Remove token instrospection

[isaacroldan]

WHY are these changes introduced?

Token instrospection adds an extra query on every command run, but with the new device auth is not really useful.

WHAT is this pull request doing?

Removes the identity token introspection endpoint validation and its associated cache storage. Session validation will now rely solely on token expiration checks rather than making additional HTTP requests to validate tokens.

How to test your changes?

1. Log in to the CLI
2. Verify that authentication still works as expected
3. Confirm that session validation continues to function without making introspection requests after a few hours.

Measuring impact

How do we know this change was effective? Please choose one:

• n/a - this doesn't need measurement, e.g. a linting rule or a bug-fix

Checklist

• I've considered possible cross-platform impacts (Mac, Linux, Windows)
• I've considered possible documentation changes

[isaacroldan]

• Remove token instrospection #5422 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[github-actions]

We detected some changes at packages/*/src and there are no updates in the .changeset.
If the changes are user-facing, run "pnpm changeset add" to track your changes and include them in the next release CHANGELOG.

[github-actions]

Coverage report

St.❔	Category	Percentage	Covered / Total
🟡	Statements	75.92% (+0.2% 🔼)	9068/11944
🟡	Branches	71.18% (+0.19% 🔼)	4424/6215
🟡	Functions	75.46% (+0.1% 🔼)	2371/3142
🟡	Lines	76.44% (+0.22% 🔼)	8564/11203

Show files with reduced coverage 🔻

St.❔	File	Statements	Branches	Functions	Lines
🟢	... / app-event-watcher.ts	95.18% (-1.2% 🔻)	86.49% (-2.7% 🔻)	95.45%	100%
🟢	... / validate.ts	89.47% (-1% 🔻)	85.71% (-0.95% 🔻)	100%	90.63% (-0.8% 🔻)

Test suite run success

2055 tests passing in 920 suites.

Report generated by 🧪jest coverage report action from d4bd953

[github-actions]

Differences in type declarations

We detected differences in the type declarations generated by Typescript for this branch compared to the baseline ('main' branch). Please, review them to ensure they are backward-compatible. Here are some important things to keep in mind:

• Some seemingly private modules might be re-exported through public modules.
• If the branch is behind main you might see odd diffs, rebase main into this branch.

New type declarations

We found no new type declarations in this PR

Existing type declarations

packages/cli-kit/dist/private/node/conf-store.d.ts

@@ -3,16 +3,14 @@ interface CacheValue<T> {
     value: T;
     timestamp: number;
 }
-export type IntrospectionUrlKey = ;
 export type PackageVersionKey = ;
 export type NotificationsKey = ;
 export type NotificationKey = ;
 export type GraphQLRequestKey = ;
 type MostRecentOccurrenceKey = ;
 type RateLimitKey = ;
-type ExportedKey = IntrospectionUrlKey | PackageVersionKey | NotificationsKey | NotificationKey | GraphQLRequestKey;
+type ExportedKey = PackageVersionKey | NotificationsKey | NotificationKey | GraphQLRequestKey;
 interface Cache {
-    [introspectionUrlKey: IntrospectionUrlKey]: CacheValue<string>;
     [packageVersionKey: PackageVersionKey]: CacheValue<string>;
     [notifications: NotificationsKey]: CacheValue<string>;
     [notification: NotificationKey]: CacheValue<string>;

[gonzaloriestra]

Great! 👏

I think it makes sense to remove the check and be reactive instead. If the token expires or fails, just try to refresh, instead of wasting time checking if it's valid beforehand.