4.11.2
(fix): Fix a thread-safety bug in the generated OAuth and inferred-auth token
caches. OAuthTokenSupplier and InferredAuthTokenSupplier now use
double-checked locking with volatile cache fields, so the token/header
cache (a singleton shared across all request threads) is refreshed exactly
once under concurrent load (single-flight) and cached values are safely
published across threads. The cache-hit path stays lock-free.
OAuthAuthProvider’s existing double-checked locking is corrected by
marking its accessToken/expiresAt fields volatile. No public API
changes; generated code remains Java 8 compatible.