fix: bearer token encryption (#1524)

* fix: bearer token encryption

* remove some todos

internal/auth/repository/eventsourcing/eventstore/key.go

@@ -131,7 +131,8 @@ func (k *KeyRepository) refreshSigningKey(ctx context.Context, key *model.KeyVie
 	}
 	signingKey, err := model.SigningKeyFromKeyView(key, k.KeyAlgorithm)
 	if err != nil {
-		return false, err
+		logging.Log("EVENT-HJd92").WithError(err).Error("signing key cannot be decrypted -> immediate refresh")
+		return k.refreshSigningKey(ctx, nil, keyCh, algorithm)
 	}
 	k.currentKeyID = signingKey.ID
 	k.currentKeyExpiration = key.Expiry

internal/auth/repository/eventsourcing/repository.go

@@ -107,7 +107,8 @@ func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults, co
 			IAMID:                      systemDefaults.IamID,
 		},
 		eventstore.TokenRepo{
-			View: view,
+			View:       view,
+			Eventstore: es,
 		},
 		eventstore.KeyRepository{
 			View:                     view,