Support batch tokens in renewer and caching proxy for transit auto-un…

…seal (#7441)

Currently this uses a fork of the api.Renewer code, which we should consolidate in 1.3.

command/agent/auth/auth.go

@@ -7,6 +7,7 @@ import (
 
 	hclog "github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/vault/api"
+	"github.com/hashicorp/vault/command/agent"
 	"github.com/hashicorp/vault/sdk/helper/jsonutil"
 )
 
@@ -99,7 +100,7 @@ func (ah *AuthHandler) Run(ctx context.Context, am AuthMethod) {
 		credCh = make(chan struct{})
 	}
 
-	var renewer *api.Renewer
+	var renewer *agent.Renewer
 
 	for {
 		select {
@@ -196,7 +197,7 @@ func (ah *AuthHandler) Run(ctx context.Context, am AuthMethod) {
 			renewer.Stop()
 		}
 
-		renewer, err = ah.client.NewRenewer(&api.RenewerInput{
+		renewer, err = agent.NewRenewer(ah.client, &agent.RenewerInput{
 			Secret: secret,
 		})
 		if err != nil {

command/agent/cache/lease_cache.go

@@ -18,6 +18,7 @@ import (
 	"github.com/hashicorp/errwrap"
 	hclog "github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/vault/api"
+	"github.com/hashicorp/vault/command/agent"
 	cachememdb "github.com/hashicorp/vault/command/agent/cache/cachememdb"
 	"github.com/hashicorp/vault/helper/namespace"
 	nshelper "github.com/hashicorp/vault/helper/namespace"
@@ -394,7 +395,7 @@ func (c *LeaseCache) startRenewing(ctx context.Context, index *cachememdb.Index,
 	client.SetToken(req.Token)
 	client.SetHeaders(req.Request.Header)
 
-	renewer, err := client.NewRenewer(&api.RenewerInput{
+	renewer, err := agent.NewRenewer(client, &agent.RenewerInput{
 		Secret: secret,
 	})
 	if err != nil {