/v1/core/PushDeviceManagementService.java
  • components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/main/java/org/wso2/carbon/identity/rest/api/user/push/v1/impl/DevicesApiServiceImpl.java
  • components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/main/resources/push.yaml

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/main/resources/push.yaml (1)

150-182: Consider using 204 No Content for consistency with similar endpoints.

The new /update endpoint returns 200 on success without a response body, while the analogous /remove endpoint (line 206) returns 204 No Content. Since this endpoint also doesn't return any content on success, using 204 would be more semantically accurate and consistent.

Suggested change
       responses:
-        '200':
-          description: The device was updated successfully.
+        '204':
+          description: The device was updated successfully.
         '400':

Otherwise, the endpoint structure follows the established pattern of the existing /remove endpoint correctly—using the device tag, requiring deviceId path parameter, accepting a JWT token in the request body, and mapping to standard error responses.

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In
`@components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/main/resources/push.yaml`
around lines 150 - 182, Change the successful response code for the
/devices/{deviceId}/update operation (operationId: updateDeviceFromMobile) from
'200' to '204 No Content' since the endpoint returns no response body; update
the responses block under that path to use '204' and align it with the existing
/devices/{deviceId}/remove behavior, leaving requestBody (UpdateRequestDTO) and
error response references unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In
`@components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/main/resources/push.yaml`:
- Around line 150-182: Change the successful response code for the
/devices/{deviceId}/update operation (operationId: updateDeviceFromMobile) from
'200' to '204 No Content' since the endpoint returns no response body; update
the responses block under that path to use '204' and align it with the existing
/devices/{deviceId}/remove behavior, leaving requestBody (UpdateRequestDTO) and
error response references unchanged.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f1898322-4343-4d3d-bafe-38c1f4f8d8e7

📥 Commits

Reviewing files that changed from the base of the PR and between 1748e31 and d583ec1.

⛔ Files ignored due to path filters (2)
  • components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/gen/java/org/wso2/carbon/identity/rest/api/user/push/v1/DevicesApi.java is excluded by !**/gen/**
  • components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/gen/java/org/wso2/carbon/identity/rest/api/user/push/v1/model/UpdateRequestDTO.java is excluded by !**/gen/**
📒 Files selected for processing (1)
  • components/org.wso2.carbon.identity.api.user.push/org.wso2.carbon.identity.rest.api.user.push.v1/src/main/resources/push.yaml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant