Implement adaptive stale period for auth tokens

[mihaimitrea-db]

Implement dynamic token stale period for improved auth reliability

Extends the token refresh buffer from a fixed 5 minutes to a dynamic period that adapts to token lifetime, improving reliability across different token types while maintaining backward compatibility.

Changes:

• Increase maximum stale period from 5 to 20 minutes to support 99.95% availability .
• Implement dynamic stale period calculation: min(TTL × 0.5, 20 minutes).
• Compute stale period per-token at acquisition time.

Implementation:

• Add computeStalePeriod() helper with formula: min(TTL × 0.5, 20 min)
• Update NewCachedTokenSource() to compute stale period for initial tokens
• Update blockingToken() to recompute stale period after token fetch
• Update triggerAsyncRefresh() to recompute stale period after async refresh
• Rename defaultStaleDuration to maxStaleDuration for clarity

Token behavior examples:

• Standard OAuth (60 min TTL) → 20 min stale period (capped)
• FastPath (10 min TTL) → 5 min stale period
• Very short (90 sec TTL) → 45 sec stale period

Testing:

• Add assertDurationNear() helper for cleaner duration comparisons
• Add TestNewCachedTokenSource_standardOAuthToken (60-min tokens, capping)
• Add TestNewCachedTokenSource_fastPathToken (10-min tokens, no capping)
• Add TestNewCachedTokenSource_stalePeriodRecomputation (90-sec tokens, recomputation)
• All existing tests pass with updated expectations

[github-actions]

If integration tests don't run automatically, an authorized user can run them manually by following the instructions below:

Trigger:
go/deco-tests-run/sdk-go

Inputs:

• PR number: 1482
• Commit SHA: 1b24b4d278e1cd21fabe24a33873278ccb812a2b

Checks will be approved automatically on success.