Open lucymhdavies opened 6 months ago
lucymhdavies
commented
6 months ago https://stackoverflow.com/a/29005151 actually suggests that it's the http client which is handling the renewal.
this won't be present in the plugin, so we'll need to implement the refresh logic
lucymhdavies
commented
6 months ago An example plugin which has a PeriodicFunction https://github.com/monzo/vault-plugin-database-k8s-controller/blob/1263d9be21520fd2f7ddce6ad87fbff100f7583a/backend.go#L135
(though it's unclear how often this runs)
lucymhdavies
commented
3 months ago the oauth plugin has this refresh function we can take inspiration from https://github.com/puppetlabs/vault-plugin-secrets-oauthapp/blob/main/pkg/provider/basic.go#L150-L176
with the caveat, i think, that we must include those specific files under Apache2 https://github.com/puppetlabs/vault-plugin-secrets-oauthapp/tree/main?tab=Apache-2.0-1-ov-file#readme
perhaps: https://stackoverflow.com/questions/28685033/how-to-handle-refresh-tokens-in-golang-oauth2-client-lib