When using a callback to provide authentication tokens, pass that callback down to SDAPI instead of calling it locally from OpenZGY before each call to SDAPI.
Benefit: This removes an issue with the token timing out while the SDAPI call is in progress. Calls might take a long time due to retries and network congestion. Still, the failures would be very rare making this a real heissenbug.
Benefit: SDAPI has code to check the token expiry and only invoke the callback if there is less than 5 minutes left. The old implementation required the callback to handle that itself.
Drawback: The callback must be threadsafe, it must not make any calls to SDAPI, and it must remain safe to call indefinitely. Or at least until all ZGY readers and writer instances gave gone out of scope. Beware of static destructors, Throwing exceptions is ok. Prior to this change the lifetime was a strong recommendation while now it is a rule. Because OpenZGY cannot control implementation details in SDAPI. The threadsafe requirement is not new.
Drawback: The old code had somewhat better error messages. If the first invocation of the callback returned an empty string and there was an access failure because of this then the thrown exception would mention it.
Drawback: The change is not trivial and does have some risk. Some test plans might need to be re-run. For Petrel this is not a big deal because there are other known issues that need a fix and re-test anyway. Wait with Petrel integration and testing until all fixes are in place.
Other changes in this pull request:
The "zgycopyc" application has a hack where --src-token and --dst-token may name a file to read the token from. Previously the arguments were always treated as files but now only if they start with "/" or "\". Windows drive letters are not supported. The hack is less useful now that OpenZGY supports token types that are refreshable.
Switch from CentOS 8 to CentOS Stream 8 because the former reached end of life.
Bump version numbers for SDAPI prerequisites.