CachedActorTokenSource.SetTTL() exists but is never called. When handleNoToken falls back to client-credentials grant, the response has ExpiresIn which should be fed to the cache via SetTTL() so the cache uses the actual token lifetime instead of the hardcoded 5-minute default.
Current code in auth/auth.go:
resp, err := a.exchanger.ClientCredentials(ctx, audience, scopes)
// resp.ExpiresIn is available but not passed to actor cache
Low priority — actor tokens are opt-in and the 5-minute default is conservative enough.
Ref: #279
CachedActorTokenSource.SetTTL()exists but is never called. WhenhandleNoTokenfalls back to client-credentials grant, the response hasExpiresInwhich should be fed to the cache viaSetTTL()so the cache uses the actual token lifetime instead of the hardcoded 5-minute default.Current code in
auth/auth.go:Low priority — actor tokens are opt-in and the 5-minute default is conservative enough.
Ref: #279