fix: add no-arg RevokeToken() and expose GetAccessToken()

[IgorHorta]

Description 📣

Fixes a usability gap where callers had no way to revoke their own session after authenticating.

All auth methods (LdapAuthLogin, UniversalAuthLogin, AwsAuthLogin, etc.) store the access token internally but never exposed it, making it impossible to call RevokeToken(token) — the caller simply had no way to obtain the token value.

Changes

• AuthClient.RevokeToken() — no-arg overload that revokes the currently authenticated session using the internally stored token
• AuthClient now tracks the current access token privately, passed through to new instances created on re-authentication

Usage

Before this fix, callers had no way to revoke their session:

// No way to get the token to pass here
sdk.Auth().LdapAuthLogin(input);
sdk.Auth().RevokeToken(???);

Now it works without any token handling:

sdk.Auth().LdapAuthLogin(input);
// ... business logic ...
sdk.Auth().RevokeToken(); // revokes current session

The explicit RevokeToken(String accessToken) overload still exists for cases where you want to revoke a specific token.

Type ✨

• Bug fix
• New feature
• Improvement
• Breaking change
• Documentation

[greptile-apps]

Greptile Summary

Adds convenient no-arg RevokeToken() method that revokes the currently authenticated session without requiring callers to track the access token.

Key Changes:

• AuthClient now tracks currentAccessToken internally across all auth methods (UniversalAuthLogin, LdapAuthLogin, AwsAuthLogin, SetAccessToken)
• New RevokeToken() no-arg overload enables self-revocation using the stored token
• Token properly carried through re-authentication by passing it to new AuthClient instances
• Comprehensive tests cover both unit and integration scenarios

Documentation:
How will customers discover this new feature? The repository README points to external documentation at https://infisical.com/docs/sdks/languages/java. Will this new RevokeToken() method be documented there?

Confidence Score: 5/5

• Safe to merge with high confidence - clean additive change with comprehensive tests
• This is a well-implemented, non-breaking additive change that solves a real usability gap. All auth methods properly store the token, validation handles null cases, tests cover both success and error scenarios, and the implementation follows existing code patterns.
• No files require special attention

Important Files Changed

Filename	Overview
src/main/java/com/infisical/sdk/resources/AuthClient.java	Adds currentAccessToken field and no-arg RevokeToken() method, stores token on all auth operations
src/main/java/com/infisical/sdk/InfisicalSdk.java	Passes access token to new AuthClient instances during re-authentication

_{Last reviewed commit: 61051cf}

[IgorHorta]

@greptile review this again plz

[victorvhs017]

Tested in Java 8 and Java 24, all working good!