Skip to content

Add an async bearer-auth step with background token refresh #32

Description

@OmarAlJarrah

Problem

There's no async auth step, and token refresh blocks the caller even when the current token is still valid.

Proposed change

Add an async bearer-auth step. Implement background refresh: if the token is valid but near expiry, return it immediately and refresh off-thread. Add a default fetchAsync on the token provider. Keep per-cloud token providers (GCP/Azure/K8s) and OAuth token-exchange specifics out of sdk-core — those belong in adapter modules.

Prior art: openai-java's workload-identity auth does background refresh (WorkloadIdentityAuth.kt).

Acceptance

  • Async auth step
  • Valid-but-expiring token returned without blocking
  • Tests

Dependencies


Priority: medium · Effort: medium

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestsdk-coresdk-core toolkit

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions