Describe the bug
The new Token Auth authentication method (added in #5080) is not correctly implemented.
To Reproduce
- Try to use a (Cluster)SecretStore with these settings:
auth:
tokenAuthCredentials:
accessToken:
key: accessToken
name: infisical-credentials
namespace: external-secrets
- The ClusterSecretStore is validated only once and then failed to be validated again
- Check on your infisical account, the token has been revoked.
Expected behavior
The ClusterSecretStore must be validated and stable with Token Auth authentication method.
Additional context
I think the issue is due to the Close function of infisical provider (here).
func (p *Provider) Close(ctx context.Context) error {
p.cancelSdkClient()
err := p.sdkClient.Auth().RevokeAccessToken()
metrics.ObserveAPICall(constants.ProviderName, revokeAccessToken, err)
return err
}It is a good practice to revoke the token for other auth methods but obviously not for Token Auth method.
I will provide soon a PR to solve the issue
Describe the bug
The new
Token Authauthentication method (added in #5080) is not correctly implemented.To Reproduce
Expected behavior
The ClusterSecretStore must be validated and stable with
Token Authauthentication method.Additional context
I think the issue is due to the
Closefunction of infisical provider (here).It is a good practice to revoke the token for other auth methods but obviously not for
Token Authmethod.I will provide soon a PR to solve the issue