Indexer should retrieve a new node token after the token is renewed

[taojing2002]

Now the indexer only retrieves the node token during the service initialization. However, the token will be invalid every three months. This means we need to restart the service every three months in order to get the renewed token. This is not convenient.

The token is used to get the system metadata through DataONE api.

My proposed solution is: indexer will try to get the new token (read it from an env variable) again if the API getSystemMetadata call throws an unauthorized exception.

[mbjones]

Sounds like a good change. What would update the env variable so that it is available when it changes? Also, if the env variable is always correct, why not just read it from there from all operations, which would then prevent having to do the repeat operation?

[artntek]

Once we have started using hashstore, this will no longer be necessary, since metadata can be retrieved without calling the dataone api on metacat

[artntek]

Notes

• this will not work for non-DataONE members - need a Node ID to issue a token
• We are OK with saying this release is not recommended for non-D1 members
• We have 3 months after this release to fix - eg introduce a way to refresh tokens, or incorporate hashstore
• For our own deployments, we could upgrade the token generation script so it also pushes to k8s secret