Fix login 504 timeout for non-admin users

[Chr0nicl3]

When a user with valid LDAP credentials but not in the helix-admin group logs in, the server never sends a response because no code path calls res.json() after the group membership loop completes without finding a match. This causes the request to hang until gateway timeout.

Add a result.on('end') handler that sends res.json(false) if no response was sent during the searchEntry processing, ensuring non-admin users get a proper false response instead of a 504.

Made-with: Cursor

Issues

• My PR addresses the following Helix issues and references them in the PR description:

(apache#200 - Link your issue number here: You can write "Fixes #XXX". Please use the proper keyword so that the issue gets closed automatically. See https://docs.github.com/en/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue
Any of the following keywords can be used: close, closes, closed, fix, fixes, fixed, resolve, resolves, resolved)

Description

• Here are some details about my PR, including screenshots of any UI changes:

(Write a concise description including what, why, how)

Tests

• The following tests are written for this issue:

(List the names of added unit/integration tests)

• The following is the result of the "mvn test" command on the appropriate module:

(If CI test fails due to known issue, please specify the issue and test PR locally. Then copy & paste the result of "mvn test" to here.)

Changes that Break Backward Compatibility (Optional)

• My PR contains changes that break backward compatibility or previous assumptions for certain methods or API. They include:

(Consider including all behavior changes for public methods or API. Also include these changes in merge description so that other developers are aware of these changes. This allows them to make relevant code changes in feature branches accounting for the new method/API behavior.)

Documentation (Optional)

• In case of new functionality, my PR adds documentation in the following wiki page:

(Link the GitHub wiki you added)

Commits

• My commits all reference appropriate Apache Helix GitHub issues in their subject lines. In addition, my commits follow the guidelines from "How to write a good git commit message":
  1. Subject is separated from body by a blank line
  2. Subject is limited to 50 characters (not including Jira issue reference)
  3. Subject does not end with a period
  4. Subject uses the imperative mood ("add", not "adding")
  5. Body wraps at 72 characters
  6. Body explains "what" and "why", not "how"

Code Quality

• My diff has been formatted using helix-style.xml
  (helix-style-intellij.xml if IntelliJ IDE is used)

[proud-parselmouth]

LGTM. Thanks for add tokenRequestPending flag which makes this code thread safe.
Small improvement -> you can also add a timeout in calling request.post, so if IDENTITY_TOKEN_SOURCE doesn't return, callback will get called with an error.