Fixed a cloud-only issue where a SignatureProvider created using

a ResourcePrincipal may time out after a few minutes, resulting in
a "not authenticated" exception

Author: gmfeinberg

CHANGELOG.md

@@ -8,6 +8,11 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/).
 - Allow application to retry a QueryRequest if it gets a timeout exception and the query only does reads
 - Cloud only: Updated OCI regions
 
+### Fixed
+- Cloud only: Fixed an issue where a long running applications using SignatureProvider
+ with resource principal may encounter NotAuthenticated error after several minutes even
+ if authentication succeed for the first requests.
+
 ## [5.3.6] 2022-08-23
 
 ### Added

driver/src/main/java/oracle/nosql/driver/iam/SignatureProvider.java

@@ -887,7 +887,14 @@ synchronized SignatureDetails getSignatureDetailsInternal(boolean isRefresh)
         long nowPlus = System.currentTimeMillis() + 60_000L;
         String date = createFormatter().format(new Date(nowPlus));
         String keyId = provider.getKeyId();
-        if (provider instanceof InstancePrincipalsProvider) {
+
+        /*
+         * Security token based providers may refresh the security token
+         * and associated private key in above getKeyId() method, reload
+         * private key to PrivateKeyProvider to avoid a mismatch, which
+         * will create an invalid signature, cause authentication error.
+         */
+        if (provider instanceof SecurityTokenBasedProvider) {
             privateKeyProvider.reload(provider.getPrivateKey(),
                                       provider.getPassphraseCharacters());
         }