For context, I'm using TokenAuthentication with LifecycleAwareSessionManager. The token used is a periodic token provided to the service at install-time.

To provide resilience against network blips during the LifecycleAwareSessionManager's renewal loop, I've set it to drop the token on error, and configured an event listener to respond to failure events by calling LifecycleAwareSessionManager::getSessionToken after a delay to restart the renewals.

This works well when failures happen during the renewal call. However, if there's a failure in LifecycleAwareSessionManager::doGetSessionToken in the try block that surrounds this line:

token = LoginTokenAdapter.augmentWithSelfLookup(this.restOperations, (VaultToken)token);

the token wrapper token is never upgraded to a LoginToken, which means the token is not considered renewable and the renewal loop will not start. In addition, this failure does not allow the token to be dropped, meaning that any further attempts to trigger a new login will just use the token stored in the wrapper. This token will still work in the short term but because the renewal loop is broken it will eventually quietly expire and break the application.