Fix auto refresh token logic to ensure timely token renewal

[NipuniBhagya]

Purpose

This pull request fixes an error in the auto refresh token logic for the @asgardeo/browser package. The update ensures that access tokens are refreshed at the correct time, preventing premature or missed refreshes.

Improvements to token refresh logic:

• Corrected the calculation for the token refresh timer in spa-helper.ts to use the token's absolute expiry time and a 10-second buffer, ensuring the refresh happens just before expiration. The logic now checks for the presence of created_at and expires_in before proceeding, and immediately refreshes the token if it's already expired or about to expire.

Changelog update:

• Added a changeset entry documenting the patch fix for the auto refresh token logic error in @asgardeo/browser.

Related Issues

• https://github.com/wso2-enterprise/wso2-iam-internal/issues/6530

Checklist

• Followed the CONTRIBUTING guidelines.
• Manual test round performed and verified.
• Documentation provided. (Add links if there are any)
• Unit tests provided. (Add links if there are any)

Security checks

• Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines?
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets?

[asgardeo-github-bot]

🦋 Changeset detected

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.