feat: add support for handling Retry-After header

[SoulPancake]

Description

For #208

What problem is being solved?

How is it being solved?

What changes are made to solve it?

References

Review Checklist

• I have clicked on "allow edits by maintainers".
• I have added documentation for new/changed functionality in this PR or in a PR to openfga.dev [Provide a link to any relevant PRs in the references section above]
• The correct base branch is being used, if not main
• I have added tests to validate that the change in functionality is working as expected

Summary by CodeRabbit

• New Features

  • Added support for Retry-After headers to control retry timing on rate-limited or server errors.
  • Improved retry logic with exponential backoff for network failures and retryable errors, with sensible maximum delays.

• Documentation

  • Updated changelog to note Retry-After handling.

• Tests

  • Expanded test coverage for Retry-After scenarios and exponential backoff on 5xx errors.
  • Enhanced test utilities to allow specifying response headers in mocks.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 20.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title precisely describes the primary feature addition—support for handling the Retry-After header—using concise and clear wording that matches the main change in the pull request.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov-commenter]

Codecov Report

❌ Patch coverage is 64.10256% with 14 lines in your changes missing coverage. Please review.
✅ Project coverage is 87.79%. Comparing base (3fe33ac) to head (12c039e).

Files with missing lines	Patch %	Lines
common.ts	64.10%	12 Missing and 2 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #267      +/-   ##
==========================================
- Coverage   88.43%   87.79%   -0.64%     
==========================================
  Files          23       23              
  Lines        1219     1254      +35     
  Branches      198      230      +32     
==========================================
+ Hits         1078     1101      +23     
- Misses         85       96      +11     
- Partials       56       57       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[SoulPancake]

This is generated using the existing sdk-generator PR openfga/sdk-generator#504

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (5)

common.ts (5)

145-147: Allow Retry-After: 0 and handle small negative skew

RFC allows Retry-After of 0 (immediate retry). Also clamp small negative delays due to clock skew to 0.

Apply this diff:

-function isValidRetryDelay(delayMs: number): boolean {
-  return delayMs > 0 && delayMs <= 1800 * 1000;
-}
+function isValidRetryDelay(delayMs: number): boolean {
+  return delayMs >= 0 && delayMs <= 1800 * 1000;
+}

-    const dateValue = new Date(retryAfterValue);
-    const now = new Date();
-    const delayMs = dateValue.getTime() - now.getTime();
+    const dateValue = new Date(retryAfterValue);
+    const now = new Date();
+    const delayMs = Math.max(0, dateValue.getTime() - now.getTime());
 
-    if (isValidRetryDelay(delayMs)) {
+    if (isValidRetryDelay(delayMs)) {
       return delayMs;
     }

Also applies to: 172-179

---

139-144: Avoid 0ms backoff when minWaitInMs is unset (burst risk)

With minWaitInMs=0, randomTime returns 0ms. Use a small floor to prevent tight loops.

Apply this diff:

-function randomTime(loopCount: number, minWaitInMs: number): number {
-  const min = Math.ceil(2 ** loopCount * minWaitInMs);
-  const max = Math.ceil(2 ** (loopCount + 1) * minWaitInMs);
+function randomTime(loopCount: number, minWaitInMs: number): number {
+  const base = Math.max(minWaitInMs, 50); // 50ms floor
+  const min = Math.ceil(2 ** loopCount * base);
+  const max = Math.ceil(2 ** (loopCount + 1) * base);
   const calculatedTime = Math.floor(Math.random() * (max - min) + min);
   return Math.min(calculatedTime, 120 * 1000);
 }

---

276-279: Default retry params can yield 0ms backoff

If configuration.retryParams is undefined and options omit retryParams, minWaitInMs becomes 0. Ensure sane defaults when maxRetry > 0.

Apply this diff:

-  const retryParams = axiosArgs.options?.retryParams ? axiosArgs.options?.retryParams : configuration.retryParams;
-  const maxRetry:number = retryParams ? retryParams.maxRetry : 0;
-  const minWaitInMs:number = retryParams ? retryParams.minWaitInMs : 0;
+  const retryParams = axiosArgs.options?.retryParams ?? configuration.retryParams;
+  const maxRetry: number = retryParams?.maxRetry ?? 0;
+  const minWaitInMs: number = maxRetry > 0 ? Math.max(50, retryParams?.minWaitInMs ?? 200) : 0;

---

230-266: Optional: include 408 (Request Timeout) in retryable statuses

408 is commonly safe to retry with backoff.

Apply this diff:

-      } else if (status === 429 || (status >= 500 && status !== 501)) {
+      } else if (status === 408 || status === 429 || (status >= 500 && status !== 501)) {

---

200-201: Optional: narrow return type (never returns undefined after fixes)

Control flow always returns a WrappedAxiosResponse or throws. Simplify the signature.

Apply this diff:

-): Promise<WrappedAxiosResponse<R> | undefined> {
+): Promise<WrappedAxiosResponse<R>> {

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a61ccf6 and 7f24c99.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (4)

• CHANGELOG.md (1 hunks)
• common.ts (7 hunks)
• tests/helpers/nocks.ts (1 hunks)
• tests/index.test.ts (9 hunks)

🧰 Additional context used

🧬 Code graph analysis (2)

tests/index.test.ts (3)

tests/helpers/default-config.ts (2)

• OPENFGA_API_TOKEN_ISSUER (20-20)
• baseConfig (54-67)

configuration.ts (1)

• GetDefaultRetryParams (48-53)

api.ts (1)

• OpenFgaApi (1284-1508)

common.ts (2)

base.ts (1)

• RequestArgs (29-32)

errors.ts (5)

• FgaError (27-40)
• FgaApiValidationError (120-134)
• FgaApiNotFoundError (142-155)
• FgaApiRateLimitExceededError (165-179)
• FgaApiInternalError (187-203)

🔇 Additional comments (1)

common.ts (1)

250-263: Good: honors Retry-After header with sensible fallback

Parsing Retry-After and falling back to capped exponential backoff is correct and improves resilience.

Consider adding tests for:

• Retry-After: "0", very large value (clamped), HTTP-date in past (treated as 0), invalid string (fallback to backoff).
• Network error retry path.