Added CHANGELOG.md

KirillKurdyukov · KirillKurdyukov · commit cadfcce629f2 · 2025-03-25T23:29:28.000+03:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,21 @@
+- **Breaking Change**: Ydb.Sdk.Yc.Auth version < 0.1.0 is not compatible with newer versions.
+- Added IAuthClient to fetch auth token.
+- Added the `TokenManagerCredentialsProvider` class, which streamlines token lifecycle management.
+- **Breaking Change**: Deleted `AnonymousProvider`. Now users don't need to do anything for anonymous authentication.
+  Migration guide:
+  ```c#
+  var config = new DriverConfig(...); // Using AnonymousProvider if Credentials property is null
+  ```
+- **Breaking Change**: Deleted `StaticCredentialsProvider`. Users are now recommended to use the `User` and `Password`
+  properties in `DriverConfig` for configuring authentication. Migration guide:
+  ```c#
+  var config = new DriverConfig(...)
+  {
+      User = "your_username",
+      Password = "your_password"
+  };
+  ```
+
 ## v0.15.4
 
 - Added `KeepAlivePingTimeout`, with a default value of 10 seconds.
diff --git a/src/Ydb.Sdk/src/Auth/TokenManagerCredentialsProvider.cs b/src/Ydb.Sdk/src/Auth/TokenManagerCredentialsProvider.cs
@@ -1,9 +1,6 @@
-using System.Runtime.CompilerServices;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Logging.Abstractions;
 
-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]
-
 namespace Ydb.Sdk.Auth;
 
 public class TokenManagerCredentialsProvider : ICredentialsProvider
@@ -13,7 +10,7 @@ public class TokenManagerCredentialsProvider : ICredentialsProvider
 
     private ILogger<TokenManagerCredentialsProvider> Logger { get; }
 
-    private volatile IHolderState _holderState;
+    private volatile ITokenState _tokenState;
 
     public TokenManagerCredentialsProvider(
         IAuthClient authClient,
@@ -22,8 +19,8 @@ public TokenManagerCredentialsProvider(
     {
         _clock = new SystemClock();
         _authClient = authClient;
-        _holderState = new SyncState(this);
-        _holderState.Init();
+        _tokenState = new SyncState(this);
+        _tokenState.Init();
 
         loggerFactory ??= new NullLoggerFactory();
         Logger = loggerFactory.CreateLogger<TokenManagerCredentialsProvider>();
@@ -35,32 +32,32 @@ internal TokenManagerCredentialsProvider(IAuthClient authClient, IClock clock) :
     }
 
     public async ValueTask<string> GetAuthInfoAsync() =>
-        (await _holderState.Validate(_clock.UtcNow)).TokenResponse.Token;
+        (await _tokenState.Validate(_clock.UtcNow)).TokenResponse.Token;
 
     private ValueTask<TokenResponse> FetchToken() => _authClient.FetchToken();
 
-    private IHolderState UpdateState(IHolderState current, IHolderState next)
+    private ITokenState UpdateState(ITokenState current, ITokenState next)
     {
-        if (Interlocked.CompareExchange(ref _holderState, next, current) == current)
+        if (Interlocked.CompareExchange(ref _tokenState, next, current) == current)
         {
             next.Init();
         }
 
-        return _holderState;
+        return _tokenState;
     }
 
-    private interface IHolderState
+    private interface ITokenState
     {
         TokenResponse TokenResponse { get; }
 
-        ValueTask<IHolderState> Validate(DateTime now);
+        ValueTask<ITokenState> Validate(DateTime now);
 
         void Init()
         {
         }
     }
 
-    private class ActiveState : IHolderState
+    private class ActiveState : ITokenState
     {
         private readonly TokenManagerCredentialsProvider _tokenManagerCredentialsProvider;
 
@@ -72,25 +69,31 @@ public ActiveState(TokenResponse tokenResponse, TokenManagerCredentialsProvider
 
         public TokenResponse TokenResponse { get; }
 
-        public async ValueTask<IHolderState> Validate(DateTime now)
+        public async ValueTask<ITokenState> Validate(DateTime now)
         {
-            if (now >= TokenResponse.ExpiresAt)
+            if (now < TokenResponse.ExpiredAt)
             {
-                return await _tokenManagerCredentialsProvider
-                    .UpdateState(this, new SyncState(_tokenManagerCredentialsProvider))
-                    .Validate(now);
+                return now >= TokenResponse.RefreshAt
+                    ? _tokenManagerCredentialsProvider.UpdateState(
+                        this,
+                        new BackgroundState(TokenResponse, _tokenManagerCredentialsProvider)
+                    )
+                    : this;
             }
 
-            return now >= TokenResponse.RefreshAt
-                ? _tokenManagerCredentialsProvider.UpdateState(
-                    this,
-                    new BackgroundState(TokenResponse, _tokenManagerCredentialsProvider)
-                )
-                : this;
+            _tokenManagerCredentialsProvider.Logger.LogWarning(
+                "Token has expired. ExpiredAt: {ExpiredAt}, CurrentTime: {CurrentTime}. " +
+                "Switching to synchronous state to fetch a new token",
+                TokenResponse.ExpiredAt, now
+            );
+
+            return await _tokenManagerCredentialsProvider
+                .UpdateState(this, new SyncState(_tokenManagerCredentialsProvider))
+                .Validate(now);
         }
     }
 
-    private class SyncState : IHolderState
+    private class SyncState : ITokenState
     {
         private readonly TokenManagerCredentialsProvider _tokenManagerCredentialsProvider;
 
@@ -104,14 +107,19 @@ public SyncState(TokenManagerCredentialsProvider tokenManagerCredentialsProvider
         public TokenResponse TokenResponse =>
             throw new InvalidOperationException("Get token for unfinished sync state");
 
-        public async ValueTask<IHolderState> Validate(DateTime now)
+        public async ValueTask<ITokenState> Validate(DateTime now)
         {
             try
             {
-                var tokenHolder = await _fetchTokenTask;
+                var tokenResponse = await _fetchTokenTask;
+
+                _tokenManagerCredentialsProvider.Logger.LogDebug(
+                    "Successfully fetched token at {Timestamp}. ExpiredAt: {ExpiredAt}, RefreshAt: {RefreshAt}",
+                    DateTime.Now, tokenResponse.ExpiredAt, tokenResponse.RefreshAt
+                );
 
                 return _tokenManagerCredentialsProvider.UpdateState(this,
-                    new ActiveState(tokenHolder, _tokenManagerCredentialsProvider));
+                    new ActiveState(tokenResponse, _tokenManagerCredentialsProvider));
             }
             catch (Exception e)
             {
@@ -125,7 +133,7 @@ public async ValueTask<IHolderState> Validate(DateTime now)
         public void Init() => _fetchTokenTask = _tokenManagerCredentialsProvider.FetchToken().AsTask();
     }
 
-    private class BackgroundState : IHolderState
+    private class BackgroundState : ITokenState
     {
         private readonly TokenManagerCredentialsProvider _tokenManagerCredentialsProvider;
 
@@ -140,11 +148,16 @@ public BackgroundState(TokenResponse tokenResponse,
 
         public TokenResponse TokenResponse { get; }
 
-        public async ValueTask<IHolderState> Validate(DateTime now)
+        public async ValueTask<ITokenState> Validate(DateTime now)
         {
             if (_fetchTokenTask.IsCanceled || _fetchTokenTask.IsFaulted)
             {
-                return now > TokenResponse.ExpiresAt
+                _tokenManagerCredentialsProvider.Logger.LogWarning(
+                    "Fetching token task failed. Status: {Status}, Retrying login...",
+                    _fetchTokenTask.IsCanceled ? "Canceled" : "Faulted"
+                );
+
+                return now >= TokenResponse.ExpiredAt
                     ? _tokenManagerCredentialsProvider
                         .UpdateState(this, new SyncState(_tokenManagerCredentialsProvider))
                     : _tokenManagerCredentialsProvider
@@ -157,17 +170,22 @@ public async ValueTask<IHolderState> Validate(DateTime now)
                     .UpdateState(this, new ActiveState(await _fetchTokenTask, _tokenManagerCredentialsProvider));
             }
 
-            if (now < TokenResponse.ExpiresAt)
+            if (now < TokenResponse.ExpiredAt)
             {
                 return this;
             }
 
             try
             {
-                var tokenHolder = await _fetchTokenTask;
+                var tokenResponse = await _fetchTokenTask;
+
+                _tokenManagerCredentialsProvider.Logger.LogDebug(
+                    "Successfully fetched token. ExpiredAt: {ExpiredAt}, RefreshAt: {RefreshAt}",
+                    tokenResponse.ExpiredAt, tokenResponse.RefreshAt
+                );
 
                 return _tokenManagerCredentialsProvider.UpdateState(this,
-                    new ActiveState(tokenHolder, _tokenManagerCredentialsProvider));
+                    new ActiveState(tokenResponse, _tokenManagerCredentialsProvider));
             }
             catch (Exception e)
             {
@@ -181,7 +199,7 @@ public async ValueTask<IHolderState> Validate(DateTime now)
         public void Init() => _fetchTokenTask = _tokenManagerCredentialsProvider.FetchToken().AsTask();
     }
 
-    private class ErrorState : IHolderState
+    private class ErrorState : ITokenState
     {
         private readonly Exception _exception;
         private readonly TokenManagerCredentialsProvider _managerCredentialsProvider;
@@ -194,7 +212,7 @@ public ErrorState(Exception exception, TokenManagerCredentialsProvider managerCr
 
         public TokenResponse TokenResponse => throw _exception;
 
-        public ValueTask<IHolderState> Validate(DateTime now) => _managerCredentialsProvider
+        public ValueTask<ITokenState> Validate(DateTime now) => _managerCredentialsProvider
             .UpdateState(this, new SyncState(_managerCredentialsProvider))
             .Validate(now);
     }
@@ -204,21 +222,21 @@ public class TokenResponse
 {
     private const double RefreshInterval = 0.5;
 
-    public TokenResponse(string token, DateTime expiresAt, DateTime? refreshAt = null)
+    public TokenResponse(string token, DateTime expiredAt, DateTime? refreshAt = null)
     {
         var now = DateTime.UtcNow;
 
         Token = token;
-        ExpiresAt = expiresAt.ToUniversalTime();
-        RefreshAt = refreshAt?.ToUniversalTime() ?? now + (ExpiresAt - now) * RefreshInterval;
+        ExpiredAt = expiredAt.ToUniversalTime();
+        RefreshAt = refreshAt?.ToUniversalTime() ?? now + (ExpiredAt - now) * RefreshInterval;
     }
 
-    internal string Token { get; }
-    internal DateTime ExpiresAt { get; }
-    internal DateTime RefreshAt { get; }
+    public string Token { get; }
+    public DateTime ExpiredAt { get; }
+    public DateTime RefreshAt { get; }
 }
 
-internal interface IClock
+public interface IClock
 {
     DateTime UtcNow { get; }
 }
diff --git a/src/Ydb.Sdk/tests/Auth/TokenManagerCredentialsProviderTests.cs b/src/Ydb.Sdk/tests/Auth/TokenManagerCredentialsProviderTests.cs
@@ -24,7 +24,6 @@ public async Task SyncState_To_ErrorState_To_SyncState_To_ActiveState()
             )
             .ReturnsAsync(new TokenResponse(Token, now.Add(TimeSpan.FromSeconds(2))));
         _mockClock.Setup(clock => clock.UtcNow).Returns(now);
-
         var credentialsProvider = new TokenManagerCredentialsProvider(_mockAuthClient.Object, _mockClock.Object);
 
         await Assert.ThrowsAsync<StatusUnsuccessfulException>(() => credentialsProvider.GetAuthInfoAsync().AsTask());
@@ -53,7 +52,6 @@ public async Task SyncState_To_ActiveState_To_BackgroundState_To_ActiveState()
             .Returns(now.Add(TimeSpan.FromSeconds(3)))
             .Returns(now.Add(TimeSpan.FromSeconds(3)))
             .Returns(now.Add(TimeSpan.FromSeconds(4)));
-
         var credentialsProvider = new TokenManagerCredentialsProvider(_mockAuthClient.Object, _mockClock.Object);
 
         Assert.Equal(Token, await credentialsProvider.GetAuthInfoAsync());
@@ -67,4 +65,24 @@ public async Task SyncState_To_ActiveState_To_BackgroundState_To_ActiveState()
 
         _mockAuthClient.Verify(authClient => authClient.FetchToken(), Times.Exactly(3));
     }
+
+    [Fact]
+    public async Task SyncState_To_ActiveState_To_SyncState_To_ActiveState()
+    {
+        var now = DateTime.UtcNow;
+
+        _mockAuthClient.SetupSequence(authClient => authClient.FetchToken())
+            .ReturnsAsync(new TokenResponse(Token, now.Add(TimeSpan.FromSeconds(2))))
+            .ReturnsAsync(new TokenResponse(Token + "1", now.Add(TimeSpan.FromSeconds(10))));
+        _mockClock.SetupSequence(clock => clock.UtcNow)
+            .Returns(now)
+            .Returns(now.Add(TimeSpan.FromSeconds(4)))
+            .Returns(now.Add(TimeSpan.FromSeconds(4)));
+        var credentialsProvider = new TokenManagerCredentialsProvider(_mockAuthClient.Object, _mockClock.Object);
+
+        Assert.Equal(Token, await credentialsProvider.GetAuthInfoAsync());
+        Assert.Equal(Token + "1", await credentialsProvider.GetAuthInfoAsync());
+        Assert.Equal(Token + "1", await credentialsProvider.GetAuthInfoAsync());
+        _mockAuthClient.Verify(authClient => authClient.FetchToken(), Times.Exactly(2));
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,6 @@`
`1`		`-using System.Runtime.CompilerServices;`
`2`	`1`	`using Microsoft.Extensions.Logging;`
`3`	`2`	`using Microsoft.Extensions.Logging.Abstractions;`
`4`	`3`
`5`		`-[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")]`
`6`		`-`
`7`	`4`	`namespace Ydb.Sdk.Auth;`
`8`	`5`
`9`	`6`	`public class TokenManagerCredentialsProvider : ICredentialsProvider`
`@@ -13,7 +10,7 @@ public class TokenManagerCredentialsProvider : ICredentialsProvider`
`13`	`10`
`14`	`11`	`private ILogger<TokenManagerCredentialsProvider> Logger { get; }`
`15`	`12`
`16`		`- private volatile IHolderState _holderState;`
	`13`	`+ private volatile ITokenState _tokenState;`
`17`	`14`
`18`	`15`	`public TokenManagerCredentialsProvider(`
`19`	`16`	`IAuthClient authClient,`
`@@ -22,8 +19,8 @@ public TokenManagerCredentialsProvider(`
`22`	`19`	`{`
`23`	`20`	`_clock = new SystemClock();`
`24`	`21`	`_authClient = authClient;`
`25`		`- _holderState = new SyncState(this);`
`26`		`- _holderState.Init();`
	`22`	`+ _tokenState = new SyncState(this);`
	`23`	`+ _tokenState.Init();`
`27`	`24`
`28`	`25`	`loggerFactory ??= new NullLoggerFactory();`
`29`	`26`	`Logger = loggerFactory.CreateLogger<TokenManagerCredentialsProvider>();`
`@@ -35,32 +32,32 @@ internal TokenManagerCredentialsProvider(IAuthClient authClient, IClock clock) :`
`35`	`32`	`}`
`36`	`33`
`37`	`34`	`public async ValueTask<string> GetAuthInfoAsync() =>`
`38`		`- (await _holderState.Validate(_clock.UtcNow)).TokenResponse.Token;`
	`35`	`+ (await _tokenState.Validate(_clock.UtcNow)).TokenResponse.Token;`
`39`	`36`
`40`	`37`	`private ValueTask<TokenResponse> FetchToken() => _authClient.FetchToken();`
`41`	`38`
`42`		`- private IHolderState UpdateState(IHolderState current, IHolderState next)`
	`39`	`+ private ITokenState UpdateState(ITokenState current, ITokenState next)`
`43`	`40`	`{`
`44`		`- if (Interlocked.CompareExchange(ref _holderState, next, current) == current)`
	`41`	`+ if (Interlocked.CompareExchange(ref _tokenState, next, current) == current)`
`45`	`42`	`{`
`46`	`43`	`next.Init();`
`47`	`44`	`}`
`48`	`45`
`49`		`- return _holderState;`
	`46`	`+ return _tokenState;`
`50`	`47`	`}`
`51`	`48`
`52`		`- private interface IHolderState`
	`49`	`+ private interface ITokenState`
`53`	`50`	`{`
`54`	`51`	`TokenResponse TokenResponse { get; }`
`55`	`52`
`56`		`- ValueTask<IHolderState> Validate(DateTime now);`
	`53`	`+ ValueTask<ITokenState> Validate(DateTime now);`
`57`	`54`
`58`	`55`	`void Init()`
`59`	`56`	`{`
`60`	`57`	`}`
`61`	`58`	`}`
`62`	`59`
`63`		`- private class ActiveState : IHolderState`
	`60`	`+ private class ActiveState : ITokenState`
`64`	`61`	`{`
`65`	`62`	`private readonly TokenManagerCredentialsProvider _tokenManagerCredentialsProvider;`
`66`	`63`
`@@ -72,25 +69,31 @@ public ActiveState(TokenResponse tokenResponse, TokenManagerCredentialsProvider`
`72`	`69`
`73`	`70`	`public TokenResponse TokenResponse { get; }`
`74`	`71`
`75`		`- public async ValueTask<IHolderState> Validate(DateTime now)`
	`72`	`+ public async ValueTask<ITokenState> Validate(DateTime now)`
`76`	`73`	`{`
`77`		`- if (now >= TokenResponse.ExpiresAt)`
	`74`	`+ if (now < TokenResponse.ExpiredAt)`
`78`	`75`	`{`
`79`		`- return await _tokenManagerCredentialsProvider`
`80`		`- .UpdateState(this, new SyncState(_tokenManagerCredentialsProvider))`
`81`		`- .Validate(now);`
	`76`	`+ return now >= TokenResponse.RefreshAt`
	`77`	`+ ? _tokenManagerCredentialsProvider.UpdateState(`
	`78`	`+ this,`
	`79`	`+ new BackgroundState(TokenResponse, _tokenManagerCredentialsProvider)`
	`80`	`+ )`
	`81`	`+ : this;`
`82`	`82`	`}`
`83`	`83`
`84`		`- return now >= TokenResponse.RefreshAt`
`85`		`- ? _tokenManagerCredentialsProvider.UpdateState(`
`86`		`- this,`
`87`		`- new BackgroundState(TokenResponse, _tokenManagerCredentialsProvider)`
`88`		`- )`
`89`		`- : this;`
	`84`	`+ _tokenManagerCredentialsProvider.Logger.LogWarning(`
	`85`	`+ "Token has expired. ExpiredAt: {ExpiredAt}, CurrentTime: {CurrentTime}. " +`
	`86`	`+ "Switching to synchronous state to fetch a new token",`
	`87`	`+ TokenResponse.ExpiredAt, now`
	`88`	`+ );`
	`89`	`+`
	`90`	`+ return await _tokenManagerCredentialsProvider`
	`91`	`+ .UpdateState(this, new SyncState(_tokenManagerCredentialsProvider))`
	`92`	`+ .Validate(now);`
`90`	`93`	`}`
`91`	`94`	`}`
`92`	`95`
`93`		`- private class SyncState : IHolderState`
	`96`	`+ private class SyncState : ITokenState`
`94`	`97`	`{`
`95`	`98`	`private readonly TokenManagerCredentialsProvider _tokenManagerCredentialsProvider;`
`96`	`99`
`@@ -104,14 +107,19 @@ public SyncState(TokenManagerCredentialsProvider tokenManagerCredentialsProvider`
`104`	`107`	`public TokenResponse TokenResponse =>`
`105`	`108`	`throw new InvalidOperationException("Get token for unfinished sync state");`
`106`	`109`
`107`		`- public async ValueTask<IHolderState> Validate(DateTime now)`
	`110`	`+ public async ValueTask<ITokenState> Validate(DateTime now)`
`108`	`111`	`{`
`109`	`112`	`try`
`110`	`113`	`{`
`111`		`- var tokenHolder = await _fetchTokenTask;`
	`114`	`+ var tokenResponse = await _fetchTokenTask;`
	`115`	`+`
	`116`	`+ _tokenManagerCredentialsProvider.Logger.LogDebug(`
	`117`	`+ "Successfully fetched token at {Timestamp}. ExpiredAt: {ExpiredAt}, RefreshAt: {RefreshAt}",`
	`118`	`+ DateTime.Now, tokenResponse.ExpiredAt, tokenResponse.RefreshAt`
	`119`	`+ );`
`112`	`120`
`113`	`121`	`return _tokenManagerCredentialsProvider.UpdateState(this,`
`114`		`- new ActiveState(tokenHolder, _tokenManagerCredentialsProvider));`
	`122`	`+ new ActiveState(tokenResponse, _tokenManagerCredentialsProvider));`
`115`	`123`	`}`
`116`	`124`	`catch (Exception e)`
`117`	`125`	`{`
`@@ -125,7 +133,7 @@ public async ValueTask<IHolderState> Validate(DateTime now)`
`125`	`133`	`public void Init() => _fetchTokenTask = _tokenManagerCredentialsProvider.FetchToken().AsTask();`
`126`	`134`	`}`
`127`	`135`
`128`		`- private class BackgroundState : IHolderState`
	`136`	`+ private class BackgroundState : ITokenState`
`129`	`137`	`{`
`130`	`138`	`private readonly TokenManagerCredentialsProvider _tokenManagerCredentialsProvider;`
`131`	`139`
`@@ -140,11 +148,16 @@ public BackgroundState(TokenResponse tokenResponse,`
`140`	`148`
`141`	`149`	`public TokenResponse TokenResponse { get; }`
`142`	`150`
`143`		`- public async ValueTask<IHolderState> Validate(DateTime now)`
	`151`	`+ public async ValueTask<ITokenState> Validate(DateTime now)`
`144`	`152`	`{`
`145`	`153`	`if (_fetchTokenTask.IsCanceled \|\| _fetchTokenTask.IsFaulted)`
`146`	`154`	`{`
`147`		`- return now > TokenResponse.ExpiresAt`
	`155`	`+ _tokenManagerCredentialsProvider.Logger.LogWarning(`
	`156`	`+ "Fetching token task failed. Status: {Status}, Retrying login...",`
	`157`	`+ _fetchTokenTask.IsCanceled ? "Canceled" : "Faulted"`
	`158`	`+ );`
	`159`	`+`
	`160`	`+ return now >= TokenResponse.ExpiredAt`
`148`	`161`	`? _tokenManagerCredentialsProvider`
`149`	`162`	`.UpdateState(this, new SyncState(_tokenManagerCredentialsProvider))`
`150`	`163`	`: _tokenManagerCredentialsProvider`
`@@ -157,17 +170,22 @@ public async ValueTask<IHolderState> Validate(DateTime now)`
`157`	`170`	`.UpdateState(this, new ActiveState(await _fetchTokenTask, _tokenManagerCredentialsProvider));`
`158`	`171`	`}`
`159`	`172`
`160`		`- if (now < TokenResponse.ExpiresAt)`
	`173`	`+ if (now < TokenResponse.ExpiredAt)`
`161`	`174`	`{`
`162`	`175`	`return this;`
`163`	`176`	`}`
`164`	`177`
`165`	`178`	`try`
`166`	`179`	`{`
`167`		`- var tokenHolder = await _fetchTokenTask;`
	`180`	`+ var tokenResponse = await _fetchTokenTask;`
	`181`	`+`
	`182`	`+ _tokenManagerCredentialsProvider.Logger.LogDebug(`
	`183`	`+ "Successfully fetched token. ExpiredAt: {ExpiredAt}, RefreshAt: {RefreshAt}",`
	`184`	`+ tokenResponse.ExpiredAt, tokenResponse.RefreshAt`
	`185`	`+ );`
`168`	`186`
`169`	`187`	`return _tokenManagerCredentialsProvider.UpdateState(this,`
`170`		`- new ActiveState(tokenHolder, _tokenManagerCredentialsProvider));`
	`188`	`+ new ActiveState(tokenResponse, _tokenManagerCredentialsProvider));`
`171`	`189`	`}`
`172`	`190`	`catch (Exception e)`
`173`	`191`	`{`
`@@ -181,7 +199,7 @@ public async ValueTask<IHolderState> Validate(DateTime now)`
`181`	`199`	`public void Init() => _fetchTokenTask = _tokenManagerCredentialsProvider.FetchToken().AsTask();`
`182`	`200`	`}`
`183`	`201`
`184`		`- private class ErrorState : IHolderState`
	`202`	`+ private class ErrorState : ITokenState`
`185`	`203`	`{`
`186`	`204`	`private readonly Exception _exception;`
`187`	`205`	`private readonly TokenManagerCredentialsProvider _managerCredentialsProvider;`
`@@ -194,7 +212,7 @@ public ErrorState(Exception exception, TokenManagerCredentialsProvider managerCr`
`194`	`212`
`195`	`213`	`public TokenResponse TokenResponse => throw _exception;`
`196`	`214`
`197`		`- public ValueTask<IHolderState> Validate(DateTime now) => _managerCredentialsProvider`
	`215`	`+ public ValueTask<ITokenState> Validate(DateTime now) => _managerCredentialsProvider`
`198`	`216`	`.UpdateState(this, new SyncState(_managerCredentialsProvider))`
`199`	`217`	`.Validate(now);`
`200`	`218`	`}`
`@@ -204,21 +222,21 @@ public class TokenResponse`
`204`	`222`	`{`
`205`	`223`	`private const double RefreshInterval = 0.5;`
`206`	`224`
`207`		`- public TokenResponse(string token, DateTime expiresAt, DateTime? refreshAt = null)`
	`225`	`+ public TokenResponse(string token, DateTime expiredAt, DateTime? refreshAt = null)`
`208`	`226`	`{`
`209`	`227`	`var now = DateTime.UtcNow;`
`210`	`228`
`211`	`229`	`Token = token;`
`212`		`- ExpiresAt = expiresAt.ToUniversalTime();`
`213`		`- RefreshAt = refreshAt?.ToUniversalTime() ?? now + (ExpiresAt - now) * RefreshInterval;`
	`230`	`+ ExpiredAt = expiredAt.ToUniversalTime();`
	`231`	`+ RefreshAt = refreshAt?.ToUniversalTime() ?? now + (ExpiredAt - now) * RefreshInterval;`
`214`	`232`	`}`
`215`	`233`
`216`		`- internal string Token { get; }`
`217`		`- internal DateTime ExpiresAt { get; }`
`218`		`- internal DateTime RefreshAt { get; }`
	`234`	`+ public string Token { get; }`
	`235`	`+ public DateTime ExpiredAt { get; }`
	`236`	`+ public DateTime RefreshAt { get; }`
`219`	`237`	`}`
`220`	`238`
`221`		`-internal interface IClock`
	`239`	`+public interface IClock`
`222`	`240`	`{`
`223`	`241`	`DateTime UtcNow { get; }`
`224`	`242`	`}`