apply review feedback and update java docs to clarify authentication retry behaviour

src/java.net.http/share/classes/jdk/internal/net/http/AuthenticationFilter.java

@@ -328,7 +328,7 @@ class AuthenticationFilter implements HeaderFilter {
             req = HttpRequestImpl.newInstanceForAuthentication(req);
             addBasicCredentials(req, proxy, pw, isUTF8);
             return req;
-        } else if (au.retries >= retry_limit) {
+        } else if (au.retries > retry_limit) {
             throw new IOException("too many authentication attempts. Limit: " +
                     retry_limit);
         } else {

src/java.net.http/share/classes/module-info.java

@@ -156,7 +156,8 @@
  * </li>
  * <li><p><b>{@systemProperty jdk.httpclient.auth.retrylimit}</b> (default: 3)<br>
  * The number of attempts the Basic authentication filter will attempt to retry a failed
- * authentication.
+ * authentication. The number of authentication attempts is always one greater than the
+ * retry limit, as the initial request does not count toward the retries.
  * </li>
  * <li><p><b>{@systemProperty jdk.httpclient.sendBufferSize}</b> (default: operating system
  * default)<br>The HTTP client {@linkplain java.nio.channels.SocketChannel socket}

test/jdk/java/net/httpclient/HttpClientAuthRetryLimitTest.java

@@ -129,11 +129,7 @@ class HttpClientAuthRetryLimitTest implements HttpServerAdapters {
                         request, HttpResponse.BodyHandlers.discarding()));
                 assertEquals("too many authentication attempts. Limit: " + RETRY_LIMIT, exception.getMessage());
                 int totalRequestCount = requestCount.get();
-                if (RETRY_LIMIT > 0){
-                    assertEquals(RETRY_LIMIT, totalRequestCount);
-                } else {
-                    assertEquals(0, totalRequestCount - 1);
-                }
+                assertEquals(totalRequestCount, Math.max(RETRY_LIMIT, 0) + 1);
             }
         }
     }