Issue 1: Insecure usage of `hmac.new` in `auth_provider.py`

[PrinceSajjadHussain]

Body:

The get_auth_headers function in auth_provider.py uses hmac.new to generate the API signature. Specifically, it decodes the secret key using base64.b64decode(secret_key) every time a request is made. This is inefficient, but more importantly, exposes the secret key in plaintext in memory for a longer duration than necessary, increasing the window for potential compromise through memory dumps or other attacks.

Recommendation:

1. Decode the secret_key once in the AuthProvider constructor and store the decoded value as an attribute.
2. Use the stored, decoded value directly in hmac.new calls. This avoids repeated decoding and minimizes the exposure of the plaintext secret in memory.