The StandardOauth2AccessTokenProvider Controller Service supports internal token expiration checking based on the expiresIn property of the current AccessToken. The introduction of the provider service included a hard-coded number, subtracted from the expiresIn property, in order to prompt token renewal prior to the exact time of expiration.
In order to support both short-lived and long-lived token expiration scenarios, a new Controller Service property should be added to StandardOauth2AccessTokenProvider. The property should provide a configurable duration within which the service will attempt to refresh the token.
Prior to the introduction of the StandardOauth2AccessTokenProvider, the AccessToken class implemented the isExpired check based on the exact time of expiration. With this class being part of the OAuth2 Service API, that behavior should be restored and the new renewal window property should be implemented in the Controller Service itself.