Added TTL renewal of credentials in CredentialsManager [SDK-1818]

[Widcket]

Changes

• Added a new minTTL parameter to the credentials(withScope:callback:) method to force renew the Access Token unless it remains valid for a certain amount of time, and to ensure the minimum lifetime of the renewed Access Token. This guarantees that the retrieved Access Token will always remain valid for at least minTTL.

credentialsManager.credentials(minTTL: 600) { error, newCredentials in // 600 seconds
    // newCredentials.accessToken will be valid for at least 10 minutes
}

• Added a new minTTL parameter to the hasValid() method to check that the Access Token will remain valid for at least a certain amount of time.

if credentialsManager.hasValid(minTTL: 600) {
    // The Access Token will remain valid for at least 10 minutes
}

• Used the existing scope parameter to force renew the Access Token when requesting a reduced scope than originally granted.

credentialsManager.credentials(withScope: "openid profile offline_access") { error, newCredentials in
    // newCredentials.accessToken will be limited to the new scope
}

References

Replaces #395

Testing

• This change adds unit test coverage
• This change has been tested on the latest version of the platform/language or why not

Checklist

• I have read the Auth0 general contribution guidelines
• All existing and new tests complete without errors
• All active GitHub checks have passed

[cocojoe]

@danielphillips @Tauseef-TL We had a think about your use case and wanted to have a consistent story across the native SDKs, starting with iOS. Would be great to get your feedback on the functionality added in this PR (snippet included) and ensure it also solves your use case.

[cocojoe]

@lbalmaceda please can you review to ensure it aligns with your expectations around the discovery and as a heads up for Android. Thx

[lbalmaceda]

There's a method I wouldn't add to the SDK. The rest looks good, I left some comments.

[tauseefm-tl]

@cocojoe From initial review, it appears that this should cover our usecases/requirements. I will need to spike this with our codebase in order to fully verify this.

[lbalmaceda]

@Widcket I cannot comment on the diff because this method hasn't changed, but note that it also needs to accept the minTTL value since this is the only way the developer has to check for existing non-expired credentials that require a minTTL without having to take them from the keystore or refreshing them (what the method you changed does).

Auth0.swift/Auth0/CredentialsManager.swift

Line 123 in b02ee11

public func hasValid() -> Bool {

[Widcket]

@Widcket I cannot comment on the diff because this method hasn't changed, but note that it also needs to accept the minTTL value since this is the only way the developer has to check for existing non-expired credentials that require a minTTL without having to take them from the keystore or refreshing them (what the method you changed does).

Auth0.swift/Auth0/CredentialsManager.swift

Line 123 in b02ee11

public func hasValid() -> Bool {

Good catch, I added the minTTL param to the hasValid method in 548ee44. Please check that logic and its tests.

[Widcket]

This is now out on v1.27.0.