Add early expiration of Access Token in cache

[B-Galati]

Description

Hello,

Problem: In my case the access token provided by Auth0 is valid for 30 seconds and from time to time I would have 401 when trying to call the resource server.

Proprosed solution: this PR expires the access token 5 seconds before it really expires so that we can be more sure
the access token used against the resource server is not expired by the time it reaches it.

Let me know what you think.

Testing

• This change adds test coverage for new/changed/fixed functionality

Checklist

• I have added documentation for new/changed functionality in this PR or in auth0.com/docs
• All active GitHub checks for tests, formatting, and security are passing
• The correct base branch is being used, if not master

[luisrudge]

@B-Galati thanks for the PR. Can you clarify how are you using the getTokenSilently method? Are you calling it right before doing the API call? Or are you storing the token somewhere else etc?

Regarding your PR, 5s is not the best solution. If we decide to move forward with this, I think we need to use a percentage based approach. Something like Math.min(expiresIn, expTime) * 1000 * 0.8;, so when it gets to 80% of the expiration time. Can yo please do this change and write a test? Thanks!

[B-Galati]

@luisrudge Good idea! PR updated along with tests.

Can you clarify how are you using the getTokenSilently method? Are you calling it right before doing the API call? Or are you storing the token somewhere else etc?

That's exactly it, calling it right before doing the API call using the cache strategy provided by the library.

[luisrudge]

Thank you so much for this PR!

[B-Galati]

Thank you for the quick merge!